Mercurial > code > home > repos > infra

diff users/users.py @ 326:5b88b38f2471

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
huge reorg, reog toplevel functions in preparation of a ui with nice task lists
author drewp@bigasterisk.com
date Mon, 20 Jan 2025 21:55:08 -0800
parents users.py@b3acb9fff274
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/users/users.py	Mon Jan 20 21:55:08 2025 -0800
@@ -0,0 +1,83 @@
+from pyinfra.context import host
+from pyinfra.operations import server
+
+
+def setupUsers():
+    # raspbian took 1000 for 'pi' group, but drewp is rarely used on pi
+    # setups so hopefully it won't matter much that drew group has a
+    # different id.
+    drewp_uid, drewp_gid = host.data.drewp_uid, host.data.drewp_gid
+    drewp_groups = [
+        'lp', 'adm', 'dialout', 'cdrom', 'sudo', 'audio', 'video', 'plugdev', 'games', 'users', 'netdev', 'i2c', 'input', 'spi',
+        'gpio', 'fuse', 'render', 'mongodb', 'lpadmin'
+    ]
+
+    svcIds = 1050
+    for svc in [
+            # only append to this list:
+            "photoprism",
+            "mongodb",
+    ]:
+        server.group(group=svc, gid=svcIds)
+        server.user(user=svc, uid=svcIds, group=svc)
+        svcIds += 1
+
+    # the following gets scrambled on new rpi.  Run "useradd -u 1501 drewp" as workaround.
+    server.group(group='drewp', gid=drewp_gid)
+    # this won't change existing drewp uid; I've been doing that myself.
+    server.user(user='drewp', uid=drewp_uid, group='drewp', groups=drewp_groups)
+
+    if 'pi' not in host.groups:
+
+        server.user(user='drewp', uid=drewp_uid, group='drewp', groups=drewp_groups)
+
+        for name, uid, gid in [
+            ('ari', 3019, 3019),
+            ('talia', 1003, 1003),
+        ]:
+            server.group(group=name, gid=gid)
+            server.user(user=name, uid=uid, group=name, groups=['audio', 'dialout', 'docker', 'lp', 'lpadmin', 'sudo', 'video'])
+
+        server.user(user='dmcc', uid=1013)
+
+        server.group(group='elastic', gid=3018)
+        server.user(user='elastic', uid=3018, group='elastic')
+
+        server.group(group='kelsi', gid=1008)
+        server.user(user='kelsi', uid=1008, group='elastic')
+
+        server.group(group='drewnote', gid=1009)
+        server.user(user='drewnote', uid=1009)
+
+        server.group(group='prometheus', gid=1010)
+        server.user(user='prometheus', uid=1010)
+
+
+def systemGroups():
+    for group in [
+            'fuse',
+            'spi',
+            'gpio',
+            'i2c',
+            'input',
+            'netdev',
+            'render',
+            'lpadmin',
+    ]:
+        server.group(group=group, system=True)
+
+    if 'pi' not in host.groups:
+        server.group(group='adm', gid=4)
+        server.group(group='cdrom', gid=24)
+        server.group(group='dialout', gid=20)
+        server.group(group='dip', gid=30)
+        server.group(group='lp', gid=7)
+        # prime has something on 109
+        server.group(group='lpadmin', gid=200)
+        server.group(group='plugdev', gid=46)
+
+
+operations = [
+    systemGroups,
+    setupUsers,
+]