Mercurial > code > home > repos > infra
comparison apt.py @ 155:522f26c8f691
split apt.py from system.py
| author | drewp@bigasterisk.com |
|---|---|
| date | Thu, 16 Mar 2023 17:42:17 -0700 |
| parents | |
| children | 6ec7cd3615f0 |
comparison
equal
deleted
inserted
replaced
| 154:89e7dc25dd72 | 155:522f26c8f691 |
|---|---|
| 1 from pyinfra import host | |
| 2 from pyinfra.facts.files import FindFiles | |
| 3 from pyinfra.facts.server import Arch, LinuxDistribution | |
| 4 from pyinfra.operations import apt, files, server | |
| 5 | |
| 6 TZ = 'America/Los_Angeles' | |
| 7 | |
| 8 def pkg_keys(): | |
| 9 # apt.key(keyserver='keyserver.ubuntu.com', keyid='04EE7237B7D453EC') | |
| 10 # apt.key(keyserver='keyserver.ubuntu.com', keyid='648ACFD622F3D138') | |
| 11 # apt.key(keyserver='keyserver.ubuntu.com', keyid='8B48AD6246925553') | |
| 12 # apt.key(keyserver='keyserver.ubuntu.com', keyid='F24AEA9FB05498B7') | |
| 13 if host.name != 'prime': | |
| 14 apt.key(keyserver='keyserver.ubuntu.com', keyid='D0392EC59F9583BA') | |
| 15 apt.key(src='https://dl.google.com/linux/linux_signing_key.pub') | |
| 16 apt.key(src='https://ftp-master.debian.org/keys/archive-key-8-security.asc') | |
| 17 apt.key(src='https://ftp-master.debian.org/keys/archive-key-8.asc') | |
| 18 apt.key(src='https://ftp-master.debian.org/keys/archive-key-9-security.asc') | |
| 19 apt.key(src='https://packages.microsoft.com/keys/microsoft.asc') | |
| 20 apt.key(src='https://deb.nodesource.com/gpgkey/nodesource.gpg.key') | |
| 21 apt.key(src='https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/Release.key') | |
| 22 # Failed to fetch https://repo.steampowered.com/steam/dists/stable/InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 | |
| 23 ''' | |
| 24 | |
| 25 | |
| 26 🚢 ditto(pts/1):/opt# apt update | |
| 27 Hit:1 http://packages.microsoft.com/repos/code stable InRelease | |
| 28 Hit:2 http://dl.google.com/linux/chrome/deb stable InRelease | |
| 29 Get:3 https://repo.steampowered.com/steam stable InRelease [2861 B] | |
| 30 Hit:4 http://us.archive.ubuntu.com/ubuntu kinetic InRelease | |
| 31 Get:5 http://us.archive.ubuntu.com/ubuntu kinetic-backports InRelease [99.9 kB] | |
| 32 Err:3 https://repo.steampowered.com/steam stable InRelease | |
| 33 The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 | |
| 34 Get:6 http://us.archive.ubuntu.com/ubuntu kinetic-security InRelease [109 kB] | |
| 35 Get:8 http://us.archive.ubuntu.com/ubuntu kinetic-updates InRelease [118 kB] | |
| 36 Get:9 http://us.archive.ubuntu.com/ubuntu kinetic-updates/universe amd64 Packages [205 kB] | |
| 37 Get:7 https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04 InRelease [1262 B] | |
| 38 Get:10 http://us.archive.ubuntu.com/ubuntu kinetic-updates/universe i386 Packages [119 kB] | |
| 39 Get:11 http://us.archive.ubuntu.com/ubuntu kinetic-updates/universe Translation-en [83.1 kB] | |
| 40 Err:7 https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04 InRelease | |
| 41 The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4D64390375060AA4 | |
| 42 Reading package lists... Done | |
| 43 W: http://packages.microsoft.com/repos/code/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details. | |
| 44 W: http://dl.google.com/linux/chrome/deb/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details. | |
| 45 W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 | |
| 46 E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed. | |
| 47 N: Updating from such a repository can't be done securely, and is therefore disabled by default. | |
| 48 N: See apt-secure(8) manpage for repository creation and user configuration details. | |
| 49 W: GPG error: https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04 InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4D64390375060AA4 | |
| 50 E: The repository 'https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04 InRelease' is not signed. | |
| 51 N: Updating from such a repository can't be done securely, and is therefore disabled by default. | |
| 52 N: See apt-secure(8) manpage for repository creation and user configuration details. | |
| 53 | |
| 54 ''' | |
| 55 def apt_sources(): | |
| 56 if host.get_fact(Arch) == 'x86_64': | |
| 57 server.shell(commands=['dpkg --add-architecture i386']) | |
| 58 | |
| 59 files.template(src='templates/sources.list.j2', dest='/etc/apt/sources.list') | |
| 60 if host.get_fact(FindFiles, '/etc/apt/sources.list.d/', quote_path=True): | |
| 61 raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove") | |
| 62 apt.packages(update=True, | |
| 63 cache_time=86400, | |
| 64 packages=['tzdata'], | |
| 65 force=True, | |
| 66 _env={ | |
| 67 'TZ': TZ, | |
| 68 'LANG': 'en_US.UTF-8', | |
| 69 'DEBIAN_FRONTEND': 'noninteractive' | |
| 70 }) | |
| 71 pkg_keys() | |
| 72 apt_sources() |