Mercurial > code > home > repos > infra
diff system.py @ 12:15c5ce7c74b5
refactor, cleanup, split large deploys
| author | drewp@bigasterisk.com |
|---|---|
| date | Thu, 11 Nov 2021 23:31:21 -0800 |
| parents | 1fec9fe18a4e |
| children | d4fb38f13c79 |
line wrap: on
line diff
--- a/system.py Thu Nov 11 22:46:32 2021 -0800 +++ b/system.py Thu Nov 11 23:31:21 2021 -0800 @@ -2,19 +2,18 @@ from pyinfra import host from pyinfra.facts.server import LinuxDistribution -from pyinfra.operations import apt, files, server, ssh, systemd +from pyinfra.operations import apt, files, server, systemd -bang_is_old = True # remove after upgrade is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux'] -is_wifi_pi = host.name in ['frontdoor', 'living'] TZ = 'America/Los_Angeles' +server.hostname(hostname=host.name) + # -# system +# timezone # -server.hostname(hostname=host.name) files.link(path='/etc/localtime', target=f'/usr/share/zoneinfo/{TZ}') files.replace(path='/etc/timezone', match='.*', replace=TZ) apt.packages(update=True, @@ -31,7 +30,7 @@ # fstab # -fstab_file = f'files/{host.name}_fstab' +fstab_file = f'files/fstab/{host.name}' if os.path.exists(fstab_file): files.put(src=fstab_file, dest='/etc/fstab') if is_pi: @@ -45,86 +44,6 @@ apt.packages(packages=['dphys-swapfile'], present=False) # -# pkgs -# - -if not is_pi: - apt.key(keyserver='keyserver.ubuntu.com', keyid='8B48AD6246925553') - -if is_pi: - apt.packages(packages=['mandb', 'apt-listchanges'], present=False) - files.template(src='templates/pi_sources.list.j2', dest='/etc/apt/sources.list', rel='bullseye') - # 'apt upgrade'? - apt.packages(update=True, packages=['dirmngr', 'gnupg2', 'apt-utils']) - - apt.key(src='https://ftp-master.debian.org/keys/archive-key-8.asc') - apt.key(src='https://ftp-master.debian.org/keys/archive-key-8-security.asc') - apt.key(src='https://ftp-master.debian.org/keys/archive-key-9-security.asc') - - files.file(path='/etc/apt/sources.list.d/raspi.list', present=False) - - if is_wifi_pi: - files.put(dest="/etc/network/interfaces.d/wlan0", src="files/pi_wlan0_powersave") - ssh.command(host.name, "iw wlan0 set power_save off") - - files.template(src='templates/boot_config.txt.j2', dest='/boot/config.txt') - -if not is_pi and host.name != 'prime': - apt.key(src='https://dl.google.com/linux/linux_signing_key.pub') - apt.repo(src='deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main') - - apt.key(src='https://packages.microsoft.com/keys/microsoft.asc') - apt.repo(src="deb [arch=amd64,arm64,armhf] http://packages.microsoft.com/repos/code stable main") - - apt.ppa(src="ppa:savoury1/blender") - - apt.key(keyserver='keyserver.ubuntu.com', keyid='F24AEA9FB05498B7') - apt.repo(src="deb [arch=amd64,i386] https://repo.steampowered.com/steam/ stable steam") - -apt.packages(packages=[ - 'build-essential', - # 'i2c-tools', - 'rsync', - 'dstat', - 'ifstat', -]) - -if not is_pi: - apt.packages(packages=[ - 'keychain', - 'python3-docker', - 'python3-invoke', - 'python3-pip', - 'python3-virtualenv', - 'sysstat', - ]) - -if not is_pi and not bang_is_old: - apt.packages(packages='mlocate', present=False) - apt.packages(packages='plocate') - -# -# ssh -# - -systemd.service( - service='ssh', - running=True, - enabled=True, -) - -files.line(path='/etc/ssh/ssh_config', line="HashKnownHosts", replace="HashKnownHosts no") - -if is_pi: - auth_keys = '/home/pi/.ssh/authorized_keys' - files.file(path=auth_keys, user='pi', group='pi', mode=600) - for pubkey in [ - 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNlR7hereUHqw/RHQau0F7+vQZKAxduM+SD4R76FhC+4Zi078Pv04ZLe9qdM/NBlB/grLGhG58vaGmnWPpJ3QJs= drewp@plus', - 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOR+iV8Qm/rAfmq0epXYfnp5ZTfBl8eidFzw1GmyZ3fPUFAshWn839fQ5DPj9xDPtMy9kTtrB5bK1SnynFzDqzQ= drewp@bang', - ]: - files.line(path=auth_keys, line=pubkey, replace=pubkey) - -# # docker (delete this?) # @@ -139,15 +58,3 @@ files.line(path='/etc/ssh/sshd_config', line="^UseDNS\b", replace="UseDNS no") systemd.service(service='sshd', reloaded=True) - -# -# special hosts -# - -if host.name == "bang": - apt.packages(packages=[ - 'libzfs2linux', - 'zfsutils-linux', - 'zfs-zed', - 'zfs-auto-snapshot', - ])