States for managing software package repositories on Linux distros. Supported package managers are APT, DNF, YUM and Zypper. Here is some example SLS:
base: pkgrepo.managed: - humanname: CentOS-$releasever - Base - mirrorlist: http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os - comments: - 'http://mirror.centos.org/centos/$releasever/os/$basearch/' - gpgcheck: 1 - gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
base: pkgrepo.managed: - humanname: Logstash PPA - name: deb http://ppa.launchpad.net/wolfnet/logstash/ubuntu precise main - dist: precise - file: /etc/apt/sources.list.d/logstash.list - keyid: 28B04E4A - keyserver: keyserver.ubuntu.com - require_in: - pkg: logstash pkg.latest: - name: logstash - refresh: True
base: pkgrepo.managed: - humanname: deb-multimedia - name: deb http://www.deb-multimedia.org stable main - file: /etc/apt/sources.list.d/deb-multimedia.list - key_url: salt://deb-multimedia/files/marillat.pub
base: pkgrepo.managed: - humanname: Google Chrome - name: deb http://dl.google.com/linux/chrome/deb/ stable main - dist: stable - file: /etc/apt/sources.list.d/chrome-browser.list - require_in: - pkg: google-chrome-stable - gpgcheck: 1 - key_url: https://dl-ssl.google.com/linux/linux_signing_key.pub
base: pkgrepo.managed: - ppa: wolfnet/logstash pkg.latest: - name: logstash - refresh: True
On Ubuntu systems, the
python-software-properties package should be
installed for better support of PPA repositories. To check if this package
is installed, run
dpkg -l python-software-properties.
Also, some Ubuntu releases have a bug in their
python-software-properties package, a missing dependency on pycurl, so
python-pycurl will need to be manually installed if it is not present
python-software-properties is installed.
On Ubuntu & Debian systems, the
`python-apt package is required to be
installed. To check if this package is installed, run
python-apt will need to be manually
installed if it is not present.
This function deletes the specified repo on the system, if it exists. It is essentially a wrapper around pkg.del_repo.
On Ubuntu, you can take advantage of Personal Package Archives on Launchpad simply by specifying the user and archive name.
logstash-ppa: pkgrepo.absent: - ppa: wolfnet/logstash
For Ubuntu PPAs there can be private PPAs that require authentication
to access. For these PPAs the username/password can be specified. This
is required for matching if the name format uses the
and is private (requires username/password to access, which is encoded
in the URI).
logstash-ppa: pkgrepo.absent: - ppa: wolfnet/logstash - ppa_auth: username:password
If set to
True, the GPG key's ID will be looked up from
ppa.launchpad.net and removed, and the
keyid argument will be
This option will be disregarded unless the
ppa argument is
managed(name, ppa=None, **kwargs)¶
mirrorlist below is required. Additionally,
note that this state is not presently capable of managing more than one
repo in a single repo file, so each instance of this state will manage
a single repo file containing the configuration for a single repo.
[foo]) for a given repo. Secondly, it will be the name of the file as stored in /etc/yum.repos.d (e.g.
disabledargument. If this is passed for a YUM/DNF/Zypper-based distro, then the reverse will be passed as
enabled. For example passing
/etc/zypp/repos.dfor SUSE distros).
gpgkeyparameter. See details below.
Additional configuration values seen in YUM/DNF/Zypper repo files, such as
gpgcheck, will be used directly as key-value pairs.
foo: pkgrepo.managed: - humanname: Personal repo for foo - baseurl: https://mydomain.tld/repo/foo/$releasever/$basearch - gpgkey: file:///etc/pki/rpm-gpg/foo-signing-key - gpgcheck: 1
On Ubuntu, you can take advantage of Personal Package Archives on Launchpad simply by specifying the user and archive name. The keyid will be queried from launchpad and everything else is set automatically. You can override any of the below settings by simply setting them as you would normally. For example:
logstash-ppa: pkgrepo.managed: - ppa: wolfnet/logstash
For Ubuntu PPAs there can be private PPAs that require authentication to access. For these PPAs the username/password can be passed as an HTTP Basic style username/password combination.
logstash-ppa: pkgrepo.managed: - ppa: wolfnet/logstash - ppa_auth: username:password
On apt-based systems this must be the complete entry as it would be
seen in the sources.list file. This can have a limited subset of
components (i.e. 'main') which can be added/modified with the
precise-repo: pkgrepo.managed: - name: deb http://us.archive.ubuntu.com/ubuntu precise main
The above example is intended as a more readable way of configuring the SLS, it is equivalent to the following:
'deb http://us.archive.ubuntu.com/ubuntu precise main': pkgrepo.managed
enabledargument. If this is passed for an APT-based distro, then the reverse will be passed as
disabled. For example, passing
keyserveroption to be set.
keyidoption must also be set for this option to work.
URL to retrieve a GPG key from. Allows the usage of
https:// as well as
key_url, but not both.
If set to true, empty file before config repo, dangerous if use multiple sources in one file.
New in version 2015.8.0.