This puppet module installs and configures openup, the OpenBSD package update service by M:Tier. Openup can be run standalone or via cron to check for - and install - security updates in packages and the base system by using the regular OpenBSD pkg tools.
M:Tier provides these updates free of charge for the current OpenBSD stable release. They also offer backports for the two most recent OpenBSD releases to subscribers.
Notice: I am not affiliated to M:Tier in any way. If you experience Problems with an update contact M:Tier
- Overview - What is the openup module?
- Module Description - What does the module do?
- Setup - The basics of getting started with openup
This puppet module installs and configures openup, the OpenBSD package update service by M:Tier useable free of charge for the current OpenBSD stable release. M:Tier provides security updates for OpenBSD packages built from the official OpenBSD ports tree with the most recent security fixes.
This module downloads and installs the latest openup version which is a small utility for OpenBSD that can be run standalone or from cron(8) and that checks for security updates in both packages and the base system. It uses the standard pkg tools (syspatch for the base system and pkg_add for Packages)
This module is suitable for OpenBSD systems only. It currently requires min. puppet 4.x
openup will affect the following parts of your system:
- openup binary installed to /usr/local/sbin
- openup configuration file installed to /etc/openup.conf
Including the main class is enough to install and configure the openup program
include openupCheck for Package updates via cronjob and mail the result
class { 'openup':
admin_email => '[email protected]',
enable_cronjob => true,
}Auto-install found updates:
class { 'openup':
admin_email => '[email protected]',
enable_cronjob => true,
autoinstall_updates => true,
}Overly complicated:
class { 'openup':
openup_url => 'https://stable.mtier.org/openup',
openbsd_mirror => 'https://cdn.openbsd.org/pub/OpenBSD',
openbsd_mtier_url => 'https://stable.mtier.org/updates',
openbsd_vul_db => 'https://stable.mtier.org/vuxml',
admin_email => '[email protected]',
sender_email => '[email protected]',
enable_cronjob => true,
autoinstall_updates => true,
}Primary class and entry point of the module. Installs openup in /usr/local/sbin
Parameters within openup:
default: https://stable.mtier.org/openup
descr : URL to the latest openup version
default: https://cdn.openbsd.org/pub/OpenBSD
descr : OpenBSD mirror to use
default: https://stable.mtier.org/updates
descr : URL for the M:Tier packages update service
default: https://stable.mtier.org/vuxml
descr : URL for the current OpenBSD release of the latest vulnerabilities database
default: root
descr : The system user that will run the update check
default: daemon
descr : The system group that will run the update check
default: 0755 descr : Default file mode for the openup binary
default: undef
descr : The email address of the admin user. This user will receive the report with available or installed updates
default: openup@$::fqdn
descr : The report sender email address
default: false
descr : Automatic update check via cron. Requires parameter admin_email to be set
default: false
descr : Automatic installation of available updates. Requires: parameter enable_cronjob to be set
Updates are only provided free of charge for the current OpenBSD stable release. M:Tire also offer backports for the two most recent OpenBSD releases to subscribers. See: https://stable.mtier.org/subscriptions for more information.
- mtron
- Frank Groeneveld (Original Author before the fork)
Features request and new contributions are always welcome!
Copyright (c) 2019, mtron
Copyright (c) 2014, Frank Groeneveld
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
-
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
-
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
-
Neither the name of frenkel-openup nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.