def create_user():
with settings(user='******'):
cuisine.user_ensure('ssmjp')
append('/etc/sudoers', 'ssmjp ALL=(ALL) ALL')
cuisine.ssh_authorize('ssmjp', cuisine.file_local_read('~/.ssh/ssmjp.pub'))
conf = Pit.get('ssmjp-user', { 'require': { 'password': '******' } })
cuisine.user_passwd('ssmjp', conf['password'])
def setup_os():
with cuisine.mode_sudo():
cuisine.ssh_authorize( "matze" , cuisine.file_local_read("./cuisine_id.pub"))
for _ in PACKAGE_ENSURE: cuisine.package_ensure(_)
cuisine.run("a2enmod rewrite")
# TODO enable AllowOverride none => all for /var/www
cuisine.run("service apache2 restart")
def create_user():
with settings(user='******'):
cuisine.user_ensure('ssmjp')
append('/etc/sudoers', 'ssmjp ALL=(ALL) ALL')
cuisine.ssh_authorize('ssmjp',
cuisine.file_local_read('~/.ssh/ssmjp.pub'))
conf = Pit.get('ssmjp-user',
{'require': {
'password': '******'
}})
cuisine.user_passwd('ssmjp', conf['password'])
def _setup_users():
USERS = ['yuta1024', 'tyabuki', 'nhirokinet']
for user in USERS:
cuisine.user_ensure(user, shell='/bin/bash', passwd='yharima', encrypted_passwd=False)
cuisine.group_user_ensure('sudo', user)
# https://ubuntuforums.org/showthread.php?t=1318346
cuisine.group_user_ensure('adm', user)
with cuisine.mode_sudo():
cuisine.ssh_authorize(user, _get_public_key_from_github(user))
if not cuisine.is_ok(sudo('grep rsync /etc/sudoers && echo OK ; true')):
sudo('echo "%s ALL=(ALL) NOPASSWD: /usr/bin/rsync" | EDITOR="tee -a" visudo' % ','.join(USERS))
def testAuthorize(self):
cuisine.ssh_authorize(USER, self.key)
d = cuisine.user_check(USER, need_passwd=False)
keyf = d["home"] + "/.ssh/authorized_keys"
keys = [line.strip() for line in open(keyf)]
print(self.key)
print(keyf)
print(keys)
assert keys.count(self.key) == 1
def initialize():
"""Log in to the server as root and create the initial user/group"""
env.user = '******'
mode_user()
group_ensure(env.remote_group)
user_ensure(env.remote_user, shell='/bin/bash')
group_user_ensure(env.remote_user, env.remote_group)
# copy local public key to user's authorized_keys for convenience
if os.path.exists('~/.ssh/id_rsa.pub'):
f = open('~/.ssh/id_rsa.pub', 'rb')
ssh_authorize(env.remote_user, f.read())
f.close()
file_append("/etc/sudoers", "%(remote_user)s ALL=(ALL) NOPASSWD:ALL\n" % env)
def apply(self, computer):
username = "******"
if not cuisine.user_check(username):
cuisine.user_create(username)
cuisine.sudo('usermod -p `openssl rand -base64 32` %s' % username)
key = self.environment["users"][username]["ssh_public_key"]
cuisine.ssh_authorize(username, key)
cuisine.dir_ensure('/home/example_com/www',
mode='755',
owner=username,
group=username)
cuisine.file_link('/home/example_com/www', '/srv/www/example_com')
self.push_package_file_set('example_com', computer)
cuisine.file_link('/etc/nginx/sites-available/example_com',
'/etc/nginx/sites-enabled/example_com')
cuisine.sudo("service nginx restart")
def update_authorized_keys(key):
with mode_sudo():
ssh_authorize(user='******',key=key)
def testAuthorize( self ): key = "ssh-dss XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= user@cuisine""" cuisine.ssh_authorize(USER, key)
def setup_ssh_key():
"""Install your ssh key for the root user on all hosts."""
with settings(warn_only=True):
sudo('mkdir /root/.ssh/')
cuisine.ssh_authorize(env.user, get_our_key())
def testAuthorize(self):
key = "ssh-dss XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= user@cuisine" ""
cuisine.ssh_authorize(USER, key)
def testAuthorize( self ): cuisine.ssh_authorize(USER, self.key) d = cuisine.user_check(USER, need_passwd=False) keyf = d["home"] + "/.ssh/authorized_keys" keys = [line.strip() for line in open(keyf)] assert keys.count(self.key) == 1
def setup_ssh():
puts(fabric.colors.green('[Install SSH Publickey]', True))
with cuisine.mode_sudo():
cuisine.ssh_authorize("pi", cuisine.file_local_read('~/.ssh/id_rsa.pub'))
def apply(self, computer):
username = "******"
cuisine.user_ensure(username)
key = self.environment["users"][username]["ssh_public_key"]
cuisine.ssh_authorize(username, key)
def setup_ssh_key():
"""Install your ssh key for the root user on all hosts."""
with settings(warn_only=True):
sudo("mkdir /root/.ssh/")
cuisine.ssh_authorize(env.user, get_our_key())
