0-change sugar
* Make system.repo more readable
Change-Id: I0f28e71f4b00422a70006559525e5be24c4cb065
diff --git a/linux/system/repo.sls b/linux/system/repo.sls
index 303ea9c..e098a43 100644
--- a/linux/system/repo.sls
+++ b/linux/system/repo.sls
@@ -5,9 +5,9 @@
pkg.installed:
- pkgs: {{ system.pkgs }}
-# global proxy setup
-{%- if system.proxy.get('pkg', {}).get('enabled', False) %}
-{%- if grains.os_family == 'Debian' %}
+ # global proxy setup
+ {%- if system.proxy.get('pkg', {}).get('enabled', False) %}
+ {%- if grains.os_family == 'Debian' %}
/etc/apt/apt.conf.d/99proxies-salt:
file.managed:
@@ -18,33 +18,28 @@
https: {{ system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), true) }}
http: {{ system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), true) }}
ftp: {{ system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), true) }}
-
-{%- else %}
-
+ {%- else %}
/etc/apt/apt.conf.d/99proxies-salt:
file.absent
+ {%- endif %}
+ {%- endif %}
-{%- endif %}
-{%- endif %}
+ {% set default_repos = {} %}
-{% set default_repos = {} %}
-
-{%- if system.purge_repos|default(False) %}
-
+ {%- if system.purge_repos|default(False) %}
purge_sources_list_d_repos:
file.directory:
- name: /etc/apt/sources.list.d/
- clean: True
+ {%- endif %}
-{%- endif %}
-
-{%- for name, repo in system.repo.items() %}
-{%- set name=repo.get('name', name) %}
-{%- if grains.os_family == 'Debian' %}
+ {%- for name, repo in system.repo.items() %}
+ {%- set name=repo.get('name', name) %}
+ {%- if grains.os_family == 'Debian' %}
# per repository proxy setup
-{%- if repo.get('proxy', {}).get('enabled', False) %}
-{%- set external_host = repo.proxy.get('host', None) or repo.source.split('/')[2] %}
+ {%- if repo.get('proxy', {}).get('enabled', False) %}
+ {%- set external_host = repo.proxy.get('host', None) or repo.source.split('/')[2] %}
/etc/apt/apt.conf.d/99proxies-salt-{{ name }}:
file.managed:
- template: jinja
@@ -54,13 +49,12 @@
https: {{ repo.proxy.get('https', None) or system.proxy.get('pkg', {}).get('https', None) | default(system.proxy.get('https', None), True) }}
http: {{ repo.proxy.get('http', None) or system.proxy.get('pkg', {}).get('http', None) | default(system.proxy.get('http', None), True) }}
ftp: {{ repo.proxy.get('ftp', None) or system.proxy.get('pkg', {}).get('ftp', None) | default(system.proxy.get('ftp', None), True) }}
-{%- else %}
+ {%- else %}
/etc/apt/apt.conf.d/99proxies-salt-{{ name }}:
file.absent
-{%- endif %}
+ {%- endif %}
-{%- if repo.pin is defined %}
-
+ {%- if repo.pin is defined %}
linux_repo_{{ name }}_pin:
file.managed:
- name: /etc/apt/preferences.d/{{ name }}
@@ -68,160 +62,147 @@
- template: jinja
- defaults:
repo_name: {{ name }}
-
-{%- else %}
-
+ {%- else %}
linux_repo_{{ name }}_pin:
file.absent:
- name: /etc/apt/preferences.d/{{ name }}
+ {%- endif %}
-{%- endif %}
-
-{%- if repo.get('key') %} {# 2 #}
-
+ {%- if repo.get('key') %} {# 2 #}
linux_repo_{{ name }}_key:
cmd.run:
- name: |
echo "{{ repo.key | indent(12) }}" | apt-key add -
- require_in:
- {%- if repo.get('default', False) %}
+ {%- if repo.get('default', False) %}
- file: default_repo_list
- {% else %}
+ {% else %}
- pkgrepo: linux_repo_{{ name }}
- {% endif %}
+ {% endif %}
-{# key_url fetch by curl when salt <2017.7, higher version of salt has fixed bug for using a proxy_host/port specified at minion.conf #}
-{#
- NOTE: curl/cmd.run usage to fetch gpg key has limited functionality behind proxy. Environments with salt >= 2017.7 should use
- key_url specified at pkgrepo.manage state (which uses properly configured http_host at minion.conf). Older versions of
- salt require to have proxy set at ENV and curl way to fetch gpg key here can have a sense for backward compatibility.
+{# key_url fetch by curl when salt <2017.7, higher version of salt has
+ fixed bug for using a proxy_host/port specified at minion.conf
- Be aware that as of salt 2018.3 no_proxy option is not implemented at all.
+ NOTE: curl/cmd.run usage to fetch gpg key has limited functionality behind proxy.
+ Environments with salt >= 2017.7 should use key_url specified at
+ pkgrepo.manage state (which uses properly configured http_host at
+ minion.conf). Older versions of salt require to have proxy set at
+ ENV and curl way to fetch gpg key here can have a sense for backward
+ compatibility. Be aware that as of salt 2018.3 no_proxy option is
+ not implemented at all.
#}
-{%- elif repo.key_url|default(False) and grains['saltversioninfo'] < [2017, 7] and not repo.key_url.startswith('salt://') %}
-
-
+ {%- elif repo.key_url|default(False) and grains['saltversioninfo'] < [2017, 7] and not repo.key_url.startswith('salt://') %}
linux_repo_{{ name }}_key:
cmd.run:
- name: "curl -sL {{ repo.key_url }} | apt-key add -"
- require_in:
- {%- if repo.get('default', False) %}
+ {%- if repo.get('default', False) %}
- file: default_repo_list
- {% else %}
+ {% else %}
- pkgrepo: linux_repo_{{ name }}
- {% endif %}
+ {% endif %}
+ {%- endif %}
-{%- endif %} {# 2 #}
+ {%- if repo.get('default', False) %}
+ {%- do default_repos.update({name: repo}) %}
+ {%- else %}
-{%- if repo.get('default', False) %} {# 1 #}
- {%- do default_repos.update({name: repo}) %} {# for 'default' repos #}
-
-{%- else %} {# for all others repos #}
-
-{%- if repo.get('enabled', True) %}
-
+ {%- if repo.get('enabled', True) %}
linux_repo_{{ name }}:
pkgrepo.managed:
- {%- if repo.ppa is defined %}
+ {%- if repo.ppa is defined %}
- ppa: {{ repo.ppa }}
- {%- else %}
+ {%- else %}
- humanname: {{ name }}
- name: {{ repo.source }}
- {%- if repo.architectures is defined %}
+ {%- if repo.architectures is defined %}
- architectures: {{ repo.architectures }}
- {%- endif %}
+ {%- endif %}
- file: /etc/apt/sources.list.d/{{ name }}.list
- clean_file: {{ repo.clean|default(True) }}
- {%- if repo.key_id is defined %}
+ {%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }}
- {%- endif %}
- {%- if repo.key_server is defined %}
+ {%- endif %}
+ {%- if repo.key_server is defined %}
- keyserver: {{ repo.key_server }}
- {%- endif %}
- {%- if repo.key_url is defined and (grains['saltversioninfo'] >= [2017, 7] or repo.key_url.startswith('salt://')) %}
+ {%- endif %}
+ {%- if repo.key_url is defined and (grains['saltversioninfo'] >= [2017, 7] or repo.key_url.startswith('salt://')) %}
- key_url: {{ repo.key_url }}
- {%- endif %}
+ {%- endif %}
- consolidate: {{ repo.get('consolidate', False) }}
- clean_file: {{ repo.get('clean_file', False) }}
- refresh_db: {{ repo.get('refresh_db', True) }}
- require:
+ # FIXME remove this usless part
- pkg: linux_repo_prereq_pkgs
- {%- if repo.get('proxy', {}).get('enabled', False) %}
+ {%- if repo.get('proxy', {}).get('enabled', False) %}
- file: /etc/apt/apt.conf.d/99proxies-salt-{{ name }}
- {%- endif %}
- {%- if system.proxy.get('pkg', {}).get('enabled', False) %}
+ {%- endif %}
+ {%- if system.proxy.get('pkg', {}).get('enabled', False) %}
- file: /etc/apt/apt.conf.d/99proxies-salt
- {%- endif %}
- {%- if system.purge_repos|default(False) %}
+ {%- endif %}
+ {%- if system.purge_repos|default(False) %}
- file: purge_sources_list_d_repos
- {%- endif %}
- {%- endif %}
-
-{%- else %}
-
+ {%- endif %}
+ {%- endif %}
+ {%- else %}
linux_repo_{{ name }}_absent:
pkgrepo.absent:
- {%- if repo.ppa is defined %}
+ {%- if repo.ppa is defined %}
- ppa: {{ repo.ppa }}
- {%- if repo.key_id is defined %}
+ {%- if repo.key_id is defined %}
- keyid_ppa: {{ repo.keyid_ppa }}
- {%- endif %}
- {%- else %}
+ {%- endif %}
+ {%- else %}
- file: /etc/apt/sources.list.d/{{ name }}.list
- {%- if repo.key_id is defined %}
+ {%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }}
- {%- endif %}
- {%- endif %}
+ {%- endif %}
+ {%- endif %}
file.absent:
- name: /etc/apt/sources.list.d/{{ name }}.list
+ {%- endif %}
+ {%- endif %} {# 1 #}
-{%- endif %}
+ {%- endif %}
-{%- endif %} {# 1 #}
+ {%- if grains.os_family == "RedHat" %}
-{#- os_family Debian #}
-{%- endif %}
+ {%- if repo.get('enabled', True) %}
-{%- if grains.os_family == "RedHat" %}
-
-{%- if repo.get('enabled', True) %}
-
-{%- if repo.get('proxy', {}).get('enabled', False) %}
+ {%- if repo.get('proxy', {}).get('enabled', False) %}
# PLACEHOLDER
# TODO, implement per proxy configuration for Yum
-{%- endif %}
+ {%- endif %}
-{%- if not repo.get('default', False) %}
+ {%- if not repo.get('default', False) %}
linux_repo_{{ name }}:
pkgrepo.managed:
- name: {{ name }}
- humanname: {{ repo.get('humanname', name) }}
- {%- if repo.mirrorlist is defined %}
+ {%- if repo.mirrorlist is defined %}
- mirrorlist: {{ repo.mirrorlist }}
- {%- else %}
+ {%- else %}
- baseurl: {{ repo.source }}
- {%- endif %}
+ {%- endif %}
- gpgcheck: {% if repo.get('gpgcheck', False) %}1{% else %}0{% endif %}
- {%- if repo.gpgkey is defined %}
+ {%- if repo.gpgkey is defined %}
- gpgkey: {{ repo.gpgkey }}
- {%- endif %}
+ {%- endif %}
- require:
- pkg: linux_repo_prereq_pkgs
-{%- endif %}
+ {%- endif %}
-{#- repo.enabled is false #}
-{%- else %}
+ {%- else %}
pkgrepo.absent:
- name: {{ repo.source }}
-{%- endif %}
+ {%- endif %}
-{#- os_family Redhat #}
-{%- endif %}
+ {%- endif %}
-{#- repo.items() loop #}
-{%- endfor %}
+ {%- endfor %}
-{%- if default_repos|length > 0 and grains.os_family == 'Debian' %}
+ {%- if default_repos|length > 0 and grains.os_family == 'Debian' %}
default_repo_list:
file.managed:
@@ -231,9 +212,9 @@
- user: root
- group: root
- mode: 0644
-{%- if system.purge_repos|default(False) %}
+ {%- if system.purge_repos|default(False) %}
- replace: True
-{%- endif %}
+ {%- endif %}
- defaults:
default_repos: {{ default_repos }}
- require:
@@ -245,6 +226,6 @@
- watch:
- file: default_repo_list
-{%- endif %}
+ {%- endif %}
{%- endif %}