diff --git a/bundles/apt/README.md b/bundles/apt/README.md new file mode 100644 index 0000000..ec66fa1 --- /dev/null +++ b/bundles/apt/README.md @@ -0,0 +1,13 @@ +```python +{ + 'apt': { + 'packages': { + 'apt-transport-https': {}, + }, + 'sources': [ + # place key under data/apt/keys/packages.cloud.google.com.{asc|gpg} + 'deb https://packages.cloud.google.com/apt cloud-sdk main', + ], + }, +} +``` diff --git a/bundles/apt/items.py b/bundles/apt/items.py index 17856bd..48024ba 100644 --- a/bundles/apt/items.py +++ b/bundles/apt/items.py @@ -1,4 +1,7 @@ from os.path import join +from urllib.parse import urlparse +from glob import glob +from os.path import join, basename directories = { '/etc/apt/sources.list.d': { @@ -26,24 +29,33 @@ actions = { }, } -for name, content in node.metadata.get('apt/sources').items(): - files[f'/etc/apt/sources.list.d/{name}.list'] = { - 'content': content.format( +hosts = {} + +for source in node.metadata.get('apt/sources'): + host = urlparse(source.split()[1]).hostname + hosts\ + .setdefault(host, set())\ + .add(source) + +for host, sources in hosts.items(): + files[f'/etc/apt/sources.list.d/{host}.list'] = { + 'content': '\n'.join(sorted(sources)).format( release=node.metadata.get('os_release') ), 'triggers': { 'action:apt_update', }, } - -for key in node.metadata.get('apt/keys'): - files[f'/etc/apt/trusted.gpg.d/{key}'] = { - 'source': join(repo.path, 'data', 'apt', 'keys', key), - 'content_type': 'binary', - 'triggers': { - 'action:apt_update', - }, - } + + matches = glob(join(repo.path, 'data', 'apt', 'keys', f'{host}.*')) + if matches: + files[f'/etc/apt/trusted.gpg.d/{basename(matches[0])}'] = { + 'source': join(repo.path, 'data', 'apt', 'keys', basename(matches[0])), + 'content_type': 'binary', + 'triggers': { + 'action:apt_update', + }, + } for package, options in node.metadata.get('apt/packages', {}).items(): diff --git a/bundles/apt/metadata.py b/bundles/apt/metadata.py index 0ae931e..6af30eb 100644 --- a/bundles/apt/metadata.py +++ b/bundles/apt/metadata.py @@ -1,32 +1,7 @@ -from glob import glob -from os.path import join, basename - defaults = { 'apt': { 'packages': {}, - 'sources': {}, + 'sources': [], 'keys': [], }, } - - -@metadata_reactor.provides( - 'apt/keys', -) -def keys(metadata): - keys = [] - - for name in node.metadata.get('apt/sources'): - matches = glob(join(repo.path, 'data', 'apt', 'keys', f'{name}.*')) - - if matches: - assert len(matches) == 1 - keys.append(basename(matches[0])) - - return { - 'apt': { - 'keys': keys, - }, - } - - diff --git a/bundles/gcloud/metadata.py b/bundles/gcloud/metadata.py index 3cac568..4d2b21f 100644 --- a/bundles/gcloud/metadata.py +++ b/bundles/gcloud/metadata.py @@ -7,8 +7,8 @@ defaults = { 'google-cloud-sdk': {}, 'python3-crcmod': {}, }, - 'sources': { - 'gcloud': 'deb https://packages.cloud.google.com/apt cloud-sdk main', - }, + 'sources': [ + 'deb https://packages.cloud.google.com/apt cloud-sdk main', + ], }, } diff --git a/bundles/influxdb2/metadata.py b/bundles/influxdb2/metadata.py new file mode 100644 index 0000000..bd1193e --- /dev/null +++ b/bundles/influxdb2/metadata.py @@ -0,0 +1,10 @@ +defaults = { + 'apt': { + 'packages': { + 'influxdb2': {}, + }, + 'sources': [ + 'deb https://repos.influxdata.com/ubuntu {release} stable', + ], + }, +} diff --git a/bundles/nextcloud/items.py b/bundles/nextcloud/items.py index 895d627..8e5d990 100644 --- a/bundles/nextcloud/items.py +++ b/bundles/nextcloud/items.py @@ -21,7 +21,7 @@ actions['delete_nextcloud'] = { 'triggered': True, } actions['extract_nextcloud'] = { - 'command': f'tar xfvj /tmp/nextcloud-{version}.tar.bz2 --exclude "^config" --strip 1 -C /opt/nextcloud nextcloud', + 'command': f'tar xfvj /tmp/nextcloud-{version}.tar.bz2 --skip-old-files --strip 1 -C /opt/nextcloud nextcloud', 'unless': f"""php -r 'include "/opt/nextcloud/version.php"; echo "$OC_VersionString";' | grep -q '^{version}$'""", 'preceded_by': [ 'action:delete_nextcloud', @@ -43,6 +43,7 @@ directories['/opt/nextcloud'] = {} directories['/var/lib/nextcloud'] = { 'owner': 'www-data', 'group': 'www-data', + 'mode': '770', } directories['/var/lib/nextcloud/.apps'] = { 'owner': 'www-data', diff --git a/data/apt/keys/gcloud.gpg b/data/apt/keys/packages.cloud.google.com.gpg similarity index 100% rename from data/apt/keys/gcloud.gpg rename to data/apt/keys/packages.cloud.google.com.gpg diff --git a/data/apt/keys/repos.influxdata.com.asc b/data/apt/keys/repos.influxdata.com.asc new file mode 100644 index 0000000..fa216d0 --- /dev/null +++ b/data/apt/keys/repos.influxdata.com.asc @@ -0,0 +1,63 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF+pwAMBEACwL5d+orTDO3rvtxFNag03MR3/1U+I6jLRoJwdIW7g9WO9KwHi +AcBrHlNEAbPBeBAL4kFvQpxHSSpjZQtKJr1xjPv+PMjcOeW78GlKCcUEKRhY3iWU +L7pWzmS5SUTJ0DZhkQwXFnQPlHq2xARWX6cLrFHcI41t/hPGn2Q/WjAwRUcKelfa +u66uznULiYtaAiDbYAR+vNPzfDqFASfpC9fzS/vpiKtBZhqwWR1pVvy8/ujXOHe7 +Q3QVMveeUS3Ihrw5omimlhvqvyxOFMKejMy8nUJM/KjbkwlX83vCXNuVUyD0I0nm +OpLtxCyaWoKrU3zKzYY5tfVnRjOdORY7wIJHFkJfHPIGTf1m9JKJXQIIVz1cH3Do +v5Anc0Qw/kM11/KQEdzON5SHyRkgudtiRHG4FBZzhwsIAdHQx3meqbnAGi2btF7I ++TMBzuKkoGSVxDxSoYlg12pxyXUkZIRFrqcV00A8Q0Vx8f3cK7JWXf9QpiJt772m +LdD3t15dw1hR9P8VWKX3wRVYtXP/sRHBzWjxaCEuD9tvDh7ED2l4DIe5BrwLfLas +r8ooPr+h78+sfvS1EJWrQDWUcV0OJSYbZX8HHWvGVSJhX3aVWFJTtrCUHpst7vjC +CctSSscT9HY/JNF407qy4jy+GJE+zxcvexfBvmOy56sYzjf5Ffwxikv9BwARAQAB +tCNJbmZsdXhEYXRhIDxzdXBwb3J0QGluZmx1eGRhdGEuY29tPokCTgQTAQgAOBYh +BIwtQD08O9uBpMJ8iDw+S3MX/+QKBQJfqcADAhsBBQsJCAcCBhUKCQgLAgQWAgMB +Ah4BAheAAAoJEDw+S3MX/+QKg1YP/2Kly0j26IavEdDHpLuodIojCVUnQ7Ro+OR0 +ag1iGR1UDr30dEM68H2vObcJU7IeDtSZy6SIW1Mjk4R6aQuEEbGB9rOdHupBeP2G +c/POxOakNUez4L4USv3lJdVOj8akcQs/CLLHVrzlrSrvPGpDJ2MCVfvuUQQn9H1P +1lvv6wS0rGF8uuO3YuhnnhACwkVBzOGwRSDyvwlDEHvP4s8cZKc147x7Zop4Brwb +XzjLFp4W8Gy0BbpGONa+RLjEAT0YrtGzVxuATotf9AhOpUwhcg8NUp5e0nowZO6O +9c2RNs1AgqGoItFfgKrJ3H/7UdnAxvcr9tbsiD/sFXZlJFbJQtcHLHs7suagCUW0 +Q2PpwsoY2TvfNUyGPDA5voPTyxuaOMe+CFIb9A2cMng2aq9LXTjx+xIZIbadOWU5 +I7ONRpq1/ma0P13akF6YGB/r3P69hdsFFLp4NOHwIhitRa4S0XVrXQQDbezBCr+I +b2chNXDPAKgQzYemivXMOj3sSqVKCWoYK2BQ0k60BkBQX9y5tqRy1IL2woFLd88H +/vi3KGDrGVfomX7+IUAE6ApljxnCKQd3mTEHRiCtqZgDefd8UM2qI+qVbn7ZUHXr +Bxoe78MT73z2EtMZM3aaAYsSmTx9RiAWECU8eYcFN7/DphHl07mm9hKJOjmsRmLd +VrWY+tyLuQINBF+pwEkBEAD2lq9xY98AH+aDt+6CDsRQJEA2iwjJmdwXeDt2Vp+h +S2R2a5BiGQO1ne1hRNnWMv0sipQBSwGj5IWXCqsB1czLpsoGi87iSBaEk2hHrZbj +d+QYEmA406gUZ2fEund7yRRe3luETaOmovWXHKh1ixHWj9nNT2V0rI8fLWM7dlKd +rsUHHgUCrMuPgevA2m7BH0v7TjC3Fd7964VSXcCQgbML5E7/vuV20We8Z7EvdZoa +csmY/9SID+AvODuwr2Naq40GFRVi19x6b+BJapbwW28TtKl/ZtGunlRfR519EV8o +lPB6hqoh+ZMuapizYTOd12s9pHNFSQlnScGpKclheoWNSpxsVvoXbUpQjhXz5eLN +Cg5Va/+E5/QTz0DvNK1tNZ/p1kR3+W5YArJnXWMTOhUlrua6Vwx90q3HVSeS1X4l +1BMWfwOjLUkdSYxlVavpbdq7nT8Flj2w7dtZcBXomx/t5g258KZctGDT6zE0Gm+D +u8E8RLl5OQ4iBWRmVWjjkPsm/1Lc2atA5umEFVRWuZfacXVMnP2Veooki+E/r5Sh +vRw6hRRNrnAKJw4WsxNXCLazuCISoTLkU3iTec5SjRZpqkA8y60edFAV9cn43M/7 +efy3I42afdNz2wap+AoWlxFlmoTUL/uV5yb99MQviQPaz5tX3prk7SixC8ebPRzX +rwARAQABiQRsBBgBCAAgFiEEjC1APTw724GkwnyIPD5Lcxf/5AoFAl+pwEkCGwIC +QAkQPD5Lcxf/5ArBdCAEGQEIAB0WIQTCkBBA7SUBf1Cp1Vbi+tfDijtH0gUCX6nA +SQAKCRDi+tfDijtH0r++EACI5PR3lxKOcj3VGkRYtx2ggCiOJVpBYk8KujcRVX0g +vMefYDl0L2KJIs2oFcr5irIPKjI4eWe9oDKdNm5K5uOFfd3GBevxWScLKwlqcVeq +wTUyfY6GGybWQV/VW8mWF+ZOHc63jrScNW24V7KT2xWjGLVWORa9lnj3cCazRQAK +8F/mMEmI+gpEIUhqN6rhMEvG8oZlmnywwZ6k0tCzitDGeTBCoOAovRf0zCnCkNNv +dKmP//IPfSqNlAtb/ghdB3iG8LOLBtVQ+Z1HIpNngWWQwvRBUpG8zkWV9otUPxY9 +QI1C/rQlUAXGaojx87aeY1d1/3aLwEg0IiwCIRbI/oRVbfiK6npFKkSROW8AnV9i +ZkTCgRlet0synoAgKvrfapX6yB02gCXDBGWS0jtTCbEopHVSLZ/Jtg/CS6qhgWpq +u+di4z6GEDDZBL2dAXCxayM34pNQmbhf399T+tBRfqdveQ1B89Rg5ANOQTKAvvyP +G7WLeDSGY3EoUEAmZDE/HzX8BwRDIfQbDx85WFjjSFgCu3cN89UVdUJUIPPtVIMI +fHZT+flYki7Cx/ZWVsTZRD76ul4FBuMLX0lkgYP3kPOtmi0vmuccOvdNzpbh7uVg +R4/++foljnRhTmDLdUQAojRDiWMgzlkOv+NUM4Zj1lY7M0rV+60EiDvZnFHWPxIG +izXFD/4vcYjUGpyr5JAQTDjuYa/ZdSGN5BGe67gM4s+GRAJ8pGMkyI3GOI8vmRQh +SPoxOv4UrVSwQSXF5CqzAoX7cPPvIzX8Th/KQ+7WbD/f7ZNQzH88QLn353t6gQqy +YVAfcmeiai70Yh04Cx3vOguL+10JSXH7ULIMNn2TjRzTSgHPn0JcPPJqPGKZQ8i2 +VJzNw9MZqpHCxsd08clQ+sSBTlccL0S4P0/VoojKvufRXDi4URZ26Jx6qwlCagwW +a40OVQTwLo8hfQJxKMSjrmeWqbFBrAAE6/YbIdidRTRbFmrwbu1tnlcNuPImP0A6 +YQRg238HHLAFxXRgsQyrTXJrRX8cEWKpqurW4N6G+UEOR2Y4URaoAVlXjvAfUDFM +CydOZFzilwLIZKPpCMejwnwTmfn6LlvEXhTnC8xf986eMdzYC1S+ajFpyCBZJjZe +9d7zH4mQSjUv+GvZgWK8nJcqdo0VjA9+iqE+fdrhJHex9TeA9oOSvm46+2vnwox+ +BdSuDPob9DWnWl7ew+gRsH1881WlVcdwvFC3S6acG/saJG+K2dwmBzB69ZWyuJg1 +ypLR+ZiM3NsdVWTDp/H1dI5iK5rBhweAux5PZ5J6oYg5CFwki9Nv6hKSeAQKfQtw +mPABBwFBffrHq11o+4eEB1NSYHAUprNfPhg3UAxllRGDSAHX+Q== +=iE8/ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/groups/os/debian.py b/groups/os/debian.py index 70aab0c..2717c18 100644 --- a/groups/os/debian.py +++ b/groups/os/debian.py @@ -7,14 +7,12 @@ ], 'metadata': { 'apt': { - 'sources': { - 'debian': '\n'.join([ - 'deb http://deb.debian.org/debian {release} main non-free contrib', - 'deb http://deb.debian.org/debian {release}-updates main contrib non-free', - 'deb http://security.debian.org/debian-security {release}/updates main contrib non-free', - 'deb http://deb.debian.org/debian {release}-backports main contrib non-free', - ]), - }, + 'sources': [ + 'deb http://deb.debian.org/debian {release} main non-free contrib', + 'deb http://deb.debian.org/debian {release}-updates main contrib non-free', + 'deb http://security.debian.org/debian-security {release}/updates main contrib non-free', + 'deb http://deb.debian.org/debian {release}-backports main contrib non-free', + ], }, }, 'os': 'debian',