pyinfra-lxd/setup-base.py

from pyinfra import host
from pyinfra.operations import apt, server, files, systemd

SUDO = True

server.user(
    name='Add user benpro',
    user='benpro',
    groups=['sudo'],
    public_keys='ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFs7yO0auvwFL8HTLMUq6lET6DMYLhqhd32rqFfZUsjL openpgp:0xA32E99AD',
    shell='/bin/bash',
    present=True,
)

server.hostname(
   name='Set the hostname',
   hostname='lxd.home.arpa',
)

apt.update(
    name='Update apt repositories',
)

apt.upgrade(
    name='Upgrade apt packages',
)

# ufw disabled since no support for nftables and in a LAN 
#apt.packages(
#    name='Install ufw',
#    packages=['ufw'],
#    update=False,
#)
#
#server.shell(
#    name='Add ufw rules',
#    commands=['ufw limit 22'],
#)
#
#server.shell(
#    name='Enable ufw',
#    commands=['yes | ufw enable'],
#)

apt.packages(
    name='Install packages',
    packages=['manpages', 'man', 'snapd', 'vim', 'file',
    'parted', 'htop', 'ncdu', 'byobu', 'tcpdump', 'lm-sensors', 'iotop',
    'strace', 'lsof', 'iftop', 'haveged', 'postfix', 'nftables'],
    update=False,
)

#files.line(
#    name='Enable postfix relays to mail.benpro.fr',
#    path='/etc/postfix/main.cf',
#    line=r'relayhost = .*',
#    replace='relayhost = 10.0.0.2',
#)
#
#files.line(
#    name='Set root aliases',
#    path='/etc/aliases',
#    line='root: lxd10@benpro.fr',
#)
#
#server.shell(
#    name='Load aliases table',
#    commands=['newaliases'],
#)
#
#systemd.service(
#    name='Restart and enable postfix service',
#    service='postfix.service',
#    running=True,
#    restarted=True,
#    enabled=True,
#)

if not host.fact.directory('/var/snap/lxd'):
    server.shell(
        name='Install lxd',
        commands=['snap install lxd --channel=latest/stable'],
    )

files.put(
    name='Add lxd-containers-upgrade.sh',
    src='files/lxd-containers-upgrade.sh',
    dest='/usr/local/bin/lxd-containers-upgrade.sh',
    user='root',
    group='root',
    mode='700',
)