Forge Home

aptdater

apt-dater setup

4,853 downloads

4,853 latest version

3.3 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.0 (latest)
released May 7th 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'fheinle-aptdater', '0.1.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add fheinle-aptdater
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install fheinle-aptdater --version 0.1.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

fheinle/aptdater — version 0.1.0 May 7th 2018

puppet-aptdater

This module will install apt-dater, an ncurses-frontend to apt on multiple hosts, backed by SSH.

Setup

To set things up, you'll have to create a private/public key pair for SSH access to the nodes managed by apt-dater. It's wise to also create a dedicated user on each host and (at least somewhat) limit what the user can do with sudo by restricting usable commands to apt-get and aptitude (for dependency mgmt).

What puppet-aptdater affects

  • one host holds a SSH private key to log in to all configured clients
  • all clients hold the public corresponding SSH pubkey
  • client hosts have users with limited sudo access to apt-get for running updates and regular access to everything else
  • on the central node, there's an ncurses frontend to view and manage available updates on each host.

How to set up a central and several client nodes

  • Assign the aptdater class to each node
  • set the $ishost attribute to true for one of them

Additional requirements:

  • Create a private key, install it to /etc/apt-dater/ssh/id_rsa and distribute the corresponding public key to the apt-dater user on each client node.
node central.example.com {

  class { 'apt-dater':
    ishost => true,
  }

  file { 'apt-dater-private-key':
    ensure => 'present',
    path   => '/etc/apt-dater/ssh/id_rsa',
    owner  => 'apt-dater',
    group  => 'apt-dater',
    mode   => '0600',
    content => file('aptdater/obviouslyyouneedtocreateaprivatekeyyourself')
  }
}

node client1.example.com {

  include ::apt-dater

  ssh_authorized_key { "apt-dater-${::facts['fqdn']}":
    ensure => 'present',
    user   => 'apt-dater',
    type   => 'ssh-rsa',
    key    => file('aptdater/alsoheregoesthepublickeypath'),
    target => ['from="central.example.com"]
  }
}

Usage

Having installed apt-dater on all hosts, just run the frontend apt-dater on your central node and manage updates from there.

Reference

There's only one class:

Class aptdater

  • ishost (Boolean): Install this host as a management node
  • username (String) Default: apt-dater: The username that should hold sudo rights on the client nodes. If you change this, make sure to change apt-dater's app config, too.
  • homedir (String) Default: /home/apt-dater: Used only for holding the pubkey

Limitations

  • This module currently just installs pretty vanilla settings for apt-dater, if you want a lot of customization, feel free to add it.

Links