infra: apt.py annotate

annotate apt.py @ 195:ee6374edfc06

pkgs and signatures

author	drewp@bigasterisk.com
date	Wed, 14 Jun 2023 19:45:35 -0700
parents	087b84e68765
children	3fd439ae1380

rev	line source
195 ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	1 from pathlib import Path
155 522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	2 from pyinfra import host
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	3 from pyinfra.facts.files import FindFiles
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	4 from pyinfra.facts.server import Arch, LinuxDistribution
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	5 from pyinfra.operations import apt, files, server
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	6
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	7 TZ = 'America/Los_Angeles'
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	8
178 6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	9
155 522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	10 def pkg_keys():
178 6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	11 files.directory(path='/etc/apt/keyrings/') # for raspi
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	12 for url, name in [
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	13 ('https://repo.steampowered.com/steam/archive/stable/steam.gpg', 'steam.gpg'),
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	14 ]:
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	15 files.download(src=url, dest=f'/etc/apt/keyrings/{name}')
187 466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	16 server.shell(commands=[
466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	17 f"curl -fsSL {url} \| gpg --dearmor > /etc/apt/keyrings/{name}" for (url, name) in [
466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	18 ('https://packages.microsoft.com/keys/microsoft.asc', 'ms.gpg'),
466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	19 ('https://deb.nodesource.com/gpgkey/nodesource.gpg.key', 'nodesource.gpg'),
466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	20 ('https://dl.google.com/linux/linux_signing_key.pub', 'chrome.gpg'),
195 ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	21 ('https://ftp-master.debian.org/keys/archive-key-11.asc', 'bullseye.gpg'),
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	22 ('https://ftp-master.debian.org/keys/archive-key-11-security.asc', 'bullseye-security.gpg'),
187 466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	23 ]
466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	24 ])
195 ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	25 if host.get_fact(Arch) == 'armv7l' or host.name == 'bang': # I mean raspbian/debian
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	26 # this contaminates the apt-update
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	27 files.file(path="/etc/apt/trusted.gpg.d/podman.asc", present=False)
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	28
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	29
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	30 dir = Path('/etc/apt/sources.list.d')
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	31
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	32
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	33 def clear_known_sources_files(known=[dir / 'vscode.list']):
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	34 found = map(Path, host.get_fact(FindFiles, dir, quote_path=True))
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	35 if set(found) - set(known):
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	36 raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove")
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	37 for f in known:
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	38 files.file(path=f, present=False)
155 522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	39
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	40
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	41 def apt_sources():
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	42 if host.get_fact(Arch) == 'x86_64':
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	43 server.shell(commands=['dpkg --add-architecture i386'])
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	44
522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	45 files.template(src='templates/sources.list.j2', dest='/etc/apt/sources.list')
195 ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	46
ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	47 clear_known_sources_files()
155 522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	48 apt.packages(update=True,
187 466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	49 cache_time=86400,
178 6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	50 packages=['tzdata'],
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	51 force=True,
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	52 _env={
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	53 'TZ': TZ,
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	54 'LANG': 'en_US.UTF-8',
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	55 'DEBIAN_FRONTEND': 'noninteractive'
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	56 })
6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	57
188 087b84e68765 comment drewp@bigasterisk.com parents: 187 diff changeset	58 # squib 1st setup seemed to need more updates for node(nodesource)
087b84e68765 comment drewp@bigasterisk.com parents: 187 diff changeset	59 # and steam-launcher
178 6ec7cd3615f0 another try at apt.key, but it doesn't completely work because prime drewp@bigasterisk.com parents: 155 diff changeset	60
195 ee6374edfc06 pkgs and signatures drewp@bigasterisk.com parents: 188 diff changeset	61
155 522f26c8f691 split apt.py from system.py drewp@bigasterisk.com parents: diff changeset	62 pkg_keys()
187 466108f0a509 redo pkg keys and future podman 4.3.1 version drewp@bigasterisk.com parents: 178 diff changeset	63 apt_sources()

Mercurial > code > home > repos > infra

annotate apt.py @ 195:ee6374edfc06