from pyinfra import host from pyinfra.operations import apt, server, files, systemd SUDO = True server.user( name='Add user benpro', user='benpro', groups=['sudo'], public_keys='ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFs7yO0auvwFL8HTLMUq6lET6DMYLhqhd32rqFfZUsjL openpgp:0xA32E99AD', shell='/bin/bash', present=True, ) server.hostname( name='Set the hostname', hostname='lxd.home.arpa', ) apt.update( name='Update apt repositories', ) apt.upgrade( name='Upgrade apt packages', ) # ufw disabled since no support for nftables and in a LAN #apt.packages( # name='Install ufw', # packages=['ufw'], # update=False, #) # #server.shell( # name='Add ufw rules', # commands=['ufw limit 22'], #) # #server.shell( # name='Enable ufw', # commands=['yes | ufw enable'], #) apt.packages( name='Install packages', packages=['manpages', 'man', 'snapd', 'vim', 'file', 'parted', 'htop', 'ncdu', 'byobu', 'tcpdump', 'lm-sensors', 'iotop', 'strace', 'lsof', 'iftop', 'haveged', 'postfix', 'nftables'], update=False, ) files.put( name='Add postfix conf with relay to mail.benpro.fr', src='files/main.cf', dest='/etc/postfix/main.cf', user='root', group='root', mode='644', ) files.put( name='Add postfix sasl_passwd', src='files/sasl_passwd', dest='/etc/postfix/sasl_passwd', user='root', group='root', mode='400', ) server.shell( name='Postmap sasl_passwd', commands=['postmap hash:/etc/postfix/sasl_passwd'], ) files.line( name='Set root aliases', path='/etc/aliases', line='root: lxd@benpro.fr', ) server.shell( name='Load aliases table', commands=['newaliases'], ) systemd.service( name='Restart and enable postfix service', service='postfix.service', running=True, restarted=True, enabled=True, ) if not host.fact.directory('/var/snap/lxd'): server.shell( name='Install lxd', commands=['snap install lxd --channel=latest/stable'], ) files.put( name='Add lxd-containers-upgrade.sh', src='files/lxd-containers-upgrade.sh', dest='/usr/local/bin/lxd-containers-upgrade.sh', user='root', group='root', mode='700', )