States for managing software package repositories on Linux distros. Supported package managers are APT, DNF, YUM and Zypper. Here is some example SLS:
base: pkgrepo.managed: - humanname: CentOS-$releasever - Base - mirrorlist: http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os - comments: - 'http://mirror.centos.org/centos/$releasever/os/$basearch/' - gpgcheck: 1 - gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
base: pkgrepo.managed: - humanname: Logstash PPA - name: deb http://ppa.launchpad.net/wolfnet/logstash/ubuntu precise main - dist: precise - file: /etc/apt/sources.list.d/logstash.list - keyid: 28B04E4A - keyserver: keyserver.ubuntu.com - require_in: - pkg: logstash pkg.latest: - name: logstash - refresh: True
base: pkgrepo.managed: - humanname: deb-multimedia - name: deb http://www.deb-multimedia.org stable main - file: /etc/apt/sources.list.d/deb-multimedia.list - key_url: salt://deb-multimedia/files/marillat.pub
base: pkgrepo.managed: - humanname: Google Chrome - name: deb http://dl.google.com/linux/chrome/deb/ stable main - dist: stable - file: /etc/apt/sources.list.d/chrome-browser.list - require_in: - pkg: google-chrome-stable - gpgcheck: 1 - key_url: https://dl-ssl.google.com/linux/linux_signing_key.pub
base: pkgrepo.managed: - ppa: wolfnet/logstash pkg.latest: - name: logstash - refresh: True
Note
On Ubuntu systems, the python-software-properties
package should be installed for better support of PPA repositories. To check if this package is installed, run dpkg -l python-software-properties
.
Also, some Ubuntu releases have a bug in their python-software-properties
package, a missing dependency on pycurl, so python-pycurl
will need to be manually installed if it is not present once python-software-properties
is installed.
On Ubuntu & Debian systems, the python-apt
package is required to be installed. To check if this package is installed, run dpkg -l python-apt
. python-apt
will need to be manually installed if it is not present.
This function deletes the specified repo on the system, if it exists. It is essentially a wrapper around pkg.del_repo.
UBUNTU-SPECIFIC OPTIONS
On Ubuntu, you can take advantage of Personal Package Archives on Launchpad simply by specifying the user and archive name.
logstash-ppa:
pkgrepo.absent:
- ppa: wolfnet/logstash
For Ubuntu PPAs there can be private PPAs that require authentication to access. For these PPAs the username/password can be specified. This is required for matching if the name format uses the ppa:
specifier and is private (requires username/password to access, which is encoded in the URI).
logstash-ppa:
pkgrepo.absent:
- ppa: wolfnet/logstash
- ppa_auth: username:password
If set to True
, the GPG key's ID will be looked up from ppa.launchpad.net and removed, and the keyid
argument will be ignored.
Note
This option will be disregarded unless the ppa
argument is present.
This state manages software package repositories. Currently, yum
, apt
, and zypper
repositories are supported.
YUM/DNF/ZYPPER-BASED SYSTEMS
Note
One of baseurl
or mirrorlist
below is required. Additionally, note that this state is not presently capable of managing more than one repo in a single repo file, so each instance of this state will manage a single repo file containing the configuration for a single repo.
[foo]
) for a given repo. Secondly, it will be the name of the file as stored in /etc/yum.repos.d (e.g. /etc/yum.repos.d/foo.conf
).disabled
argument. If this is passed for a YUM/DNF/Zypper-based distro, then the reverse will be passed as enabled
. For example passing disabled=True
will assume enabled=False
./etc/yum.repos.d/
(or /etc/zypp/repos.d
for SUSE distros).gpgkey
parameter. See details below.Additional configuration values seen in YUM/DNF/Zypper repo files, such as gpgkey
or gpgcheck
, will be used directly as key-value pairs. For example:
foo: pkgrepo.managed: - humanname: Personal repo for foo - baseurl: https://mydomain.tld/repo/foo/$releasever/$basearch - gpgkey: file:///etc/pki/rpm-gpg/foo-signing-key - gpgcheck: 1
APT-BASED SYSTEMS
On Ubuntu, you can take advantage of Personal Package Archives on Launchpad simply by specifying the user and archive name. The keyid will be queried from launchpad and everything else is set automatically. You can override any of the below settings by simply setting them as you would normally. For example:
logstash-ppa:
pkgrepo.managed:
- ppa: wolfnet/logstash
For Ubuntu PPAs there can be private PPAs that require authentication to access. For these PPAs the username/password can be passed as an HTTP Basic style username/password combination.
logstash-ppa:
pkgrepo.managed:
- ppa: wolfnet/logstash
- ppa_auth: username:password
On apt-based systems this must be the complete entry as it would be seen in the sources.list file. This can have a limited subset of components (i.e. 'main') which can be added/modified with the comps
option.
precise-repo: pkgrepo.managed: - name: deb http://us.archive.ubuntu.com/ubuntu precise main
Note
The above example is intended as a more readable way of configuring the SLS, it is equivalent to the following:
'debhttp://us.archive.ubuntu.com/ubuntuprecisemain':
pkgrepo.managed
enabled
argument. If this is passed for an APT-based distro, then the reverse will be passed as disabled
. For example, passing enabled=False
will assume disabled=False
.keyserver
option to be set.keyid
option must also be set for this option to work.URL to retrieve a GPG key from. Allows the usage of http://
, https://
as well as salt://
.
Note
Use either keyid
/keyserver
or key_url
, but not both.
The string representation of the GPG key to install.
New in version 2018.3.0.
Note
Use either keyid
/keyserver
, key_url
, or key_text
but not more than one method.
True
, this will consolidate all sources definitions to the sources.list file, cleanup the now unused files, consolidate components (e.g. main) for the same URI, type, and architecture to a single line, and finally remove comments from the sources.list file. The consolidate will run every time the state is processed. The option only needs to be set on one repo managed by salt to take effect.If set to True
, empty the file before config repo
Note
Use with care. This can be dangerous if multiple sources are configured in the same file.
New in version 2015.8.0.
False
this will skip refreshing the apt package database on debian based systems.Deprecated since version 2018.3.0: Use refresh
instead.
© 2019 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkgrepo.html