infra: system.py annotate

annotate system.py @ 37:fbd0849dfdbd

redo networking to be much simpler. Uses systemd-networkd

author	drewp@bigasterisk.com
date	Sat, 15 Jan 2022 17:10:10 -0800
parents	d4fb38f13c79
children	16098abf8f0f

rev	line source
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	1 import os
10 1fec9fe18a4e more system.py cleanup; add pi /boot/config.txt drewp@bigasterisk.com parents: 6 diff changeset	2
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	3 from pyinfra import host
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	4 from pyinfra.facts.server import LinuxDistribution
12 15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: 10 diff changeset	5 from pyinfra.operations import apt, files, server, systemd
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	6
3 61945df2a392 updates to work on recent raspbian installs drewp@bigasterisk.com parents: 2 diff changeset	7 is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux']
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	8
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	9 TZ = 'America/Los_Angeles'
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	10
12 15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: 10 diff changeset	11 server.hostname(hostname=host.name)
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: 10 diff changeset	12
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	13 #
12 15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: 10 diff changeset	14 # timezone
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	15 #
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	16
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	17 files.link(path='/etc/localtime', target=f'/usr/share/zoneinfo/{TZ}')
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	18 files.replace(path='/etc/timezone', match='.*', replace=TZ)
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	19 apt.packages(update=True,
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	20 cache_time=86400,
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	21 packages=['tzdata'],
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	22 force=True,
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	23 env={
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	24 'TZ': TZ,
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	25 'LANG': 'en_US.UTF-8',
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	26 'DEBIAN_FRONTEND': 'noninteractive'
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	27 })
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	28
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	29 #
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	30 # fstab
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	31 #
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	32
12 15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: 10 diff changeset	33 fstab_file = f'files/fstab/{host.name}'
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	34 if os.path.exists(fstab_file):
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	35 files.put(src=fstab_file, dest='/etc/fstab')
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	36 if is_pi:
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	37 for line in [
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	38 'tmpfs /var/log tmpfs defaults,noatime,mode=0755 0 0',
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	39 'tmpfs /tmp tmpfs defaults,noatime 0 0',
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	40 ]:
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	41 files.line(path="/etc/fstab", line=line, replace=line)
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	42
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	43 # stop SD card corruption (along with some mounts in fstab)
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	44 apt.packages(packages=['dphys-swapfile'], present=False)
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	45
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	46 #
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	47 # docker (delete this?)
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	48 #
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	49
3 61945df2a392 updates to work on recent raspbian installs drewp@bigasterisk.com parents: 2 diff changeset	50 # don't try to get aufs-dkms on rpi-- https://github.com/docker/for-linux/issues/709
61945df2a392 updates to work on recent raspbian installs drewp@bigasterisk.com parents: 2 diff changeset	51 if not is_pi:
61945df2a392 updates to work on recent raspbian installs drewp@bigasterisk.com parents: 2 diff changeset	52 apt.packages(packages=['docker.io'], no_recommends=True)
61945df2a392 updates to work on recent raspbian installs drewp@bigasterisk.com parents: 2 diff changeset	53 files.put(src='files/docker_daemon.json', dest='/etc/docker/daemon.json')
61945df2a392 updates to work on recent raspbian installs drewp@bigasterisk.com parents: 2 diff changeset	54 systemd.service(service='docker', running=True, enabled=True, restarted=True)
1 b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	55
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	56 if not is_pi:
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	57 files.line(path='/etc/update-manager/release-upgrades', line="^Prompt=", replace="Prompt=normal")
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	58
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	59 files.line(path='/etc/ssh/sshd_config', line="^UseDNS\b", replace="UseDNS no")
b664f1027992 system.py port from ansible drewp@bigasterisk.com parents: diff changeset	60 systemd.service(service='sshd', reloaded=True)
34 d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	61
d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	62
d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	63 if host.name == 'bang':
d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	64 server.shell(commands=['systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target'])
d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	65
d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	66 apt.packages(packages=['nfs-kernel-server'])
d4fb38f13c79 refactor dns and some other non-net setup drewp@bigasterisk.com parents: 12 diff changeset	67 files.template(src='templates/bang_exports.j2', dest='/etc/exports')
37 fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	68
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	69 if host.name == 'prime':
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	70 files.line(name='shorter systemctl log window, for disk space',
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	71 path='/etc/systemd/journald.conf',
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	72 line='MaxFileSec',
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	73 replace="MaxFileSec=7day")
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	74
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	75 for port in [80, 443]:
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	76 files.template(src="templates/webforward.service.j2", dest=f"/etc/systemd/system/web_forward_{port}.service", port=port)
fbd0849dfdbd redo networking to be much simpler. Uses systemd-networkd drewp@bigasterisk.com parents: 34 diff changeset	77 systemd.service(service=f'web_forward_{port}', enabled=True, restarted=True)

Mercurial > code > home > repos > infra

annotate system.py @ 37:fbd0849dfdbd