Mercurial > code > home > repos > infra

annotate system.py @ 138:5558d8481ddf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nodejs version to 16
author drewp@bigasterisk.com
date Tue, 10 Jan 2023 10:52:55 -0800
parents 706d861f6d95
children ee0384eebee5
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
1 import os
10
1fec9fe18a4e more system.py cleanup; add pi /boot/config.txt
drewp@bigasterisk.com
parents: 6
diff changeset
2
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
3 from pyinfra import host
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
4 from pyinfra.facts.server import LinuxDistribution
126
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
5 from pyinfra.facts.files import FindFiles
130
168bc1c44e6f stop telling arm machines to get i386 pkgs
drewp@bigasterisk.com
parents: 126
diff changeset
6 from pyinfra.facts.server import Arch
12
15c5ce7c74b5 refactor, cleanup, split large deploys
drewp@bigasterisk.com
parents: 10
diff changeset
7 from pyinfra.operations import apt, files, server, systemd
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
8
3
61945df2a392 updates to work on recent raspbian installs
drewp@bigasterisk.com
parents: 2
diff changeset
9 is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux']
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
10
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
11 TZ = 'America/Los_Angeles'
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
12
12
15c5ce7c74b5 refactor, cleanup, split large deploys
drewp@bigasterisk.com
parents: 10
diff changeset
13 server.hostname(hostname=host.name)
15c5ce7c74b5 refactor, cleanup, split large deploys
drewp@bigasterisk.com
parents: 10
diff changeset
14
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
15 def timezone():
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
16 files.link(path='/etc/localtime', target=f'/usr/share/zoneinfo/{TZ}')
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
17 files.replace(path='/etc/timezone', text='.*', replace=TZ)
138
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
18
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
19 def pkg_keys():
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
20 # apt.key(keyserver='keyserver.ubuntu.com', keyid='04EE7237B7D453EC')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
21 # apt.key(keyserver='keyserver.ubuntu.com', keyid='648ACFD622F3D138')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
22 # apt.key(keyserver='keyserver.ubuntu.com', keyid='8B48AD6246925553')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
23 # apt.key(keyserver='keyserver.ubuntu.com', keyid='F24AEA9FB05498B7')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
24 if host.name != 'prime':
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
25 apt.key(keyserver='keyserver.ubuntu.com', keyid='D0392EC59F9583BA')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
26 apt.key(src='https://dl.google.com/linux/linux_signing_key.pub')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
27 apt.key(src='https://ftp-master.debian.org/keys/archive-key-8-security.asc')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
28 apt.key(src='https://ftp-master.debian.org/keys/archive-key-8.asc')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
29 apt.key(src='https://ftp-master.debian.org/keys/archive-key-9-security.asc')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
30 apt.key(src='https://packages.microsoft.com/keys/microsoft.asc')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
31 apt.key(src='https://deb.nodesource.com/gpgkey/nodesource.gpg.key')
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
32
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
33
126
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
34 def apt_sources():
130
168bc1c44e6f stop telling arm machines to get i386 pkgs
drewp@bigasterisk.com
parents: 126
diff changeset
35 if host.get_fact(Arch) == 'x86_64':
168bc1c44e6f stop telling arm machines to get i386 pkgs
drewp@bigasterisk.com
parents: 126
diff changeset
36 server.shell(commands=['dpkg --add-architecture i386'])
126
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
37
138
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
38 files.template(src='templates/sources.list.j2', dest='/etc/apt/sources.list')
126
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
39 if host.get_fact(FindFiles, '/etc/apt/sources.list.d/', quote_path=True):
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
40 raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove")
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
41 apt.packages(update=True,
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
42 cache_time=86400,
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
43 packages=['tzdata'],
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
44 force=True,
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
45 _env={
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
46 'TZ': TZ,
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
47 'LANG': 'en_US.UTF-8',
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
48 'DEBIAN_FRONTEND': 'noninteractive'
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
49 })
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
50
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
51 def fstab():
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
52 fstab_file = f'files/fstab/{host.name}'
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
53 if os.path.exists(fstab_file):
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
54 files.put(src=fstab_file, dest='/etc/fstab')
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
55
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
56 def pi_tmpfs():
1
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
57 for line in [
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
58 'tmpfs /var/log tmpfs defaults,noatime,mode=0755 0 0',
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
59 'tmpfs /tmp tmpfs defaults,noatime 0 0',
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
60 ]:
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
61 files.line(path="/etc/fstab", line=line, replace=line)
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
62
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
63 # stop SD card corruption (along with some mounts in fstab)
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
64 apt.packages(packages=['dphys-swapfile'], present=False)
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
65
b664f1027992 system.py port from ansible
drewp@bigasterisk.com
parents:
diff changeset
66
3
61945df2a392 updates to work on recent raspbian installs
drewp@bigasterisk.com
parents: 2
diff changeset
67 # don't try to get aufs-dkms on rpi-- https://github.com/docker/for-linux/issues/709
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
68 def podman_inecure_registry():
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
69 files.template(src='templates/kube/podman_registries.conf.j2', dest='/etc/containers/registries.conf.d/bang.conf')
34
d4fb38f13c79 refactor dns and some other non-net setup
drewp@bigasterisk.com
parents: 12
diff changeset
70
d4fb38f13c79 refactor dns and some other non-net setup
drewp@bigasterisk.com
parents: 12
diff changeset
71
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
72 def no_sleep():
34
d4fb38f13c79 refactor dns and some other non-net setup
drewp@bigasterisk.com
parents: 12
diff changeset
73 server.shell(commands=['systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target'])
d4fb38f13c79 refactor dns and some other non-net setup
drewp@bigasterisk.com
parents: 12
diff changeset
74
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
75 def nfs_server():
34
d4fb38f13c79 refactor dns and some other non-net setup
drewp@bigasterisk.com
parents: 12
diff changeset
76 apt.packages(packages=['nfs-kernel-server'])
d4fb38f13c79 refactor dns and some other non-net setup
drewp@bigasterisk.com
parents: 12
diff changeset
77 files.template(src='templates/bang_exports.j2', dest='/etc/exports')
37
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
78
57
16098abf8f0f nfs over wireguard
drewp@bigasterisk.com
parents: 37
diff changeset
79 # sudo zfs set sharenfs="rw=10.5.0.0/16" stor6
16098abf8f0f nfs over wireguard
drewp@bigasterisk.com
parents: 37
diff changeset
80
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
81 def smaller_journals():
37
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
82 files.line(name='shorter systemctl log window, for disk space',
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
83 path='/etc/systemd/journald.conf',
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
84 line='MaxFileSec',
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
85 replace="MaxFileSec=7day")
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
86
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
87 for port in [80, 443]:
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
88 files.template(src="templates/webforward.service.j2", dest=f"/etc/systemd/system/web_forward_{port}.service", port=port)
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd
drewp@bigasterisk.com
parents: 34
diff changeset
89 systemd.service(service=f'web_forward_{port}', enabled=True, restarted=True)
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
90
118
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
91 def zfs_metrics():
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
92 files.put(src='files/zfs_metrics/zfs_space_metrics.sh', dest='/opt/zfs_metrics/zfs_space_metrics.sh')
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
93 files.put(src='files/zfs_metrics/zfs.mtail', dest='/opt/zfs_metrics/zfs.mtail')
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
94 files.put(src='files/zfs_metrics/zfs_space_metrics.service',
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
95 dest=f'/etc/systemd/system/zfs_space_metrics.service')
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
96 systemd.service(service=f'zfs_space_metrics', enabled=True, restarted=True, daemon_reload=True)
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
97
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
98 timezone()
138
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
99 pkg_keys()
126
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
100 apt_sources()
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
101 fstab()
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
102
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
103 if not is_pi:
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
104 files.line(path='/etc/update-manager/release-upgrades', line="^Prompt=", replace="Prompt=normal")
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
105
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
106 if is_pi and host.name != 'pipe':
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
107 pi_tmpfs()
133
706d861f6d95 move boot.config setup to system.py
drewp@bigasterisk.com
parents: 130
diff changeset
108 files.template(src='templates/boot_config.txt.j2', dest='/boot/config.txt')
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
109
138
5558d8481ddf nodejs version to 16
drewp@bigasterisk.com
parents: 133
diff changeset
110 if not is_pi:
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
111 podman_inecure_registry()
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
112
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
113 if host.name in ['bang', 'pipe']:
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
114 no_sleep()
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
115
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
116 if host.name == 'bang':
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
117 nfs_server()
118
69058ad170be watch output from `zfs list -o space` as metrics
drewp@bigasterisk.com
parents: 91
diff changeset
118 zfs_metrics()
91
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
119
ab1e0cbe8009 refactor and add podman registries
drewp@bigasterisk.com
parents: 85
diff changeset
120 if host.name == 'prime':
126
fe3ae7c95e65 collect all apt/sources.list into a central template
drewp@bigasterisk.com
parents: 118
diff changeset
121 smaller_journals()