Sync from polyfloyd infra
This commit is contained in:
parent
54cf00f552
commit
47c279411d
3 changed files with 14 additions and 44 deletions
|
|
@ -1,5 +1,6 @@
|
|||
ssh_port: "22"
|
||||
unattended_upgrades_auto_reboot_time: "04:00"
|
||||
unattended_upgrades_extra_origin_patterns: []
|
||||
trusted_ranges:
|
||||
- { v: ipv4, cidr: 127.0.0.1 }
|
||||
- { v: ipv4, cidr: 10.0.0.0/8 }
|
||||
|
|
|
|||
|
|
@ -23,48 +23,15 @@
|
|||
// ${distro_id} Installed origin.
|
||||
// ${distro_codename} Installed codename (eg, "buster")
|
||||
Unattended-Upgrade::Origins-Pattern {
|
||||
// Codename based matching:
|
||||
// This will follow the migration of a release through different
|
||||
// archives (e.g. from testing to stable and later oldstable).
|
||||
// Software will be the latest available for the named release,
|
||||
// but the Debian release itself will not be automatically upgraded.
|
||||
// "origin=Debian,codename=${distro_codename}-updates";
|
||||
// "origin=Debian,codename=${distro_codename}-proposed-updates";
|
||||
"origin=Debian,codename=${distro_codename},label=Debian";
|
||||
"origin=Debian,codename=${distro_codename},label=Debian-Security";
|
||||
"origin=Debian,codename=${distro_codename}-security,label=Debian-Security";
|
||||
|
||||
// Archive or Suite based matching:
|
||||
// Note that this will silently match a different release after
|
||||
// migration to the specified archive (e.g. testing becomes the
|
||||
// new stable).
|
||||
// "o=Debian,a=stable";
|
||||
// "o=Debian,a=stable-updates";
|
||||
// "o=Debian,a=proposed-updates";
|
||||
// "o=Debian Backports,a=${distro_codename}-backports,l=Debian Backports";
|
||||
"o=Debian,a=stable";
|
||||
"o=Debian,a=stable-security";
|
||||
"o=Debian,a=${distro_codename}-backports";
|
||||
{% for line in unattended_upgrades_extra_origin_patterns %}"{{ line }}";
|
||||
{% endfor %}
|
||||
};
|
||||
|
||||
// Python regular expressions, matching packages to exclude from upgrading
|
||||
Unattended-Upgrade::Package-Blacklist {
|
||||
// The following matches all packages starting with linux-
|
||||
// "linux-";
|
||||
|
||||
// Use $ to explicitely define the end of a package name. Without
|
||||
// the $, "libc6" would match all of them.
|
||||
// "libc6$";
|
||||
// "libc6-dev$";
|
||||
// "libc6-i686$";
|
||||
|
||||
// Special characters need escaping
|
||||
// "libstdc\+\+6$";
|
||||
|
||||
// The following matches packages like xen-system-amd64, xen-utils-4.1,
|
||||
// xenstore-utils and libxenstore3.0
|
||||
// "(lib)?xen(store)?";
|
||||
|
||||
// For more information about Python regular expressions, see
|
||||
// https://docs.python.org/3/howto/regex.html
|
||||
};
|
||||
Unattended-Upgrade::Package-Blacklist {};
|
||||
|
||||
// This option allows you to control if on a unclean dpkg exit
|
||||
// unattended-upgrades will automatically run
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue