cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

wip

Browse source
This commit is contained in:
CroneKorkN 2025-06-05 18:13:54 +02:00
parent 43e7c1f3e4
commit 4caf0a4a19
Signed by: cronekorkn
SSH key fingerprint: SHA256:v0410ZKfuO1QHdgKBsdQNF64xmTxOF8osF1LIqwTcVw
23 changed files with 212 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
bundles/apt/README.md
View file

@ -13,6 +13,9 @@
'deb',
'deb-src',
},
'options': { # optional
'aarch': 'amd64',
},
'urls': {
'https://deb.debian.org/debian',
},

2
bundles/gitea/files/app.ini
View file

@ -40,7 +40,7 @@ ENABLE_OPENID_SIGNUP = false
[service]
REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true
DISABLE_REGISTRATION = false
DISABLE_REGISTRATION = true
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false

4
bundles/grafana/metadata.py
View file

@ -69,6 +69,9 @@ defaults = {
},
},
},
'nginx': {
'has_websockets': True,
},
}
@ -144,6 +147,7 @@ def dns(metadata):
def nginx(metadata):
return {
'nginx': {
'has_websockets': True,
'vhosts': {
metadata.get('grafana/hostname'): {
'content': 'grafana/vhost.conf',

2
bundles/kea-dhcpd/items.py
View file

@ -15,7 +15,7 @@ svc_systemd = {
'needs': [
'pkg_apt:kea-dhcp4-server',
'file:/etc/kea/kea-dhcp4.conf',
'svc_systemd:systemd-networkd:restart',
'svc_systemd:systemd-networkd.service:restart',
],
},
}

8
bundles/nginx/files/nginx.conf
View file

@ -31,5 +31,13 @@ http {
}
% endif
% if has_websockets:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
% endif
include /etc/nginx/sites/*;
}

1
bundles/nginx/items.py
View file

@ -33,6 +33,7 @@ files = {
'context': {
'modules': node.metadata.get('nginx/modules'),
'worker_processes': node.metadata.get('vm/cores'),
'has_websockets': node.metadata.get('nginx/has_websockets'),
},
'triggers': {
'svc_systemd:nginx:restart',

1
bundles/nginx/metadata.py
View file

@ -18,6 +18,7 @@ defaults = {
'nginx': {
'vhosts': {},
'modules': set(),
'has_websockets': False,
},
'systemd': {
'units': {

21
bundles/proxmox-ve/items.py Normal file
View file

@ -0,0 +1,21 @@
files = {
'/etc/apt/apt.conf.d/10pveapthook': {
'content_type': 'any',
'mode': '0644',
},
'/etc/apt/apt.conf.d/76pveconf': {
'content_type': 'any',
'mode': '0444',
},
'/etc/apt/apt.conf.d/76pveproxy': {
'content_type': 'any',
'mode': '0444',
},
'/etc/network/interfaces': {
'content_type': 'any',
},
}
symlinks['/etc/ssh/ssh_host_rsa_key.pub'] = {
'target': '/etc/ssh/ssh_host_managed_key.pub',
}

98
bundles/proxmox-ve/metadata.py Normal file
View file

@ -0,0 +1,98 @@
defaults = {
'apt': {
'packages': {
'linux-image-amd64': {
'installed': False,
},
'proxmox-default-kernel': {},
# after reboot
'proxmox-ve': {},
'postfix': {},
'open-iscsi': {},
'chrony': {},
'os-prober': {
'installed': False,
},
},
'sources': {
'proxmox-ve': {
'options': {
'aarch': 'amd64',
},
'urls': {
'http://download.proxmox.com/debian/pve',
},
'suites': {
'{codename}',
},
'components': {
'pve-no-subscription',
},
'key': 'proxmox-ve-{codename}',
},
},
},
# 'nftables': {
# 'input': {
# 'tcp dport 8006 accept',
# },
# },
'zfs': {
'datasets': {
'tank/proxmox-ve': {
'mountpoint': '/var/lib/proxmox-ve',
},
}
}
}
# @metadata_reactor.provides(
# 'systemd',
# )
# def bridge(metadata):
# return {
# 'systemd': {
# 'units': {
# # f'internal.network': {
# # 'Network': {
# # 'Bridge': 'br0',
# # },
# # },
# 'br0.netdev': {
# 'NetDev': {
# 'Name': 'br0',
# 'Kind': 'bridge'
# },
# },
# 'br0.network': {
# 'Match': {
# 'Name': 'br0',
# },
# 'Network': {
# 'Unmanaged': 'yes'
# },
# },
# },
# },
# }
@metadata_reactor.provides(
'nginx/vhosts',
)
def nginx(metadata):
return {
'nginx': {
'has_websockets': True,
'vhosts': {
metadata.get('proxmox-ve/domain'): {
'content': 'nginx/proxy_pass.conf',
'context': {
'target': 'https://localhost:8006',
'websockets': True,
}
},
},
},
}

11
bundles/systemd-networkd/items.py
View file

@ -1,9 +1,6 @@
assert node.has_bundle('systemd')
files = {
'/etc/network/interfaces': {
'delete': True,
},
'/etc/resolv.conf': {
'content_type': 'mako',
},
@ -19,5 +16,11 @@ directories = {
}
svc_systemd = {
'systemd-networkd': {},
'systemd-networkd.service': {},
}
if not node.has_bundle('proxmox-ve'):
files['/etc/network/interfaces'] = {
'delete': True,
}

4
bundles/systemd/items.py
View file

@ -24,10 +24,10 @@ for name, unit in node.metadata.get('systemd/units').items():
path = f'/etc/systemd/network/{name}'
dependencies = {
'needed_by': [
'svc_systemd:systemd-networkd',
'svc_systemd:systemd-networkd.service',
],
'triggers': [
'svc_systemd:systemd-networkd:restart',
'svc_systemd:systemd-networkd.service:restart',
],
}
elif extension in ['timer', 'service', 'mount', 'swap', 'target']:

2
bundles/wireguard/metadata.py
View file

@ -12,7 +12,7 @@ defaults = {
'wireguard': {
'backports': node.os_version < (11,),
'triggers': [
'svc_systemd:systemd-networkd:restart',
'svc_systemd:systemd-networkd.service:restart',
],
},
},

BIN
data/apt/keys/proxmox-ve-bookworm.gpg Normal file
View file

Binary file not shown.

5
data/grafana/vhost.conf
View file

@ -1,8 +1,3 @@
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

4
data/nginx/proxy_pass.conf
View file

@ -8,6 +8,10 @@ server {
location / {
proxy_set_header X-Real-IP $remote_addr;
% if websockets:
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
% endif
proxy_pass ${target};
}
}

6
groups.py
View file

@ -6,4 +6,8 @@ for root, dirs, files in walk(join(repo_path, "groups")):
if filename.endswith(".py"):
group = join(root, filename)
with open(group, 'r', encoding='utf-8') as f:
groups[splitext(basename(filename))[0]] = eval(f.read())
try:
groups[splitext(basename(filename))[0]] = eval(f.read())
except:
print(f"Error parsing {group}:")
raise

3
groups/os/debian-11.py
View file

@ -2,6 +2,9 @@
'supergroups': [
'debian',
],
'bundles': [
'systemd-networkd',
],
'metadata': {
'php': {
'version': '7.4',

26
groups/os/debian-12-common.py Normal file
View file

@ -0,0 +1,26 @@
{
'metadata': {
'apt': {
'sources': {
'debian': {
'components': {
'non-free-firmware',
},
},
'debian-security': {
'components': {
'non-free-firmware',
},
},
},
},
'php': {
'version': '8.2',
},
'postgresql': {
'version': '15',
},
'os_codename': 'bookworm',
},
'os_version': (12,),
}

9
groups/os/debian-12-pve.py Normal file
View file

@ -0,0 +1,9 @@
{
'supergroups': [
'debian',
'debian-12-common',
],
'bundles': [
'ifupdown',
],
}

4
groups/os/debian-12.py
View file

@ -1,6 +1,10 @@
{
'supergroups': [
'debian',
'debian-12-common',
],
'bundles': [
'systemd-networkd',
],
'metadata': {
'apt': {

1
groups/os/linux.py
View file

@ -14,7 +14,6 @@
'system',
'systemd',
'systemd-journald',
'systemd-networkd',
'systemd-mount',
'systemd-timers',
'users',

8
nodes/home.router.py
View file

@ -18,7 +18,7 @@
'interface': 'enx00e04c220682',
'ipv4': '10.0.99.126/24',
'gateway4': '10.0.99.1',
'vlans': {'iot', 'internet', 'guest', 'rolf', 'internal'},
'vlans': {'iot', 'internet', 'guest', 'rolf', 'internal', 'proxmox'},
},
'internal': {
'type': 'vlan',
@ -37,6 +37,12 @@
'id': 3,
'ipv4': '10.0.3.1/24',
},
'proxmox': {
'type': 'vlan',
'id': 4,
'ipv4': '10.0.4.1/24',
'dhcp_server': True,
},
'guest': {
'type': 'vlan',
'id': 9,

6
nodes/home.server.py
View file

@ -35,6 +35,7 @@
#'tasmota-charge',
'wol-waker',
'zfs',
'proxmox-ve',
],
'metadata': {
'id': 'af96709e-b13f-4965-a588-ef2cd476437a',
@ -47,7 +48,7 @@
},
'apt': {
'packages': {
'firmware-realtek': {},
# 'firmware-realtek': {}, proxmox-ve incompatibility
},
},
'build-server': {
@ -124,6 +125,9 @@
'unsortable': 'SofortUpload/Unsortable',
},
},
'proxmox-ve': {
'domain': 'pve.ckn.li',
},
'raspberrymatic-cert': {
'domain': 'homematic.ckn.li',
'node': 'home.homematic',