Forge Home

aptdater

contributions requested
apt-dater setup
Project URLRSS FeedReport issues

4,985 downloads

4,985 latest version

3.3 quality score

Support the Puppet Community by contributing to this module

You are welcome to contribute to this module by suggesting new features, currency updates, or fixes. Every contribution is valuable to help ensure that the module remains compatible with the latest Puppet versions and continues to meet community needs. Complete the following steps:

  1. Review the module’s contribution guidelines and any licenses. Ensure that your planned contribution aligns with the author’s standards and any legal requirements.
  2. Fork the repository on GitHub, make changes on a branch of your fork, and submit a pull request. The pull request must clearly document your proposed change.

For questions about updating the module, contact the module’s author.

Version information

  • 0.1.0 (latest)
released May 7th 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • Ubuntu

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'fheinle-aptdater', '0.1.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add fheinle-aptdater
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install fheinle-aptdater --version 0.1.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

fheinle/aptdater — version 0.1.0 May 7th 2018

puppet-aptdater

This module will install apt-dater, an ncurses-frontend to apt on multiple hosts, backed by SSH.

Setup

To set things up, you'll have to create a private/public key pair for SSH access to the nodes managed by apt-dater. It's wise to also create a dedicated user on each host and (at least somewhat) limit what the user can do with sudo by restricting usable commands to apt-get and aptitude (for dependency mgmt).

What puppet-aptdater affects

  • one host holds a SSH private key to log in to all configured clients
  • all clients hold the public corresponding SSH pubkey
  • client hosts have users with limited sudo access to apt-get for running updates and regular access to everything else
  • on the central node, there's an ncurses frontend to view and manage available updates on each host.

How to set up a central and several client nodes

  • Assign the aptdater class to each node
  • set the $ishost attribute to true for one of them

Additional requirements:

  • Create a private key, install it to /etc/apt-dater/ssh/id_rsa and distribute the corresponding public key to the apt-dater user on each client node.
node central.example.com {

  class { 'apt-dater':
    ishost => true,
  }

  file { 'apt-dater-private-key':
    ensure => 'present',
    path   => '/etc/apt-dater/ssh/id_rsa',
    owner  => 'apt-dater',
    group  => 'apt-dater',
    mode   => '0600',
    content => file('aptdater/obviouslyyouneedtocreateaprivatekeyyourself')
  }
}

node client1.example.com {

  include ::apt-dater

  ssh_authorized_key { "apt-dater-${::facts['fqdn']}":
    ensure => 'present',
    user   => 'apt-dater',
    type   => 'ssh-rsa',
    key    => file('aptdater/alsoheregoesthepublickeypath'),
    target => ['from="central.example.com"]
  }
}

Usage

Having installed apt-dater on all hosts, just run the frontend apt-dater on your central node and manage updates from there.

Reference

There's only one class:

Class aptdater

  • ishost (Boolean): Install this host as a management node
  • username (String) Default: apt-dater: The username that should hold sudo rights on the client nodes. If you change this, make sure to change apt-dater's app config, too.
  • homedir (String) Default: /home/apt-dater: Used only for holding the pubkey

Limitations

  • This module currently just installs pretty vanilla settings for apt-dater, if you want a lot of customization, feel free to add it.

Links