Mercurial > code > home > repos > infra

view system.py @ 288:3af02e24eaf9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
minor
author drewp@bigasterisk.com
date Sun, 21 Apr 2024 17:01:13 -0700
parents a46eb2a77df7
children 65e28d2e0cd8
line wrap: on
line source

import os

from pyinfra import host
from pyinfra.facts.server import LinuxDistribution
from pyinfra.operations import apt, files, server, systemd

is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux']
TZ = 'America/Los_Angeles'


def timezone():
    files.link(path='/etc/localtime', target=f'/usr/share/zoneinfo/{TZ}')
    files.replace(path='/etc/timezone', text='.*', replace=TZ)


def fstab():
    fstab_file = f'files/fstab/{host.name}'
    if os.path.exists(fstab_file):
        files.put(src=fstab_file, dest='/etc/fstab')

def pi_tmpfs():
    for line in [
            'tmpfs /var/log tmpfs defaults,noatime,mode=0755 0 0',
            'tmpfs /tmp tmpfs defaults,noatime 0 0',
    ]:
        files.line(path="/etc/fstab", line=line, replace=line)

    # stop SD card corruption (along with some mounts in fstab)
    apt.packages(packages=['dphys-swapfile'], present=False)


def no_sleep():
    server.shell(commands=['systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target'])


def nfs_server():
    # remove when we're on longhorn
    apt.packages(packages=['nfs-kernel-server'])
    files.template(src='templates/bang_exports.j2', dest='/etc/exports')


def smaller_journals():
    files.line(name='shorter systemctl log window, for disk space',
               path='/etc/systemd/journald.conf',
               line='MaxFileSec',
               replace="MaxFileSec=7day")


def web_forward():
    for port in [80, 443]:
        svc = f'web_forward_{port}'
        files.template(src="templates/webforward.service.j2",
                       dest=f"/etc/systemd/system/{svc}.service",
                       serv_host='bang',
                       port=port,
                       name='web',
                       fam='tcp')
        systemd.service(service=svc, enabled=True, restarted=True)

def minecraft_forward():
    port = 25765
    for fam in ['tcp', 'udp']:
        svc = f'mc_smp_{fam}_forward_{port}'
        files.template(src="templates/webforward.service.j2",
                       dest=f"/etc/systemd/system/{svc}.service",
                       serv_host='ditto',
                       port=port,
                       name='mc_smp',
                       fam=fam)
        systemd.service(service=svc, enabled=True, restarted=True)

server.hostname(hostname=host.name)
timezone()
fstab()

if not is_pi:
    files.line(path='/etc/update-manager/release-upgrades', line="^Prompt=", replace="Prompt=normal")

if is_pi and host.name != 'pipe':
    pi_tmpfs()

if host.name in ['bang', 'pipe', 'ditto']:
    no_sleep()

if host.name in ['bang', 'ditto']:
    nfs_server()

if host.name == 'prime':
    smaller_journals()
    web_forward()
    minecraft_forward()

# for space, consider:
# k3s crictl rmi --prune
# snap list --all | while read snapname ver rev trk pub notes; do if [[ $notes = *disabled* ]]; then snap remove "$snapname" --revision="$rev"; fi; done
# podman system reset