update

setup-base.py

@@ -1,118 +0,0 @@
-from pyinfra import host
-from pyinfra.operations import apt, server, files, systemd
-
-SUDO = True
-
-server.user(
-    name='Add user benpro',
-    user='benpro',
-    groups=['sudo'],
-    public_keys='ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFs7yO0auvwFL8HTLMUq6lET6DMYLhqhd32rqFfZUsjL openpgp:0xA32E99AD',
-    shell='/bin/bash',
-    present=True,
-)
-
-server.hostname(
-   name='Set the hostname',
-   hostname='lxd.home.arpa',
-)
-
-apt.update(
-    name='Update apt repositories',
-)
-
-apt.upgrade(
-    name='Upgrade apt packages',
-)
-
-# ufw disabled since no support for nftables and in a LAN 
-#apt.packages(
-#    name='Install ufw',
-#    packages=['ufw'],
-#    update=False,
-#)
-#
-#server.shell(
-#    name='Add ufw rules',
-#    commands=['ufw limit 22'],
-#)
-#
-#server.shell(
-#    name='Enable ufw',
-#    commands=['yes | ufw enable'],
-#)
-
-apt.packages(
-    name='Install packages',
-    packages=['manpages', 'man', 'snapd', 'vim', 'file',
-    'parted', 'htop', 'ncdu', 'byobu', 'tcpdump', 'lm-sensors', 'iotop',
-    'strace', 'lsof', 'iftop', 'haveged', 'postfix', 'nftables'],
-    update=False,
-)
-
-files.put(
-    name='Add postfix conf with relay to mail.benpro.fr',
-    src='files/main.cf',
-    dest='/etc/postfix/main.cf',
-    user='root',
-    group='root',
-    mode='644',
-)
-
-files.put(
-    name='Add postfix sasl_passwd',
-    src='files/sasl_passwd',
-    dest='/etc/postfix/sasl_passwd',
-    user='root',
-    group='root',
-    mode='400',
-)
-
-server.shell(
-    name='Postmap sasl_passwd',
-    commands=['postmap hash:/etc/postfix/sasl_passwd'],
-)
-
-files.line(
-    name='Set root aliases',
-    path='/etc/aliases',
-    line='root: lxd@benpro.fr',
-)
-
-server.shell(
-    name='Load aliases table',
-    commands=['newaliases'],
-)
-
-systemd.service(
-    name='Restart and enable postfix service',
-    service='postfix.service',
-    running=True,
-    restarted=True,
-    enabled=True,
-)
-
-if not host.fact.directory('/var/snap/lxd'):
-    server.shell(
-        name='Install lxd',
-        commands=['snap install lxd --channel=latest/stable'],
-    )
-
-files.put(
-    name='Add lxd-containers-upgrade.sh',
-    src='files/lxd-containers-upgrade.sh',
-    dest='/usr/local/bin/lxd-containers-upgrade.sh',
-    user='root',
-    group='root',
-    mode='700',
-)
-
-files.put(
-    name='Add status.benpro.fr.sh',
-    src='files/status.benpro.fr.sh',
-    dest='/usr/local/bin/status.benpro.fr.sh',
-    user='root',
-    group='root',
-    mode='700',
-)
-

setup.sh

@@ -0,0 +1,113 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+HOSTNAME='lxd2204.home.arpa'
+NVME_ZFS_ASHIFT=12
+NVME_ZFS_POOL_NAME='nvme'
+NVME_ZFS_TARGET='/dev/vdb'
+HDD_ZFS_ASHIFT=12
+HDD_ZFS_POOL_NAME='hdd'
+HDD_ZFS_TARGET='/dev/vdc'
+BACKUP_ZFS_ASHIFT=12
+BACKUP_ZFS_POOL_NAME='backup'
+BACKUP_ZFS_TARGET='/dev/vdd'
+
+hostnamectl hostname $HOSTNAME
+
+if ! dpkg -l zfsutils-linux 2>/dev/null 1>&2 ; then
+  apt update && apt install -y zfsutils-linux
+fi
+
+if ! zpool list $NVME_ZFS_POOL_NAME 2>/dev/null 1>&2; then
+  zpool create \
+    -m none \
+    -o ashift=$NVME_ZFS_ASHIFT \
+    -o autotrim=on \
+    -o feature@lz4_compress=enabled \
+    -O compression=on \
+    -O dedup=on \
+    $NVME_ZFS_POOL_NAME \
+    $NVME_ZFS_TARGET
+fi
+
+if ! zpool list $HDD_ZFS_POOL_NAME 2>/dev/null 1>&2; then
+  zpool create \
+    -m none \
+    -o ashift=$HDD_ZFS_ASHIFT \
+    -o autotrim=on \
+    -o feature@lz4_compress=enabled \
+    -O compression=on \
+    $HDD_ZFS_POOL_NAME \
+    $HDD_ZFS_TARGET
+fi
+
+if ! zpool list $BACKUP_ZFS_POOL_NAME 2>/dev/null 1>&2; then
+  zpool create \
+    -m none \
+    -o ashift=$BACKUP_ZFS_ASHIFT \
+    -o autotrim=on \
+    -o feature@lz4_compress=enabled \
+    -O compression=on \
+    $BACKUP_ZFS_POOL_NAME \
+    $BACKUP_ZFS_TARGET
+fi
+
+cat << EOF > /tmp/lxd.yml
+config: {}
+networks:
+- config:
+    ipv4.address: auto
+    ipv6.address: auto
+  description: ""
+  name: lxdbr0
+  type: ""
+  project: default
+storage_pools:
+- config:
+    source: nvme
+  description: ""
+  name: nvme
+  driver: zfs
+- config:
+    source: hdd
+  description: ""
+  name: hdd
+  driver: zfs
+profiles:
+- config: {}
+  description: ""
+  devices:
+    eth0:
+      name: eth0
+      network: lxdbr0
+      type: nic
+    root:
+      path: /
+      pool: nvme
+      type: disk
+    data_hdd:
+      path: /var/data_hdd
+      pool: hdd
+      type: disk
+      source: hdd
+  name: default
+cluster: null
+EOF
+
+
+if ! lxc storage list $NVME_ZFS_POOL_NAME | grep  2>/dev/null 1>&2; then
+  lxd init --preseed < /tmp/lxd.yml
+fi
+
+# To use with lxd export, this is where lxd copy temporary file
+#if ! lxc storage volume list $NVME_ZFS_POOL_NAME | grep backups >/dev/null; then
+#  lxc storage volume create default backups
+#  lxc config set storage.backups_volume default/backups
+#fi
+
+# Where to store images
+if ! lxc storage volume list $NVME_ZFS_POOL_NAME | grep images >/dev/null; then
+  lxc storage volume create $NVME_ZFS_POOL_NAME images
+  lxc config set storage.images_volume $NVME_ZFS_POOL_NAME/images
+fi
+