Mercurial > code > home > repos > infra
annotate system.py @ 288:3af02e24eaf9
minor
| author | drewp@bigasterisk.com |
|---|---|
| date | Sun, 21 Apr 2024 17:01:13 -0700 |
| parents | a46eb2a77df7 |
| children | 65e28d2e0cd8 |
| rev | line source |
|---|---|
| 1 | 1 import os |
|
10
1fec9fe18a4e
more system.py cleanup; add pi /boot/config.txt
drewp@bigasterisk.com
parents:
6
diff
changeset
|
2 |
| 1 | 3 from pyinfra import host |
| 4 from pyinfra.facts.server import LinuxDistribution | |
|
12
15c5ce7c74b5
refactor, cleanup, split large deploys
drewp@bigasterisk.com
parents:
10
diff
changeset
|
5 from pyinfra.operations import apt, files, server, systemd |
| 1 | 6 |
|
3
61945df2a392
updates to work on recent raspbian installs
drewp@bigasterisk.com
parents:
2
diff
changeset
|
7 is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux'] |
| 1 | 8 TZ = 'America/Los_Angeles' |
| 9 | |
|
12
15c5ce7c74b5
refactor, cleanup, split large deploys
drewp@bigasterisk.com
parents:
10
diff
changeset
|
10 |
| 91 | 11 def timezone(): |
| 12 files.link(path='/etc/localtime', target=f'/usr/share/zoneinfo/{TZ}') | |
| 13 files.replace(path='/etc/timezone', text='.*', replace=TZ) | |
| 138 | 14 |
| 1 | 15 |
| 91 | 16 def fstab(): |
| 17 fstab_file = f'files/fstab/{host.name}' | |
| 18 if os.path.exists(fstab_file): | |
| 19 files.put(src=fstab_file, dest='/etc/fstab') | |
| 1 | 20 |
| 91 | 21 def pi_tmpfs(): |
| 1 | 22 for line in [ |
| 23 'tmpfs /var/log tmpfs defaults,noatime,mode=0755 0 0', | |
| 24 'tmpfs /tmp tmpfs defaults,noatime 0 0', | |
| 25 ]: | |
| 26 files.line(path="/etc/fstab", line=line, replace=line) | |
| 27 | |
| 28 # stop SD card corruption (along with some mounts in fstab) | |
| 29 apt.packages(packages=['dphys-swapfile'], present=False) | |
| 30 | |
| 31 | |
| 91 | 32 def no_sleep(): |
|
34
d4fb38f13c79
refactor dns and some other non-net setup
drewp@bigasterisk.com
parents:
12
diff
changeset
|
33 server.shell(commands=['systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target']) |
|
d4fb38f13c79
refactor dns and some other non-net setup
drewp@bigasterisk.com
parents:
12
diff
changeset
|
34 |
| 288 | 35 |
| 91 | 36 def nfs_server(): |
| 288 | 37 # remove when we're on longhorn |
|
34
d4fb38f13c79
refactor dns and some other non-net setup
drewp@bigasterisk.com
parents:
12
diff
changeset
|
38 apt.packages(packages=['nfs-kernel-server']) |
|
d4fb38f13c79
refactor dns and some other non-net setup
drewp@bigasterisk.com
parents:
12
diff
changeset
|
39 files.template(src='templates/bang_exports.j2', dest='/etc/exports') |
|
37
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
40 |
| 288 | 41 |
| 91 | 42 def smaller_journals(): |
|
37
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
43 files.line(name='shorter systemctl log window, for disk space', |
|
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
44 path='/etc/systemd/journald.conf', |
|
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
45 line='MaxFileSec', |
|
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
46 replace="MaxFileSec=7day") |
|
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
47 |
| 288 | 48 |
| 203 | 49 def web_forward(): |
|
37
fbd0849dfdbd
redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents:
34
diff
changeset
|
50 for port in [80, 443]: |
| 288 | 51 svc = f'web_forward_{port}' |
| 52 files.template(src="templates/webforward.service.j2", | |
| 53 dest=f"/etc/systemd/system/{svc}.service", | |
| 54 serv_host='bang', | |
| 55 port=port, | |
| 56 name='web', | |
| 57 fam='tcp') | |
| 58 systemd.service(service=svc, enabled=True, restarted=True) | |
| 91 | 59 |
| 284 | 60 def minecraft_forward(): |
| 61 port = 25765 | |
| 62 for fam in ['tcp', 'udp']: | |
| 288 | 63 svc = f'mc_smp_{fam}_forward_{port}' |
| 64 files.template(src="templates/webforward.service.j2", | |
| 65 dest=f"/etc/systemd/system/{svc}.service", | |
| 66 serv_host='ditto', | |
| 67 port=port, | |
| 68 name='mc_smp', | |
| 69 fam=fam) | |
| 70 systemd.service(service=svc, enabled=True, restarted=True) | |
| 284 | 71 |
| 145 | 72 server.hostname(hostname=host.name) |
| 91 | 73 timezone() |
| 74 fstab() | |
| 75 | |
| 76 if not is_pi: | |
| 77 files.line(path='/etc/update-manager/release-upgrades', line="^Prompt=", replace="Prompt=normal") | |
| 78 | |
| 79 if is_pi and host.name != 'pipe': | |
| 80 pi_tmpfs() | |
| 278 | 81 |
| 146 | 82 if host.name in ['bang', 'pipe', 'ditto']: |
| 91 | 83 no_sleep() |
| 84 | |
|
194
0d37dde619d0
zfs now serving from ditto, new pool is stor7
drewp@bigasterisk.com
parents:
155
diff
changeset
|
85 if host.name in ['bang', 'ditto']: |
| 91 | 86 nfs_server() |
| 87 | |
| 88 if host.name == 'prime': | |
|
126
fe3ae7c95e65
collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents:
118
diff
changeset
|
89 smaller_journals() |
| 247 | 90 web_forward() |
| 284 | 91 minecraft_forward() |
| 247 | 92 |
| 93 # for space, consider: | |
| 94 # k3s crictl rmi --prune | |
| 95 # snap list --all | while read snapname ver rev trk pub notes; do if [[ $notes = *disabled* ]]; then snap remove "$snapname" --revision="$rev"; fi; done | |
| 96 # podman system reset |