Skip to content

Latest commit

 

History

History
1386 lines (835 loc) · 36.8 KB

REFERENCE.md

File metadata and controls

1386 lines (835 loc) · 36.8 KB
Raw

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • apt::update: Updates the list of available packages using apt-get update.

Defined types

  • apt::conf: Specifies a custom Apt configuration file.
  • apt::key: Manages the GPG keys that Apt uses to authenticate packages.
  • apt::keyring: Manage GPG keyrings for apt repositories
  • apt::mark: Manages apt-mark settings
  • apt::pin: Manages Apt pins. Does not trigger an apt-get update run.
  • apt::ppa: Manages PPA repositories using add-apt-repository. Not supported on Debian.
  • apt::setting: Manages Apt configuration files.
  • apt::source: Manages the Apt sources in /etc/apt/sources.list.d/.

Resource types

Private Resource types

  • apt_key: This type provides Puppet with the capabilities to manage GPG keys needed by apt to perform package validation. Apt has it's own GPG keyring that can be manipulated through the apt-key command.

Data types

  • Apt::Auth_conf_entry: Login configuration settings that are recorded in the file /etc/apt/auth.conf.
  • Apt::Proxy: Configures Apt to connect to a proxy server.
  • Apt::Proxy_Per_Host: Adds per-host overrides to the system default APT proxy configuration

Tasks

  • init: Allows you to perform apt-get functions

Classes

apt

Main class, includes all other classes.

Parameters

The following parameters are available in the apt class:

provider

Data type: Stdlib::Absolutepath

Specifies the provider that should be used by apt::update.

Default value: '/usr/bin/apt-get'

keyserver

Data type: Stdlib::Host

Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or hkp://).

Default value: 'keyserver.ubuntu.com'

key_options

Data type: Optional[String[1]]

Specifies the default options for apt::key resources.

Default value: undef

ppa_options

Data type: Optional[Array[String[1]]]

Supplies options to be passed to the add-apt-repository command.

Default value: undef

ppa_package

Data type: Optional[String[1]]

Names the package that provides the apt-add-repository command.

Default value: undef

backports

Data type: Optional[Hash]

Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys:

Options:

  • :location String: See apt::backports for documentation.
  • :repos String: See apt::backports for documentation.
  • :key String: See apt::backports for documentation.

Default value: undef

confs

Data type: Hash

Hash of apt::conf resources.

Default value: {}

update

Data type: Hash

Configures various update settings. Valid options: a hash made up from the following keys:

Options:

  • :frequency String: Specifies how often to run apt-get update. If the exec resource apt_update is notified, apt-get update runs regardless of this value. Valid options: 'always' (at every Puppet run); 'hourly' (if the value of apt_update_last_success is less than current epoch time minus 3600); 'daily' (if the value of apt_update_last_success is less than current epoch time minus 86400); 'weekly' (if the value of apt_update_last_success is less than current epoch time minus 604800); Integer (if the value of apt_update_last_success is less than current epoch time minus provided Integer value); 'reluctantly' (only if the exec resource apt_update is notified). Default: 'reluctantly'.
  • :loglevel Integer: Specifies the log level of logs outputted to the console. Default: undef.
  • :timeout Integer: Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef.
  • :tries Integer: Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef.

Default value: {}

update_defaults

Data type: Hash

The default update settings that are combined and merged with the passed update value

Default value:

{
    'frequency' => 'reluctantly',
    'loglevel'  => undef,
    'timeout'   => undef,
    'tries'     => undef,
  }
purge

Data type: Hash

Specifies whether to purge any existing settings that aren't managed by Puppet. Valid options: a hash made up from the following keys:

Options:

  • :sources.list Boolean: Specifies whether to purge any unmanaged entries from sources.list. Default false.
  • :sources.list.d Boolean: Specifies whether to purge any unmanaged entries from sources.list.d. Default false.
  • :preferences Boolean: Specifies whether to purge any unmanaged entries from preferences. Default false.
  • :preferences.d. Boolean: Specifies whether to purge any unmanaged entries from preferences.d. Default false.

Default value: {}

purge_defaults

Data type: Hash

The default purge settings that are combined and merged with the passed purge value

Default value:

{
    'sources.list'   => false,
    'sources.list.d' => false,
    'preferences'    => false,
    'preferences.d'  => false,
    'apt.conf.d'     => false,
  }
proxy

Data type: Apt::Proxy

Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy.

Default value: {}

proxy_defaults

Data type: Hash

The default proxy settings that are combined and merged with the passed proxy value

Default value:

{
    'ensure'     => undef,
    'host'       => undef,
    'port'       => 8080,
    'https'      => false,
    'https_acng' => false,
    'direct'     => false,
  }
sources

Data type: Hash

Hash of apt::source resources.

Default value: {}

keys

Data type: Hash

Hash of apt::key resources.

Default value: {}

keyrings

Data type: Hash

Hash of apt::keyring resources.

Default value: {}

ppas

Data type: Hash

Hash of apt::ppa resources.

Default value: {}

pins

Data type: Hash

Hash of apt::pin resources.

Default value: {}

settings

Data type: Hash

Hash of apt::setting resources.

Default value: {}

manage_auth_conf

Data type: Boolean

Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent.

Default value: true

auth_conf_entries

Data type: Array[Apt::Auth_conf_entry]

An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent.

Default value: []

auth_conf_owner

Data type: String[1]

The owner of the file /etc/apt/auth.conf.

Default value: '_apt'

root

Data type: Stdlib::Absolutepath

Specifies root directory of Apt executable.

Default value: '/etc/apt'

sources_list

Data type: Stdlib::Absolutepath

Specifies the path of the sources_list file to use.

Default value: "${root}/sources.list"

sources_list_d

Data type: Stdlib::Absolutepath

Specifies the path of the sources_list.d file to use.

Default value: "${root}/sources.list.d"

conf_d

Data type: Stdlib::Absolutepath

Specifies the path of the conf.d file to use.

Default value: "${root}/apt.conf.d"

preferences

Data type: Stdlib::Absolutepath

Specifies the path of the preferences file to use.

Default value: "${root}/preferences"

preferences_d

Data type: Stdlib::Absolutepath

Specifies the path of the preferences.d file to use.

Default value: "${root}/preferences.d"

config_files

Data type: Hash

A hash made up of the various configuration files used by Apt.

Default value:

{
    'conf'   => {
      'path' => $conf_d,
      'ext'  => '',
    },
    'pref'   => {
      'path' => $preferences_d,
      'ext'  => '.pref',
    },
    'list'   => {
      'path' => $sources_list_d,
      'ext'  => '.list',
    },
  }
sources_list_force

Data type: Boolean

Specifies whether to perform force purge or delete.

Default value: false

include_defaults

Data type: Hash

The package types to include by default.

Default value:

{
    'deb' => true,
    'src' => false,
  }
apt_conf_d

Data type: Stdlib::Absolutepath

The path to the file apt.conf.d

Default value: "${root}/apt.conf.d"

source_key_defaults

Data type: Hash

The fault source_key settings

Default value:

{
    'server'  => $keyserver,
    'options' => undef,
    'content' => undef,
    'source'  => undef,
  }

apt::backports

Manages backports.

Examples

Set up a backport source for Ubuntu
include apt::backports

Parameters

The following parameters are available in the apt::backports class:

location

Data type: Optional[Stdlib::HTTPUrl]

Specifies an Apt repository containing the backports to manage. Valid options: a string containing a URL. Default value for Debian and Ubuntu varies:

Default value: undef

release

Data type: Optional[String[1]]

Specifies a distribution of the Apt repository containing the backports to manage. Used in populating the sources.list configuration file. Default: on Debian and Ubuntu, ${fact('os.distro.codename')}-backports. We recommend keeping this default, except on other operating systems.

Default value: undef

repos

Data type: Optional[String[1]]

Specifies a component of the Apt repository containing the backports to manage. Used in populating the sources.list configuration file. Default value for Debian and Ubuntu varies:

  • Debian: 'main contrib non-free non-free-firmware'

  • Ubuntu: 'main universe multiverse restricted'

Default value: undef

key

Data type: Optional[Variant[String[1], Hash]]

Specifies a key to authenticate the backports. Valid options: a string to be passed to the id parameter of the apt::key defined type, or a hash of parameter => value pairs to be passed to apt::key's id, server, content, source, and/or options parameters.

Default value: undef

keyring

Data type: Stdlib::AbsolutePath

Absolute path to a file containing the PGP keyring used to sign this repository. Value is passed to the apt::source and used to set signed-by on the source entry.

Default value: "/usr/share/keyrings/${facts['os']['name'].downcase}-archive-keyring.gpg"

pin

Data type: Variant[Integer, String[1], Hash]

Specifies a pin priority for the backports. Valid options: a number or string to be passed to the id parameter of the apt::pin defined type, or a hash of parameter => value pairs to be passed to apt::pin's corresponding parameters.

Default value: 200

include

Data type: Hash

Specifies whether to include 'deb' or 'src', or both.

Default value: {}

Defined types

apt::conf

Specifies a custom Apt configuration file.

Parameters

The following parameters are available in the apt::conf defined type:

content

Data type: Optional[String[1]]

Required unless ensure is set to 'absent'. Directly supplies content for the configuration file.

Default value: undef

ensure

Data type: Enum['present', 'absent']

Specifies whether the configuration file should exist.

Default value: present

priority

Data type: Variant[String[1], Integer[0]]

Determines the order in which Apt processes the configuration file. Files with lower priority numbers are loaded first. Valid options: a string containing an integer or an integer.

Default value: 50

notify_update

Data type: Optional[Boolean]

Specifies whether to trigger an apt-get update run.

Default value: undef

apt::key

Manages the GPG keys that Apt uses to authenticate packages.

  • Note The apt::key defined type makes use of the apt_key type, but includes extra functionality to help prevent duplicate keys.

Examples

Declare Apt key for apt.puppetlabs.com source
apt::key { 'puppetlabs':
  id      => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
  server  => 'keyserver.ubuntu.com',
  options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"',
}

Parameters

The following parameters are available in the apt::key defined type:

id

Data type: Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/]

Specifies a GPG key to authenticate Apt package signatures. Valid options: a string containing a key ID (8 or 16 hexadecimal characters, optionally prefixed with "0x") or a full key fingerprint (40 hexadecimal characters).

Default value: $title

ensure

Data type: Enum['present', 'absent', 'refreshed']

Specifies whether the key should exist. Using refreshed will make keys auto update when they have expired (assuming a new key exists on the key server).

Default value: present

content

Data type: Optional[String[1]]

Supplies the entire GPG key. Useful in case the key can't be fetched from a remote location and using a file resource is inconvenient.

Default value: undef

source

Data type: Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]]

Specifies the location of an existing GPG key file to copy. Valid options: a string containing a URL (ftp://, http://, or https://) or an absolute path.

Default value: undef

server

Data type: Pattern[/\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?(\/[a-zA-Z\d\-_.]+)*\/?$/]

Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, hkp:// or hkps://). The hkps:// protocol is currently only supported on Ubuntu 18.04.

Default value: $apt::keyserver

weak_ssl

Data type: Boolean

Specifies whether strict SSL verification on a https URL should be disabled.

Default value: false

options

Data type: Optional[String[1]]

Passes additional options to apt-key adv --keyserver-options.

Default value: $apt::key_options

apt::keyring

Manage GPG keyrings for apt repositories

Examples

Download the puppetlabs apt keyring
apt::keyring { 'puppetlabs-keyring.gpg':
  source => 'https://apt.puppetlabs.com/keyring.gpg',
}
Deploy the apt source and associated keyring file
apt::source { 'puppet8-release':
  location => 'http://apt.puppetlabs.com',
  repos    => 'puppet8',
  key      => {
    name   => 'puppetlabs-keyring.gpg',
    source => 'https://apt.puppetlabs.com/keyring.gpg'
  }
}

Parameters

The following parameters are available in the apt::keyring defined type:

dir

Data type: Stdlib::Absolutepath

Path to the directory where the keyring will be stored.

Default value: '/etc/apt/keyrings'

filename

Data type: String[1]

Optional filename for the keyring. It should also contain extension along with the filename.

Default value: $name

mode

Data type: Stdlib::Filemode

File permissions of the keyring.

Default value: '0644'

source

Data type: Optional[Stdlib::Filesource]

Source of the keyring file. Mutually exclusive with 'content'.

Default value: undef

content

Data type: Optional[String[1]]

Content of the keyring file. Mutually exclusive with 'source'.

Default value: undef

ensure

Data type: Enum['present','absent']

Ensure presence or absence of the resource.

Default value: 'present'

apt::mark

Manages apt-mark settings

Parameters

The following parameters are available in the apt::mark defined type:

setting

Data type: Enum['auto','manual','hold','unhold']

Specifies the behavior of apt in case of no more dependencies installed https://manpages.debian.org/stable/apt/apt-mark.8.en.html

apt::pin

Manages Apt pins. Does not trigger an apt-get update run.

Parameters

The following parameters are available in the apt::pin defined type:

ensure

Data type: Enum['file', 'present', 'absent']

Specifies whether the pin should exist.

Default value: present

explanation

Data type: Optional[String[1]]

Supplies a comment to explain the pin. Default: "${caller_module_name}: ${name}".

Default value: undef

order

Data type: Variant[Integer[0]]

Determines the order in which Apt processes the pin file. Files with lower order numbers are loaded first.

Default value: 50

packages

Data type: Variant[String[1], Array[String[1]]]

Specifies which package(s) to pin.

Default value: '*'

priority

Data type: Variant[Integer, String[1]]

Sets the priority of the package. If multiple versions of a given package are available, apt-get installs the one with the highest priority number (subject to dependency constraints).

Default value: 0

release

Data type: Optional[String[1]]

Tells APT to prefer packages that support the specified release. Typical values include 'stable', 'testing', and 'unstable'.

Default value: undef

release_version

Data type: Optional[String[1]]

Tells APT to prefer packages that support the specified operating system release version (such as Debian release version 7).

Default value: undef

component

Data type: Optional[String[1]]

Names the licensing component associated with the packages in the directory tree of the Release file.

Default value: undef

originator

Data type: Optional[String[1]]

Names the originator of the packages in the directory tree of the Release file.

Default value: undef

label

Data type: Optional[String[1]]

Names the label of the packages in the directory tree of the Release file.

Default value: undef

origin

Data type: Optional[String[1]]

The package origin (the hostname part of the package's sources.list entry)

Default value: undef

version

Data type: Optional[String[1]]

The version of the package

Default value: undef

codename

Data type: Optional[String[1]]

The codename of the release

Default value: undef

apt::ppa

Manages PPA repositories using add-apt-repository. Not supported on Debian.

Examples

Declaration of an Apt PPA
apt::ppa { 'ppa:openstack-ppa/bleeding-edge': }

Parameters

The following parameters are available in the apt::ppa defined type:

ensure

Data type: Enum['present', 'absent']

Specifies whether the PPA should exist.

Default value: 'present'

options

Data type: Optional[Array[String[1]]]

Supplies options to be passed to the add-apt-repository command.

Default value: $apt::ppa_options

release

Data type: Optional[String[1]]

Specifies the operating system of your node. Valid options: a string containing a valid LSB distribution codename. Optional if puppet facts show os.distro.codename returns your correct distribution release codename.

Default value: fact('os.distro.codename')

dist

Data type: Optional[String[1]]

Specifies the distribution of your node. Valid options: a string containing a valid distribution codename. Optional if puppet facts show os.name returns your correct distribution name.

Default value: $facts['os']['name']

package_name

Data type: Optional[String[1]]

Names the package that provides the apt-add-repository command.

Default value: $apt::ppa_package

package_manage

Data type: Boolean

Specifies whether Puppet should manage the package that provides apt-add-repository.

Default value: false

apt::setting

Manages Apt configuration files.

Parameters

The following parameters are available in the apt::setting defined type:

priority

Data type: Variant[String[1], Integer[0]]

Determines the order in which Apt processes the configuration file. Files with higher priority numbers are loaded first.

Default value: 50

ensure

Data type: Enum['file', 'present', 'absent']

Specifies whether the file should exist.

Default value: file

source

Data type: Optional[String[1]]

Required, unless content is set. Specifies a source file to supply the content of the configuration file. Cannot be used in combination with content. Valid options: see link above for Puppet's native file type source attribute.

Default value: undef

content

Data type: Optional[String[1]]

Required, unless source is set. Directly supplies content for the configuration file. Cannot be used in combination with source. Valid options: see link above for Puppet's native file type content attribute.

Default value: undef

notify_update

Data type: Boolean

Specifies whether to trigger an apt-get update run.

Default value: true

apt::source

Manages the Apt sources in /etc/apt/sources.list.d/.

Examples

Install the puppetlabs apt source
apt::source { 'puppetlabs':
  location => 'http://apt.puppetlabs.com',
  repos    => 'main',
  key      => {
    id     => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
    server => 'keyserver.ubuntu.com',
  },
}
Download key behaviour to handle modern apt gpg keyrings. The name parameter in the key hash should be given with
extension. Absence of extension will result in file formation with just name and no extension.
apt::source { 'puppetlabs':
  location => 'http://apt.puppetlabs.com',
  comment  => 'Puppet8',
  key      => {
    'name'   => 'puppetlabs.gpg',
    'source' => 'https://apt.puppetlabs.com/keyring.gpg',
  },
}

Parameters

The following parameters are available in the apt::source defined type:

location

Data type: Optional[String[1]]

Required, unless ensure is set to 'absent'. Specifies an Apt repository.

Default value: undef

comment

Data type: String[1]

Supplies a comment for adding to the Apt source file.

Default value: $name

ensure

Data type: Enum['present', 'absent']

Specifies whether the Apt source file should exist.

Default value: present

release

Data type: Optional[String[0]]

Specifies a distribution of the Apt repository.

Default value: undef

repos

Data type: String[1]

Specifies a component of the Apt repository.

Default value: 'main'

include

Data type: Hash

Configures include options. Valid options: a hash of available keys.

Options:

  • :deb Boolean: Specifies whether to request the distribution's compiled binaries.
  • :src Boolean: Specifies whether to request the distribution's uncompiled source code.

Default value: {}

key

Data type: Optional[Variant[String[1], Hash]]

Creates an apt::keyring in /etc/apt/keyrings (or anywhere on disk given filename) Valid options:

  • a hash of parameter => value pairs to be passed to file: name (title), content, source, filename

The following inputs are valid for the (deprecated) apt::key defined type. Valid options:

  • a string to be passed to the id parameter of the apt::key defined type
  • a hash of parameter => value pairs to be passed to apt::key: id, server, content, source, weak_ssl, options

Default value: undef

keyring

Data type: Optional[Stdlib::AbsolutePath]

Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry. This is not necessary if the key is installed with key param above. See https://wiki.debian.org/DebianRepository/UseThirdParty for details.

Default value: undef

pin

Data type: Optional[Variant[Hash, Integer, String[1]]]

Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the priority parameter of the apt::pin defined type, or a hash of parameter => value pairs to be passed to apt::pin's corresponding parameters.

Default value: undef

architecture

Data type: Optional[String[1]]

Tells Apt to only download information for specified architectures. Valid options: a string containing one or more architecture names, separated by commas (e.g., 'i386' or 'i386,alpha,powerpc'). (if unspecified, Apt downloads information for all architectures defined in the Apt::Architectures option)

Default value: undef

allow_unsigned

Data type: Boolean

Specifies whether to authenticate packages from this release, even if the Release file is not signed or the signature can't be checked.

Default value: false

allow_insecure

Data type: Boolean

Specifies whether to allow downloads from insecure repositories.

Default value: false

notify_update

Data type: Boolean

Specifies whether to trigger an apt-get update run.

Default value: true

check_valid_until

Data type: Boolean

Specifies whether to check if the package release date is valid.

Default value: true

Data types

Apt::Auth_conf_entry

Login configuration settings that are recorded in the file /etc/apt/auth.conf.

Alias of

Struct[{
    machine => String[1],
    login => String,
    password => String
  }]

Parameters

The following parameters are available in the Apt::Auth_conf_entry data type:

machine

Hostname of machine to connect to.

login

Specifies the username to connect with.

password

Specifies the password to connect with.

Apt::Proxy

Configures Apt to connect to a proxy server.

Alias of

Struct[{
    ensure     => Optional[Enum['file', 'present', 'absent']],
    host       => Optional[String],
    port       => Optional[Integer[0, 65535]],
    https      => Optional[Boolean],
    https_acng => Optional[Boolean],
    direct     => Optional[Boolean],
    perhost    => Optional[Array[Apt::Proxy_Per_Host]],
  }]

Parameters

The following parameters are available in the Apt::Proxy data type:

ensure

Specifies whether the proxy should exist. Valid options: 'file', 'present', and 'absent'. Prefer 'file' over 'present'.

host

Specifies a proxy host to be stored in /etc/apt/apt.conf.d/01proxy. Valid options: a string containing a hostname.

port

Specifies a proxy port to be stored in /etc/apt/apt.conf.d/01proxy. Valid options: an integer containing a port number.

https

Specifies whether to enable https proxies.

direct

Specifies whether or not to use a DIRECT https proxy if http proxy is used but https is not.

Apt::Proxy_Per_Host

Adds per-host overrides to the system default APT proxy configuration

Alias of

Struct[{
    scope      => String,
    host       => Optional[String],
    port       => Optional[Integer[1, 65535]],
    https      => Optional[Boolean],
    direct     => Optional[Boolean],
  }]

Parameters

The following parameters are available in the Apt::Proxy_Per_Host data type:

scope

Specifies the scope of the override. Valid options: a string containing a hostname.

host

Specifies a proxy host to be stored in /etc/apt/apt.conf.d/01proxy. Valid options: a string containing a hostname.

port

Specifies a proxy port to be stored in /etc/apt/apt.conf.d/01proxy. Valid options: an integer containing a port number.

https

Specifies whether to enable https for this override.

direct

Specifies whether or not to use a DIRECT target to bypass the system default proxy.

Tasks

init

Allows you to perform apt-get functions

Supports noop? false

Parameters

action

Data type: Enum[update, upgrade, dist-upgrade, autoremove]

Action to perform with apt-get