Add unattended upgrades support

author Grant Slater <openstreetmap@firefishy.com>

Thu, 31 Dec 2015 08:19:30 +0000 (08:19 +0000)

committer Tom Hughes <tom@compton.nu>

Thu, 31 Dec 2015 08:20:49 +0000 (08:20 +0000)
author Grant Slater <openstreetmap@firefishy.com>
Thu, 31 Dec 2015 08:19:30 +0000 (08:19 +0000)
committer Tom Hughes <tom@compton.nu>
Thu, 31 Dec 2015 08:20:49 +0000 (08:20 +0000)
diff --git a/cookbooks/apt/attributes/default.rb b/cookbooks/apt/attributes/default.rb

index f15361411360fef0978c6203cfcf447e7145691e..f75ed9e34abe5f4a77f1591ceea00011136f4b61 100644 (file)
--- a/cookbooks/apt/attributes/default.rb
+++ b/cookbooks/apt/attributes/default.rb
@@ -1 +1,4 @@
  default_unless[:apt][:sources] = []
  default_unless[:apt][:sources] = []
+
+default[:apt][:unattended_upgrades][:enable] = true
+default[:apt][:unattended_upgrades][:remove_unused_dependencies] = true
diff --git a/cookbooks/apt/recipes/default.rb b/cookbooks/apt/recipes/default.rb

index 7467ef16b845ad964030fda27218014a60227026..2fcc6fa7871b3559a4b5827c2c6c45d5c063a376 100644 (file)
--- a/cookbooks/apt/recipes/default.rb
+++ b/cookbooks/apt/recipes/default.rb
@@ -109,3 +109,25 @@ apt_source "postgresql" do
    url "http://apt.postgresql.org/pub/repos/apt"
    key "ACCC4CF8"
  end
    url "http://apt.postgresql.org/pub/repos/apt"
    key "ACCC4CF8"
  end
+
+package "unattended-upgrades"
+
+auto_upgrades = if node[:apt][:unattended_upgrades][:enable]
+                  IO.read("/usr/share/unattended-upgrades/20auto-upgrades")
+                else
+                  IO.read("/usr/share/unattended-upgrades/20auto-upgrades-disabled")
+                end
+
+file "/etc/apt/apt.conf.d/20auto-upgrades" do
+  user "root"
+  group "root"
+  mode 0644
+  content auto_upgrades
+end
+
+template "/etc/apt/apt.conf.d/60chef" do
+  source "apt.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
diff --git a/cookbooks/apt/templates/default/apt.conf.erb b/cookbooks/apt/templates/default/apt.conf.erb

new file mode 100644 (file)

index 0000000..b0552bb
--- /dev/null
+++ b/cookbooks/apt/templates/default/apt.conf.erb
@@ -0,0 +1,5 @@
+// DO NOT EDIT - This file is being maintained by Chef
+
+// Do automatic removal of new unused dependencies after the upgrade
+// (equivalent to apt-get autoremove)
+Unattended-Upgrade::Remove-Unused-Dependencies "<%= node[:apt][:unattended_upgrades][:remove_unused_dependencies] ? 'true' : 'false' %>";
diff --git a/roles/db.rb b/roles/db.rb

index 6fcb9bd676b4da0209be354c593fea660000b847..670b745fd78a264aefa9ed50ac8f7dbee8998275 100644 (file)
--- a/roles/db.rb
+++ b/roles/db.rb
@@ -10,6 +10,11 @@ default_attributes(
        }
      }
    },
        }
      }
    },
+  :apt => {
+    :unattended_upgrades => {
+      :enable => false
+    }
+  },
    :munin => {
      :plugins => {
        :postgres_connections_openstreetmap => {
    :munin => {
      :plugins => {
        :postgres_connections_openstreetmap => {
author	Grant Slater <openstreetmap@firefishy.com>
	Thu, 31 Dec 2015 08:19:30 +0000 (08:19 +0000)
committer	Tom Hughes <tom@compton.nu>
	Thu, 31 Dec 2015 08:20:49 +0000 (08:20 +0000)
cookbooks/apt/attributes/default.rb		patch \| blob \| history
cookbooks/apt/recipes/default.rb		patch \| blob \| history
cookbooks/apt/templates/default/apt.conf.erb	[new file with mode: 0644]	patch \| blob
roles/db.rb		patch \| blob \| history