Mercurial > code > home > repos > infra
changeset 275:058c312ffdce
new host `pillow`
| author | drewp@bigasterisk.com |
|---|---|
| date | Sat, 23 Mar 2024 14:20:20 -0700 |
| parents | e9ff0339b096 |
| children | 7f79cbbb6f24 |
| files | inventory.py net.py packages.py sync.py templates/dnsmasq/hosts.j2 templates/sources.list.j2 templates/wireguard/wg0.conf.j2 users.py wireguard_pubkey.py |
| diffstat | 9 files changed, 14 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/inventory.py Sun Mar 03 21:03:35 2024 -0800 +++ b/inventory.py Sat Mar 23 14:20:20 2024 -0700 @@ -18,4 +18,5 @@ remote = [ ('prime', { 'wireguard_address': '10.5.0.2', 'ssh_hostname': '162.243.138.136','mac': '04:01:09:7f:89:01',}), ('plus', { 'wireguard_address': '10.5.0.110','ssh_hostname': '10.2.0.35', }), + ('pillow', { 'wireguard_address': '10.5.0.111','ssh_hostname':'10.5.0.111',}), ]
--- a/net.py Sun Mar 03 21:03:35 2024 -0800 +++ b/net.py Sat Mar 23 14:20:20 2024 -0700 @@ -39,7 +39,7 @@ ]) # needs reboot if this changed -if host.name in ['slash', 'dash', 'dot', 'squib']: +if host.name in ['slash', 'dash', 'dot', 'squib', 'pillow']: pass # don't break k3s networking! the else-part really breaks it else: server.sysctl(key='net.ipv6.conf.all.disable_ipv6', value=1, persist=True) @@ -102,4 +102,4 @@ # TODO this breaks wg on garage, i think. workaround: if host.name == 'garage': - server.shell('ip -4 address add 10.5.0.14/24 dev wg0') \ No newline at end of file + server.shell('ip -4 address add 10.5.0.14/24 dev wg0')
--- a/packages.py Sun Mar 03 21:03:35 2024 -0800 +++ b/packages.py Sat Mar 23 14:20:20 2024 -0700 @@ -114,7 +114,7 @@ files.template(src="templates/pigpiod.service.j2", dest="/etc/systemd/system/pigpiod.service") systemd.service(service='pigpiod', daemon_reload=True, enabled=True) -desktop_env = host.name in ['dash', 'slash', 'plus', 'dot', 'squib'] +desktop_env = host.name in ['dash', 'slash', 'plus', 'dot', 'squib', 'pillow'] if desktop_env: apt.packages(packages=package_lists.xorg + package_lists.desktop, **kw) roblox()
--- a/sync.py Sun Mar 03 21:03:35 2024 -0800 +++ b/sync.py Sat Mar 23 14:20:20 2024 -0700 @@ -42,7 +42,7 @@ # primary instance is in k8s (/my/serv/filesync/syncthing); the rest are run with systemd. # Configs are in ~/.config/syncthing/ on each box -if host.name in ['dash', 'dot', 'slash', 'plus', 'bang' ,'ditto']: +if host.name in ['dash', 'dot', 'slash', 'plus', 'bang' ,'ditto', 'pillow']: apt.packages(packages=['syncthing'], present=False) user = 'ari' if host.name == 'dot' else 'drewp'
--- a/templates/dnsmasq/hosts.j2 Sun Mar 03 21:03:35 2024 -0800 +++ b/templates/dnsmasq/hosts.j2 Sat Mar 23 14:20:20 2024 -0700 @@ -27,6 +27,7 @@ 10.5.0.17 frontbed5.bigasterisk.com 10.5.0.30 dot5.bigasterisk.com 10.5.0.110 plus5.bigasterisk.com +10.5.0.111 pillow.bigasterisk.com pillow5.bigasterisk.com 10.5.0.112 drew-note5.bigasterisk.com {% if net == '10.2' %}
--- a/templates/sources.list.j2 Sun Mar 03 21:03:35 2024 -0800 +++ b/templates/sources.list.j2 Sat Mar 23 14:20:20 2024 -0700 @@ -1,13 +1,13 @@ # written by pyinfra -{% if host.name in ['dash', 'squib', 'slash', 'dot', 'plus', 'ditto'] %} +{% if host.name in ['dash', 'squib', 'slash', 'dot', 'plus', 'ditto', 'pillow'] %} deb [arch=amd64,arm64,armhf signed-by=/etc/apt/keyrings/ms.gpg] http://packages.microsoft.com/repos/code stable main deb [arch=amd64 signed-by=/etc/apt/keyrings/chrome.gpg] http://dl.google.com/linux/chrome/deb/ stable main deb [arch=amd64,i386 signed-by=/usr/share/keyrings/steam.gpg] https://repo.steampowered.com/steam/ stable steam deb [signed-by=/etc/apt/keyrings/unityhub.gpg] https://hub.unity3d.com/linux/repos/deb stable main {% endif %} -{% if host.name in ['dash', 'squib', 'plus', 'bang', 'slash', 'dot', 'ditto'] %} +{% if host.name in ['dash', 'squib', 'plus', 'bang', 'slash', 'dot', 'ditto', 'pillow'] %} deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main {% endif %} @@ -20,7 +20,7 @@ deb [signed-by=/etc/apt/keyrings/coral.gpg] https://packages.cloud.google.com/apt coral-edgetpu-stable main {% endif %} -{% if host.name in ['dash', 'squib', 'plus', 'bang', 'slash', 'dot', 'prime', 'ditto'] %} +{% if host.name in ['dash', 'squib', 'plus', 'bang', 'slash', 'dot', 'prime', 'ditto', 'pillow'] %} deb http://us.archive.ubuntu.com/ubuntu mantic main restricted deb http://us.archive.ubuntu.com/ubuntu mantic multiverse deb http://us.archive.ubuntu.com/ubuntu mantic universe
--- a/templates/wireguard/wg0.conf.j2 Sun Mar 03 21:03:35 2024 -0800 +++ b/templates/wireguard/wg0.conf.j2 Sat Mar 23 14:20:20 2024 -0700 @@ -21,7 +21,9 @@ {{ peer_block('ditto', '10.5.0.0/24') }} {{ peer_block('drew-note10', '10.5.0.112/32') }} {{ peer_block('plus', '10.5.0.110/32', 'public.bigasterisk.com:1195') }} -{% elif host.name == 'plus' %} + {{ peer_block('pillow', '10.5.0.111/32', 'public.bigasterisk.com:1195') }} + +{% elif host.name in ['plus','pillow'] %} {{ peer_block('prime', '10.5.0.0/24', 'public.bigasterisk.com:1195', 50) }} {# {{ peer_block('ditto', '10.5.0.0/24', 'ditto:1195', 50) }} #} {% else %}
--- a/users.py Sun Mar 03 21:03:35 2024 -0800 +++ b/users.py Sat Mar 23 14:20:20 2024 -0700 @@ -8,7 +8,7 @@ # setups so hopefully it won't matter much that drew group has a # different id. drewp_gid = 1000 if (not is_pi and host.name != 'pipe') else 501 -drewp_uid = 501 +drewp_uid = 501 if host.name != 'pillow' else 1000 drewp_groups = [ 'lp', 'adm', 'dialout', 'cdrom', 'sudo', 'audio', 'video', 'plugdev', 'games', 'users', 'netdev', 'i2c', 'input', 'spi', 'gpio', 'fuse',
--- a/wireguard_pubkey.py Sun Mar 03 21:03:35 2024 -0800 +++ b/wireguard_pubkey.py Sat Mar 23 14:20:20 2024 -0700 @@ -10,6 +10,7 @@ 'plus': 'hRCwLRUGY3hYNHwsmxSmAPWqAvMr+ZM6IVAte8tLVyU=', 'prime': 'vR9lfsUSOIMxkY/k2gRJ6E8ZudccfPpVhrbE9zuxalU=', 'slash': 'dZSvwUPLKPrBWY66o8GNeWCcol6lK5QG80HLtOnCRko=', + 'pillow': 'gi54uHkV3WQWvU7b90oZV9ss69kqyeDerkaRk1dYziU=', } pubkey.update({