def configure_hashicorp_product(product: HashicorpProduct,
state=None,
host=None):
put_results = []
for fpath, file_contents in product.render_configuration_files():
temp_src = tempfile.NamedTemporaryFile(delete=False, mode="w")
temp_src.write(file_contents)
put_results.append(
files.put(
name=f"Create configuration file {fpath} for {product.name}",
src=temp_src.name,
create_remote_dir=True,
user=product.name,
group=product.name,
dest=fpath,
state=state,
host=host,
))
temp_src.close()
if host.fact.has_systemd:
systemd.service(
name=f"Reload service for {product.name}",
service=product.name,
reloaded=any(upload_result.changed
for upload_result in put_results),
host=host,
state=state,
)
def proxy_consul_dns(state=None, host=None):
with tempfile.NamedTemporaryFile(delete=False, mode="w") as source_file:
source_file.write("[Resolve]\nDNS=127.0.0.1\nDomains=~consul")
files.put(
name=
"Configure systemd-resolved to resolve .consul domains locally",
dest="/etc/systemd/resolved.conf.d/consul.conf",
src=source_file.name,
create_remote_dir=True,
state=state,
host=host,
)
systemd.service(
name="Enable systemd-resolved",
service="systemd-resolved",
enable=True,
running=True,
state=state,
host=host,
)
for protocol in ("tcp", "udp"):
iptables.rule(
name=f"Route localhost {protocol} DNS queries to Consul port",
present=True,
table="nat",
protocol=protocol,
chain="OUTPUT",
append=True,
jump="REDIRECT",
destination="localhost",
destination_port=DEFAULT_DNS_PORT,
to_ports=CONSUL_DNS_PORT,
state=state,
host=host,
)
def uninstall(state=None, host=None):
supported_schema_versions = [
v1beta3.HttpData,
]
validate_schema_version(host.data.http, supported_schema_versions)
if 'apache2.service' in host.fact.systemd_status:
systemd.service(
name='Stop apache2',
service='apache2',
running=False,
sudo=True,
state=state,
host=host,
)
files.file(
name='Remove custom config',
path=str(Path('/etc') / 'apache2' / 'conf-available' / 'root.conf'),
present=False,
sudo=True,
state=state,
host=host,
)
apt.packages(
name='Ensure apache2 package is not present',
packages=['apache2'],
present=False,
sudo=True,
state=state,
host=host,
)
def register_concourse_service(
concourse_config: Union[ConcourseWebConfig, ConcourseWorkerConfig],
state=None,
host=None,
restart=False,
):
# Create Systemd unit to manage Concourse service
systemd_unit = files.template(
name="Create concourse Systemd unit definition",
src=Path(__file__).parent.joinpath("templates/concourse.service.j2"),
dest="/etc/systemd/system/concourse.service",
concourse_config=concourse_config,
state=state,
host=host,
)
# Enable Systemd service and ensure it is running
systemd.service(
name="Ensure Concourse service is enabled and running.",
service="concourse",
running=True,
enabled=True,
restarted=restart,
daemon_reload=systemd_unit.changed,
state=state,
host=host,
)
def configure(state=None, host=None):
supported_schema_versions = [
v1beta3.HttpData,
]
validate_schema_version(host.data.http, supported_schema_versions)
apt.packages(
name='Install package',
packages=['apache2'],
sudo=True,
state=state,
host=host,
)
files.directory(
name=f'Ensure HTTP root dir {host.data.http.root_dir}',
path=str(host.data.http.root_dir),
present=True,
recursive=True,
sudo=True,
state=state,
host=host,
)
apache_conf = files.template(
name='Render config file',
src=str(deploy_dir / 'templates' / 'apache2-directory.conf.j2'),
dest=str(Path('/etc') / 'apache2' / 'conf-available' / 'root.conf'),
mode='744',
user='******',
group='root',
sudo=True,
http=host.data.http,
state=state,
host=host,
)
server.shell(
name='Enable root.conf',
commands=['a2enconf root'],
sudo=True,
state=state,
host=host,
)
systemd.service(
name='Restart apache2',
service='apache2',
running=True,
restarted=apache_conf.changed,
sudo=True,
state=state,
host=host,
)
def caddy_service(
caddy_config: CaddyConfig, state=None, host=None, do_restart=False, do_reload=False
):
systemd.service(
name="Enable Caddy service",
service="caddy",
running=True,
enabled=True,
restarted=do_restart,
reloaded=do_reload,
daemon_reload=caddy_config.plugins is not None,
state=state,
host=host,
)
def configure(state=None, host=None):
supported_schemas = [
v1beta3.DnsmasqData
]
validate_schema_version(host.data.dnsmasq, supported_schemas)
apt.packages(
name='Install dnsmasq',
packages=['dnsmasq'],
sudo=True,
state=state, host=host,
)
if host.data.dnsmasq.tftp is not None:
files.directory(
name=f'Ensure TFTP root dir {host.data.dnsmasq.tftp.root_dir}',
path=str(host.data.dnsmasq.tftp.root_dir),
present=True,
recursive=True,
sudo=True,
state=state, host=host,
)
dnsmasq_conf = files.template(
name='Render the dnsmasq config',
src=str(deploy_dir / 'templates' / 'dnsmasq.conf.j2'),
dest=str(Path('/etc') / 'dnsmasq.conf'),
mode='744',
user='******',
group='root',
sudo=True,
dnsmasq=host.data.dnsmasq,
state=state, host=host,
)
systemd.service(
name='Restart dnsmasq',
service='dnsmasq',
running=True,
restarted=dnsmasq_conf.changed,
sudo=True,
state=state, host=host,
)
def uninstall(state=None, host=None):
supported_schemas = [
v1beta3.DnsmasqData
]
validate_schema_version(host.data.dnsmasq, supported_schemas)
if 'dnsmasq.service' in host.fact.systemd_status:
systemd.service(
name='Stop dnsmasq',
service='dnsmasq',
running=False,
sudo=True,
state=state, host=host,
)
files.file(
name='Remove dnsmasq config',
path=str(Path('/etc') / 'dnsmasq.conf'),
present=False,
sudo=True,
state=state, host=host,
)
if host.data.dnsmasq.tftp is not None:
files.directory(
name=f'Remove TFTP root dir {host.data.dnsmasq.tftp.root_dir}',
path=str(host.data.dnsmasq.tftp.root_dir),
present=False,
recursive=False,
sudo=True,
state=state, host=host,
)
apt.packages(
name='Ensure dnsmasq package is not present',
packages=['dnsmasq'],
present=False,
sudo=True,
state=state, host=host,
)
def register_services(hashicorp_products: List[HashicorpProduct],
state=None,
host=None):
for product in hashicorp_products:
systemd_unit = files.template(
name=f"Create service definition for {product.name}",
dest=f"/usr/lib/systemd/system/{product.name}.service",
src=Path(__file__).parent.joinpath("templates",
f"{product.name}.service.j2"),
context=product.systemd_template_context,
state=state,
host=host,
)
systemd.service(
name=f"Register service for {product.name}",
service=product.name,
running=True,
enabled=True,
daemon_reload=systemd_unit.changed,
state=state,
host=host,
)
present=False,
)
brew.tap("sometap/somewhere", )
# Add/change/add same git config
git.config(
"somekey",
"somevalue",
)
git.config(
"somekey",
"someothervalue",
)
git.config(
"somekey",
"somevalue",
)
# Start/stop/start same systemd service
systemd.service("someservice", )
systemd.service(
"someservice",
running=False,
)
systemd.service("someservice", )
sudo=True,
)
files.download(
name=f'Download bootloader {bootloader["source_url"]}',
src=str(bootloader["source_url"]),
dest=str(bootloader_dir / bootloader["source_url"].split('/')[-1]),
sha256sum=bootloader["sha256sum"],
sudo=True,
)
dnsmasq_conf = files.template(
name='Render the dnsmasq config',
src='templates/pxe/dnsmasq.conf.j2',
dest='/etc/dnsmasq.conf',
mode='744',
user='******',
group='root',
sudo=True,
dnsmasq=host.data.dnsmasq,
machines=host.data.machines,
)
systemd.service(
name='Restart dnsmasq',
service='dnsmasq',
running=True,
restarted=dnsmasq_conf.changed,
sudo=True,
)
from pyinfra import host
from pyinfra.facts.server import *
from pyinfra.operations import files
from pyinfra.operations import git
from pyinfra.operations import systemd
home = host.get_fact(Home)
git.repo(name="Clone startpage",
src="https://github.com/blankaex/devola",
dest=f"{home}/.local/src/devola")
files.template(name="Deploy startpage service",
src="root/etc/systemd/system/startpage.service.j2",
dest=f"/etc/systemd/system/startpage.service",
sudo=True,
mode=644,
home=home)
systemd.service(name="Enable startpage service",
service="startpage",
sudo=True,
running=True,
enabled=True)
from pyinfra.operations import systemd
from pyinfra.operations import pacman
pacman.packages(name="Install Pipewire",
packages=["pipewire", "pipewire-pulse", "pavucontrol"],
update=True,
upgrade=True,
sudo=True)
systemd.service(name="Configure PipeWire",
service="pipewire-pulse",
running=True,
enabled=True,
user_mode=True)
user="******",
group="root",
mode="644",
line='vault_opts="agent -config=/etc/vault.d/agent.hcl"',
)
server.service(
name="Restart and enable the Vault agent",
service="vault",
running=True,
restarted=True,
enabled=True,
)
else:
# assume systemd by default because of its grasp over everything.
files.put(
name="Create Vault agent service.",
src="files/vault-agent.service",
dest="/etc/systemd/system/vault-agent.service",
mode="644",
)
systemd.service(
name="Restart and enable the Vault agent",
service="vault-agent.service",
running=True,
restarted=True,
enabled=True,
)