Mercurial > code > home > repos > infra

diff apt.py @ 155:522f26c8f691

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
split apt.py from system.py
author drewp@bigasterisk.com
date Thu, 16 Mar 2023 17:42:17 -0700
parents
children 6ec7cd3615f0
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/apt.py	Thu Mar 16 17:42:17 2023 -0700
@@ -0,0 +1,72 @@
+from pyinfra import host
+from pyinfra.facts.files import FindFiles
+from pyinfra.facts.server import Arch, LinuxDistribution
+from pyinfra.operations import apt, files, server
+
+TZ = 'America/Los_Angeles'
+
+def pkg_keys():
+    # apt.key(keyserver='keyserver.ubuntu.com', keyid='04EE7237B7D453EC')
+    # apt.key(keyserver='keyserver.ubuntu.com', keyid='648ACFD622F3D138')
+    # apt.key(keyserver='keyserver.ubuntu.com', keyid='8B48AD6246925553')
+    # apt.key(keyserver='keyserver.ubuntu.com', keyid='F24AEA9FB05498B7')
+    if host.name != 'prime':
+        apt.key(keyserver='keyserver.ubuntu.com', keyid='D0392EC59F9583BA')
+    apt.key(src='https://dl.google.com/linux/linux_signing_key.pub')
+    apt.key(src='https://ftp-master.debian.org/keys/archive-key-8-security.asc')
+    apt.key(src='https://ftp-master.debian.org/keys/archive-key-8.asc')
+    apt.key(src='https://ftp-master.debian.org/keys/archive-key-9-security.asc')
+    apt.key(src='https://packages.microsoft.com/keys/microsoft.asc')
+    apt.key(src='https://deb.nodesource.com/gpgkey/nodesource.gpg.key')
+    apt.key(src='https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/Release.key')
+    # Failed to fetch https://repo.steampowered.com/steam/dists/stable/InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7 
+'''
+
+
+🚢 ditto(pts/1):/opt# apt update
+Hit:1 http://packages.microsoft.com/repos/code stable InRelease
+Hit:2 http://dl.google.com/linux/chrome/deb stable InRelease                                                                                                                            
+Get:3 https://repo.steampowered.com/steam stable InRelease [2861 B]                                                                                                                     
+Hit:4 http://us.archive.ubuntu.com/ubuntu kinetic InRelease                                                                        
+Get:5 http://us.archive.ubuntu.com/ubuntu kinetic-backports InRelease [99.9 kB] 
+Err:3 https://repo.steampowered.com/steam stable InRelease                                 
+  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7
+Get:6 http://us.archive.ubuntu.com/ubuntu kinetic-security InRelease [109 kB]
+Get:8 http://us.archive.ubuntu.com/ubuntu kinetic-updates InRelease [118 kB]
+Get:9 http://us.archive.ubuntu.com/ubuntu kinetic-updates/universe amd64 Packages [205 kB]
+Get:7 https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04  InRelease [1262 B]
+Get:10 http://us.archive.ubuntu.com/ubuntu kinetic-updates/universe i386 Packages [119 kB]
+Get:11 http://us.archive.ubuntu.com/ubuntu kinetic-updates/universe Translation-en [83.1 kB]
+Err:7 https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04  InRelease
+  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4D64390375060AA4
+Reading package lists... Done              
+W: http://packages.microsoft.com/repos/code/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
+W: http://dl.google.com/linux/chrome/deb/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
+W: GPG error: https://repo.steampowered.com/steam stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F24AEA9FB05498B7
+E: The repository 'https://repo.steampowered.com/steam stable InRelease' is not signed.
+N: Updating from such a repository can't be done securely, and is therefore disabled by default.
+N: See apt-secure(8) manpage for repository creation and user configuration details.
+W: GPG error: https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04  InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4D64390375060AA4
+E: The repository 'https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_22.04  InRelease' is not signed.
+N: Updating from such a repository can't be done securely, and is therefore disabled by default.
+N: See apt-secure(8) manpage for repository creation and user configuration details.
+
+'''
+def apt_sources():
+    if host.get_fact(Arch) == 'x86_64':
+        server.shell(commands=['dpkg --add-architecture i386'])
+
+    files.template(src='templates/sources.list.j2', dest='/etc/apt/sources.list')
+    if host.get_fact(FindFiles, '/etc/apt/sources.list.d/', quote_path=True):
+        raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove")
+    apt.packages(update=True,
+                cache_time=86400,
+                packages=['tzdata'],
+                force=True,
+                _env={
+                    'TZ': TZ,
+                    'LANG': 'en_US.UTF-8',
+                    'DEBIAN_FRONTEND': 'noninteractive'
+                })
+pkg_keys()
+apt_sources()
\ No newline at end of file