Mercurial > code > home > repos > infra

view apt.py @ 230:8ef74d3a11ac

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
rm redundant file that makes errors
author drewp@bigasterisk.com
date Mon, 09 Oct 2023 16:55:03 -0700
parents adb34a04ca43
children 19a7f714273c
line wrap: on
line source

from pathlib import Path
from pyinfra import host
from pyinfra.facts.files import FindFiles
from pyinfra.facts.server import Arch, LinuxDistribution
from pyinfra.operations import apt, files, server

TZ = 'America/Los_Angeles'


def pkg_keys():
    files.directory(path='/etc/apt/keyrings/')  # for raspi
    for url, name in [
        ('https://repo.steampowered.com/steam/archive/stable/steam.gpg', 'steam.gpg'),
    ]:
        files.download(src=url, dest=f'/etc/apt/keyrings/{name}')

    # vscode keeps making this, but I fetch my own
    files.file(path='/etc/apt/trusted.gpg.d/microsoft.gpg', present=True)

    # and it makes this, which is redundant with my sources.list template line
    files.file(path='/etc/apt/sources.list.d/vscode.list', present=False)

    server.shell(commands=[
        f"curl -fsSL {url} | gpg --dearmor > /etc/apt/keyrings/{name}" for (url, name) in [
            ('https://packages.microsoft.com/keys/microsoft.asc', 'ms.gpg'),
            ('https://deb.nodesource.com/gpgkey/nodesource.gpg.key', 'nodesource.gpg'),
            ('https://dl.google.com/linux/linux_signing_key.pub', 'chrome.gpg'),
            ('https://ftp-master.debian.org/keys/archive-key-11.asc', 'bullseye.gpg'),
            ('https://ftp-master.debian.org/keys/archive-key-11-security.asc', 'bullseye-security.gpg'),
            ('https://packages.cloud.google.com/apt/doc/apt-key.gpg', 'coral.gpg'),
        ]
    ])
    if host.get_fact(Arch) == 'armv7l' or host.name == 'bang':  # I mean raspbian/debian
        # this contaminates the apt-update
        files.file(path="/etc/apt/trusted.gpg.d/podman.asc", present=False)

    # also these
    #-rw-r--r-- 1 root root 2794 Mar 26  2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
    #-rw-r--r-- 1 root root 1733 Mar 26  2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg

dir = Path('/etc/apt/sources.list.d')


def clear_known_sources_files(known=[dir / 'vscode.list']):
    found = map(Path, host.get_fact(FindFiles, dir, quote_path=True))
    if set(found) - set(known):
        raise SystemExit(f"new files in {host.name} /etc/apt/sources.list.d/ - please remove")
    for f in known:
        files.file(path=f, present=False)


def apt_sources():
    if host.get_fact(Arch) == 'x86_64':
        server.shell(commands=['dpkg --add-architecture i386'])

    files.template(src='templates/sources.list.j2', dest='/etc/apt/sources.list')

    clear_known_sources_files()
    apt.packages(update=True,
                 cache_time=86400,
                 packages=['tzdata'],
                 force=True,
                 _env={
                     'TZ': TZ,
                     'LANG': 'en_US.UTF-8',
                     'DEBIAN_FRONTEND': 'noninteractive'
                 })

    # squib 1st setup seemed to need more updates for node(nodesource)
    # and steam-launcher


pkg_keys()
apt_sources()