def update_hosts_file(name, ip): files.line( name='Add hosts to /etc/hosts', path='/etc/hosts', line=r' {}.example.com '.format(name), replace='{} {}.example.com {}'.format(ip, name, name), )
def update_hosts_file(name, ip): files.line( name="Add hosts to /etc/hosts", path="/etc/hosts", line=r" {}.example.com ".format(name), replace="{} {}.example.com {}".format(ip, name, name), )
def update_hosts_file(name, ip): name = name.replace('@vagrant/', '') files.line( {'Add hosts to /etc/hosts'}, '/etc/hosts', r' {}.example.com '.format(name), replace='{} {}.example.com {}'.format(ip, name, name), )
yum.packages( name='Install chrony for Network Time Protocol (NTP)', packages=['chrony'], ) major = host.fact.linux_distribution['major'] yum.rpm( name='Install Puppet Repo', src='https://yum.puppet.com/puppet6-release-el-{}.noarch.rpm'.format( major), ) files.line( name='Ensure SELINUX is disabled', path='/etc/sysconfig/selinux', line=r'SELINUX=.*', replace='SELINUX=disabled', ) # TODO: should reboot after SELINUX is disabled (how to check/easy way to reboot) # TODO: how to determine when reboot is complete # TODO: run sestatus if host in masters: install = yum.packages( name='Install puppet server', packages=['puppetserver'], ) config = files.template(
dest=f'/etc/hostname.{WG_IF}', mode='640') server.shell( name='Configure wireguard interface', commands=[f'sh /etc/netstart ${WG_IF}'], ) server.shell( name='Enable IPv4 packet forwarding', commands=['sysctl net.inet.ip.forwarding=1'], ) files.line( name='Persist IPv4 packet forwarding', path='/etc/sysctl.conf', line=r'^net.inet.ip.forwarding=', replace='net.inet.ip.forwarding=1', ) if IPV6NETWORK: server.shell( name='Enable IPv6 packet forwarding', commands=['sysctl net.inet6.ip6.forwarding=1'], ) files.line( name='Persist IPv4 packet forwarding', path='/etc/sysctl.conf', line=r'^net.inet6.ip6.forwarding=', replace='net.inet6.ip6.forwarding=1', )
files.template( name='Create index.html', src='templates/index.html.j2', dest='/web/index.html', ) files.link( name='Create link /web/index.htm that points to /web/index.html', path='/web/index.htm', target='/web/index.html', ) # Note: Allowing sudo to python is not a very secure. files.line( name='Ensure myweb can run /usr/bin/python3 without password', path='/etc/sudoers', line=r'myweb .*', replace='myweb ALL=(ALL) NOPASSWD: /usr/bin/python3', ) server.shell( name='Check that sudoers file is ok', commands='visudo -c', ) init.systemd( name='Restart and enable myweb', service='myweb', running=True, restarted=True, enabled=True, daemon_reload=True,
{'Ensure the directory `{}` exists'.format(dir)}, dir, ) init.systemd( {'Restart and enable dnsmasq'}, 'dnsmasq', running=True, restarted=True, enabled=True, ) files.line( {'Ensure /netboot/nfs is in /etc/exports'}, '/etc/exports', r'/netboot/nfs .*', replace='/netboot/nfs *(ro,sync,no_wdelay,insecure_locks,' 'no_root_squash,insecure,no_subtree_check)', ) server.shell( {'Make share available'}, 'exportfs -a', ) if not host.fact.file('/netboot/tftp/pxelinux.0'): server.shell( {'Copy pxelinux.0 '}, 'cp -v /usr/lib/PXELINUX/pxelinux.0 /netboot/tftp/', )
) # prepare to do some maintenance maintenance_line = "SYSTEM IS DOWN FOR MAINTENANCE" # files.line( # name='Add the down-for-maintenance line in /etc/motd', # '/etc/motd', # maintenance_line, # ) # do some maintenance... # Then, after the maintenance is done, remove the maintenance line files.line( name="Remove the down-for-maintenance line in /etc/motd", path="/etc/motd", line=maintenance_line, replace="", present=False, ) files.replace( name="Change part of a line in a file", path="/etc/motd", match="verboten", replace="forbidden", ) # Sync local files/tempdir to remote /tmp/tempdir files.sync( name="Sync a local directory with remote", src="files/tempdir",
yum.packages( name="Install chrony for Network Time Protocol (NTP)", packages=["chrony"], ) major = host.get_fact(LinuxDistribution)["major"] yum.rpm( name="Install Puppet Repo", src="https://yum.puppet.com/puppet6-release-el-{}.noarch.rpm".format( major), ) files.line( name="Ensure SELINUX is disabled", path="/etc/sysconfig/selinux", line=r"SELINUX=.*", replace="SELINUX=disabled", ) # TODO: should reboot after SELINUX is disabled (how to check/easy way to reboot) # TODO: how to determine when reboot is complete # TODO: run sestatus if host in masters: install = yum.packages( name="Install puppet server", packages=["puppetserver"], ) config = files.template(
files.template( name="Create index.html", src="templates/index.html.j2", dest="/web/index.html", ) files.link( name="Create link /web/index.htm that points to /web/index.html", path="/web/index.htm", target="/web/index.html", ) # Note: Allowing sudo to python is not a very secure. files.line( name="Ensure myweb can run /usr/bin/python3 without password", path="/etc/sudoers", line=r"myweb .*", replace="myweb ALL=(ALL) NOPASSWD: /usr/bin/python3", ) server.shell( name="Check that sudoers file is ok", commands="visudo -c", ) init.systemd( name="Restart and enable myweb", service="myweb", running=True, restarted=True, enabled=True, daemon_reload=True,
) # prepare to do some maintenance maintenance_line = 'SYSTEM IS DOWN FOR MAINTENANCE' # files.line( # {'Add the down-for-maintenance line in /etc/motd'}, # '/etc/motd', # maintenance_line, # ) # do some maintenance... # Then, after the maintenance is done, remove the maintenance line files.line( {'Remove the down-for-maintenance line in /etc/motd'}, '/etc/motd', maintenance_line, replace='', present=False, ) files.replace( {'Change part of a line in a file'}, '/etc/motd', 'verboten', 'forbidden', ) # Sync local files/tempdir to remote /tmp/tempdir files.sync( {'Sync a local directory with remote'}, 'files/tempdir',
name="Ensure the directory `{}` exists".format(dir), path=dir, ) init.systemd( name="Restart and enable dnsmasq", service="dnsmasq", running=True, restarted=True, enabled=True, ) files.line( name="Ensure /netboot/nfs is in /etc/exports", path="/etc/exports", line=r"/netboot/nfs .*", replace="/netboot/nfs *(ro,sync,no_wdelay,insecure_locks," "no_root_squash,insecure,no_subtree_check)", ) server.shell( name="Make share available", commands="exportfs -a", ) if not host.get_fact(File, path="/netboot/tftp/pxelinux.0"): server.shell( name="Copy pxelinux.0 ", commands="cp -v /usr/lib/PXELINUX/pxelinux.0 /netboot/tftp/", )
from pyinfra import config from pyinfra.operations import files config.SUDO = True # Run: pyinfra @docker/ubuntu files_line_with_quotes.py line = 'QUOTAUSER=""' results = files.line( name='Example with double quotes (")', path="/etc/adduser.conf", line="^{}$".format(line), replace=line, ) print(results.changed)
from pyinfra.operations import files SUDO = True # Run: pyinfra @docker/ubuntu files_line_with_quotes.py line = 'QUOTAUSER=""' results = files.line( {'Example with double quotes (")'}, '/etc/adduser.conf', '^{}$'.format(line), replace=line, ) print(results.changed)
from pyinfra.operations import files, server ssh_keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMVk9i7FG7dc9r4ixwAJT7uPLH3UuqbwIgeZ7Ytmnpvv erin", "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH7FGLD5qvvoCoNpBtj1r6IWNhLh8tauLDUyMLQIYy8i ave@blur", "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK934lz+iT1NRyo6E6wbTxvfLI04bV0OX7aWuzVoMNPR luna@moon", ] for key in ssh_keys: files.line( "/root/.ssh/authorized_keys", key, present=True, )
) # prepare to do some maintenance maintenance_line = 'SYSTEM IS DOWN FOR MAINTENANCE' # files.line( # name='Add the down-for-maintenance line in /etc/motd', # '/etc/motd', # maintenance_line, # ) # do some maintenance... # Then, after the maintenance is done, remove the maintenance line files.line( name='Remove the down-for-maintenance line in /etc/motd', path='/etc/motd', line=maintenance_line, replace='', present=False, ) files.replace( name='Change part of a line in a file', path='/etc/motd', match='verboten', replace='forbidden', ) # Sync local files/tempdir to remote /tmp/tempdir files.sync( name='Sync a local directory with remote', src='files/tempdir',