home

Keeping latest kernels in Debian with backports and puppet

November 2020

I like running Debian stable as well as making use of recent kernels. Since I’m managing most of my infrastructure using puppet, I came up with a simple module which is included in my baseline role deployed on all systems.

The puppet apt module is needed here.

class js::module::kernel_update {

  class { 'apt':
    update => {
      frequency => 'daily',
    }
  }

  if $facts['os']['architecture'] == 'amd64' {

    if $facts['os']['distro']['codename'] == 'stretch' {
      package { 
        ['linux-image-amd64']:
          ensure => latest,
          install_options => ['-t', 'stretch-backports']
      }
    }

    if $facts['os']['distro']['codename'] == 'buster' {
      package { 
        ['linux-image-amd64']:
          ensure => latest,
          install_options => ['-t', 'buster-backports']
      }
    }
  }
}

Naturally the backports repo needs to be included for this to work. My sources.list.erb (also included in the baseline role) looks like this:

<% if @os['distro']['id'] == 'Debian' -%>

deb http://aptmirror/debian/ <%= @os['distro']['codename'] %> main contrib non-free
deb http://aptmirror/debian-security/ <%= @os['distro']['codename'] %>/updates main contrib non-free
deb http://aptmirror/debian/ <%= @os['distro']['codename'] %>-updates main contrib non-free
deb http://aptmirror/debian/ <%= @os['distro']['codename'] %>-backports main contrib non-free
deb http://apt.puppetlabs.com <%= @os['distro']['codename'] %> puppet

<% end -%>

Just replace ‘aptmirror’ with an apt mirror to your liking. Or run one yourself.

2022 Jan Schumacher • Theme Moonwalk