diff --git a/manifests/auth.pp b/manifests/auth.pp new file mode 100644 index 0000000000..23af75ec9b --- /dev/null +++ b/manifests/auth.pp @@ -0,0 +1,43 @@ +# @summary Manages the Apt auth conf in /etc/apt/auth.conf.d/. +# +# @example Install the puppetlabs apt auth +# apt::auth { 'puppetlabs': +# machine => 'apt.puppetlabs.com', +# login => 'apt', +# password => 'password', +# } +# +# @param ensure +# Specifies whether the Apt auth file should exist. Valid options: 'present' and 'absent'. +# +# @param machine +# The machine entry specifies the auth URI. +# +# @param login +# The username to be used. +# +# @param password +# The password to be used. +# + +define apt::auth ( + String $ensure = 'present', + String $machine = $name, + String $login = undef, + String $password = undef, +) { + $content = epp('apt/auth_conf.d.epp', + machine => $machine, + login => $login, + password => $password + ) + + file { "${apt::auth_conf_d}/${name}.conf": + ensure => $ensure, + owner => $apt::auth_conf_owner, + group => 'root', + mode => '0600', + content => Sensitive($content), + notify => Class['apt::update'], + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 5ad48433f5..7d0caccd4a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -87,6 +87,9 @@ # @param sources # Hash of `apt::source` resources. # +# @param auths +# Creates new `apt::auth` resources. Valid options: a hash to be passed to the create_resources function linked above. +# # @param keys # Hash of `apt::key` resources. # @@ -145,6 +148,9 @@ # @param apt_conf_d # The path to the file `apt.conf.d` # +# @param auth_conf_d +# The path to the file `auth_conf.d` +# # @param source_key_defaults # The fault `source_key` settings # @@ -185,6 +191,7 @@ Hash $purge = {}, Apt::Proxy $proxy = {}, Hash $sources = {}, + Hash $auths = {}, Hash $keys = {}, Hash $keyrings = {}, Hash $ppas = {}, @@ -200,6 +207,7 @@ String $preferences = "${root}/preferences", String $preferences_d = "${root}/preferences.d", String $apt_conf_d = "${root}/apt.conf.d", + String $auth_conf_d = "${root}/auth.conf.d", Hash $config_files = { 'conf' => { 'path' => $conf_d, @@ -375,6 +383,16 @@ notify => Class['apt::update'], } + file { 'auth.conf.d': + ensure => directory, + path => $apt::auth_conf_d, + owner => root, + group => root, + purge => $_purge['auth.conf.d'], + recurse => $_purge['auth.conf.d'], + notify => Class['apt::update'], + } + $confs.each |$key, $value| { apt::conf { $key: * => $value, @@ -387,6 +405,12 @@ } } + $auths.each |$key, $value| { + apt::auth { $key: + * => $value, + } + } + $keys.each |$key, $value| { apt::key { $key: * => $value, diff --git a/spec/classes/apt_spec.rb b/spec/classes/apt_spec.rb index 51cc7eb459..13bf907880 100644 --- a/spec/classes/apt_spec.rb +++ b/spec/classes/apt_spec.rb @@ -38,6 +38,14 @@ recurse: false, notify: 'Class[Apt::Update]' } +auth_conf_d = { ensure: 'directory', + path: '/etc/apt/auth.conf.d', + owner: 'root', + group: 'root', + purge: false, + recurse: false, + notify: 'Class[Apt::Update]' } + describe 'apt' do let(:facts) do { @@ -77,6 +85,10 @@ expect(subject).to contain_file('apt.conf.d').that_notifies('Class[Apt::Update]').only_with(apt_conf_d) } + it { + is_expected.to contain_file('auth.conf.d').that_notifies('Class[Apt::Update]').only_with(auth_conf_d) + } + it { is_expected.to contain_file('/etc/apt/auth.conf').with_ensure('absent') } it 'lays down /etc/apt/apt.conf.d/15update-stamp' do diff --git a/templates/auth_conf.d.epp b/templates/auth_conf.d.epp new file mode 100644 index 0000000000..b164a3bc4b --- /dev/null +++ b/templates/auth_conf.d.epp @@ -0,0 +1,3 @@ +machine <%= $machine %> +login <%= $login %> +password <%= $password %>