Mercurial > code > home > repos > infra
comparison apt/apt.py @ 320:11d3bcedb9f0
updates for tofu rebuild; some dead code; start moving tasks into subdirs with their files and templates
| author | drewp@bigasterisk.com |
|---|---|
| date | Fri, 08 Nov 2024 23:16:56 -0800 |
| parents | apt.py@f17d9925a2aa |
| children | 5b88b38f2471 |
comparison
equal
deleted
inserted
replaced
| 319:2e6dbebb2cb3 | 320:11d3bcedb9f0 |
|---|---|
| 1 import shlex | |
| 2 | |
| 3 from pyinfra import host | |
| 4 from pyinfra.facts.server import Arch | |
| 5 from pyinfra.operations import apt, files, server | |
| 6 | |
| 7 TZ = 'America/Los_Angeles' | |
| 8 | |
| 9 | |
| 10 def pkg_keys(): | |
| 11 files.directory(path='/etc/apt/keyrings/') # for raspi | |
| 12 for url, name in [ | |
| 13 ('https://repo.steampowered.com/steam/archive/stable/steam.gpg', 'steam.gpg'), | |
| 14 ]: | |
| 15 files.download(src=url, dest=f'/usr/share/keyrings/{name}') | |
| 16 | |
| 17 apt.packages(packages=['curl', 'gpg']) | |
| 18 server.shell(commands=[ | |
| 19 f"curl -fsSL {shlex.quote(url)} | gpg --dearmor > /etc/apt/keyrings/{name}" for (url, name) in [ | |
| 20 ('https://packages.microsoft.com/keys/microsoft.asc', 'ms.gpg'), | |
| 21 ('https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key', 'nodesource.gpg'), | |
| 22 ('https://dl.google.com/linux/linux_signing_key.pub', 'chrome.gpg'), | |
| 23 ('https://ftp-master.debian.org/keys/archive-key-11.asc', 'bullseye.gpg'), | |
| 24 ('https://ftp-master.debian.org/keys/archive-key-11-security.asc', 'bullseye-security.gpg'), | |
| 25 ('https://packages.cloud.google.com/apt/doc/apt-key.gpg', 'coral.gpg'), | |
| 26 ('https://hub.unity3d.com/linux/keys/public', 'unityhub.gpg'), | |
| 27 ('https://nvidia.github.io/libnvidia-container/gpgkey', 'nvidia.gpg'), | |
| 28 ] | |
| 29 ]) | |
| 30 | |
| 31 # also these | |
| 32 #-rw-r--r-- 1 root root 2794 Mar 26 2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg | |
| 33 #-rw-r--r-- 1 root root 1733 Mar 26 2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg | |
| 34 | |
| 35 # raspi needs wget http://archive.raspbian.org/raspbian.public.key -O - | sudo apt-key add - | |
| 36 | |
| 37 | |
| 38 def arch386(): | |
| 39 server.shell(commands=['dpkg --add-architecture i386']) | |
| 40 | |
| 41 | |
| 42 def old_deleteme_apt_sources(): | |
| 43 files.template(src='apt/templates/sources.list.j2', dest='/etc/apt/sources.list') | |
| 44 apt_update() | |
| 45 | |
| 46 | |
| 47 def apt_update(): | |
| 48 apt.packages(update=True, | |
| 49 cache_time=86400, | |
| 50 packages=['tzdata'], | |
| 51 force=True, | |
| 52 _env={ | |
| 53 'TZ': TZ, | |
| 54 'LANG': 'en_US.UTF-8', | |
| 55 'DEBIAN_FRONTEND': 'noninteractive' | |
| 56 }) | |
| 57 | |
| 58 # squib 1st setup seemed to need more updates for node(nodesource) | |
| 59 # and steam-launcher | |
| 60 | |
| 61 | |
| 62 def flatpak_sources(): | |
| 63 apt.packages(update=True, cache_time=86400, packages=['flatpak']) | |
| 64 server.shell(commands='flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo') | |
| 65 | |
| 66 | |
| 67 if host.get_fact(Arch) == 'x86_64': | |
| 68 arch386() | |
| 69 | |
| 70 pkg_keys() | |
| 71 using_new_sources = ['tofu'] | |
| 72 if host.name in using_new_sources: | |
| 73 # todo: rm /etc/apt/sources.list.d/*.list | |
| 74 files.template(src='apt/templates/ubuntu.sources.j2', dest='/etc/apt/sources.list.d/ubuntu.sources') | |
| 75 files.template(src='apt/templates/more.sources.j2', dest='/etc/apt/sources.list.d/more.sources') | |
| 76 apt_update() | |
| 77 else: | |
| 78 old_deleteme_apt_sources() | |
| 79 | |
| 80 flatpak_sources() |