Mercurial > repos > other > Puppet
changeset 131:0dd899a10ee1 puppet-3.6
Change all "latest" packages to "installed"
Having Puppet update packages is dangerous and not correct sysadmin.
We have a script for checking for updates. Let that run and let the
sysadmin update when appropriate.
This will prevent any potential issues from faulty service restarts
in the middle of the night.
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Wed, 26 Oct 2016 19:40:37 +0100 |
| parents | eb32a4978a7c |
| children | 9af4b04c2667 |
| files | manifests/templates.pp modules/dovecot/manifests/init.pp modules/postfix/manifests/init.pp modules/vcs/manifests/init.pp modules/website/manifests/php.pp |
| diffstat | 5 files changed, 14 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/manifests/templates.pp Thu Oct 06 19:02:30 2016 +0100 +++ b/manifests/templates.pp Wed Oct 26 19:40:37 2016 +0100 @@ -219,13 +219,13 @@ class tools { $packages = [ 'sqlite', 'bash-completion', 'nano', 'bzip2', 'mlocate', 'patch' ] package { $packages: - ensure => latest; + ensure => installed; } } class logrotate { package { 'logrotate': - ensure => latest; + ensure => installed; } file { '/etc/logrotate.d/httpd': ensure => present, @@ -241,7 +241,7 @@ class logwatch { package { 'logwatch': - ensure => latest; + ensure => installed; } File { ensure => present, @@ -307,7 +307,7 @@ $firewall_cmd, ) { package { 'fail2ban': - ensure => latest, + ensure => installed, } service { 'fail2ban': ensure => running, @@ -546,7 +546,7 @@ # Graphviz for Trac "master ticket" graphs package { 'graphviz': - ensure => latest, + ensure => installed, } website::https::multitld { 'www.warfoundry': @@ -664,7 +664,7 @@ class cronjobs { # Add Mutt for scripts that send emails, but stop it clogging the disk by keeping copies of emails package { 'mutt': - ensure => latest, + ensure => installed, } file { '/etc/Muttrc.local': content => 'set copy = no',
--- a/modules/dovecot/manifests/init.pp Thu Oct 06 19:02:30 2016 +0100 +++ b/modules/dovecot/manifests/init.pp Wed Oct 26 19:40:37 2016 +0100 @@ -2,7 +2,7 @@ $imapserver, ) { package { 'dovecot': - ensure => latest, + ensure => installed, } File { ensure => present,
--- a/modules/postfix/manifests/init.pp Thu Oct 06 19:02:30 2016 +0100 +++ b/modules/postfix/manifests/init.pp Wed Oct 26 19:40:37 2016 +0100 @@ -8,7 +8,7 @@ ensure => stopped, } package { 'postfix': - ensure => latest; + ensure => installed; } service { 'postfix': ensure => running, @@ -114,6 +114,6 @@ } $perl_pkgs = [ 'perl', 'perl-NetAddr-IP', 'perl-Mail-SPF', 'perl-version', 'perl-Sys-Hostname-Long'] package { $perl_pkgs: - ensure => latest, + ensure => installed, } }
--- a/modules/vcs/manifests/init.pp Thu Oct 06 19:02:30 2016 +0100 +++ b/modules/vcs/manifests/init.pp Wed Oct 26 19:40:37 2016 +0100 @@ -4,7 +4,7 @@ "mercurial_keyring", "git" ]: - ensure => latest + ensure => installed } } @@ -13,7 +13,7 @@ Package["mercurial_keyring"], Package["git"]) package { "hgview": - ensure => latest; + ensure => installed; } }
--- a/modules/website/manifests/php.pp Thu Oct 06 19:02:30 2016 +0100 +++ b/modules/website/manifests/php.pp Wed Oct 26 19:40:37 2016 +0100 @@ -14,7 +14,7 @@ Package <| tag == 'website' |> -> File <| tag == 'website' |> define website::php::extra_php ($pkg = $title) { package { "php${website::php::suffix}-${pkg}": - ensure => latest, + ensure => installed, } } @@ -22,7 +22,7 @@ $packages = [ "php${suffix}", "php${suffix}-mcrypt", "php${suffix}-mbstring", "php${suffix}-xml", "php${suffix}-gd" ] package { $packages: - ensure => latest, + ensure => installed, } file { '/etc/php.d/custom-lockdown.ini': ensure => present, @@ -36,7 +36,7 @@ if $opcache { package { "php${suffix}-${opcache}": - ensure => latest, + ensure => installed, notify => Service['httpd'], require => Package["php${suffix}"], }