Initial Chef repository

cookbooks/apt/recipes/cacher-client.rb

@@ -0,0 +1,83 @@
+#
+# Cookbook Name:: apt
+# Recipe:: cacher-client
+#
+# Copyright 2011-2013 Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class ::Chef::Recipe
+  include ::Apt
+end
+
+# remove Acquire::http::Proxy lines from /etc/apt/apt.conf since we use 01proxy
+# these are leftover from preseed installs
+execute 'Remove proxy from /etc/apt/apt.conf' do
+  command "sed --in-place '/^Acquire::http::Proxy/d' /etc/apt/apt.conf"
+  only_if 'grep Acquire::http::Proxy /etc/apt/apt.conf'
+end
+
+servers = []
+if node['apt']
+  if node['apt']['cacher_ipaddress']
+    cacher = Chef::Node.new
+    cacher.default.name = node['apt']['cacher_ipaddress']
+    cacher.default.ipaddress = node['apt']['cacher_ipaddress']
+    cacher.default.apt.cacher_port = node['apt']['cacher_port']
+    cacher.default.apt.cacher_interface = node['apt']['cacher_interface']
+    cacher.default.apt.cacher_ssl_support = node['apt']['cacher_ssl_support']
+    servers << cacher
+  elsif node['apt']['caching_server']
+    node.override['apt']['compiletime'] = false
+    servers << node
+  end
+end
+
+unless Chef::Config[:solo] || servers.length > 0
+  query = 'apt_caching_server:true'
+  query += " AND chef_environment:#{node.chef_environment}" if node['apt']['cacher-client']['restrict_environment']
+  Chef::Log.debug("apt::cacher-client searching for '#{query}'")
+  servers += search(:node, query)
+end
+
+if servers.length > 0
+  Chef::Log.info("apt-cacher-ng server found on #{servers[0]}.")
+  if servers[0]['apt']['cacher_interface']
+    cacher_ipaddress = interface_ipaddress(servers[0], servers[0]['apt']['cacher_interface'])
+  else
+    cacher_ipaddress = servers[0].ipaddress
+  end
+  t = template '/etc/apt/apt.conf.d/01proxy' do
+    source '01proxy.erb'
+    owner 'root'
+    group 'root'
+    mode 00644
+    variables(
+      :proxy => cacher_ipaddress,
+      :port => servers[0]['apt']['cacher_port'],
+      :proxy_ssl => servers[0]['apt']['cacher_ssl_support'],
+      :bypass => node['apt']['cache_bypass']
+      )
+    action(node['apt']['compiletime'] ? :nothing : :create)
+    notifies :run, 'execute[apt-get update]', :immediately
+  end
+  t.run_action(:create) if node['apt']['compiletime']
+else
+  Chef::Log.info('No apt-cacher-ng server found.')
+  file '/etc/apt/apt.conf.d/01proxy' do
+    action :delete
+  end
+end
+
+include_recipe 'apt::default'

cookbooks/apt/recipes/cacher-ng.rb

@@ -0,0 +1,43 @@
+#
+# Cookbook Name:: apt
+# Recipe:: cacher-ng
+#
+# Copyright 2008-2013, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the 'License');
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an 'AS IS' BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+node.set['apt']['caching_server'] = true
+
+package 'apt-cacher-ng' do
+  action :install
+end
+
+directory node['apt']['cacher_dir'] do
+  owner 'apt-cacher-ng'
+  group 'apt-cacher-ng'
+  mode 0755
+end
+
+template '/etc/apt-cacher-ng/acng.conf' do
+  source 'acng.conf.erb'
+  owner 'root'
+  group 'root'
+  mode 00644
+  notifies :restart, 'service[apt-cacher-ng]', :immediately
+end
+
+service 'apt-cacher-ng' do
+  supports :restart => true, :status => false
+  action [:enable, :start]
+end

cookbooks/apt/recipes/default.rb

@@ -0,0 +1,112 @@
+#
+# Cookbook Name:: apt
+# Recipe:: default
+#
+# Copyright 2008-2013, Chef Software, Inc.
+# Copyright 2009, Bryan McLellan <btm@loftninjas.org>
+#
+# Licensed under the Apache License, Version 2.0 (the 'License');
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an 'AS IS' BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# On systems where apt is not installed, the resources in this recipe are not
+# executed. However, they _must_ still be present in the resource collection
+# or other cookbooks which notify these resources will fail on non-apt-enabled
+# systems.
+
+Chef::Log.debug 'apt is not installed. Apt-specific resources will not be executed.' unless apt_installed?
+
+first_run_file = File.join(Chef::Config[:file_cache_path], 'apt_compile_time_update_first_run')
+
+file '/var/lib/apt/periodic/update-success-stamp' do
+  owner 'root'
+  group 'root'
+  only_if { apt_installed? }
+  action :nothing
+end
+
+# If compile_time_update run apt-get update at compile time
+if node['apt']['compile_time_update'] && (!::File.exist?('/var/lib/apt/periodic/update-success-stamp') || !::File.exist?(first_run_file))
+  e = bash 'apt-get-update at compile time' do
+    code <<-EOH
+      apt-get update
+      touch #{first_run_file}
+    EOH
+    ignore_failure true
+    only_if { apt_installed? }
+    action :nothing
+    notifies :touch, 'file[/var/lib/apt/periodic/update-success-stamp]', :immediately
+  end
+  e.run_action(:run)
+end
+
+# Updates 'apt-get update' timestamp after each update success
+directory '/etc/apt/apt.conf.d' do
+  recursive true
+end
+
+cookbook_file '/etc/apt/apt.conf.d/15update-stamp' do
+  source '15update-stamp'
+end
+
+# Run apt-get update to create the stamp file
+execute 'apt-get-update' do
+  command 'apt-get update'
+  ignore_failure true
+  only_if { apt_installed? }
+  not_if { ::File.exist?('/var/lib/apt/periodic/update-success-stamp') }
+  notifies :touch, 'file[/var/lib/apt/periodic/update-success-stamp]', :immediately
+end
+
+# For other recipes to call to force an update
+execute 'apt-get update' do
+  command 'apt-get update'
+  ignore_failure true
+  only_if { apt_installed? }
+  action :nothing
+  notifies :touch, 'file[/var/lib/apt/periodic/update-success-stamp]', :immediately
+end
+
+# Automatically remove packages that are no longer needed for dependencies
+execute 'apt-get autoremove' do
+  command 'apt-get -y autoremove'
+  only_if { apt_installed? }
+  action :nothing
+end
+
+# Automatically remove .deb files for packages no longer on your system
+execute 'apt-get autoclean' do
+  command 'apt-get -y autoclean'
+  only_if { apt_installed? }
+  action :nothing
+end
+
+execute 'apt-get-update-periodic' do
+  command 'apt-get update'
+  ignore_failure true
+  only_if do
+    apt_installed? &&
+      ::File.exist?('/var/lib/apt/periodic/update-success-stamp') &&
+      ::File.mtime('/var/lib/apt/periodic/update-success-stamp') < Time.now - node['apt']['periodic_update_min_delay']
+  end
+  notifies :touch, 'file[/var/lib/apt/periodic/update-success-stamp]', :immediately
+end
+
+%w(/var/cache/local /var/cache/local/preseeding).each do |dirname|
+  directory dirname do
+    owner 'root'
+    group 'root'
+    mode 00755
+    action :create
+    only_if { apt_installed? }
+  end
+end

cookbooks/apt/recipes/unattended-upgrades.rb

@@ -0,0 +1,47 @@
+#
+# Cookbook Name:: apt
+# Recipe:: unattended-upgrades
+#
+# Copyright 2014, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the 'License');
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an 'AS IS' BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# On systems where apt is not installed, the resources in this recipe are not
+# executed. However, they _must_ still be present in the resource collection
+# or other cookbooks which notify these resources will fail on non-apt-enabled
+# systems.
+#
+
+package 'unattended-upgrades' do
+  response_file 'unattended-upgrades.seed.erb'
+  action :install
+end
+
+package 'bsd-mailx' do
+  only_if { node['apt']['unattended_upgrades']['mail'] }
+end
+
+template '/etc/apt/apt.conf.d/20auto-upgrades' do
+  owner 'root'
+  group 'root'
+  mode '644'
+  source '20auto-upgrades.erb'
+end
+
+template '/etc/apt/apt.conf.d/50unattended-upgrades' do
+  owner 'root'
+  group 'root'
+  mode '644'
+  source '50unattended-upgrades.erb'
+end