#
-# Cookbook Name:: apt
+# Cookbook:: apt
# Recipe:: default
#
-# Copyright 2010, Tom Hughes
+# Copyright:: 2010, Tom Hughes
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
package %w[
apt
apt-transport-https
- update-notifier-common
+ gnupg
]
+package "update-notifier-common" if platform?("ubuntu")
+
file "/etc/motd.tail" do
action :delete
end
+apt_preference "cciss-vol-status" do
+ pin "origin *.ubuntu.com"
+ pin_priority "1100"
+end
+
apt_update "/etc/apt/sources.list" do
action :nothing
end
-archive_host = if node[:country]
- "#{node[:country]}.archive.ubuntu.com"
- else
- "archive.ubuntu.com"
- end
+dpkg_arch = node[:packages][:systemd][:arch]
+
+if platform?("debian")
+ archive_host = "deb.debian.org"
+ archive_security_host = archive_host
+ archive_distro = "debian"
+ archive_security_distro = "debian-security"
+ archive_suites = %w[main updates backports security]
+ archive_components = %w[main contrib non-free non-free-firmware]
+ backport_packages = case node[:lsb][:codename]
+ when "bookworm" then %W[amd64-microcode exim4 firmware-free firmware-nonfree intel-microcode libosmium linux-signed-#{dpkg_arch} osm2pgsql otrs2 pyosmium smartmontools systemd]
+ else %W[]
+ end
+elsif intel?
+ archive_host = if node[:country]
+ "#{node[:country]}.archive.ubuntu.com"
+ else
+ "archive.ubuntu.com"
+ end
+ archive_security_host = "security.ubuntu.com"
+ archive_distro = "ubuntu"
+ archive_security_distro = archive_distro
+ archive_suites = %w[main updates backports security]
+ archive_components = %w[main restricted universe multiverse]
+ backport_packages = %w[]
+else
+ archive_host = "ports.ubuntu.com"
+ archive_security_host = archive_host
+ archive_distro = "ubuntu-ports"
+ archive_security_distro = archive_distro
+ archive_suites = %w[main updates backports security]
+ archive_components = %w[main restricted universe multiverse]
+ backport_packages = %w[]
+end
template "/etc/apt/sources.list" do
source "sources.list.erb"
owner "root"
group "root"
- mode 0o644
- variables :archive_host => archive_host, :codename => node[:lsb][:codename]
+ mode "644"
+ variables :archive_host => archive_host,
+ :archive_security_host => archive_security_host,
+ :archive_distro => archive_distro,
+ :archive_security_distro => archive_security_distro,
+ :archive_suites => archive_suites,
+ :archive_components => archive_components,
+ :codename => node[:lsb][:codename]
notifies :update, "apt_update[/etc/apt/sources.list]", :immediately
end
-repository_actions = Hash.new do |_, repository|
- node[:apt][:sources].include?(repository) ? :add : :remove
-end
-
-apt_repository "brightbox-ruby-ng" do
- action repository_actions["brightbox-ruby-ng"]
- uri "ppa:brightbox/ruby-ng"
-end
-
-apt_repository "ubuntugis-stable" do
- action repository_actions["ubuntugis-stable"]
- uri "ppa:ubuntugis/ppa"
+if backport_packages.empty?
+ apt_preference "backports" do
+ action :remove
+ end
+else
+ apt_preference "backports" do
+ glob backport_packages.sort.map { |p| "src:#{p}" }.join(" ")
+ pin "release n=#{node[:lsb][:codename]}-backports"
+ pin_priority "500"
+ end
end
-apt_repository "ubuntugis-unstable" do
- action repository_actions["ubuntugis-unstable"]
- uri "ppa:ubuntugis/ubuntugis-unstable"
+execute "apt-cache-gencaches" do
+ action :nothing
+ command "apt-cache gencaches"
+ subscribes :run, "apt_preference[backports]", :immediately
end
apt_repository "openstreetmap" do
- action repository_actions["openstreetmap"]
- uri "ppa:osmadmins/ppa"
-end
-
-apt_repository "squid2" do
- action repository_actions["squid2"]
- uri "ppa:osmadmins/squid2"
-end
-
-apt_repository "squid3" do
- action repository_actions["squid3"]
- uri "ppa:osmadmins/squid3"
-end
-
-apt_repository "management-component-pack" do
- action repository_actions["management-component-pack"]
- uri "https://downloads.linux.hpe.com/SDR/repo/mcp"
- distribution "#{node[:lsb][:codename]}/current"
- components ["non-free"]
- key "C208ADDE26C2B797"
-end
-
-apt_repository "hwraid" do
- action repository_actions["hwraid"]
- uri "https://hwraid.le-vert.net/ubuntu"
- distribution "precise"
- components ["main"]
- key "6005210E23B3D3B4"
-end
-
-apt_repository "nginx" do
- action repository_actions["nginx"]
- uri "https://nginx.org/packages/ubuntu"
- components ["nginx"]
- key "ABF5BD827BD9BF62"
-end
-
-apt_repository "elasticsearch5.x" do
- action repository_actions["elasticsearch5.x"]
- uri "https://artifacts.elastic.co/packages/5.x/apt"
- distribution "stable"
- components ["main"]
- key "D27D666CD88E42B4"
-end
-
-apt_repository "elasticsearch6.x" do
- action repository_actions["elasticsearch6.x"]
- uri "https://artifacts.elastic.co/packages/6.x/apt"
- distribution "stable"
- components ["main"]
- key "D27D666CD88E42B4"
-end
-
-apt_repository "passenger" do
- action repository_actions["passenger"]
- uri "https://oss-binaries.phusionpassenger.com/apt/passenger"
- components ["main"]
- key "561F9B9CAC40B2F7"
-end
-
-apt_repository "postgresql" do
- action repository_actions["postgresql"]
- uri "https://apt.postgresql.org/pub/repos/apt"
- distribution "#{node[:lsb][:codename]}-pgdg"
- components ["main"]
- key "7FCC7D46ACCC4CF8"
-end
-
-apt_repository "mediawiki" do
- action repository_actions["mediawiki"]
- uri "https://releases.wikimedia.org/debian"
- distribution "jessie-mediawiki"
+ uri "https://apt.openstreetmap.org"
components ["main"]
- key "90E9F83F22250DD7"
+ key "https://apt.openstreetmap.org/gpg.key"
end
package "unattended-upgrades"
file "/etc/apt/apt.conf.d/20auto-upgrades" do
user "root"
group "root"
- mode 0o644
+ mode "644"
content auto_upgrades
end
end
source "apt.conf.erb"
owner "root"
group "root"
- mode 0o644
+ mode "644"
end