Prepared the formula for buster

43857012 · Dennis Ahrens · d60461b0 · 43857012 · 43857012 · 43857012
Commit 43857012 authored 5 years ago by Dennis Ahrens
--- a/FORMULA
+++ b/FORMULA
+name: hshbase
+os: Debian, FreeBSD
+os_family: Debian, FreeBSD
+version: 201907
+release: 1
+summary: Formula that bundles some base configuration we want to enforce everywhere.
+description: Not more to say as said in the summary already.
\ No newline at end of file
--- a/README.md
+++ b/README.md
@@ -17,6 +17,9 @@ Configures apt package manager on debian and ubuntu machines
 ### hshbase.time
+**DEPRECATED** this formula only manages the time server up to debian 9 and ubuntu 16.04.
+Starting with debian buster and ubuntu bionic beaver we use the systemd formula for network and timeserver configuration.
 Install NTP, and sets timezone + timeserver
 ### hshbase.openvmtools
@@ -27,10 +30,6 @@ Install the package open-vm-tools
 Install system locales and additional ones optionally
-### hshbase.snmpd
-Install snmpd ready to be used with [Whats Up Gold](https://whatsup.fh-h.de/)
 ### python-packages
 Install python modules for salt grains or modules - Currently:

--- a/hshbase/apt/files/sources.list
+++ b/hshbase/apt/files/sources.list
@@ -26,28 +26,26 @@ deb-src http://ftp.de.debian.org/debian {{ oscodename }}-lts main non-free
 {% elif os == 'Ubuntu' %}
-{% if oscodename == 'trusty' %}
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }} main restricted
-deb http://de.archive.ubuntu.com/ubuntu/ trusty main restricted
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }} main restricted
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty main restricted
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-updates main restricted
-deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates main restricted
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-updates main restricted
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates main restricted
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }} universe
-deb http://de.archive.ubuntu.com/ubuntu/ trusty universe
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }} universe
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty universe
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-updates universe
-deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates universe
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-updates universe
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates universe
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }} multiverse
-deb http://de.archive.ubuntu.com/ubuntu/ trusty multiverse
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }} multiverse
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty multiverse
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-updates multiverse
-deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates multiverse
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-updates multiverse
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates multiverse
+deb http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-backports main restricted universe multiverse
-deb http://de.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
+deb-src http://de.archive.ubuntu.com/ubuntu/ {{ oscodename }}-backports main restricted universe multiverse
-deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse
+deb http://security.ubuntu.com/ubuntu {{ oscodename }}-security main restricted
-deb http://security.ubuntu.com/ubuntu trusty-security main restricted
+deb-src http://security.ubuntu.com/ubuntu {{ oscodename }}-security main restricted
-deb-src http://security.ubuntu.com/ubuntu trusty-security main restricted
+deb http://security.ubuntu.com/ubuntu {{ oscodename }}-security universe
-deb http://security.ubuntu.com/ubuntu trusty-security universe
+deb-src http://security.ubuntu.com/ubuntu {{ oscodename }}-security universe
-deb-src http://security.ubuntu.com/ubuntu trusty-security universe
+deb http://security.ubuntu.com/ubuntu {{ oscodename }}-security multiverse
-deb http://security.ubuntu.com/ubuntu trusty-security multiverse
+deb-src http://security.ubuntu.com/ubuntu {{ oscodename }}-security multiverse
-deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse
-{% endif %}
 {% else %}
 # Something went wrong - apt-sources not ready BUT CONFIGURED (init.sls) for this!

--- a/hshbase/apt/init.sls
+++ b/hshbase/apt/init.sls
@@ -6,8 +6,8 @@ include:
  - .pkgs
 # control /apt/sources.list and apt.sources.list.d on ubuntu and debian
-{% if grains['os'] == 'Debian' and grains['oscodename'] in ['squeeze', 'wheezy', 'jessie', 'stretch']
+{% if grains['os'] == 'Debian' and grains['oscodename'] in ['squeeze', 'wheezy', 'jessie', 'stretch', 'buster']
-   or grains['os'] == 'Ubuntu' and grains['oscodename'] in ['trusty'] %}
+   or grains['os'] == 'Ubuntu' and grains['oscodename'] in ['trusty', 'xenial', 'bionic'] %}
 hsh_apt_sources_list:
  file.managed:
    - name: /etc/apt/sources.list

--- a/hshbase/defaults.yaml
+++ b/hshbase/defaults.yaml
@@ -11,4 +11,3 @@ hshbase:
    system: en_US.UTF-8
    present:
      - de_DE.UTF-8
-  snmpd: True
--- a/hshbase/openvmtools.sls
+++ b/hshbase/openvmtools.sls
@@ -4,10 +4,19 @@
 # For Debian/Ubuntu >6, wheezy packages have different names.
 # Also, wheezy packages don't work, so they still get vmware stuff!
-{% if grains['os'] in ['Debian', 'Ubuntu'] and grains['oscodename'] not in ['squeeze', 'wheezy'] %}
+# this block can be removed when everything is > debian 9
+{% if grains['os'] in ['Debian', 'Ubuntu'] and grains['oscodename'] not in ['squeeze', 'wheezy', 'stretch', 'buster', 'bionic'] %}
 hsh_openvmtools:
  pkg.installed:
    - pkgs: [open-vm-tools, open-vm-tools-dkms]
+    - refresh: True
+# Debian buster does not include the dkms package anymore
+{% elif grains['os'] in ['Debian', 'Ubuntu'] and grains['oscodename'] in ['buster', 'bionic'] %}
+hsh_openvmtools:
+  pkg.installed:
+    - pkgs: [open-vm-tools]
+    - refresh: True
 {% elif grains['os'] == 'FreeBSD' %}
 hsh_openvmtools:

--- a/hshbase/packages.sls
+++ b/hshbase/packages.sls
 # Always install these packages
-{% if grains['os'] == 'Debian' or grains['os'] == 'Ubuntu' %}
+{% if grains['os'] in ['Debian', 'Ubuntu'] %}
 hsh_common_packages_salt:
  pkg.installed:
    - pkgs:
@@ -9,6 +9,7 @@ hsh_common_packages_salt:
      - etckeeper
      - lsof
      - traceroute
+      - vim
 {% elif grains['os'] == 'FreeBSD' %}
 hsh_common_packages_salt:

--- a/hshbase/time/init.sls
+++ b/hshbase/time/init.sls
 {% from "hshbase/map.jinja" import hshbase with context %}
-{% if grains['os'] in ('Debian', 'Ubuntu') %}
+{# We stick with ntpd for debian boxes before buster and for ubuntu boxes before bionic #}
+{% if (grains['os'] == 'Debian' and grains['osmajorrelease'] < 10) or (grains['os'] == 'Ubuntu' and grains['osmajorrelease'] < 18) %}
 ntp:
-  pkg.installed
+  pkg.installed:
+    - refresh: True
 /etc/ntp.conf:
  file.managed:
@@ -13,7 +15,6 @@ ntp:
    - require:
      - pkg: ntp
-{% if grains['os'] == 'Debian' and grains['oscodename'] != 'jessie' %}
 hsh_ntp_service_running:
  service.running:
    - name: ntp
@@ -25,17 +26,30 @@ hsh_ntp_service_running:
      - file: /etc/ntp.conf
      - pkg: ntp
-{% else %}
+{# The new boxes ensure the old stuff is away and the rest is configured in the interfaces section #}
-{# We are not waiting for ntp here! Read this:\n* https://github.com/systemd/systemd/issues/937\n* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635752 #}
+{% elif (grains['os'] == 'Debian' and grains['osmajorrelease'] >= 10) or grains['os'] == 'Ubuntu' and grains['osmajorrelease'] >= 18 %}
-{% endif %}
+ntp:
+  pkg.purged
-hsh_server_timezone:
+/etc/ntp.conf:
-  timezone.system:
+  file.absent:
-    - name: {{ hshbase.time.zone }}
+    - require:
+      - pkg: ntp
+hsh_ntp_service_not_running:
+  service.disabled:
+    - name: ntp
+    - require:
+      - file: /etc/ntp.conf
+      - pkg: ntp
 {% elif grains['os'] == 'FreeBSD' %}
 {# TODO: Manage /etc/ntp.conf file. #}
 {% endif %}
+hsh_server_timezone:
+  timezone.system:
+    - name: {{ hshbase.time.zone }}