From c30e659ac372826640831912b8cb1c4099e8d151 Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kienan.stewart@burntworld.ca>
Date: Fri, 15 Jun 2018 16:19:14 -0400
Subject: [PATCH] Cleanup pass

---
 README.md               | 40 ++++++++++++++++++---
 files/key.asc           | 64 +++++++++++++++++++++++++++++++++
 manifests/hostmaster.pp | 78 +++++++++++++----------------------------
 manifests/source.pp     | 13 +++++++
 metadata.json           |  2 +-
 5 files changed, 139 insertions(+), 58 deletions(-)
 create mode 100644 files/key.asc
 create mode 100644 manifests/source.pp

diff --git a/README.md b/README.md
index 3733216..15233e0 100644
--- a/README.md
+++ b/README.md
@@ -25,8 +25,8 @@ This module is intended to install aegir simply.
 
 Modules from forge.puppet.com:
 
-* puppetlabs-stdlib (tested with 4.15.0)
-* puppetlabs-apt (tested with 2.3.0)
+* puppetlabs-stdlib (tested with 4.25.1)
+* puppetlabs-apt (tested with 2.4.0)
 
 Operating systems: Debian derivatives.
 
@@ -45,16 +45,38 @@ Nothing special.
 ### Install a hostmaster
 
 ```puppet
+# Using puppetlabs/mysql (5.4.0) as example
+class { '::mysql::server':
+  package_name => 'default-mysql-server',
+  service_name => 'mysqld',
+  users        => {
+    'aegirroot@localhost' => {
+      'password_hash' => mysql_password('examplepassword'),
+    },
+  },
+  grants       => {
+    'aegirroot@localhost/*.*' => {
+      'user'       => 'aegirroot@localhost',
+      'table'      => '*.*',
+      'privileges' => ['ALL'],
+      'options'    => ['GRANT'],
+    },
+  },
+}
+
 # Assumes mysql or mariadb is installed
 # and that there is a user aegir_root
 # with all grants etc permissions on *.*
-class { '::aegir::hostmaster': {
+class { 'aegir::hostmaster':
   database => {
     host     => 'localhost',
-    user     => 'aegir_root',
+    user     => 'aegirroot',
     password => 'examplepassword'
   }
 }
+
+Class['::mysql::server']
+->Class['::aegir::hostmaster']
 ```
 
 ## Reference
@@ -64,6 +86,7 @@ class { '::aegir::hostmaster': {
 #### Public Classes
 
 * aegir::hostmaster
+* aegir::source
 
 ### Class: aegir::hostmaster
 
@@ -75,8 +98,17 @@ Parameters:
 * frontend_url: The url for the hostmaster drupal installation. Optional, defaults to the fully qualified domain name.
 * version: The major aegir version to install. Optional, default: 3
 * server: Which webserver to use. Optional, default: apache. Supports: apache2, nginx
+* manage_sources: Add source for Aegir packages. Default: true
 * release: Which release to use from the package source. Optional, default: stable.
 * makefile: If a custom makefile should be used, specify it here. Optional, default: ''
 * email: The email to set for the admin user in the hostmaster installation. Optional, default: '' (aegir will pick the user@fqdn).
 * working_copy: Keep the hostmaster platform git directories? Optional, default: false.
 * drush_version: Which version of drush to install with provision. Optional, default '' (stable).
+
+### Class: aegir::source
+
+Adds the debian apt source
+
+Parameters:
+
+* release: Which release of aegir to use. Default: stable
diff --git a/files/key.asc b/files/key.asc
new file mode 100644
index 0000000..e56b0d2
--- /dev/null
+++ b/files/key.asc
@@ -0,0 +1,64 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQINBE6UpTYBEACl8WyZrrcbMe4wfFQW2HMJP9PrDolioDlZZDpC9VesU2E1WFTW
+jOZQY33HG/89evHLWg78JVo57z+OgmFS4bv7aGoynId5KfSF/azI9ibRCWMXHBa+
+Mp8Pk+ufb3InYe7thOJQ9q1DGf/jg42+a31rpsiW58+HGACn3fIhdU8MhVcZ45NS
+gVJI0yeOnacpvtMCmQwTZdhmG4d9hV7RcaN46fWz1Ys0qPJ3PGaRK7R4Qb6/+hPg
+p9tvfjyUw0e6dWmAgHkoo54mpiYdPgD6+S7nuqbeFGzai1GVcwCH9Ec6/E9L4wnD
+c0rvstyyBlaGyPSakViw46ZbE2VQK/uPEciqBmJUm8Yzh3uOhk5ufS11hC4S3F/t
+VeJWZwIEBQGX0a81eMDtu0XtK+5B+WFsQ1ZLeUaK0hhZwoJS5wsbyhNi1KYLOucV
+OaeAcz8snzw4q0MtJKxPT4TVhE78uu6DsoW7yY3atOIfGTuS4dUV3ahGxSC0r+Pw
+BRqQ09vhu2z96zuLFHrlMmcG/OloHwIOOgk2sQ1YaP7Gklr8mk+c8hqX/TWci7Nh
+oG/i6dIcSni13lIF8aVhcFD1T3rcvi/MP4E5t6XiMKfCVUGYx7qCyhO91N3NrLTw
+CLAiWoxZ8ZfHFsutK8NmgzTHUTwwn+D+aGpow8wJ2cpQFb8ExjSiImwRvQARAQAB
+tEFBZWdpciBEZWJpYW4gYXJjaGl2ZSBhdXRvc2lnbmluZyA8ZGViaWFuQGRlYmlh
+bi5hZWdpcnByb2plY3Qub3JnPokCPgQTAQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYC
+AwECHgECF4AFAlf+NugFCQ8NLCAACgkQWt+ToDN2zPnCkRAAoIw0OVgdpiXKP711
+w1S3fgprFJ2AanHIBkT70CM3JI83nWcQ7r/h5oD/eTlRjxO/I+aCP82MXkmoyRG7
+7y2OvEh4G/Z01G/FSa+B+5iwvmjyOuW9DjFzJZPviqm3Qki8jckEgT8sJbeuKdhz
+wE4TtPVchThbVD9WGSM0HHKfdTTswddb0wbwahe/s6wblqC5qUXmku9yjL/9paBh
+bsUuxvqioVHPINTYdczT5g/7SIRj2j3tQGSsS1TRRDZqwvW+Sp1TwhxUUWR/zhys
+nCBXHkD+PdZuFhMjg88XhBj5cQaoyrCpOy1NmVvhyfDPSa3TtCo/G6uOvrZReMhx
+PGb9sAyhjwVPGvlD6zOpX55fHG+hpE4cpKwf2dQ8usu2Vpg4tt9anZ/pgszJ/nno
+W9cVaXRdvlap0kyEUxqjZ3gfv9mltBqq2FEWhfsN2BTWfUNDDts04Mr2RWSE1A5D
+S2f2V3zVIJOS+OawZoM0Pfcp3n/RZ2NpU3Wv2MGyL+cHBWYLUrxj1ZQ+db+T9men
+fV+Rtcleb+LL6C6BKciltV1fW7pChhJGKyBVzK2SMsti8EzpBCpUGiuhT/YaMtt5
+9TS7uD9745wsJP4iWyHd84eGN3XYJ33RXocNyYUHeGrHLl5l0cEGW4vlsGKaGxoK
+fSOLMSmN916rtRkS4lsyPVaDj1+JAhwEEAEIAAYFAk6UsKoACgkQeSFSUnt1kh6X
+Ew/8DSf0+OUYm0CNB8a6fN8GoSbx2Njg/HrfYn3pLBnQ8gl6BQ/0k1HaH851aDOL
+j76ldIDPAyb8pjJO/Paeu09IEUs9yZLb1WvRgeO0wohVcf1EkP/h73XMM05tz75M
+lymEprkc4RuyfXyAh4mnhSVg9Xr8DUW79jd6+JcNkSN2tg75e77F2vIssNFwpIyp
+pDUrdPywX+5gYrusSjHsTQbbZSHYh7angyq1XAgOwXRSPRTqjvrAbYUknL4YjAj0
+hoHJBHLTyzlaKbW22eUoPQyI5F3SYK9VneHNg4hG9pcmW0wtKP2IYA3in9aAYu5K
+bI8VdsvxQ9AriCzwJHQrcUvpHTtwbMb6CR1O7nly5WuwVNevqT/n20udpmOXtdmg
+dL7ee5K3HPIrms8ttdtKvLUATr1+swf7Y4IclvqB+mTod95VaoLpoxYFakMj5fNP
+4Yd1XxKnoduBUEEYD2hmkgeTGiuFGOjLdFJrl4qUzAU3mVU51F4oTD4ZqegO1Wup
+E82t20WNzWSbHm7diE2hfc8rZOTlnAYVmgogDKkzYIIkNPytnwQDE+z/hNSS5w7S
+kby94NkqC9+bBx9DHXDBfoTPOSYxxOcyfUPDSOtY+8Cmf6J0d+zRXMFHORjcg55B
+ohmGJz13k4RnJFPBmXE5XxE5AQWPCe6d7MA2SNl0Dz7f0Q65Ag0ETpSlNgEQAJTD
+5L1PIlegdPEvCerqkm9GycP/ticNUaWTs3wYYblxY4rC5Ch76/q9z7u5V3nNbVGc
+agkWyhFcK2NraoOjb33vCo8ENcxqRzoUko/SjmyexyeEtnpVsS9UereZatsKQK6S
+VE7lXK9ha1+XvhkW6H5nf+EcPzuXSAoO8zuaeBfFX66O1c8uYEDX1yakTKGBI1dP
+EACMZ7cdmAIGlK2N46sTDsnD70+BOCNbMD9w/suj9ZvFEolE3CTVsDLqglcgwer2
+BjSkkIfc7mKowr9VfLewFQ2u6z1V8iEevC0NPUZXDLkiF9i7zAvscHQ301B9UC0I
+G8GXUW0647lxD329UzAF2EvAVrL3C3h+XmYDbQiwiqNCxWQ7Cds9R8rO5DqEV4nr
+pHAiGG2AYj5gJDqmMM/rloMnxi5BTfrbxC9iGHQnmg/kq7wVdi7PjFHy0CUx2BH5
+cokVErHxfeaQU6hfxgvJ74bTBkk3Qq9ujosoXpYGUEDD16UNr1nJxddM3pbVNXQ/
+blaUUNGc2pY2GmRJuylz5Sk1349awAEZzSEXDQUSSWpFUuO99aGnYWfTKMbY3ZH4
+SNocBqHXD6O0WlifYBKYkYwhmBAxM3nwCpPRtqFLVU5yPxhq8BgdxlnPdxMKsTCe
+YwLISb3Si0WWsaw2eHLDf0aRNObphILjfEggY/9RABEBAAGJAiUEGAECAA8CGwwF
+AlJZhrcFCQloe/8ACgkQWt+ToDN2zPlLZBAAjx0o/oH/NLAK12ZXLAFUrpEGYL0k
+A5nhiSh8TNcnv/3ZbarVFHpDK/tF5Vr9lsUhPCmrhZI/Tvvmx1Ge/+FE0q7syCxy
+kRAbJt8SXViE5Czf1CFCwCoTZZ/Yrf84kTzVR9jfkIq2+Nq36K3t2o8cUlnqM8Ql
+NigLFtAgQhbtaDTy/9+UqUGgYuNDPlurC0D+nx7PBHhVTRZs1oKaiS7bsdT9Zy71
+0PfOkVuWn0mBIxAMZ9V4CCdaF+KGfJ28JKROc3z+uA5lJKGv8paEMpDHOBnw57X9
+SmPKJw2jT6iom/nQ2e7Em4ojaKZNoH7NGcVam2666IOanJLNmydQKbyJK6Gd3NyM
+dfMhHtcsTJ0srAFkhq3RdMSzHG22riLIQzJi1bdz9kXQmdqFcNP8Jg7tiLfOrw5c
+Ql7g+6XxqD8yf+rdEB56fS3SkuGb1UKvdPP1rwLDBheXcas/f55WAOVpsE0o1Ivm
+43nwVNLpJ+xAiFx7HlxUc1h+QNlOVXwgwjFq0sF4PpViGyn+SGWnylmZSHEoVBKo
+R0Aprjh8FK2L2i4c3ARTF+t64HOZZ94Jtr+ZUDmy6DgeMMKc6Dr5VHWbTppOntQi
+I2PnLuBHSd6vQ2Ps57TK5JepOJBRkBu9xhzS0eF4ilZnkAxPcm6rb//OEP99iX9R
+LMwXV3EGKPmTED4=
+=T1Aq
+-----END PGP PUBLIC KEY BLOCK-----
\ No newline at end of file
diff --git a/manifests/hostmaster.pp b/manifests/hostmaster.pp
index f318211..d1b2773 100644
--- a/manifests/hostmaster.pp
+++ b/manifests/hostmaster.pp
@@ -4,70 +4,44 @@
 class aegir::hostmaster (
   # A hash with 'user', 'host', 'password'. Currently only mysql is supported by
   # aegir.
-  $database,
-  $frontend_url = $::fqdn,
-  $version = 3,
-  $user = 'aegir', # Unused
-  $home = '/var/aegir', # Unused
+  Hash $database,
+  String $frontend_url = $facts['fqdn'],
+  # This is the major version only.
+  Integer $version = 3,
   # The webserver, apache2 or nginx.
   $server = 'apache2',
+  $manage_sources = true,
   # Commonly available releases: stable, unstable.
-  $release = 'stable',
+  String $release = 'stable',
   $makefile = '',
   $email = '',
   $working_copy = false,
-  $drush_version = ''
+  $drush_version = 'stable'
 ) {
-  include apt
-  include stdlib
-  apt::source { 'aegir':
-    location => 'http://debian.aegirproject.org',
-    release  => $release,
-    key      => {
-      id     => '12782E2257B468806EF36D165ADF93A03376CCF9',
-      source => 'http://debian.aegirproject.org/key.asc',
-    },
-    repos    => 'main'
+  if $manage_sources {
+    class { 'aegir::source':
+      release => $release,
+    }
+    Class['aegir::source']
+    -> Class['apt::update']
+    -> Package['aegir']
   }
   $package_name = "aegir${version}"
+  $working_copy_str = String($working_copy, '%s')
   $debconf_settings = [
     "${package_name}-hostmaster aegir/site string ${frontend_url}",
-    "${package_name}-hostmaster aegir/db_password string ${database['password']}",
+    "${package_name}-hostmaster aegir/db_password password ${database['password']}",
     "${package_name}-hostmaster aegir/db_host string ${database['host']}",
     "${package_name}-hostmaster aegir/db_user string ${database['user']}",
     "${package_name}-hostmaster aegir/webserver select ${server}",
+    "${package_name}-hostmaster aegir/email string ${email}",
+    "${package_name}-hostmaster aegir/makefile string ${makefile}",
+    "${package_name}-hostmaster aegir/working-copy boolean ${working_copy_str}",
+    "${package_name}-provision aegir/drush_version string ${drush_version}",
   ]
-  if $email != '' {
-    $debconf_email = ["${package_name}-hostmaster aegir/email string ${email}"]
-  }
-  else {
-    $debconf_email = []
-  }
-  if $makefile != '' {
-    $debconf_makefile = ["${package_name}-hostmaster aegir/makefile string ${makefile}"]
-  }
-  else {
-    $debconf_makefile = []
-  }
-  if $working_copy {
-    $debconf_working_copy = ["${package_name}-hostmaster aegir/working-copy boolean true"]
-  }
-  else {
-    $debconf_working_copy = []
-  }
-  if $drush_version != '' {
-    $debconf_drush = ["${package_name}-provision aegir/drush_version string ${drush_version}"]
-  }
-  else {
-    $debconf_drush = []
-  }
-  file { '/etc/dpkg/aegir.response':
+  file { '/var/lib/dpkg/aegir.response':
     ensure  => 'file',
-    content => join(
-      concat(
-        $debconf_settings, $debconf_email, $debconf_makefile,
-        $debconf_working_copy, $debconf_drush),
-      "\n")
+    content => join($debconf_settings, "\n"),
   }
   if ($server == 'nginx') {
     # Install nginx and phpX-fpm before running the aegir install.
@@ -86,14 +60,12 @@ class aegir::hostmaster (
   # Pass in extra packages through install options for nginx support.
   # Even with aegir/webserver set in preconfig, apt-get tries to install
   # with phpX (not fpm).
+  # Note: this may fail for some versions of Aegir:
+  # @see https://www.drupal.org/project/provision/issues/2979947
   package { 'aegir':
     ensure       => 'installed',
     name         => $package_name,
     responsefile => '/etc/dpkg/aegir.response',
-    require      => [
-      Apt::Source['aegir'],
-      Class['apt::update'],
-      File['/etc/dpkg/aegir.response']
-    ]
+    require      => File['/var/lib/dpkg/aegir.response'],
   }
 }
diff --git a/manifests/source.pp b/manifests/source.pp
new file mode 100644
index 0000000..9f69e0b
--- /dev/null
+++ b/manifests/source.pp
@@ -0,0 +1,13 @@
+class aegir::source (
+  String $release = 'stable'
+) {
+  apt::source { 'aegir':
+    location => 'http://debian.aegirproject.org',
+    release  => $release,
+    key      => {
+      id      => '12782E2257B468806EF36D165ADF93A03376CCF9',
+      content => file('aegir/key.asc'),
+    },
+    repos    => 'main'
+  }
+}
diff --git a/metadata.json b/metadata.json
index 16db52d..af157d2 100644
--- a/metadata.json
+++ b/metadata.json
@@ -15,7 +15,7 @@
         }
     ],
     "dependencies": [
-        { "name": "puppetlabs/apt", "version_requirement": ">= 2.3.0 < 3.0.0"},
+        { "name": "puppetlabs/apt", "version_requirement": ">= 2.4.0 < 5.0.0"},
         { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.13.1 < 5.0.0"}
     ],
     "requirements": [