When unattendedUpgrades is enabled on an Unstable or Testing system, configure it to allow the upgrades.

This commit is contained in:
Joey Hess 2014-04-19 13:17:25 -04:00
parent a2ef91929a
commit 86e7e4e58e
3 changed files with 20 additions and 1 deletions

View File

@ -192,7 +192,9 @@ autoRemove = runApt ["-y", "autoremove"]
unattendedUpgrades :: RevertableProperty
unattendedUpgrades = RevertableProperty enable disable
where
enable = setup True `before` Service.running "cron"
enable = setup True
`before` Service.running "cron"
`before` configure
disable = setup False
setup enabled = (if enabled then installed else removed) ["unattended-upgrades"]
@ -204,6 +206,16 @@ unattendedUpgrades = RevertableProperty enable disable
| enabled = "true"
| otherwise = "false"
configure = withOS "unattended upgrades configured" $ \o ->
case o of
-- the package defaults to only upgrading stable
(Just (System (Debian suite) _))
| not (isStable suite) -> ensureProperty $
"/etc/apt/apt.conf.d/50unattended-upgrades"
`File.containsLine`
("\t\"o=Debian,a="++showSuite suite++"\";")
_ -> noChange
-- | Preseeds debconf values and reconfigures the package so it takes
-- effect.
reConfigure :: Package -> [(String, String, String)] -> Property

5
TODO
View File

@ -24,3 +24,8 @@
the PrivData, and instead configured using the attr.
Getting the ssh host key into the attr will allow automatically
exporting it via DNS (SSHFP record)
* Should be possible to generate a metapackage of all packages that
properties direct apt to install. Then any other packages can be
auto-removed. This would just be a matter of storing the apt-installed
packages in an Attr. Although not removing essential and base packages
could be problimatic.

2
debian/changelog vendored
View File

@ -3,6 +3,8 @@ propellor (0.5.0) UNRELEASED; urgency=medium
* Removed root domain records from SOA. Instead, use RootDomain
when calling Dns.primary.
* Dns primary and secondary properties are now revertable.
* When unattendedUpgrades is enabled on an Unstable or Testing system,
configure it to allow the upgrades.
-- Joey Hess <joeyh@debian.org> Sat, 19 Apr 2014 10:46:35 -0400