def uninstall(state=None, host=None): supported_schema_versions = [ v1beta3.HttpData, ] validate_schema_version(host.data.http, supported_schema_versions) if 'apache2.service' in host.fact.systemd_status: systemd.service( name='Stop apache2', service='apache2', running=False, sudo=True, state=state, host=host, ) files.file( name='Remove custom config', path=str(Path('/etc') / 'apache2' / 'conf-available' / 'root.conf'), present=False, sudo=True, state=state, host=host, ) apt.packages( name='Ensure apache2 package is not present', packages=['apache2'], present=False, sudo=True, state=state, host=host, )
def _apt_install_certbot(state, host): # only tested in ubuntu 20.04, may need to add a repo for support elsewhere apt.packages( state, host, {"Install certbot via apt"}, "certbot", present=True, )
def configure(state=None, host=None): supported_schema_versions = [ v1beta3.HttpData, ] validate_schema_version(host.data.http, supported_schema_versions) apt.packages( name='Install package', packages=['apache2'], sudo=True, state=state, host=host, ) files.directory( name=f'Ensure HTTP root dir {host.data.http.root_dir}', path=str(host.data.http.root_dir), present=True, recursive=True, sudo=True, state=state, host=host, ) apache_conf = files.template( name='Render config file', src=str(deploy_dir / 'templates' / 'apache2-directory.conf.j2'), dest=str(Path('/etc') / 'apache2' / 'conf-available' / 'root.conf'), mode='744', user='******', group='root', sudo=True, http=host.data.http, state=state, host=host, ) server.shell( name='Enable root.conf', commands=['a2enconf root'], sudo=True, state=state, host=host, ) systemd.service( name='Restart apache2', service='apache2', running=True, restarted=apache_conf.changed, sudo=True, state=state, host=host, )
def install_baseline_packages(packages: List[str] = None, state=None, host=None, sudo=True): apt.packages( name="Install baseline packages for Debian based hosts", packages=packages or ["curl"], update=True, state=state, host=host, sudo=sudo, )
def configure(state=None, host=None): supported_schemas = [ v1beta3.DnsmasqData ] validate_schema_version(host.data.dnsmasq, supported_schemas) apt.packages( name='Install dnsmasq', packages=['dnsmasq'], sudo=True, state=state, host=host, ) if host.data.dnsmasq.tftp is not None: files.directory( name=f'Ensure TFTP root dir {host.data.dnsmasq.tftp.root_dir}', path=str(host.data.dnsmasq.tftp.root_dir), present=True, recursive=True, sudo=True, state=state, host=host, ) dnsmasq_conf = files.template( name='Render the dnsmasq config', src=str(deploy_dir / 'templates' / 'dnsmasq.conf.j2'), dest=str(Path('/etc') / 'dnsmasq.conf'), mode='744', user='******', group='root', sudo=True, dnsmasq=host.data.dnsmasq, state=state, host=host, ) systemd.service( name='Restart dnsmasq', service='dnsmasq', running=True, restarted=dnsmasq_conf.changed, sudo=True, state=state, host=host, )
def uninstall(state=None, host=None): supported_schemas = [ v1beta3.DnsmasqData ] validate_schema_version(host.data.dnsmasq, supported_schemas) if 'dnsmasq.service' in host.fact.systemd_status: systemd.service( name='Stop dnsmasq', service='dnsmasq', running=False, sudo=True, state=state, host=host, ) files.file( name='Remove dnsmasq config', path=str(Path('/etc') / 'dnsmasq.conf'), present=False, sudo=True, state=state, host=host, ) if host.data.dnsmasq.tftp is not None: files.directory( name=f'Remove TFTP root dir {host.data.dnsmasq.tftp.root_dir}', path=str(host.data.dnsmasq.tftp.root_dir), present=False, recursive=False, sudo=True, state=state, host=host, ) apt.packages( name='Ensure dnsmasq package is not present', packages=['dnsmasq'], present=False, sudo=True, state=state, host=host, )
'py3-pynacl', 'py3-virtualenv', 'python3-dev', ], ) if host.fact.linux_name in ['CentOS']: yum.packages( name='Install pip3 so you can install virtualenv', packages='python3-pip', ) if host.fact.linux_name in ['Ubuntu']: apt.packages( name='Install pip3 so you can install virtualenv', packages='python3-pip', update=True, ) if not host.fact.file('/usr/bin/pip'): files.link( name='Create link /usr/bin/pip that points to /usr/bin/pip3', path='/usr/bin/pip', target='/usr/bin/pip3', ) pip.packages( name='Install virtualenv using pip', packages='virtualenv', )
SUDO = True if host.fact.linux_name != 'Ubuntu': # Raises an exception mid-deploy python.raise_exception( name='Ensure we are Ubuntu', exception=NotImplementedError, args=('`postgresql.py` only works on Ubuntu',), ) apt.packages( name='Install postgresql server & client', packages=['postgresql'], update=True, cache_time=3600, ) # Setup a PostgreSQL role & database # postgresql.role( name='Create the pyinfra PostgreSQL role', role='pyinfra', password='******', superuser=True, login=True, sudo_user='******', )
""" Install all the packages for the base system. Do not urun this file directly. It won't work. Instead run: $ pyinfra @local __file__ """ from pyinfra.operations import apt, git USE_SUDO_PASSWORD = True # Note: # `iwyu` needs access to the clang-common resources for the version of libclang it was # built against. The easiest way to achieve this is to install the right `clang-common` # package. As of 2021-01 it is `clang-common-9-dev`. # apt.packages( name="C++ Development Environment / Install Core Packages", packages=[ "build-essential", "cmake", "cmake-qt-gui", "clang", "iwyu", "clang-common-9-dev" ], latest=True, sudo=True, )
from pyinfra import host from pyinfra.facts.server import LinuxDistribution, LinuxName from pyinfra.operations import apt code_name = host.get_fact(LinuxDistribution)["release_meta"].get("CODENAME") if host.get_fact(LinuxName) in ["Debian", "Ubuntu"]: apt.packages( name="Install some packages", packages=["vim-addon-manager", "vim", "software-properties-common", "wget", "curl"], update=True, ) # NOTE: the bitcoin PPA is no longer supported # apt.ppa( # {'Add the Bitcoin ppa'}, # 'ppa:bitcoin/bitcoin', # ) # # apt.packages( # {'Install Bitcoin'}, # 'bitcoin-qt', # update=True, # ) apt.deb( name="Install Chrome via deb", src="https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb", )
from pyinfra import host, state from pyinfra.operations import apt, files, mysql, python SUDO = True if host.fact.linux_name != 'Debian': # Raises an exception mid-deploy python.raise_exception( name='Ensure we are Debian', exception=NotImplementedError, args=('`mysql.py` only works on Debian', ), ) apt.packages( name='Install mysql server & client', packages=['mysql-server'], update=True, cache_time=3600, ) # Setup a MySQL role & database # mysql.user( name='Create the pyinfra@localhost MySQL user', user='******', password='******', ) mysql.database( name='Create the pyinfra_stuff database', database='pyinfra_stuff',
) server.group(group="somegroup", ) # Add/remove same apt repo apt.repo( src="deb https://download.virtualbox.org/virtualbox/debian bionic contrib", ) apt.repo( src="deb https://download.virtualbox.org/virtualbox/debian bionic contrib", present=False, ) # Add/remove same apt package apt.packages(packages=["htop"], ) apt.packages( packages=["htop"], present=False, ) # Add/remove/add same brew tap brew.tap("sometap/somewhere", ) brew.tap( "sometap/somewhere", present=False, ) brew.tap("sometap/somewhere", )
def check_docker_works(state, host): command = 'docker run hello-world' status, stdout, stderr = host.run_shell_command(state, command=command, sudo=SUDO) if not status or 'Hello from Docker!' not in stdout: raise Exception('`{}` did not work as expected'.format(command)) if host.fact.linux_name == 'Ubuntu': apt.packages( {'Ensure old docker packages are not present'}, [ 'docker', 'docker-engine', 'docker.io', 'containerd runc', ], present=False, ) apt.packages( {'Ensure Docker CE prerequisites are present'}, [ 'apt-transport-https', 'ca-certificates', 'curl', 'gnupg-agent', 'software-properties-common', ], update=True,
def install_hashicorp_products(hashicorp_products: List[HashicorpProduct], state=None, host=None): apt.packages( name="Ensure unzip is installed", packages=["unzip"], update=True, state=state, host=host, ) for product in hashicorp_products: server.user( name=f"Create system user for {product.name}", user=product.name, system=True, shell="/bin/false", # noqa: S604 state=state, host=host, ) if linux_family(host.fact.linux_name).lower == "debian": cpu_arch = host.fact.debian_cpu_arch elif linux_family(host.fact.linux_name).lower == "redhat": cpu_arch = host.fact.redhat_cpu_arch else: cpu_arch = "amd64" file_download = f"{product.name}_{product.version}_linux_{cpu_arch}.zip" file_hashes = ( httpx.get( "https://releases.hashicorp.com/{product_name}/{product_version}/{product_name}_{product_version}_SHA256SUMS" .format( # noqa: E501 product_name=product.name, product_version=product.version)).read().decode( "utf8").strip("\n").split("\n")) file_hash_map = { file_hash.split()[1]: file_hash.split()[0] for file_hash in file_hashes } download_destination = f"/tmp/{product.name}.zip" # noqa: S108 target_directory = product.install_directory or "/usr/local/bin/" download_binary = files.download( name=f"Download {product.name} archive", src= f"https://releases.hashicorp.com/{product.name}/{product.version}/{file_download}", # noqa: WPS221,E501 dest=download_destination, sha256sum=file_hash_map[file_download], state=state, host=host, ) server.shell( name=f"Unzip {product.name}", commands=[ f"unzip -o {download_destination} -d {target_directory}" ], state=state, host=host, ) files.file( name=f"Ensure {product.name} binary is executable", path=Path(target_directory).joinpath(product.name), assume_present=download_binary.changed, user=product.name, group=product.name, mode="755", state=state, host=host, ) files.directory( name=f"Ensure configuration directory for {product.name}", path=product.configuration_directory or product.configuration_file.parent, present=True, user=product.name, group=product.name, recursive=True, state=state, host=host, ) if hasattr(product, "data_directory"): # noqa: WPS421 files.directory( name=f"Create data directory for {product.name}", path=product.data_directory, present=True, user=product.name, group=product.name, recursive=True, state=state, host=host, )
from pyinfra import host from pyinfra.operations import apt, server, yum SUDO = True if host.fact.linux_name in ['CentOS', 'RedHat']: yum.packages( name='Install some packages', packages=['cronie'], update=True, ) if host.fact.linux_name in ['Ubuntu']: apt.packages( name='Install some packages', packages=['cron'], update=True, ) # simple example for a crontab server.crontab( name='Backup /etc weekly', command='/bin/tar cf /tmp/etc_bup.tar /etc', cron_name='backup_etc', day_of_week=0, hour=1, minute=0, ) server.group( name='Create docker group',
config.SUDO = True # If you change pxe_server value below then check/change Vagrantfile pxe_server = "192.168.0.240" dns_server = "192.168.0.1" interface = "eth1" dhcp_start = "192.168.0.220" dhcp_end = "192.168.0.230" # setup pxe infra if host.get_fact(LinuxName) == "Ubuntu": apt.packages( name="Install packages", packages=["dnsmasq"], update=True, ) tftp_dir = "/srv/tftp" files.directory( name="Ensure the `{}` exists".format(tftp_dir), path=tftp_dir, ) tar_file = "netboot.tar.gz" tar_file_full_path = "/tmp/{}".format(tar_file) files.download( name="Download `{}`".format(tar_file), src="http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/" "installer-amd64/current/images/netboot/{}".format(tar_file),
"py3-pynacl", "py3-virtualenv", "python3-dev", ], ) if host.get_fact(LinuxName) in ["CentOS"]: yum.packages( name="Install pip3 so you can install virtualenv", packages=["python3-pip", "python3-devel", "gcc-c++", "make"], ) if host.get_fact(LinuxName) in ["Ubuntu"]: apt.packages( name="Install pip3 so you can install virtualenv", packages="python3-pip", update=True, ) if not host.get_fact(File, path="/usr/bin/pip"): files.link( name="Create link /usr/bin/pip that points to /usr/bin/pip3", path="/usr/bin/pip", target="/usr/bin/pip3", ) pip.packages( name="Install virtualenv using pip", packages="virtualenv", )
""" Install Owncloud-Dektop packages. Do not run this file directly. It won't work. Instead run: $ pyinfra @local __file__ """ from pyinfra.operations import apt USE_SUDO_PASSWORD = True apt.key( name="Install Packages / Owncloud / Add GPG Key", src="https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_20.04/Release.key", sudo=True, ) apt.repo( name="Install Packages / Owncloud / Add Repo", src="deb https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_20.04/ /", filename="owncloud", sudo=True, ) apt.packages( name="Install Packages / Owncloud / Install Package", packages=["owncloud-client"], sudo=True, update=True, )
from pyinfra import host from pyinfra.operations import apt, server, files SUDO = False apt.packages( name='Install utilities', packages=['curl', 'git', 'unzip', 'vim', 'wget'], update=True, ) apt.packages( name='Install php7.2', packages=[ 'php7.2', 'php7.2-dom', 'php7.2-gd', 'php7.2-zip', 'php7.2-cli', 'php7.2-mbstring' ], update=True, ) apt.packages( name='Install nodejs', packages=['nodejs', 'npm'], update=True, ) apt.packages( name='Install composer', packages=['composer'], update=True, )
from pyinfra import host from pyinfra.operations import apt, server, yum SUDO = True if host.fact.linux_name in ['CentOS', 'RedHat']: yum.packages( {'Install some packages'}, ['cronie'], update=True, ) if host.fact.linux_name in ['Ubuntu']: apt.packages( {'Install some packages'}, ['cron'], update=True, ) # simple example for a crontab server.crontab( {'Backup /etc weekly'}, '/bin/tar cf /tmp/etc_bup.tar /etc', name='backup_etc', day_of_week=0, hour=1, minute=0, ) server.group( {'Create docker group'},
from pyinfra import host from pyinfra.operations import apt, gem SUDO = True if host.fact.linux_name in ['Debian', 'Ubuntu']: apt.packages( name='Install rubygems', packages=['rubygems'], update=True, ) gem.packages( name='Install rspec', packages=['rspec'], )
from pyinfra import host from pyinfra.operations import apt SUDO = False apt.packages( name='Install python', packages=['python3', 'python3-pip'], update=True, )
from pyinfra import host from pyinfra.operations import apt SUDO = True code_name = host.fact.linux_distribution['release_meta'].get('CODENAME') print(host.fact.linux_name, code_name) if host.fact.linux_name in ['Debian', 'Ubuntu']: apt.packages( name='Install some packages', packages=[ 'vim-addon-manager', 'vim', 'software-properties-common', 'wget', 'curl' ], update=True, ) # NOTE: the bitcoin PPA is no longer supported # apt.ppa( # {'Add the Bitcoin ppa'}, # 'ppa:bitcoin/bitcoin', # ) # # apt.packages( # {'Install Bitcoin'}, # 'bitcoin-qt', # update=True, # )
from pyinfra import host, state from pyinfra.operations import apt, files, mysql, python SUDO = True if host.fact.linux_name != 'Debian': # Raises an exception mid-deploy python.raise_exception( {'Ensure we are Debian'}, NotImplementedError, '`mysql.py` only works on Debian', ) apt.packages( {'Install mysql server & client'}, ['mysql-server'], update=True, cache_time=3600, ) # Setup a MySQL role & database # mysql.user( {'Create the pyinfra@localhost MySQL user'}, 'pyinfra', password='******', ) mysql.database( {'Create the pyinfra_stuff database'}, 'pyinfra_stuff',
def verify_virtualbox_version(state, host, version): command = '/usr/bin/virtualbox --help' status, stdout, stderr = host.run_shell_command(state, command=command, sudo=SUDO) assert status is True # ensure the command executed OK if version not in str(stdout): raise Exception('`{}` did not work as expected.stdout:{} stderr:{}'.format( command, stdout, stderr)) if host.fact.linux_name == 'Ubuntu': code_name = host.fact.linux_distribution['release_meta'].get('DISTRIB_CODENAME') print(host.fact.linux_name, code_name) apt.packages( {'Install packages'}, ['wget'], update=True, ) apt.key( {'Install VirtualBox key'}, 'https://www.virtualbox.org/download/oracle_vbox_2016.asc', ) apt.repo( {'Install VirtualBox repo'}, 'deb https://download.virtualbox.org/virtualbox/debian {} contrib'.format(code_name), ) # install kernel headers # Note: host.fact.os_version is the same as `uname -r` (ex: '4.15.0-72-generic')
apt.key( name="Install Packages / ROS / Add GPG Key", keyserver="keyserver.ubuntu.com", keyid="C1CF6E31E6BADE8868B172B4F42ED6FBAB17C654", sudo=True, ) apt.repo( name="Install Packages / ROS / Add Repo", src="deb http://packages.ros.org/ros/ubuntu focal main", filename="owncloud", sudo=True, ) # Note: catkin tools is broken until the OSRF push new packages. # See this issue for a fix: # https://github.com/catkin/catkin_tools/issues/594 # The interim solution is install the git version: # pipx install "git+https://github.com/catkin/catkin_tools.git" apt.packages( name="Install Packages / ROS / Install Packages", packages=[f"ros-{ROS_VERSION}-desktop", "python3-rosdep"]) sudo=True, update=True, ) # TODO: sudo rosdep init && rosdep update # to install workspace package. # rosdep install --from-paths src --ignore-src -r -y
command = 'vagrant --version' status, stdout, stderr = host.run_shell_command(state, command=command, sudo=SUDO) assert status is True # ensure the command executed OK if 'Vagrant ' not in str(stdout): raise Exception( '`{}` did not work as expected.stdout:{} stderr:{}'.format( command, stdout, stderr)) if host.fact.linux_name == 'Ubuntu': apt.packages( {'Install required packages'}, ['wget', 'unzip', 'python3'], update=True, ) files.download( {'Download the Vagrantup Downloads page'}, 'https://www.vagrantup.com/downloads.html', '/tmp/downloads.html', ) server.script_template( {'Use wget to download and unzip to /usr/local/bin'}, 'templates/download_vagrant.bash.j2', ) python.call(
from pyinfra import host from pyinfra.operations import apt, files SUDO = True if host.fact.linux_name == 'Ubuntu': apt.packages( name='Install wget', packages=['wget'], update=True, ) # Full URL: # http://dl-cdn.alpinelinux.org/alpine/v3.11/releases/x86_64/alpine-netboot-3.11.2-x86_64.tar.gz # sha256 is here # http://dl-cdn.alpinelinux.org/alpine/v3.11/releases/x86_64/alpine-netboot-3.11.2-x86_64.tar.gz.sha256 tarfile = 'alpine-netboot-3.11.2-x86_64.tar.gz' tarfile_full_path = '/tmp/{}'.format(tarfile) sha256file = tarfile + '.sha256' sha256file_full_path = '/tmp/{}'.format(sha256file) # TODO: Check if download was successful files.download( name='Download `{}`'.format(tarfile), src='http://dl-cdn.alpinelinux.org/alpine/v3.11/releases/x86_64/{}'.format(tarfile), dest=tarfile_full_path, ) files.download( name='Download `{}`'.format(sha256file),
def install_caddy(caddy_config: CaddyConfig, state=None, host=None): if caddy_config.plugins: caddy_user = "******" server.user( name="Create system user for Caddy", user=caddy_user, system=True, ensure_home=False, state=state, host=host, ) caddy_install = files.download( name="Download custom build of Caddy", dest="/usr/local/bin/caddy", src=caddy_config.custom_download_url(), mode=DEFAULT_DIRECTORY_MODE, state=state, host=host, ) files.directory( name="Create Caddy configuration directory", path="/etc/caddy/", user=caddy_user, group=caddy_user, present=True, recursive=True, state=state, host=host, ) files.directory( name="Create Caddy configuration directory", path=caddy_config.data_directory, user=caddy_user, group=caddy_user, present=True, recursive=True, state=state, host=host, ) files.template( name="Create SystemD service definition for Caddy", dest="/usr/lib/systemd/system/caddy.service", src=Path(__file__).parent.joinpath("templates/caddy.service.j2"), state=state, host=host, ) else: apt.key( name="Add Caddy repository GPG key", src="https://dl.cloudsmith.io/public/caddy/stable/gpg.key", state=state, host=host, ) apt.repo( name="Set up Caddy APT repository", src="deb https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main", # noqa: E501 present=True, filename="caddy.list", state=state, host=host, ) caddy_install = apt.packages( name="Install Caddy from APT", packages=["caddy"], present=True, latest=True, update=True, state=state, host=host, ) if caddy_config.log_file: files.directory( name="Crate Caddy log directory", path=caddy_config.log_file.parent, user=caddy_user, present=True, state=state, host=host, ) return caddy_install.changed
REGOLITH_VARIANT = "regolith-desktop-mobile" # For desktops # REGOLITH_VARIANT = "regolith-desktop" apt.ppa( name="Install Package / Regolith Linux / Add PPA", src="ppa:regolith-linux/stable", sudo=True, ) # TODO: install i3bar applets apt.packages( name="Install Package / Regolith Linux / Install Package", packages=REGOLITH_VARIANT, latest=True, sudo=True, update=True, ) # apt.packages( # name="Install Package / Regolith Linux / Install Blocklets", # packages=[ # "i3xrocks-battery", "i3xrocks-media-player", "i3xrocks-nm-vpn", # "i3xrocks-time", "i3xrocks-volume", "i3xrocks-wifi", # ], # latest=True, sudo=True, # ) # TODO: check if this is still required, VPN has isssues on Ubuntu 18.04, maybe fixed in 20.04 ? # See: https://github.com/regolith-linux/regolith-desktop/issues/64