salt.states.pkgrepo

Management of APT/YUM package repos

Package repositories for APT-based and YUM-based distros can be managed with these states. Here is some example SLS:

base:
  pkgrepo.managed:
    - humanname: CentOS-$releasever - Base
    - mirrorlist: http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
    - comments:
        - '#http://mirror.centos.org/centos/$releasever/os/$basearch/'
    - gpgcheck: 1
    - gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
base:
  pkgrepo.managed:
    - humanname: Logstash PPA
    - name: deb http://ppa.launchpad.net/wolfnet/logstash/ubuntu precise main
    - dist: precise
    - file: /etc/apt/sources.list.d/logstash.list
    - keyid: 28B04E4A
    - keyserver: keyserver.ubuntu.com
    - require_in:
      - pkg: logstash

  pkg.latest:
    - name: logstash
    - refresh: True
base:
  pkgrepo.managed:
    - humanname: deb-multimedia
    - name: deb http://www.deb-multimedia.org stable main
    - file: /etc/apt/sources.list.d/deb-multimedia.list
    - key_url: salt://deb-multimedia/files/marillat.pub
base:
  pkgrepo.managed:
    - humanname: Google Chrome
    - name: deb http://dl.google.com/linux/chrome/deb/ stable main
    - dist: stable
    - file: /etc/apt/sources.list.d/chrome-browser.list
    - require_in:
      - pkg: google-chrome-stable
    - gpgcheck: 1
    - key_url: https://dl-ssl.google.com/linux/linux_signing_key.pub
base:
  pkgrepo.managed:
    - ppa: wolfnet/logstash
  pkg.latest:
    - name: logstash
    - refresh: True

注解

On Ubuntu systems, the python-software-properties package should be installed for better support of PPA repositories. To check if this package is installed, run dpkg -l python-software-properties.

Also, some Ubuntu releases have a bug in their python-software-properties package, a missing dependency on pycurl, so python-pycurl will need to be manually installed if it is not present once python-software-properties is installed.

On Ubuntu & Debian systems, the `python-apt package is required to be installed. To check if this package is installed, run dpkg -l python-software-properties. python-apt will need to be manually installed if it is not present.

salt.states.pkgrepo.absent(name, **kwargs)

This function deletes the specified repo on the system, if it exists. It is essentially a wrapper around pkg.del_repo.

name
The name of the package repo, as it would be referred to when running the regular package manager commands.

UBUNTU-SPECIFIC OPTIONS

ppa

On Ubuntu, you can take advantage of Personal Package Archives on Launchpad simply by specifying the user and archive name.

logstash-ppa:
  pkgrepo.absent:
    - ppa: wolfnet/logstash
ppa_auth

For Ubuntu PPAs there can be private PPAs that require authentication to access. For these PPAs the username/password can be specified. This is required for matching if the name format uses the ppa: specifier and is private (requires username/password to access, which is encoded in the URI).

logstash-ppa:
  pkgrepo.absent:
    - ppa: wolfnet/logstash
    - ppa_auth: username:password
keyid
If passed, then the GPG key corresponding to the passed KeyID will also be removed.
keyid_ppa : False

If set to True, the GPG key's ID will be looked up from ppa.launchpad.net and removed, and the keyid argument will be ignored.

注解

This option will be disregarded unless the ppa argument is present.

salt.states.pkgrepo.managed(name, **kwargs)

This function manages the configuration on a system that points to the repositories for the system's package manager.

name
The name of the package repo, as it would be referred to when running the regular package manager commands.

For yum-based systems, take note of the following configuration values:

humanname
On yum-based systems, this is stored as the "name" value in the .repo file in /etc/yum.repos.d/. On yum-based systems, this is required.
baseurl
On yum-based systems, baseurl refers to a direct URL to be used for this yum repo. One of baseurl or mirrorlist is required.
mirrorlist
a URL which contains a collection of baseurls to choose from. On yum-based systems. One of baseurl or mirrorlist is required.
comments
Sometimes you want to supply additional information, but not as enabled configuration. Anything supplied for this list will be saved in the repo configuration with a comment marker (#) in front.

Additional configuration values, such as gpgkey or gpgcheck, are used verbatim to update the options for the yum repo in question.

For apt-based systems, take note of the following configuration values:

ppa

On Ubuntu, you can take advantage of Personal Package Archives on Launchpad simply by specifying the user and archive name. The keyid will be queried from launchpad and everything else is set automatically. You can override any of the below settings by simply setting them as you would normally. For example:

logstash-ppa:
  pkgrepo.managed:
    - ppa: wolfnet/logstash
ppa_auth

For Ubuntu PPAs there can be private PPAs that require authentication to access. For these PPAs the username/password can be passed as an HTTP Basic style username/password combination.

logstash-ppa:
  pkgrepo.managed:
    - ppa: wolfnet/logstash
    - ppa_auth: username:password
name

On apt-based systems this must be the complete entry as it would be seen in the sources.list file. This can have a limited subset of components (i.e. 'main') which can be added/modified with the "comps" option.

precise-repo:
  pkgrepo.managed:
    - name: deb http://us.archive.ubuntu.com/ubuntu precise main
disabled
Toggles whether or not the repo is used for resolving dependencies and/or installing packages.
comps
On apt-based systems, comps dictate the types of packages to be installed from the repository (e.g. main, nonfree, ...). For purposes of this, comps should be a comma-separated list.
file
The filename for the .list that the repository is configured in. It is important to include the full-path AND make sure it is in a directory that APT will look in when handling packages
dist
This dictates the release of the distro the packages should be built for. (e.g. unstable). This option is rarely needed.
keyid
The KeyID of the GPG key to install. This option also requires the keyserver option to be set.
keyserver
This is the name of the keyserver to retrieve gpg keys from. The keyid option must also be set for this option to work.
key_url

URL to retrieve a GPG key from. Allows the usage of http://, https:// as well as salt://.

注解

Use either keyid/keyserver or key_url, but not both.

consolidate
If set to true, this will consolidate all sources definitions to the sources.list file, cleanup the now unused files, consolidate components (e.g. main) for the same URI, type, and architecture to a single line, and finally remove comments from the sources.list file. The consolidate will run every time the state is processed. The option only needs to be set on one repo managed by salt to take effect.
clean_file

If set to true, empty file before config repo, dangerous if use multiple sources in one file.

2015.8.0 新版功能.

refresh_db
If set to false this will skip refreshing the apt package database on debian based systems.
require_in
Set this to a list of pkg.installed or pkg.latest to trigger the running of apt-get update prior to attempting to install these packages. Setting a require in the pkg will not work for this.