Mercurial > code > home > repos > infra
diff apt.py @ 195:ee6374edfc06
pkgs and signatures
| author | drewp@bigasterisk.com |
|---|---|
| date | Wed, 14 Jun 2023 19:45:35 -0700 |
| parents | 087b84e68765 |
| children | 3fd439ae1380 |
line wrap: on
line diff
--- a/apt.py Wed Jun 14 17:00:13 2023 -0700 +++ b/apt.py Wed Jun 14 19:45:35 2023 -0700 @@ -1,3 +1,4 @@ +from pathlib import Path from pyinfra import host from pyinfra.facts.files import FindFiles from pyinfra.facts.server import Arch, LinuxDistribution @@ -17,8 +18,24 @@ ('https://packages.microsoft.com/keys/microsoft.asc', 'ms.gpg'), ('https://deb.nodesource.com/gpgkey/nodesource.gpg.key', 'nodesource.gpg'), ('https://dl.google.com/linux/linux_signing_key.pub', 'chrome.gpg'), + ('https://ftp-master.debian.org/keys/archive-key-11.asc', 'bullseye.gpg'), + ('https://ftp-master.debian.org/keys/archive-key-11-security.asc', 'bullseye-security.gpg'), ] ]) + if host.get_fact(Arch) == 'armv7l' or host.name == 'bang': # I mean raspbian/debian + # this contaminates the apt-update + files.file(path="/etc/apt/trusted.gpg.d/podman.asc", present=False) + + +dir = Path('/etc/apt/sources.list.d') + + +def clear_known_sources_files(known=[dir / 'vscode.list']): + found = map(Path, host.get_fact(FindFiles, dir, quote_path=True)) + if set(found) - set(known): + raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove") + for f in known: + files.file(path=f, present=False) def apt_sources(): @@ -26,8 +43,8 @@ server.shell(commands=['dpkg --add-architecture i386']) files.template(src='templates/sources.list.j2', dest='/etc/apt/sources.list') - if host.get_fact(FindFiles, '/etc/apt/sources.list.d/', quote_path=True): - raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove") + + clear_known_sources_files() apt.packages(update=True, cache_time=86400, packages=['tzdata'], @@ -41,5 +58,6 @@ # squib 1st setup seemed to need more updates for node(nodesource) # and steam-launcher + pkg_keys() apt_sources()