/
system.py
146 lines (93 loc) · 2.82 KB
/
system.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
from fabric.api import env, run, task, sudo, require
from fabric.contrib import files
import utils
@task
def info():
"""
Get some details about the remote system.
:Example:
fab --config=config/local.conf local system.info
"""
run('uname -a')
@task
def update():
"""
Update the system packages.
:Example:
fab --config=config/local.conf local system.update
"""
sudo('apt-get -y update')
sudo('apt-get -y upgrade')
@task
def autoremove():
"""
Remove unused system packages.
:Example:
fab --config=config/local.conf local system.autoremove
"""
sudo('apt-get -y autoremove')
@task
def user_create(username, password):
"""
Create a new system user with sudo privileges.
:param username: The new username.
:param password: The raw password.
:Example:
fab --config=config/local.conf local system.user_create:username=hello,password=world
"""
result = add_usr(username)
if result.succeeded:
add_grp(username, 'sudo')
if result.succeeded:
set_pwd(username, password)
return result.succeeded
@task
def user_delete(username):
"""
Delete an existing system user.
:param username: The user to delete.
:Example:
fab --config=config/local.conf local system.user_delete:username=hello
"""
sudo('deluser {}'.format(username))
@task
def user_sshkey():
"""
Upload an SSH key to the remote system for the current user.
:Example:
fab --config=config/local.conf local system.user_sshkey
"""
require('PUBLIC_SSH_KEY')
with open(env.PUBLIC_SSH_KEY) as reader:
key = reader.read()
remote_directory = '/home/{}/.ssh'.format(env.user)
remote_authkeys = '{}/authorized_keys'.format(remote_directory)
new_directory = False
if not files.exists(remote_directory):
new_directory = True
# Create the ".ssh" directory.
run('mkdir -p {}'.format(remote_directory))
# Add the key to "authorized keys".
files.append(remote_authkeys, key)
if new_directory:
# Set directory permission to "700".
run('chmod 700 {}'.format(remote_directory))
# Set file permission to "600".
run('chmod 600 {}'.format(remote_authkeys))
def add_usr(username):
"""
Create a new system user with no password.
"""
return sudo('adduser --disabled-password --gecos "" {}'.format(username))
def add_grp(username, group):
"""
Add an existing user to a group.
"""
return sudo('adduser {} {}'.format(username, group))
def set_pwd(username, password):
"""
Set a password to an existing user.
"""
# Hash the raw password.
password = utils.hash(password)
return sudo("echo '{}:{}' | chpasswd -e".format(username, password))