cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: cronekorkn:master
Branches Tags
cronekorkn:master
cronekorkn:l4d2_the_next
cronekorkn:htz.mails_debian_13_squash
cronekorkn:htz.mails_debian_13
cronekorkn:debian-13
cronekorkn:ipv6_picking
cronekorkn:ipv6
cronekorkn:routeros
cronekorkn:mailman
cronekorkn:proxmox_mergable
cronekorkn:proxmox
cronekorkn:mseibert_yourls
cronekorkn:n8n
cronekorkn:router
cronekorkn:freescout
cronekorkn:homeassistant-supervised
cronekorkn:conflecttest
cronekorkn:wp
cronekorkn:rufbereitschafts-alarm
cronekorkn:dnssec_2
cronekorkn:dnssec
cronekorkn:apt_sources_as_dict
cronekorkn:wordpress
cronekorkn:iperf3
cronekorkn:picsort-pythoon
cronekorkn:network_metadata_rework
cronekorkn:blog_dirty
cronekorkn:blog
cronekorkn:icinga2_notifications
cronekorkn:icinga_neumachen
cronekorkn:nextcloud_conf_in_metadata
cronekorkn:mastodon
cronekorkn:rtmp
cronekorkn:deterministic_rsa
cronekorkn:deterministic_rsa_test
cronekorkn:left4dead2
cronekorkn:temp130752653
cronekorkn:zfs_encrypt
cronekorkn:icingaweb
cronekorkn:ldap
cronekorkn:icinga2_remote_2
cronekorkn:icinga2_local
cronekorkn:icinga
cronekorkn:icinga2_remote
cronekorkn:modprobe
cronekorkn:autoconfig
cronekorkn:basic_auth
cronekorkn:crystal-buildserver
cronekorkn:build_Server
cronekorkn:cya_hetzner
cronekorkn:dns_challenge3
cronekorkn:dns_challenge2
cronekorkn:dns_challenge
cronekorkn:gpiod
cronekorkn:multi-redis
cronekorkn:l4d2
cronekorkn:wireguard_clients
cronekorkn:alles_sets
cronekorkn:hdict
cronekorkn:all_units
cronekorkn:unitbug_isolation
cronekorkn:whatsbroken
cronekorkn:minimal_mailserver
..
compare: cronekorkn:l4d2_the_next
Branches Tags
cronekorkn:master
cronekorkn:l4d2_the_next
cronekorkn:htz.mails_debian_13_squash
cronekorkn:htz.mails_debian_13
cronekorkn:debian-13
cronekorkn:ipv6_picking
cronekorkn:ipv6
cronekorkn:routeros
cronekorkn:mailman
cronekorkn:proxmox_mergable
cronekorkn:proxmox
cronekorkn:mseibert_yourls
cronekorkn:n8n
cronekorkn:router
cronekorkn:freescout
cronekorkn:homeassistant-supervised
cronekorkn:conflecttest
cronekorkn:wp
cronekorkn:rufbereitschafts-alarm
cronekorkn:dnssec_2
cronekorkn:dnssec
cronekorkn:apt_sources_as_dict
cronekorkn:wordpress
cronekorkn:iperf3
cronekorkn:picsort-pythoon
cronekorkn:network_metadata_rework
cronekorkn:blog_dirty
cronekorkn:blog
cronekorkn:icinga2_notifications
cronekorkn:icinga_neumachen
cronekorkn:nextcloud_conf_in_metadata
cronekorkn:mastodon
cronekorkn:rtmp
cronekorkn:deterministic_rsa
cronekorkn:deterministic_rsa_test
cronekorkn:left4dead2
cronekorkn:temp130752653
cronekorkn:zfs_encrypt
cronekorkn:icingaweb
cronekorkn:ldap
cronekorkn:icinga2_remote_2
cronekorkn:icinga2_local
cronekorkn:icinga
cronekorkn:icinga2_remote
cronekorkn:modprobe
cronekorkn:autoconfig
cronekorkn:basic_auth
cronekorkn:crystal-buildserver
cronekorkn:build_Server
cronekorkn:cya_hetzner
cronekorkn:dns_challenge3
cronekorkn:dns_challenge2
cronekorkn:dns_challenge
cronekorkn:gpiod
cronekorkn:multi-redis
cronekorkn:l4d2
cronekorkn:wireguard_clients
cronekorkn:alles_sets
cronekorkn:hdict
cronekorkn:all_units
cronekorkn:unitbug_isolation
cronekorkn:whatsbroken
cronekorkn:minimal_mailserver

No commits in common. "master" and "l4d2_the_next" have entirely different histories.
master ... l4d2_the_n

90 changed files with 396 additions and 6507 deletions
Show stats Expand all files Collapse all files

1
.gitignore vendored
View file

@ -2,4 +2,3 @@
.venv .venv
.cache .cache
*.pyc *.pyc
.bw_debug_history

148
bin/mikrotik-firmware-updater
View file

@ -1,148 +0,0 @@
#!/usr/bin/env python3
from argparse import ArgumentParser
from time import sleep
from bundlewrap.exceptions import RemoteException
from bundlewrap.utils.cmdline import get_target_nodes
from bundlewrap.utils.ui import io
from bundlewrap.repo import Repository
from os.path import realpath, dirname
# parse args
parser = ArgumentParser()
parser.add_argument("targets", nargs="*", default=['bundle:routeros'], help="bw nodes selector")
parser.add_argument("--yes", action="store_true", default=False, help="skip confirmation prompts")
args = parser.parse_args()
def wait_up(node):
sleep(5)
while True:
try:
node.run_routeros('/system/resource/print')
except RemoteException:
sleep(2)
continue
else:
io.debug(f"{node.name}: is up")
sleep(10)
return
def upgrade_switch_os(node):
# get versions for comparison
with io.job(f"{node.name}: checking OS version"):
response = node.run_routeros('/system/package/update/check-for-updates').raw[-1]
installed_os = bw.libs.version.Version(response['installed-version'])
latest_os = bw.libs.version.Version(response['latest-version'])
io.debug(f"{node.name}: installed: {installed_os} >= latest: {latest_os}")
# compare versions
if installed_os >= latest_os:
# os is up to date
io.stdout(f"{node.name}: os up to date ({installed_os})")
else:
# confirm os upgrade
if not args.yes and not io.ask(
f"{node.name}: upgrade os from {installed_os} to {latest_os}?", default=True
):
io.stdout(f"{node.name}: skipped by user")
return
# download os
with io.job(f"{node.name}: downloading OS"):
response = node.run_routeros('/system/package/update/download').raw[-1]
io.debug(f"{node.name}: OS upgrade download response: {response['status']}")
# install and wait for reboot
with io.job(f"{node.name}: upgrading OS"):
try:
response = node.run_routeros('/system/package/update/install').raw[-1]
except RemoteException:
pass
wait_up(node)
# verify new os version
with io.job(f"{node.name}: checking new OS version"):
new_os = bw.libs.version.Version(node.run_routeros('/system/package/update/check-for-updates').raw[-1]['installed-version'])
if new_os == latest_os:
io.stdout(f"{node.name}: OS successfully upgraded from {installed_os} to {new_os}")
else:
raise Exception(f"{node.name}: OS upgrade failed, expected {latest_os}, got {new_os}")
def upgrade_switch_firmware(node):
# get versions for comparison
with io.job(f"{node.name}: checking Firmware version"):
response = node.run_routeros('/system/routerboard/print').raw[-1]
current_firmware = bw.libs.version.Version(response['current-firmware'])
upgrade_firmware = bw.libs.version.Version(response['upgrade-firmware'])
io.debug(f"{node.name}: firmware installed: {current_firmware}, upgrade: {upgrade_firmware}")
# compare versions
if current_firmware >= upgrade_firmware:
# firmware is up to date
io.stdout(f"{node.name}: firmware is up to date ({current_firmware})")
else:
# confirm firmware upgrade
if not args.yes and not io.ask(
f"{node.name}: upgrade firmware from {current_firmware} to {upgrade_firmware}?", default=True
):
io.stdout(f"{node.name}: skipped by user")
return
# upgrade firmware
with io.job(f"{node.name}: upgrading Firmware"):
node.run_routeros('/system/routerboard/upgrade')
# reboot and wait
with io.job(f"{node.name}: rebooting"):
try:
node.run_routeros('/system/reboot')
except RemoteException:
pass
wait_up(node)
# verify firmware version
new_firmware = bw.libs.version.Version(node.run_routeros('/system/routerboard/print').raw[-1]['current-firmware'])
if new_firmware == upgrade_firmware:
io.stdout(f"{node.name}: firmware successfully upgraded from {current_firmware} to {new_firmware}")
else:
raise Exception(f"firmware upgrade failed, expected {upgrade_firmware}, got {new_firmware}")
def upgrade_switch(node):
with io.job(f"{node.name}: checking"):
# check if routeros
if node.os != 'routeros':
io.progress_advance(2)
io.stdout(f"{node.name}: skipped, unsupported os {node.os}")
return
# check switch reachability
try:
node.run_routeros('/system/resource/print')
except RemoteException as error:
io.progress_advance(2)
io.stdout(f"{node.name}: skipped, error {error}")
return
upgrade_switch_os(node)
io.progress_advance(1)
upgrade_switch_firmware(node)
io.progress_advance(1)
with io:
bw = Repository(dirname(dirname(realpath(__file__))))
nodes = get_target_nodes(bw, args.targets)
io.progress_set_total(len(nodes) * 2)
io.stdout(f"upgrading {len(nodes)} switches: {', '.join([node.name for node in sorted(nodes)])}")
for node in sorted(nodes):
upgrade_switch(node)

22
bin/passwords-for
View file

@ -1,22 +0,0 @@
#!/usr/bin/env python3
from bundlewrap.repo import Repository
from os.path import realpath, dirname
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('node', help='Node to generate passwords for')
args = parser.parse_args()
bw = Repository(dirname(dirname(realpath(__file__))))
node = bw.get_node(args.node)
if node.password:
print(f"password: {node.password}")
for metadata_key in sorted([
'users/root/password',
]):
if value := node.metadata.get(metadata_key, None):
print(f"{metadata_key}: {value}")

2
bin/script_template
View file

@ -3,4 +3,4 @@
from bundlewrap.repo import Repository from bundlewrap.repo import Repository
from os.path import realpath, dirname from os.path import realpath, dirname
bw = Repository(dirname(dirname(realpath(__file__)))) repo = Repository(dirname(dirname(realpath(__file__))))

132
bin/sync_1password
View file

@ -1,132 +0,0 @@
#!/usr/bin/env python3
from bundlewrap.repo import Repository
from os.path import realpath, dirname
import json
import os
import subprocess
from dataclasses import dataclass
from typing import Optional, List
bw = Repository(dirname(dirname(realpath(__file__))))
VAULT=bw.vault.decrypt('encrypt$gAAAAABpLgX_xxb5NmNCl3cgHM0JL65GT6PHVXO5gwly7IkmWoEgkCDSuAcSAkNFB8Tb4RdnTdpzVQEUL1XppTKVto_O7_b11GjATiyQYiSfiQ8KZkTKLvk=').value
BW_TAG = "bw"
BUNDLEWRAP_FIELD_LABEL = "bundlewrap node id"
@dataclass
class OpResult:
stdout: str
stderr: str
returncode: int
def main():
for node in bw.nodes_in_group('routeros'):
upsert_node_item(
node_name=node.name,
node_uuid=node.metadata.get('id'),
username=node.username,
password=node.password,
url=f'http://{node.hostname}',
)
def run_op(args):
proc = subprocess.run(
["op", "--vault", VAULT] + args,
env=os.environ.copy(),
capture_output=True,
text=True,
)
if proc.returncode != 0:
raise RuntimeError(
f"op {' '.join(args)} failed with code {proc.returncode}:\n"
f"STDOUT:\n{proc.stdout}\n\nSTDERR:\n{proc.stderr}"
)
return OpResult(stdout=proc.stdout, stderr=proc.stderr, returncode=proc.returncode)
def op_item_list_bw():
out = run_op([
"item", "list",
"--tags", BW_TAG,
"--format", "json",
])
stdout = out.stdout.strip()
return json.loads(stdout) if stdout else []
def op_item_get(item_id):
args = ["item", "get", item_id, "--format", "json"]
return json.loads(run_op(args).stdout)
def op_item_create(title, node_uuid, username, password, url):
print(f"creating {title}")
return json.loads(run_op([
"item", "create",
"--category", "LOGIN",
"--title", title,
"--tags", BW_TAG,
"--url", url,
"--format", "json",
f"username={username}",
f"password={password}",
f"{BUNDLEWRAP_FIELD_LABEL}[text]={node_uuid}",
]).stdout)
def op_item_edit(item_id, title, username, password, url):
print(f"updating {title}")
return json.loads(run_op([
"item", "edit",
item_id,
"--title", title,
"--url", url,
"--format", "json",
f"username={username}",
f"password={password}",
]).stdout)
def find_node_item_id(node_uuid):
for summary in op_item_list_bw():
item_id = summary.get("id")
if not item_id:
continue
item = op_item_get(item_id)
for field in item.get("fields") or []:
label = field.get("label")
value = field.get("value")
if label == BUNDLEWRAP_FIELD_LABEL and value == node_uuid:
return item_id
return None
def upsert_node_item(node_name, node_uuid, username, password, url):
if item_id := find_node_item_id(node_uuid):
return op_item_edit(
item_id=item_id,
title=node_name,
username=username,
password=password,
url=url,
)
else:
return op_item_create(
title=node_name,
node_uuid=node_uuid,
username=username,
password=password,
url=url,
)
if __name__ == "__main__":
main()

38
bin/wireguard-client-config → bin/wireguard_client_config
View file

@ -4,21 +4,20 @@ from bundlewrap.repo import Repository
from os.path import realpath, dirname from os.path import realpath, dirname
from sys import argv from sys import argv
from ipaddress import ip_network, ip_interface from ipaddress import ip_network, ip_interface
import argparse
if len(argv) != 3:
print(f'usage: {argv[0]} <node> <client>')
exit(1)
# get info from repo
repo = Repository(dirname(dirname(realpath(__file__)))) repo = Repository(dirname(dirname(realpath(__file__))))
server_node = repo.get_node('htz.mails') server_node = repo.get_node(argv[1])
available_clients = server_node.metadata.get('wireguard/clients').keys()
# parse args if argv[2] not in server_node.metadata.get('wireguard/clients'):
parser = argparse.ArgumentParser(description='Generate WireGuard client configuration.') print(f'client {argv[2]} not found in: {server_node.metadata.get("wireguard/clients").keys()}')
parser.add_argument('client', choices=available_clients, help='The client name to generate the configuration for.') exit(1)
args = parser.parse_args()
data = server_node.metadata.get(f'wireguard/clients/{argv[2]}')
# get cert
data = server_node.metadata.get(f'wireguard/clients/{args.client}')
vpn_network = ip_interface(server_node.metadata.get('wireguard/my_ip')).network vpn_network = ip_interface(server_node.metadata.get('wireguard/my_ip')).network
allowed_ips = [ allowed_ips = [
vpn_network, vpn_network,
@ -44,15 +43,10 @@ Endpoint = {ip_interface(server_node.metadata.get('network/external/ipv4')).ip}:
PersistentKeepalive = 10 PersistentKeepalive = 10
''' '''
answer = input("print config or qrcode? [Cq]: ").strip().upper() print('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>')
match answer: print(conf)
case '' | 'C': print('<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<')
print('>>>>>>>>>>>>>>>')
print(conf) if input("print qrcode? [Yn]: ").upper() in ['', 'Y']:
print('<<<<<<<<<<<<<<<') import pyqrcode
case 'Q': print(pyqrcode.create(conf).terminal(quiet_zone=1))
import pyqrcode
print(pyqrcode.create(conf).terminal(quiet_zone=1))
case _:
print(f'Invalid option "{answer}".')
exit(1)

18
bundles/apcupsd/metadata.py
View file

@ -13,14 +13,16 @@ defaults = {
}, },
}, },
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'exec': { 'inputs': {
'apcupsd': { 'exec': {
'commands': ["sudo /usr/local/share/telegraf/apcupsd"], repo.libs.hashable.hashable({
'name_override': "apcupsd", 'commands': ["sudo /usr/local/share/telegraf/apcupsd"],
'data_format': "influx", 'name_override': "apcupsd",
'interval': '30s', 'data_format': "influx",
'flush_interval': '30s', 'interval': '30s',
'flush_interval': '30s',
}),
}, },
}, },
}, },

8
bundles/bind/metadata.py
View file

@ -49,13 +49,13 @@ defaults = {
}, },
}, },
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'bind': { 'inputs': {
'default': { 'bind': [{
'urls': ['http://localhost:8053/xml/v3'], 'urls': ['http://localhost:8053/xml/v3'],
'gather_memory_contexts': False, 'gather_memory_contexts': False,
'gather_views': True, 'gather_views': True,
}, }],
}, },
}, },
}, },

5
bundles/bootshorn/files/process
View file

@ -112,11 +112,6 @@ def process_recording(filename):
sample_num += samples_per_block - overlapping_samples sample_num += samples_per_block - overlapping_samples
# move to PROCESSED_RECORDINGS_DIR
os.makedirs(PROCESSED_RECORDINGS_DIR, exist_ok=True)
shutil.move(os.path.join(RECORDINGS_DIR, filename), os.path.join(PROCESSED_RECORDINGS_DIR, filename))
# write a spectrogram using the sound from start to end of the event # write a spectrogram using the sound from start to end of the event
def write_event(current_event, soundfile, samplerate): def write_event(current_event, soundfile, samplerate):

4
bundles/bootshorn/files/record
View file

@ -19,7 +19,5 @@ do
-t "3600" \ -t "3600" \
-c:a flac \ -c:a flac \
-compression_level 12 \ -compression_level 12 \
"recordings/current/$DATE.flac" "recordings/$DATE.flac"
mv "recordings/current/$DATE.flac" "recordings/$DATE.flac"
done done

2
bundles/bootshorn/files/temperature
View file

@ -8,7 +8,7 @@ urllib3.disable_warnings()
import os import os
HUE_IP = "${hue_ip}" # replace with your bridge IP HUE_IP = "10.0.0.134" # replace with your bridge IP
HUE_APP_KEY = "${hue_app_key}" # local only HUE_APP_KEY = "${hue_app_key}" # local only
HUE_DEVICE_ID = "31f58786-3242-4e88-b9ce-23f44ba27bbe" HUE_DEVICE_ID = "31f58786-3242-4e88-b9ce-23f44ba27bbe"
TEMPERATURE_LOG_DIR = "/opt/bootshorn/temperatures" TEMPERATURE_LOG_DIR = "/opt/bootshorn/temperatures"

7
bundles/bootshorn/items.py
View file

@ -7,15 +7,11 @@ directories = {
'owner': 'ckn', 'owner': 'ckn',
'group': 'ckn', 'group': 'ckn',
}, },
'/opt/bootshorn/temperatures': {
'owner': 'ckn',
'group': 'ckn',
},
'/opt/bootshorn/recordings': { '/opt/bootshorn/recordings': {
'owner': 'ckn', 'owner': 'ckn',
'group': 'ckn', 'group': 'ckn',
}, },
'/opt/bootshorn/recordings/current': { '/opt/bootshorn/temperatures': {
'owner': 'ckn', 'owner': 'ckn',
'group': 'ckn', 'group': 'ckn',
}, },
@ -38,7 +34,6 @@ files = {
'/opt/bootshorn/temperature': { '/opt/bootshorn/temperature': {
'content_type': 'mako', 'content_type': 'mako',
'context': { 'context': {
'hue_ip': repo.get_node('home.hue').hostname,
'hue_app_key': repo.vault.decrypt('encrypt$gAAAAABoc2WxZCLbxl-Z4IrSC97CdOeFgBplr9Fp5ujpd0WCCCPNBUY_WquHN86z8hKLq5Y04dwq8TdJW0PMSOSgTFbGgdp_P1q0jOBLEKaW9IIT1YM88h-JYwLf9QGDV_5oEfvnBCtO'), 'hue_app_key': repo.vault.decrypt('encrypt$gAAAAABoc2WxZCLbxl-Z4IrSC97CdOeFgBplr9Fp5ujpd0WCCCPNBUY_WquHN86z8hKLq5Y04dwq8TdJW0PMSOSgTFbGgdp_P1q0jOBLEKaW9IIT1YM88h-JYwLf9QGDV_5oEfvnBCtO'),
}, },
'owner': 'ckn', 'owner': 'ckn',

2
bundles/build-agent/metadata.py
View file

@ -27,7 +27,7 @@ def ssh_keys(metadata):
'users': { 'users': {
'build-agent': { 'build-agent': {
'authorized_users': { 'authorized_users': {
f'build-server@{other_node.name}': {} f'build-server@{other_node.name}'
for other_node in repo.nodes for other_node in repo.nodes
if other_node.has_bundle('build-server') if other_node.has_bundle('build-server')
for architecture in other_node.metadata.get('build-server/architectures').values() for architecture in other_node.metadata.get('build-server/architectures').values()

2
bundles/build-ci/metadata.py
View file

@ -14,7 +14,7 @@ def ssh_keys(metadata):
'users': { 'users': {
'build-ci': { 'build-ci': {
'authorized_users': { 'authorized_users': {
f'build-server@{other_node.name}': {} f'build-server@{other_node.name}'
for other_node in repo.nodes for other_node in repo.nodes
if other_node.has_bundle('build-server') if other_node.has_bundle('build-server')
}, },

1
bundles/crystal/metadata.py
View file

@ -8,7 +8,6 @@ defaults = {
'sources': { 'sources': {
'crystal': { 'crystal': {
# https://software.opensuse.org/download.html?project=devel%3Alanguages%3Acrystal&package=crystal # https://software.opensuse.org/download.html?project=devel%3Alanguages%3Acrystal&package=crystal
# curl -fsSL https://download.opensuse.org/repositories/devel:/languages:/crystal/Debian_Testing/Release.key
'urls': { 'urls': {
'http://download.opensuse.org/repositories/devel:/languages:/crystal/Debian_Testing/', 'http://download.opensuse.org/repositories/devel:/languages:/crystal/Debian_Testing/',
}, },

2
bundles/download-server/metadata.py
View file

@ -57,7 +57,7 @@ def ssh_keys(metadata):
'users': { 'users': {
'downloads': { 'downloads': {
'authorized_users': { 'authorized_users': {
f'build-server@{other_node.name}': {} f'build-server@{other_node.name}'
for other_node in repo.nodes for other_node in repo.nodes
if other_node.has_bundle('build-server') if other_node.has_bundle('build-server')
}, },

6
bundles/grafana/items.py
View file

@ -127,7 +127,7 @@ for dashboard_id, monitored_node in enumerate(monitored_nodes, start=1):
panel['gridPos']['y'] = (row_id - 1) * panel['gridPos']['h'] panel['gridPos']['y'] = (row_id - 1) * panel['gridPos']['h']
if 'display_name' in panel_config: if 'display_name' in panel_config:
panel['fieldConfig']['defaults']['displayName'] = panel_config['display_name'] panel['fieldConfig']['defaults']['displayName'] = '${'+panel_config['display_name']+'}'
if panel_config.get('stacked'): if panel_config.get('stacked'):
panel['fieldConfig']['defaults']['custom']['stacking']['mode'] = 'normal' panel['fieldConfig']['defaults']['custom']['stacking']['mode'] = 'normal'
@ -158,14 +158,13 @@ for dashboard_id, monitored_node in enumerate(monitored_nodes, start=1):
host=monitored_node.name, host=monitored_node.name,
negative=query_config.get('negative', False), negative=query_config.get('negative', False),
boolean_to_int=query_config.get('boolean_to_int', False), boolean_to_int=query_config.get('boolean_to_int', False),
over=query_config.get('over', None), minimum=query_config.get('minimum', None),
filters={ filters={
'host': monitored_node.name, 'host': monitored_node.name,
**query_config['filters'], **query_config['filters'],
}, },
exists=query_config.get('exists', []), exists=query_config.get('exists', []),
function=query_config.get('function', None), function=query_config.get('function', None),
multiply=query_config.get('multiply', None),
).strip() ).strip()
}) })
@ -179,3 +178,4 @@ for dashboard_id, monitored_node in enumerate(monitored_nodes, start=1):
'svc_systemd:grafana-server:restart', 'svc_systemd:grafana-server:restart',
] ]
} }

2
bundles/hardware/items.py
View file

@ -2,7 +2,7 @@ files = {
'/usr/local/share/telegraf/cpu_frequency': { '/usr/local/share/telegraf/cpu_frequency': {
'mode': '0755', 'mode': '0755',
'triggers': { 'triggers': {
'svc_systemd:telegraf.service:restart', 'svc_systemd:telegraf:restart',
}, },
}, },
} }

32
bundles/hardware/metadata.py
View file

@ -14,25 +14,25 @@ defaults = {
}, },
}, },
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'sensors': { 'inputs': {
'default': { 'sensors': {repo.libs.hashable.hashable({
'timeout': '2s', 'timeout': '2s',
})},
'exec': {
repo.libs.hashable.hashable({
'commands': ["sudo /usr/local/share/telegraf/cpu_frequency"],
'name_override': "cpu_frequency",
'data_format': "influx",
}),
# repo.libs.hashable.hashable({
# 'commands': ["/bin/bash -c 'expr $(cat /sys/class/thermal/thermal_zone0/temp) / 1000'"],
# 'name_override': "cpu_temperature",
# 'data_format': "value",
# 'data_type': "integer",
# }),
}, },
}, },
'exec': {
'cpu_frequency': {
'commands': ["sudo /usr/local/share/telegraf/cpu_frequency"],
'name_override': "cpu_frequency",
'data_format': "influx",
},
# repo.libs.hashable.hashable({
# 'commands': ["/bin/bash -c 'expr $(cat /sys/class/thermal/thermal_zone0/temp) / 1000'"],
# 'name_override': "cpu_temperature",
# 'data_format': "value",
# 'data_type': "integer",
# }),
},
}, },
}, },
} }

13
bundles/left4dead2/files/scripts/helpers
View file

@ -1,13 +0,0 @@
#!/bin/bash
set -xeuo pipefail
function steam() {
# for systemd, so it can terminate the process (for other things sudo would have been enough)
setpriv --reuid=steam --regid=steam --init-groups "$@" <&0
export HOME=/opt/l4d2/steam
}
function workshop() {
steam mkdir -p "/opt/l4d2/overlays/${overlay}/left4dead2/addons"
steam /opt/l4d2/scripts/steam-workshop-download --out "/opt/l4d2/overlays/${overlay}/left4dead2/addons" "$@"
}

10
bundles/left4dead2/files/scripts/overlays/competitive_rework
View file

@ -1,10 +0,0 @@
#!/bin/bash
set -xeuo pipefail
source /opt/l4d2/scripts/helpers
overlay=$(basename "$0")
# https://github.com/SirPlease/L4D2-Competitive-Rework
steam mkdir -p /opt/l4d2/overlays/$overlay/left4dead2
test -d /opt/l4d2/overlays/$overlay/left4dead2/cfg/cfgogl || \
curl -L https://github.com/SirPlease/L4D2-Competitive-Rework/archive/refs/heads/master.tar.gz | steam tar -xz --strip-components=1 -C /opt/l4d2/overlays/$overlay/left4dead2

128
bundles/left4dead2/files/scripts/overlays/l4d2center_maps
View file

@ -1,128 +0,0 @@
#!/bin/bash
set -xeuo pipefail
source /opt/l4d2/scripts/helpers
overlay=$(basename "$0")
steam mkdir -p /opt/l4d2/overlays/$overlay/left4dead2/addons
cd /opt/l4d2/overlays/$overlay/left4dead2/addons
# https://l4d2center.com/maps/servers/l4d2center_maps_sync.sh.txt ->
# Exit immediately if a command exits with a non-zero status.
set -e
# Function to print error messages
error_exit() {
echo "Error: $1" >&2
exit 1
}
# Check if the current directory ends with /left4dead2/addons
current_dir=$(pwd)
expected_dir="/left4dead2/addons"
if [[ ! "$current_dir" == *"$expected_dir" ]]; then
error_exit "Script must be run from your L4D2 \"addons\" folder. Current directory: $current_dir"
fi
# Check for required commands
for cmd in curl md5sum 7z; do
if ! command -v "$cmd" >/dev/null 2>&1; then
error_exit "Required command '$cmd' is not installed. Please install it and retry."
fi
done
# URL of the CSV file
CSV_URL="https://l4d2center.com/maps/servers/index.csv"
# Temporary file to store CSV
TEMP_CSV=$(mktemp)
# Ensure temporary file is removed on exit
trap 'rm -f "$TEMP_CSV"' EXIT
echo "Downloading CSV from $CSV_URL..."
curl -sSL -o "$TEMP_CSV" "$CSV_URL" || error_exit "Failed to download CSV."
declare -A map_md5
declare -A map_links
# Read CSV and populate associative arrays
{
# Skip the first line (header)
IFS= read -r header
while IFS=';' read -r Name Size MD5 DownloadLink || [[ $Name ]]; do
# Trim whitespace
Name=$(echo "$Name" | xargs)
MD5=$(echo "$MD5" | xargs)
DownloadLink=$(echo "$DownloadLink" | xargs)
# Populate associative arrays
map_md5["$Name"]="$MD5"
map_links["$Name"]="$DownloadLink"
done
} < "$TEMP_CSV"
# Get list of expected VPK files
expected_vpk=("${!map_md5[@]}")
# Remove VPK files not in expected list or with mismatched MD5
echo "Cleaning up existing VPK files..."
for file in *.vpk; do
# Check if it's a regular file
if [[ -f "$file" ]]; then
if [[ -z "${map_md5["$file"]}" ]]; then
echo "Removing unexpected file: $file"
rm -f "$file"
else
# Calculate MD5
echo "Calculating MD5 for existing file: $file..."
current_md5=$(md5sum "$file" | awk '{print $1}')
expected_md5="${map_md5["$file"]}"
if [[ "$current_md5" != "$expected_md5" ]]; then
echo "MD5 mismatch for $file. Removing."
rm -f "$file"
fi
fi
fi
done
# Download and extract missing or updated VPK files
echo "Processing required VPK files..."
for vpk in "${expected_vpk[@]}"; do
if [[ ! -f "$vpk" ]]; then
echo "Downloading and extracting $vpk..."
download_url="${map_links["$vpk"]}"
if [[ -z "$download_url" ]]; then
echo "No download link found for $vpk. Skipping."
continue
fi
encoded_url=$(echo "$download_url" | sed 's/ /%20/g')
# Download the .7z file to a temporary location
TEMP_7Z=$(mktemp --suffix=.7z)
curl -# -L -o "$TEMP_7Z" "$encoded_url"
# Check if the download was successful
if [[ $? -ne 0 ]]; then
echo "Failed to download $download_url. Skipping."
rm -f "$TEMP_7Z"
continue
fi
# Extract the .7z file
7z x -y "$TEMP_7Z" || { echo "Failed to extract $TEMP_7Z. Skipping."; rm -f "$TEMP_7Z"; continue; }
# Remove the temporary .7z file
rm -f "$TEMP_7Z"
else
echo "$vpk is already up to date."
fi
done
echo "Synchronization complete."

25
bundles/left4dead2/files/scripts/overlays/tickrate
View file

@ -1,25 +0,0 @@
#!/bin/bash
set -xeuo pipefail
source /opt/l4d2/scripts/helpers
overlay=$(basename "$0")
# server config
# https://github.com/SirPlease/L4D2-Competitive-Rework/blob/7ecc3a32a5e2180d6607a40119ff2f3c072502a9/cfg/server.cfg#L58-L69
# https://www.programmersought.com/article/513810199514/
steam mkdir -p /opt/l4d2/overlays/$overlay/left4dead2/cfg
steam cat <<'EOF' > /opt/l4d2/overlays/$overlay/left4dead2/cfg/server.cfg
# https://github.com/SirPlease/L4D2-Competitive-Rework/blob/7ecc3a32a5e2180d6607a40119ff2f3c072502a9/cfg/server.cfg#L58-L69
sv_minrate 100000
sv_maxrate 100000
nb_update_frequency 0.014
net_splitpacket_maxrate 50000
net_maxcleartime 0.0001
fps_max 0
EOF
# install tickrate enabler
steam mkdir -p "/opt/l4d2/overlays/${overlay}/left4dead2/addons"
for file in tickrate_enabler.dll tickrate_enabler.so tickrate_enabler.vdf
do
curl -L "https://github.com/SirPlease/L4D2-Competitive-Rework/raw/refs/heads/master/addons/${file}" -o "/opt/l4d2/overlays/${overlay}/left4dead2/addons/${file}"
done

12
bundles/left4dead2/files/scripts/overlays/vanilla
View file

@ -1,12 +0,0 @@
#!/bin/bash
set -xeuo pipefail
source /opt/l4d2/scripts/helpers
overlay=$(basename "$0")
# Ions Vocalizer
workshop -i 698857882
# admin system
workshop --item 2524204971
steam mkdir -p "/opt/l4d2/overlays/${overlay}/left4dead2/ems/admin system"
steam echo "STEAM_1:0:12376499" > "/opt/l4d2/overlays/${overlay}/left4dead2/ems/admin system/admins.txt"

13
bundles/left4dead2/files/scripts/overlays/workshop_maps
View file

@ -1,13 +0,0 @@
#!/bin/bash
set -xeuo pipefail
source /opt/l4d2/scripts/helpers
overlay=$(basename "$0")
workshop --collection 121115793 # Back To School
workshop --item 2957035482 # hehe30-part1
workshop --item 2973628334 # hehe30-part2
workshop --item 3013844371 # hehe30-part3
workshop --item 3478461158 # 虚伪黎明(Dawn's Deception)
workshop --item 3478934394 # 虚伪黎明(Dawn's Deception)PART2

13
bundles/left4dead2/files/server.cfg
View file

@ -1,13 +0,0 @@
// defaults
hostname ${server_name}
motd_enabled 0
rcon_password ${rcon_password}
sv_steamgroup "38347879"
mp_autoteambalance 0
sv_forcepreload 1
// server specific
% for line in config:
${line}
% endfor

74
bundles/left4dead2/files/setup
View file

@ -2,16 +2,6 @@
set -xeuo pipefail set -xeuo pipefail
# -- DEFINE FUNCTIONS AND VARIABLES -- #
function steam() {
# for systemd, so it can terminate the process (for other things sudo would have been enough)
setpriv --reuid=steam --regid=steam --init-groups "$@" <&0
export HOME=/opt/l4d2/steam
}
# -- PREPARE SYSTEM -- #
getent passwd steam >/dev/null || useradd -M -d /opt/l4d2 -s /bin/bash steam getent passwd steam >/dev/null || useradd -M -d /opt/l4d2 -s /bin/bash steam
mkdir -p /opt/l4d2 /tmp/dumps mkdir -p /opt/l4d2 /tmp/dumps
chown steam:steam /opt/l4d2 /tmp/dumps chown steam:steam /opt/l4d2 /tmp/dumps
@ -19,25 +9,26 @@ dpkg --add-architecture i386
apt update apt update
DEBIAN_FRONTEND=noninteractive apt install -y libc6:i386 lib32z1 DEBIAN_FRONTEND=noninteractive apt install -y libc6:i386 lib32z1
# workshop downloader function steam() {
test -f /opt/l4d2/scripts/steam-workshop-download || \ # für systemd, damit es den prozess beenden kann
steam wget -4 https://git.sublimity.de/cronekorkn/steam-workshop-downloader/raw/branch/master/steam-workshop-download -P /opt/l4d2/scripts setpriv --reuid=steam --regid=steam --init-groups "$@"
steam chmod +x /opt/l4d2/scripts/steam-workshop-download export HOME=/opt/l4d2/steam
}
# -- STEAM -- # # -- STEAM -- #
steam mkdir -p /opt/l4d2/steam steam mkdir -p /opt/l4d2/steam
test -f /opt/l4d2/steam/steamcmd_linux.tar.gz || \ test -f /opt/l4d2/steam/steamcmd_linux.tar.gz || \
steam wget http://media.steampowered.com/installer/steamcmd_linux.tar.gz -P /opt/l4d2/steam steam wget http://media.steampowered.com/installer/steamcmd_linux.tar.gz -P /opt/l4d2/steam
test -f /opt/l4d2/steam/steamcmd.sh || \ test -f /opt/l4d2/steam/steamcmd.sh || \
steam tar -xvzf /opt/l4d2/steam/steamcmd_linux.tar.gz -C /opt/l4d2/steam steam tar -xvzf /opt/l4d2/steam/steamcmd_linux.tar.gz -C /opt/l4d2/steam
# fix for: /opt/l4d2/.steam/sdk32/steamclient.so: cannot open shared object file: No such file or directory # fix for: /opt/l4d2/.steam/sdk32/steamclient.so: cannot open shared object file: No such file or directory
steam mkdir -p /opt/l4d2/steam/.steam # needs to be in steam users home dir steam mkdir -p /opt/l4d2/steam/.steam # needs to be in steam users home dir
readlink /opt/l4d2/steam/.steam/sdk32 | grep -q ^/opt/l4d2/steam/linux32$ || \ readlink /opt/l4d2/steam/.steam/sdk32 | grep -q ^/opt/l4d2/steam/linux32$ || \
steam ln -sf /opt/l4d2/steam/linux32 /opt/l4d2/steam/.steam/sdk32 steam ln -sf /opt/l4d2/steam/linux32 /opt/l4d2/steam/.steam/sdk32
readlink /opt/l4d2/steam/.steam/sdk64 | grep -q ^/opt/l4d2/steam/linux64$ || \ readlink /opt/l4d2/steam/.steam/sdk64 | grep -q ^/opt/l4d2/steam/linux64$ || \
steam ln -sf /opt/l4d2/steam/linux64 /opt/l4d2/steam/.steam/sdk64 steam ln -sf /opt/l4d2/steam/linux64 /opt/l4d2/steam/.steam/sdk64
# -- INSTALL -- # # -- INSTALL -- #
@ -58,13 +49,46 @@ steam /opt/l4d2/steam/steamcmd.sh \
# -- OVERLAYS -- # # -- OVERLAYS -- #
for overlay_path in /opt/l4d2/scripts/overlays/*; do steam mkdir -p /opt/l4d2/overlays
overlay=$(basename "$overlay_path")
steam mkdir -p /opt/l4d2/overlays/$overlay # workshop downloader
bash -xeuo pipefail "$overlay_path" test -f /opt/l4d2/steam-workshop-download || \
test -f /opt/l4d2/overlays/$overlay/left4dead2/cfg/server.cfg && \ steam wget -4 https://git.sublimity.de/cronekorkn/steam-workshop-downloader/raw/branch/master/steam-workshop-download -P /opt/l4d2
steam cp /opt/l4d2/overlays/$overlay/left4dead2/cfg/server.cfg /opt/l4d2/overlays/$overlay/left4dead2/cfg/server_$overlay.cfg steam chmod +x /opt/l4d2/steam-workshop-download
done
# -- OVERLAY PVE -- #
steam mkdir -p /opt/l4d2/overlays/pve
# server config
steam mkdir -p /opt/l4d2/overlays/pve/left4dead2/cfg
steam cat <<'EOF' > /opt/l4d2/overlays/pve/left4dead2/cfg/server.cfg
motd_enabled 0
sv_steamgroup "38347879"
#sv_steamgroup_exclusive 0
sv_minrate 60000
sv_maxrate 0
net_splitpacket_maxrate 60000
#sv_cheats 1
#sb_all_bot_game 1
EOF
# admin system
steam mkdir -p /opt/l4d2/overlays/pve/left4dead2/addons
test -f /opt/l4d2/overlays/pve/left4dead2/addons/2524204971.vpk || \
steam /opt/l4d2/steam-workshop-download 2524204971 --out /opt/l4d2/overlays/pve/left4dead2/addons
steam mkdir -p "/opt/l4d2/overlays/pve/left4dead2/ems/admin system"
steam echo "STEAM_1:0:12376499" > "/opt/l4d2/overlays/pve/left4dead2/ems/admin system/admins.txt"
# ions vocalizer
test -f /opt/l4d2/overlays/pve/left4dead2/addons/698857882.vpk || \
steam /opt/l4d2/steam-workshop-download 698857882 --out /opt/l4d2/overlays/pve/left4dead2/addons
test -f /opt/l4d2/overlays/pve/left4dead2/addons/1575673903.vpk || \
steam /opt/l4d2/steam-workshop-download 1575673903 --out /opt/l4d2/overlays/pve/left4dead2/addons
# -- SERVERS -- # # -- SERVERS -- #

57
bundles/left4dead2/files/start
View file

@ -2,41 +2,9 @@
set -xeuo pipefail set -xeuo pipefail
name="" name=$1
port="" overlay=$2
configfile="" port=$3
overlays=""
arguments=""
while [[ $# -gt 0 ]]; do
case "$1" in
-n|--name)
name="$2"; shift 2
;;
-p|--port)
port="$2"; shift 2
;;
-c|--config)
configfile="$2"; shift 2
;;
-o|--overlay)
overlays="/opt/l4d2/overlays/$2:$overlays"; shift 2
;;
--)
shift
arguments+="$@"
break
;;
*)
echo "ERROR: unknown argument $1"; exit 1
;;
esac
done
[[ -n "${name}" ]] || { echo "ERROR: -n/--name missing"; exit 1; }
[[ -n "${port}" ]] || { echo "ERROR: -p/--port missing"; exit 1; }
# -- HELPER FUNCTIONS -- #
function steam() { function steam() {
# für systemd, damit es den prozess beenden kann # für systemd, damit es den prozess beenden kann
@ -44,32 +12,17 @@ function steam() {
export HOME=/opt/l4d2/steam export HOME=/opt/l4d2/steam
} }
# -- TIDY UP -- #
mountpoint -q "/opt/l4d2/servers/$name/merged" && umount "/opt/l4d2/servers/$name/merged" mountpoint -q "/opt/l4d2/servers/$name/merged" && umount "/opt/l4d2/servers/$name/merged"
steam rm -rf "/opt/l4d2/servers/$name" steam rm -rf "/opt/l4d2/servers/$name"
# -- CREATE DIRECTORIES -- #
steam mkdir -p \ steam mkdir -p \
"/opt/l4d2/servers/$name" \ "/opt/l4d2/servers/$name" \
"/opt/l4d2/servers/$name/work" \ "/opt/l4d2/servers/$name/work" \
"/opt/l4d2/servers/$name/upper" \ "/opt/l4d2/servers/$name/upper" \
"/opt/l4d2/servers/$name/merged" "/opt/l4d2/servers/$name/merged"
# -- MOUNT OVERLAYFS -- #
mount -t overlay overlay \ mount -t overlay overlay \
-o "lowerdir=$overlays/opt/l4d2/installation,upperdir=/opt/l4d2/servers/$name/upper,workdir=/opt/l4d2/servers/$name/work" \ -o "lowerdir=/opt/l4d2/overlays/$overlay:/opt/l4d2/installation,upperdir=/opt/l4d2/servers/$name/upper,workdir=/opt/l4d2/servers/$name/work" \
"/opt/l4d2/servers/$name/merged" "/opt/l4d2/servers/$name/merged"
# -- REPLACE SERVER.CFG -- # steam "/opt/l4d2/servers/$name/merged/srcds_run" -norestart -pidfile "/opt/l4d2/servers/$name/pid" -game left4dead2 -ip 0.0.0.0 -port "$port" +hostname "Crone_$name" +map c1m1_hotel
if [[ -n "$configfile" ]]; then
cp "$configfile" "/opt/l4d2/servers/$name/merged/left4dead2/cfg/server.cfg"
chown steam:steam "/opt/l4d2/servers/$name/merged/left4dead2/cfg/server.cfg"
fi
# -- RUN L4D2 -- #
steam "/opt/l4d2/servers/$name/merged/srcds_run" -norestart -pidfile "/opt/l4d2/servers/$name/pid" -game left4dead2 -ip 0.0.0.0 -port "$port" +hostname "Crone_$name" +map c1m1_hotel $arguments

19
bundles/left4dead2/files/stop
View file

@ -1,19 +0,0 @@
#!/bin/bash
set -xeuo pipefail
name=""
while [[ $# -gt 0 ]]; do
case "$1" in
-n|--name)
name="$2"; shift 2
;;
*)
echo "ERROR: unknown argument $1"; exit 1
;;
esac
done
mountpoint -q "/opt/l4d2/servers/$name/merged" && umount "/opt/l4d2/servers/$name/merged"
steam rm -rf "/opt/l4d2/servers/$name"

78
bundles/left4dead2/items.py
View file

@ -1,97 +1,23 @@
users = {
'steam': {
'home': '/opt/l4d2/steam',
'shell': '/bin/bash',
},
}
directories = {
'/opt/l4d2': {
'owner': 'steam', 'group': 'steam',
},
'/opt/l4d2/steam': {
'owner': 'steam', 'group': 'steam',
},
'/opt/l4d2/configs': {
'owner': 'steam', 'group': 'steam',
'purge': True,
},
'/opt/l4d2/scripts': {
'owner': 'steam', 'group': 'steam',
},
'/opt/l4d2/scripts/overlays': {
'owner': 'steam', 'group': 'steam',
'purge': True,
},
}
files = { files = {
'/opt/l4d2/setup': { '/opt/l4d2/setup': {
'mode': '755', 'mode': '755',
'triggers': {
'svc_systemd:left4dead2-initialize.service:restart',
},
}, },
'/opt/l4d2/start': { '/opt/l4d2/start': {
'mode': '755', 'mode': '755',
'triggers': {
f'svc_systemd:left4dead2-{server_name}.service:restart'
for server_name in node.metadata.get('left4dead2/servers').keys()
},
},
'/opt/l4d2/stop': {
'mode': '755',
'triggers': {
f'svc_systemd:left4dead2-{server_name}.service:restart'
for server_name in node.metadata.get('left4dead2/servers').keys()
},
},
'/opt/l4d2/scripts/helpers': {
'source': 'scripts/helpers',
'mode': '755',
'triggers': {
'svc_systemd:left4dead2-initialize.service:restart',
},
}, },
} }
for overlay in node.metadata.get('left4dead2/overlays'):
files[f'/opt/l4d2/scripts/overlays/{overlay}'] = {
'source': f'scripts/overlays/{overlay}',
'mode': '755',
'triggers': {
'svc_systemd:left4dead2-initialize.service:restart',
},
}
svc_systemd = { svc_systemd = {
'left4dead2-initialize.service': { 'left4dead2-initialize.service': {
'enabled': True, 'enabled': True,
'running': None, 'running': None,
'needs': { 'needs': {
'tag:left4dead2-packages',
'file:/opt/l4d2/setup',
'file:/usr/local/lib/systemd/system/left4dead2-initialize.service', 'file:/usr/local/lib/systemd/system/left4dead2-initialize.service',
}, },
}, },
} }
for server_name, config in node.metadata.get('left4dead2/servers').items(): for server_name in node.metadata.get('left4dead2').keys():
files[f'/opt/l4d2/configs/{server_name}.cfg'] = {
'source': 'server.cfg',
'content_type': 'mako',
'context': {
'server_name': server_name,
'rcon_password': repo.vault.decrypt('encrypt$gAAAAABpAdZhxwJ47I1AXotuZmBvyZP1ecVTt9IXFkLI28JiVS74LKs9QdgIBz-FC-iXtIHHh_GVGxxKQZprn4UrXZcvZ57kCKxfHBs3cE2JiGnbWE8_mfs=').value,
'config': config.get('config', []),
},
'owner': 'steam',
'mode': '644',
'triggers': {
f'svc_systemd:left4dead2-{server_name}.service:restart',
},
}
svc_systemd[f'left4dead2-{server_name}.service'] = { svc_systemd[f'left4dead2-{server_name}.service'] = {
'enabled': True, 'enabled': True,
'running': True, 'running': True,
@ -101,5 +27,5 @@ for server_name, config in node.metadata.get('left4dead2/servers').items():
'needs': { 'needs': {
'svc_systemd:left4dead2-initialize.service', 'svc_systemd:left4dead2-initialize.service',
f'file:/usr/local/lib/systemd/system/left4dead2-{server_name}.service', f'file:/usr/local/lib/systemd/system/left4dead2-{server_name}.service',
}, }
} }

53
bundles/left4dead2/metadata.py
View file

@ -1,36 +1,15 @@
from re import match from re import match
from os import path, listdir
defaults = { defaults = {
'apt': { 'apt': {
'packages': { 'packages': {
'libc6_i386': { # installs libc6:i386 'libc6_i386': {}, # installs libc6:i386
'tags': {'left4dead2-packages'}, 'lib32z1': {},
}, 'unzip': {},
'lib32z1': {
'tags': {'left4dead2-packages'},
},
'unzip': {
'tags': {'left4dead2-packages'},
},
'p7zip-full': { # l4d2center_maps_sync.sh
'tags': {'left4dead2-packages'},
},
},
},
'left4dead2': {
'overlays': set(listdir(path.join(repo.path, 'bundles/left4dead2/files/scripts/overlays'))),
'servers': {
# 'port': 27017,
# 'overlays': ['competitive_rework'],
# 'arguments': ['-tickrate 60'],
# 'config': [
# 'exec server_original.cfg',
# 'sm_forcematch zonemod',
# ],
}, },
}, },
'left4dead2': {},
'nftables': { 'nftables': {
'input': { 'input': {
'udp dport { 27005, 27020 } accept', 'udp dport { 27005, 27020 } accept',
@ -65,22 +44,10 @@ defaults = {
def server_units(metadata): def server_units(metadata):
units = {} units = {}
for name, config in metadata.get('left4dead2/servers').items(): for name, config in metadata.get('left4dead2').items():
assert match(r'^[A-z0-9-_-]+$', name) assert match(r'^[A-z0-9-_-]+$', name)
assert config["overlay"] in {'pve'}
assert 27000 <= config["port"] <= 27100 assert 27000 <= config["port"] <= 27100
for overlay in config.get('overlays', []):
assert overlay in metadata.get('left4dead2/overlays'), f"unknown overlay {overlay}, known: {metadata.get('left4dead2/overlays')}"
cmd = f'/opt/l4d2/start -n {name} -p {config["port"]}'
if 'config' in config:
cmd += f' -c /opt/l4d2/configs/{name}.cfg'
for overlay in config.get('overlays', []):
cmd += f' -o {overlay}'
if 'arguments' in config:
cmd += ' -- ' + ' '.join(config['arguments'])
units[f'left4dead2-{name}.service'] = { units[f'left4dead2-{name}.service'] = {
'Unit': { 'Unit': {
@ -90,8 +57,7 @@ def server_units(metadata):
}, },
'Service': { 'Service': {
'Type': 'simple', 'Type': 'simple',
'ExecStart': cmd, 'ExecStart': f'/opt/l4d2/start {name} {config["overlay"]} {config["port"]}',
'ExecStopPost': f'/opt/l4d2/stop -n {name}',
'Restart': 'on-failure', 'Restart': 'on-failure',
'Nice': -10, 'Nice': -10,
'CPUWeight': 200, 'CPUWeight': 200,
@ -101,9 +67,6 @@ def server_units(metadata):
'Install': { 'Install': {
'WantedBy': {'multi-user.target'}, 'WantedBy': {'multi-user.target'},
}, },
'triggers': {
f'svc_systemd:left4dead2-{name}.service:restart',
},
} }
return { return {
@ -117,7 +80,7 @@ def server_units(metadata):
'nftables/input', 'nftables/input',
) )
def nftables(metadata): def nftables(metadata):
ports = sorted(str(config["port"]) for config in metadata.get('left4dead2/servers').values()) ports = sorted(str(config["port"]) for config in metadata.get('left4dead2', {}).values())
return { return {
'nftables': { 'nftables': {

1
bundles/mailserver/metadata.py
View file

@ -82,7 +82,6 @@ def dns(metadata):
'dns': dns, 'dns': dns,
} }
@metadata_reactor.provides( @metadata_reactor.provides(
'letsencrypt/domains', 'letsencrypt/domains',
) )

2
bundles/monitored/metadata.py
View file

@ -42,7 +42,7 @@ def user(metadata):
'users': { 'users': {
'sshmon': { 'sshmon': {
'authorized_users': { 'authorized_users': {
'nagios@' + metadata.get('monitoring/icinga2_node'): {}, 'nagios@' + metadata.get('monitoring/icinga2_node'),
} }
}, },
}, },

6
bundles/postfix/metadata.py
View file

@ -25,9 +25,9 @@ defaults = {
}, },
}, },
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'postfix': { 'inputs': {
'default': {}, 'postfix': [{}],
}, },
}, },
}, },

10
bundles/postgresql/metadata.py
View file

@ -98,17 +98,17 @@ def zfs(metadata):
@metadata_reactor.provides( @metadata_reactor.provides(
'telegraf/inputs/postgresql/default', 'telegraf/config/inputs/postgresql',
) )
def telegraf(metadata): def telegraf(metadata):
return { return {
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'postgresql': { 'inputs': {
'default': { 'postgresql': [{
'address': f'postgres://root:{root_password}@localhost:5432/postgres', 'address': f'postgres://root:{root_password}@localhost:5432/postgres',
'databases': sorted(list(node.metadata.get('postgresql/databases').keys())), 'databases': sorted(list(node.metadata.get('postgresql/databases').keys())),
}, }],
}, },
}, },
}, },

10
bundles/raspberry-pi/metadata.py
View file

@ -8,14 +8,16 @@ defaults = {
@metadata_reactor.provides( @metadata_reactor.provides(
'telegraf/agent', 'telegraf/config/agent',
) )
def telegraf(metadata): def telegraf(metadata):
return { return {
'telegraf': { 'telegraf': {
'agent': { 'config': {
'flush_interval': '30s', 'agent': {
'interval': '1m', 'flush_interval': '30s',
'interval': '30s',
},
}, },
}, },
} }

4
bundles/roundcube/files/config.inc.php
View file

@ -9,11 +9,11 @@ $config['enable_installer'] = true;
$config['db_dsnw'] = '${database['provider']}://${database['user']}:${database['password']}@${database['host']}/${database['name']}'; $config['db_dsnw'] = '${database['provider']}://${database['user']}:${database['password']}@${database['host']}/${database['name']}';
$config['imap_host'] = 'ssl://${imap_host}'; $config['imap_host'] = 'ssl://${imap_host}';
$config['imap_port'] = 993; $config['imap_port'] = 993;
#$config['imap_debug'] = true; $config['smtp_host'] = 'tls://localhost';
$config['smtp_host'] = 'tls://${imap_host}';
$config['smtp_port'] = 587; $config['smtp_port'] = 587;
$config['smtp_user'] = '%u'; $config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p'; $config['smtp_pass'] = '%p';
#$config['imap_debug'] = true;
#$config['smtp_debug'] = true; #$config['smtp_debug'] = true;
$config['support_url'] = ''; $config['support_url'] = '';
$config['des_key'] = '${des_key}'; $config['des_key'] = '${des_key}';

4191
bundles/routeros-monitoring/files/mikrotik.mib
View file

File diff suppressed because it is too large Load diff

11
bundles/routeros-monitoring/items.py
View file

@ -1,11 +0,0 @@
files = {
# https://mikrotik.com/download/tools
'/usr/share/snmp/mibs/MIKROTIK-MIB.txt': {
'source': 'mikrotik.mib',
'content_type': 'binary',
'mode': '0644',
'needed_by': {
'svc_systemd:telegraf.service',
},
},
}

444
bundles/routeros-monitoring/metadata.py
View file

@ -1,444 +0,0 @@
input_defaults = {
"agents": [
f"udp://{routeros_node.hostname}:161"
for routeros_node in repo.nodes_in_group("routeros")
],
"agent_host_tag": "agent_host",
"version": 2,
"community": "public",
"max_repetitions": 5, # supposedly less spiky loads
"tags": {
"operating_system": "routeros",
},
}
defaults = {
'apt': {
'packages': {
'snmp': {},
'snmp-mibs-downloader': {},
},
},
"telegraf": {
"processors": {
"enum": {
"mikrotik_host_mapping":{
# - measurements get switch ip as agent_host tag
# - wie define a value mapping ip -> node name
# - agent_host gets translated and written into host tag
"tagpass": {
"operating_system": ["routeros"],
},
"mapping": [
{
"tag": "agent_host",
"dest": "host",
"default": "unknown",
"value_mappings": {
routeros_node.hostname: routeros_node.name
for routeros_node in repo.nodes_in_group("routeros")
},
},
],
},
},
},
"inputs": {
"snmp": {
"mikrotik_switches_fast": {
"interval": "2m",
"collection_jitter": "20s",
**input_defaults,
"table": [
# CPU load (HR-MIB)
{
"name": "mikrotik_cpu",
"oid": "HOST-RESOURCES-MIB::hrProcessorTable",
"field": [
{
"name": "frw_id",
"oid": "HOST-RESOURCES-MIB::hrProcessorFrwID",
"is_tag": True,
},
{
"name": "load",
"oid": "HOST-RESOURCES-MIB::hrProcessorLoad",
},
],
},
# Storage (HR-MIB)
{
"name": "mikrotik_storage",
"oid": "HOST-RESOURCES-MIB::hrStorageTable",
"field": [
{
"name": "index",
"oid": "HOST-RESOURCES-MIB::hrStorageIndex",
"is_tag": True,
},
{
"name": "type",
"oid": "HOST-RESOURCES-MIB::hrStorageType",
"is_tag": True,
},
{
"name": "descr",
"oid": "HOST-RESOURCES-MIB::hrStorageDescr",
"is_tag": True,
},
{
"name": "alloc_unit",
"oid": "HOST-RESOURCES-MIB::hrStorageAllocationUnits",
},
{
"name": "size",
"oid": "HOST-RESOURCES-MIB::hrStorageSize",
},
{
"name": "used",
"oid": "HOST-RESOURCES-MIB::hrStorageUsed",
},
{
"name": "alloc_failures",
"oid": "HOST-RESOURCES-MIB::hrStorageAllocationFailures",
},
],
},
# MikroTik Health (table)
{
"name": "mikrotik_health",
"oid": "MIKROTIK-MIB::mtxrGaugeTable",
"field": [
{
"name": "sensor",
"oid": "MIKROTIK-MIB::mtxrGaugeName",
"is_tag": True,
},
{
"name": "value",
"oid": "MIKROTIK-MIB::mtxrGaugeValue",
},
{
"name": "unit",
"oid": "MIKROTIK-MIB::mtxrGaugeUnit",
"is_tag": True,
},
],
},
],
},
"mikrotik_switches_slow": {
"interval": "7m",
"collection_jitter": "2m",
**input_defaults,
"table": [
# Interface statistics (standard IF-MIB)
{
"name": "mikrotik_interface_generic",
"oid": "IF-MIB::ifTable",
"field": [
# 6: ethernetCsmacd (physischer Ethernet-Port)
# 24: softwareLoopback
# 53: propVirtual (oft VLANs bei MikroTik)
# 131: tunnel
# 135: l2vlan
# 161: ieee8023adLag (Bonding/LACP)
# 209: bridge
{
"name": "ifType",
"oid": "IF-MIB::ifType",
"is_tag": True,
},
# Labels (optional but recommended)
{
"name": "ifName",
"oid": "IF-MIB::ifName",
"is_tag": True,
},
{
"name": "ifAlias",
"oid": "IF-MIB::ifAlias",
"is_tag": True,
},
# Bytes (64-bit)
{
"name": "in_octets",
"oid": "IF-MIB::ifHCInOctets",
},
{
"name": "out_octets",
"oid": "IF-MIB::ifHCOutOctets",
},
# Packets (64-bit unicast)
{
"name": "in_ucast_pkts",
"oid": "IF-MIB::ifHCInUcastPkts",
},
{
"name": "out_ucast_pkts",
"oid": "IF-MIB::ifHCOutUcastPkts",
},
{
"name": "in_mcast_pkts",
"oid": "IF-MIB::ifHCInMulticastPkts",
},
{
"name": "in_bcast_pkts",
"oid": "IF-MIB::ifHCInBroadcastPkts",
},
{
"name": "out_mcast_pkts",
"oid": "IF-MIB::ifHCOutMulticastPkts",
},
{
"name": "out_bcast_pkts",
"oid": "IF-MIB::ifHCOutBroadcastPkts",
},
# Drops / Errors
{
"name": "in_discards",
"oid": "IF-MIB::ifInDiscards",
},
{
"name": "out_discards",
"oid": "IF-MIB::ifOutDiscards",
},
{
"name": "in_errors",
"oid": "IF-MIB::ifInErrors",
},
{
"name": "out_errors",
"oid": "IF-MIB::ifOutErrors",
},
],
},
# Interface PoE
{
"name": "mikrotik_poe",
"oid": "MIKROTIK-MIB::mtxrPOETable",
"field": [
{
"name": "ifName",
"oid": "IF-MIB::ifName",
"is_tag": True,
},
{
"name": "ifAlias",
"oid": "IF-MIB::ifAlias",
"is_tag": True,
},
{
"name": "ifindex",
"oid": "MIKROTIK-MIB::mtxrPOEInterfaceIndex",
"is_tag": True,
},
{
"name": "status",
"oid": "MIKROTIK-MIB::mtxrPOEStatus",
},
{
"name": "voltage",
"oid": "MIKROTIK-MIB::mtxrPOEVoltage",
},
{
"name": "current",
"oid": "MIKROTIK-MIB::mtxrPOECurrent",
},
{
"name": "power",
"oid": "MIKROTIK-MIB::mtxrPOEPower",
},
],
},
],
},
"mikrotik_switches_very_slow": {
"interval": "20m",
"collection_jitter": "5m",
**input_defaults,
"table": [
# Interface statistics (MikroTik-specific mib)
{
"name": "mikrotik_interface_detailed",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTable",
"field": [
# Join key / label (usually identical to IF-MIB ifName)
{
"name": "ifName",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsName",
"is_tag": True,
},
# join IF-MIB for better labels
{
"name": "ifAlias",
"oid": "IF-MIB::ifAlias",
"is_tag": True,
},
# =========================
# Physical layer (L1/L2)
# =========================
# CRC/FCS errors → very often cabling, connectors, SFPs, signal quality (EMI)
{
"name": "rx_fcs_errors",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxFCSError",
},
# Alignment errors → typically duplex mismatch or PHY problems
{
"name": "rx_align_errors",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxAlignError",
},
# Code errors → PHY encoding errors (signal/SFP/PHY)
{
"name": "rx_code_errors",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxCodeError",
},
# Carrier errors → carrier lost (copper issues, autoneg, PHY instability)
{
"name": "rx_carrier_errors",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxCarrierError",
},
# Jabber → extremely long invalid frames (faulty NIC/PHY, very severe)
{
"name": "rx_jabber",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxJabber",
},
# ==================================
# Length / framing anomalies (diagnostic)
# ==================================
# Frames shorter than minimum (noise, collisions, broken sender)
{
"name": "rx_too_short",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxTooShort",
},
# Frames longer than allowed (MTU mismatch, framing errors)
{
"name": "rx_too_long",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxTooLong",
},
# Fragments (often collision-related or duplex mismatch)
{
"name": "rx_fragment",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxFragment",
},
# Generic length errors
{
"name": "rx_length_errors",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxLengthError",
},
# ==================
# Drops (real packet loss)
# ==================
# RX drops (queue/ASIC/policy/overload) → highly alert-worthy
{
"name": "rx_drop",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxDrop",
},
# TX drops (buffer/queue exhaustion, scheduling, ASIC limits)
{
"name": "tx_drop",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxDrop",
},
# =========================================
# Duplex / collision indicators
# (should be zero on full-duplex links)
# =========================================
# Total collisions (relevant only for half-duplex or misconfigurations)
{
"name": "tx_collisions",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxCollision",
},
# Late collisions → almost always duplex mismatch / bad autoneg
{
"name": "tx_late_collisions",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxLateCollision",
},
# Aggregate collision counter (context)
{
"name": "tx_total_collisions",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxTotalCollision",
},
# Excessive collisions → persistent duplex problems
{
"name": "tx_excessive_collisions",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxExcessiveCollision",
},
# ==================
# Flow control (diagnostic)
# ==================
# Pause frames received (peer throttling you)
{
"name": "rx_pause",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsRxPause",
},
# Pause frames sent (you throttling the peer)
{
"name": "tx_pause",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxPause",
},
# Pause frames actually honored
{
"name": "tx_pause_honored",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsTxPauseHonored",
},
# ==========
# Stability
# ==========
# Link-down events (loose cables, bad SFPs, PoE power drops, reboots)
{
"name": "link_downs",
"oid": "MIKROTIK-MIB::mtxrInterfaceStatsLinkDowns",
},
],
},
],
},
},
},
},
}
# @metadata_reactor.provides(
# 'telegraf/processors/enum',
# )
# def tag_important_ports(metadata):
# # We want a graph, only for important ports. We deem ports important, if they have untagged vlans configured.
# return {
# "telegraf": {
# "processors": {
# "enum": {
# f"mikrotik_port_mapping_{routeros_node.name}":{
# "tagpass": {
# "agent_host": [routeros_node.hostname],
# },
# "mapping": [
# {
# "tag": "ifName",
# "dest": "is_infra",
# "default": "false",
# "value_mappings": {
# port_name: "true"
# for port_name, port_conf in repo.libs.mikrotik.get_netbox_config_for(routeros_node)['interfaces'].items()
# if port_conf['mode'] == "tagged-all" or port_conf['tagged_vlans']
# if port_conf['type'] != "lag"
# },
# },
# ],
# }
# for routeros_node in repo.nodes_in_group("switches-mikrotik")
# },
# },
# },
# }

55
bundles/routeros/items.py
View file

@ -27,15 +27,15 @@ routeros['/system/identity'] = {
# for topic in LOGGING_TOPICS: # for topic in LOGGING_TOPICS:
# routeros[f'/system/logging?action=memory&topics={topic}'] = {} # routeros[f'/system/logging?action=memory&topics={topic}'] = {}
routeros['/snmp'] = { # routeros['/snmp'] = {
'enabled': True, # 'enabled': True,
} # }
routeros['/snmp/community?name=public'] = { # routeros['/snmp/community?name=public'] = {
'addresses': '0.0.0.0/0', # 'addresses': '0.0.0.0/0',
'disabled': False, # 'disabled': False,
'read-access': True, # 'read-access': True,
'write-access': False, # 'write-access': False,
} # }
routeros['/system/clock'] = { routeros['/system/clock'] = {
'time-zone-autodetect': False, 'time-zone-autodetect': False,
@ -55,7 +55,7 @@ for vlan_name, vlan_id in node.metadata.get('routeros/vlans').items():
'vlan-id': vlan_id, 'vlan-id': vlan_id,
'interface': 'bridge', 'interface': 'bridge',
'tags': { 'tags': {
'routeros-vlans', 'routeros-vlan',
}, },
} }
@ -68,33 +68,10 @@ for vlan_name, vlan_id in node.metadata.get('routeros/vlans').items():
'routeros-vlan-ports', 'routeros-vlan-ports',
}, },
'needs': { 'needs': {
'tag:routeros-vlans', 'tag:routeros-vlan',
}, },
} }
for port_name, port_conf in node.metadata.get('routeros/ports').items():
untagged_vlan = node.metadata.get('routeros/vlan_groups')[port_conf.get('vlan_group')]['untagged']
routeros[f'/interface/bridge/port?interface={port_name}'] = {
'disabled': False,
'bridge': 'bridge',
'pvid': node.metadata.get('routeros/vlans')[untagged_vlan],
'tags': {
'routeros-ports'
},
'needs': {
'tag:routeros-vlan-ports',
},
}
routeros[f'/interface?name={port_name}'] = {
'_comment': port_conf.get('description', ''),
}
if comment := port_conf.get('comment', None):
routeros[f'/interface/bridge/port?interface={port_name}']['_comment'] = comment
routeros[f'/interface?name={port_name}']['_comment'] = comment
# create IPs # create IPs
for ip, ip_conf in node.metadata.get('routeros/ips').items(): for ip, ip_conf in node.metadata.get('routeros/ips').items():
routeros[f'/ip/address?address={ip}'] = { routeros[f'/ip/address?address={ip}'] = {
@ -103,8 +80,7 @@ for ip, ip_conf in node.metadata.get('routeros/ips').items():
'routeros-ip', 'routeros-ip',
}, },
'needs': { 'needs': {
'tag:routeros-vlans', 'tag:routeros-vlan',
'tag:routeros-ports'
}, },
} }
@ -114,8 +90,7 @@ routeros['/interface/bridge?name=bridge'] = {
'priority': node.metadata.get('routeros/bridge_priority'), 'priority': node.metadata.get('routeros/bridge_priority'),
'protocol-mode': 'rstp', 'protocol-mode': 'rstp',
'needs': { 'needs': {
'tag:routeros-vlans', 'tag:routeros-vlan',
'tag:routeros-ports',
'tag:routeros-vlan-ports', 'tag:routeros-vlan-ports',
'tag:routeros-ip', 'tag:routeros-ip',
}, },
@ -127,7 +102,7 @@ routeros['/interface/vlan'] = {
'id-by': 'name', 'id-by': 'name',
}, },
'needed_by': { 'needed_by': {
'tag:routeros-vlans', 'tag:routeros-vlan',
} }
} }
@ -139,6 +114,6 @@ routeros['/interface/bridge/vlan'] = {
}, },
}, },
'needed_by': { 'needed_by': {
'tag:routeros-vlans', 'tag:routeros-vlan',
} }
} }

32
bundles/smartctl/metadata.py
View file

@ -11,22 +11,24 @@ defaults = {
}, },
'smartctl': {}, 'smartctl': {},
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'exec': { 'inputs': {
'smartctl_power_mode': { 'exec': {
'commands': [ h({
f'sudo /usr/local/share/telegraf/smartctl_power_mode', 'commands': [
], f'sudo /usr/local/share/telegraf/smartctl_power_mode',
'data_format': 'influx', ],
'interval': '20s', 'data_format': 'influx',
'interval': '20s',
}),
h({
'commands': [
f'sudo /usr/local/share/telegraf/smartctl_errors',
],
'data_format': 'influx',
'interval': '6h',
})
}, },
'smartctl_errors': {
'commands': [
f'sudo /usr/local/share/telegraf/smartctl_errors',
],
'data_format': 'influx',
'interval': '6h',
}
}, },
}, },
}, },

2
bundles/ssh/metadata.py
View file

@ -19,7 +19,7 @@ def users(metadata):
'allow_users': set( 'allow_users': set(
name name
for name, conf in metadata.get('users').items() for name, conf in metadata.get('users').items()
if conf.get('authorized_keys', []) or conf.get('authorized_users', {}) if conf.get('authorized_keys', []) or conf.get('authorized_users', [])
), ),
}, },
} }

6
bundles/systemd/items.py
View file

@ -1,8 +1,5 @@
from bundlewrap.utils.dicts import merge_dict from bundlewrap.utils.dicts import merge_dict
files = {}
svc_systemd = {}
directories = { directories = {
'/usr/local/lib/systemd/system': { '/usr/local/lib/systemd/system': {
'purge': True, 'purge': True,
@ -45,9 +42,6 @@ for name, unit in node.metadata.get('systemd/units').items():
else: else:
raise Exception(f'unknown type {extension}') raise Exception(f'unknown type {extension}')
for attribute in ['needs', 'needed_by', 'triggers', 'triggered_by']:
if attribute in unit:
dependencies.setdefault(attribute, []).extend(unit.pop(attribute))
files[path] = { files[path] = {
'content': repo.libs.systemd.generate_unitfile(unit), 'content': repo.libs.systemd.generate_unitfile(unit),

6
bundles/tasmota-charge/metadata.py
View file

@ -15,7 +15,7 @@ defaults = {
@metadata_reactor.provides( @metadata_reactor.provides(
'telegraf/inputs/exec', 'telegraf/config/inputs/exec',
) )
def telegraf(metadata): def telegraf(metadata):
return { return {
@ -23,11 +23,11 @@ def telegraf(metadata):
'config': { 'config': {
'inputs': { 'inputs': {
'exec': { 'exec': {
'tasmota_charge': { repo.libs.hashable.hashable({
'commands': ["/usr/local/share/telegraf/tasmota_charge"], 'commands': ["/usr/local/share/telegraf/tasmota_charge"],
'name_override': "tasmota_charge", 'name_override': "tasmota_charge",
'data_format': "influx", 'data_format': "influx",
}, }),
}, },
}, },
}, },

78
bundles/telegraf/items.py
View file

@ -1,46 +1,19 @@
import tomlkit import tomlkit
import json
from bundlewrap.metadata import MetadataJSONEncoder
def inner_dict_to_list(dict_of_dicts):
"""
Example:
{
'cpu': {
'default': {'something': True},
'another': {'something': False},
},
}
becomes
{
'cpu': [
{'something': True},
{'something': False},
],
}
"""
return {
key: [value for _, value in sorted(dicts.items())]
for key, dicts in sorted(dict_of_dicts.items())
}
files = { files = {
"/etc/telegraf/telegraf.conf": { '/etc/telegraf/telegraf.conf': {
'owner': 'telegraf', 'content': tomlkit.dumps(
'group': 'telegraf', json.loads(json.dumps(
'mode': '0440', node.metadata.get('telegraf/config'),
'needs': [ cls=MetadataJSONEncoder,
"pkg_apt:telegraf", )),
sort_keys=True,
),
'triggers': [
'svc_systemd:telegraf:restart',
], ],
'content': tomlkit.dumps({
'agent': node.metadata.get('telegraf/agent'),
'inputs': inner_dict_to_list(node.metadata.get('telegraf/inputs')),
'processors': inner_dict_to_list(node.metadata.get('telegraf/processors')),
'outputs': inner_dict_to_list(node.metadata.get('telegraf/outputs')),
}),
'triggers': {
'svc_systemd:telegraf.service:restart',
},
}, },
'/usr/local/share/telegraf/procio': { '/usr/local/share/telegraf/procio': {
'content_type': 'download', 'content_type': 'download',
@ -54,26 +27,9 @@ files = {
}, },
} }
actions = { svc_systemd['telegraf'] = {
'telegraf-test-config': { 'needs': [
'command': "sudo -u telegraf bash -c 'telegraf config check --config /etc/telegraf/telegraf.conf --strict-env-handling'", 'file:/etc/telegraf/telegraf.conf',
'triggered': True, 'pkg_apt:telegraf',
'needs': [ ],
'bundle:sudo',
'file:/etc/telegraf/telegraf.conf',
'pkg_apt:telegraf',
],
},
}
svc_systemd = {
'telegraf.service': {
'needs': ['pkg_apt:telegraf'],
'preceded_by': {
'action:telegraf-test-config',
},
'needs': {
'action:telegraf-test-config',
},
},
} }

115
bundles/telegraf/metadata.py
View file

@ -23,29 +23,26 @@ defaults = {
}, },
}, },
'telegraf': { 'telegraf': {
'agent': { 'config': {
'hostname': node.name, 'agent': {
'collection_jitter': '20s', 'hostname': node.name,
'flush_interval': '20s', 'collection_jitter': '0s',
'flush_jitter': '5s', 'flush_interval': '15s',
'interval': '2m', 'flush_jitter': '0s',
'metric_batch_size': 1000, 'interval': '15s',
'metric_buffer_limit': 10000, 'metric_batch_size': 1000,
'omit_hostname': False, 'metric_buffer_limit': 10000,
'round_interval': True, 'omit_hostname': False,
'skip_processors_after_aggregators': True, 'round_interval': True,
}, },
'inputs': { 'inputs': {
'cpu': { 'cpu': {h({
'default': {
'collect_cpu_time': False, 'collect_cpu_time': False,
'percpu': True, 'percpu': True,
'report_active': False, 'report_active': False,
'totalcpu': True, 'totalcpu': True,
}, })},
}, 'disk': {h({
'disk': {
'default': {
'ignore_fs': [ 'ignore_fs': [
'tmpfs', 'tmpfs',
'devtmpfs', 'devtmpfs',
@ -55,60 +52,42 @@ defaults = {
'aufs', 'aufs',
'squashfs', 'squashfs',
], ],
} })},
}, 'procstat': {h({
'procstat': {
'default': {
'interval': '60s', 'interval': '60s',
'pattern': '.', 'pattern': '.',
'fieldinclude': [ 'fieldinclude': [
'cpu_usage', 'cpu_usage',
'memory_rss', 'memory_rss',
], ],
}, })},
}, 'diskio': {h({
'diskio': {
'default': {
'device_tags': ["ID_PART_ENTRY_NUMBER"], 'device_tags': ["ID_PART_ENTRY_NUMBER"],
} })},
}, 'kernel': {h({})},
'kernel': { 'mem': {h({})},
'default': {}, 'processes': {h({})},
}, 'swap': {h({})},
'mem': { 'system': {h({})},
'default': {}, 'net': {h({})},
}, 'exec': {
'processes': { h({
'default': {}, 'commands': [
}, f'sudo /usr/local/share/telegraf/procio',
'swap': { ],
'default': {}, 'data_format': 'influx',
}, 'interval': '20s',
'system': { }),
'default': {}, h({
}, 'commands': [
'net': { f'/usr/local/share/telegraf/pressure_stall',
'default': {}, ],
}, 'data_format': 'influx',
'exec': { 'interval': '10s',
# h({ }),
# 'commands': [
# f'sudo /usr/local/share/telegraf/procio',
# ],
# 'data_format': 'influx',
# 'interval': '20s',
# }),
'pressure_stall': {
'commands': [
f'/usr/local/share/telegraf/pressure_stall',
],
'data_format': 'influx',
'interval': '10s',
}, },
}, },
}, },
'processors': {},
'outputs': {},
}, },
'grafana_rows': { 'grafana_rows': {
'cpu', 'cpu',
@ -126,21 +105,21 @@ defaults = {
@metadata_reactor.provides( @metadata_reactor.provides(
'telegraf/outputs/influxdb_v2/default', 'telegraf/config/outputs/influxdb_v2',
) )
def influxdb(metadata): def influxdb(metadata):
influxdb_metadata = repo.get_node(metadata.get('telegraf/influxdb_node')).metadata.get('influxdb') influxdb_metadata = repo.get_node(metadata.get('telegraf/influxdb_node')).metadata.get('influxdb')
return { return {
'telegraf': { 'telegraf': {
'outputs': { 'config': {
'influxdb_v2': { 'outputs': {
'default': { 'influxdb_v2': [{
'urls': [f"http://{influxdb_metadata['hostname']}:{influxdb_metadata['port']}"], 'urls': [f"http://{influxdb_metadata['hostname']}:{influxdb_metadata['port']}"],
'token': str(influxdb_metadata['writeonly_token']), 'token': str(influxdb_metadata['writeonly_token']),
'organization': influxdb_metadata['org'], 'organization': influxdb_metadata['org'],
'bucket': influxdb_metadata['bucket'], 'bucket': influxdb_metadata['bucket'],
}, }]
}, },
}, },
}, },

12
bundles/users/metadata.py
View file

@ -20,15 +20,11 @@ def authorized_users(metadata):
users[name] = { users[name] = {
'authorized_keys': set(), 'authorized_keys': set(),
} }
for authorized_user, options in config.get('authorized_users', {}).items(): for authorized_user in config.get('authorized_users', set()):
authorized_user_name, authorized_user_node = authorized_user.split('@') authorized_user_name, authorized_user_node = authorized_user.split('@')
authorized_user_public_key = repo.get_node(authorized_user_node).metadata.get(f'users/{authorized_user_name}/pubkey') users[name]['authorized_keys'].add(
repo.get_node(authorized_user_node).metadata.get(f'users/{authorized_user_name}/pubkey')
for command in options.get('commands', []): )
users[name]['authorized_keys'].add(f'command="{command}" ' + authorized_user_public_key)
else:
users[name]['authorized_keys'].add(authorized_user_public_key)
return { return {
'users': users, 'users': users,
} }

4
bundles/wol-sleeper/metadata.py
View file

@ -44,7 +44,6 @@ defaults = {
@metadata_reactor.provides( @metadata_reactor.provides(
'wol-sleeper/mac',
'wol-sleeper/wake_command', 'wol-sleeper/wake_command',
) )
def wake_command(metadata): def wake_command(metadata):
@ -54,8 +53,7 @@ def wake_command(metadata):
return { return {
'wol-sleeper': { 'wol-sleeper': {
'mac': mac, 'wake_command': f"ssh -o StrictHostKeyChecking=no wol@{waker_hostname} 'wakeonlan {mac} && while ! ping {ip} -c1 -W3; do true; done'",
'wake_command': f"ssh -o StrictHostKeyChecking=no wol@{waker_hostname} '/usr/bin/wakeonlan {mac}' && while ! ping {ip} -c1 -W3; do true; done",
}, },
} }

16
bundles/wol-waker/metadata.py
View file

@ -6,25 +6,17 @@ defaults = {
}, },
} }
@metadata_reactor.provides( @metadata_reactor.provides(
'users/wol/authorized_users', 'users/wol',
) )
def user(metadata): def user(metadata):
return { return {
'users': { 'users': {
'wol': { 'wol': {
'authorized_users': { 'authorized_users': {
f'root@{ssh_client.name}': { f'root@{node.name}'
'commands': { for node in repo.nodes
'/usr/bin/wakeonlan ' + sleeper.metadata.get('wol-sleeper/mac') if node.dummy == False and node.has_bundle('ssh')
for sleeper in repo.nodes
if sleeper.has_bundle('wol-sleeper')
and sleeper.metadata.get('wol-sleeper/waker') == node.name
}
}
for ssh_client in repo.nodes
if ssh_client.dummy == False and ssh_client.has_bundle('ssh')
}, },
}, },
}, },

6
bundles/zfs/metadata.py
View file

@ -59,9 +59,9 @@ defaults = {
}, },
}, },
'telegraf': { 'telegraf': {
'inputs': { 'config': {
'zfs': { 'inputs': {
'default': {}, 'zfs': [{}],
}, },
}, },
}, },

18
data/apt/keys/crystal.asc
View file

@ -8,14 +8,14 @@ KHyP5XgRU/pIOyOo3g6+qIkhgynHVYIBuPbFQGEbOuUg7noAwTC9B9pYXSRFq9wk
T/q8rqOBiyO9SWB9gMiem8HNAzUo5TbVp9xPv2pl3mNXwe5te92pjlWdktOsBZuy T/q8rqOBiyO9SWB9gMiem8HNAzUo5TbVp9xPv2pl3mNXwe5te92pjlWdktOsBZuy
TfTgoj3y0HUY48He/z85aJ5j7gX5PU/6arxdABEBAAG0UGRldmVsOmxhbmd1YWdl TfTgoj3y0HUY48He/z85aJ5j7gX5PU/6arxdABEBAAG0UGRldmVsOmxhbmd1YWdl
czpjcnlzdGFsIE9CUyBQcm9qZWN0IDxkZXZlbDpsYW5ndWFnZXM6Y3J5c3RhbEBi czpjcnlzdGFsIE9CUyBQcm9qZWN0IDxkZXZlbDpsYW5ndWFnZXM6Y3J5c3RhbEBi
dWlsZC5vcGVuc3VzZS5vcmc+iQE+BBMBCAAoBQJodLPOAhsDBQkMCLQ6BgsJCAcD dWlsZC5vcGVuc3VzZS5vcmc+iQE+BBMBCAAoBQJkq9RAAhsDBQkIP9SsBgsJCAcD
AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDkVq5yhW0Udi/iB/9pzVWeChRvk7+bC2p3 AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDkVq5yhW0UdsH4CACAMuwfsUTlUVmdMBw5
QXjc+KRmkev7yC3QglBX/17qDG+nW/z1SptFpIUKMllH/xu0GXIWOW/rxshRdKRK wktrrdwfwN6TiG5tPDjzTcMQNL+RSCh1gNRvaJjNHAy9sAsruGwTyX76K1p942EG
422wnT7KA2AqxArsHfvu0/nGBXAI1DnHuwP0j6xNmmw+uob2nWiUZZNgKydxcGSF F99DrYd/PMBK4oOWe7HHouYIMrLqZFT38shv/tbyJvUfxqfMHSPQJSFPVGtInn3h
fgRfIJcsHBKweasy9G/Fpdur/BFSBNQ8BP6CnB9qx0Z1LgQ6bQQNY1LKH4EzmiNA iKtDeIc88Hl+dsmBhWxDdaoHTGKgIcQTLN1OaX6SsT6WuMo7B4kPxHerwFp/n5bO
rBowUcuVjUzXUW8rc0Old/ffymH3TBM9xQXnsGVZb5+E6NKpcdt0lnWkrtHQK3RX hqyLLkTY0oxJpZlzCj2tYDytHhjkPnYtcPpQ8LnQpGKogUxYDYZ+o4zYvIcT/J5+
ohNmaLwMQe/wMzWN3u/5XshQD8mMQjxEg4QSt2gAEXJdIzI+VgLrGqcfbrk/qhVM cLx1xpf4fI7ZoE+dpIpAGKzN8MoQQ+fjgSheXar35p+8lOKrvrk7MmbQJlBQO+rM
D+c+iEYEExECAAYFAmCKr5QACgkQOzARt2udZSNdFQCgtpRzGoKr9VWnhv+/k4pk IHdJiEYEExECAAYFAmCKr5QACgkQOzARt2udZSNdFQCgtpRzGoKr9VWnhv+/k4pk
Cmp9fycAn0pdJ2xIEsqxOjPBFVDh7Sahecuq Cmp9fycAn0pdJ2xIEsqxOjPBFVDh7Sahecuq
=v2my =yIwD
-----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----

42
data/apt/keys/grafana.asc
View file

@ -9,16 +9,16 @@ Dts4PNx4Wr9CktHIvbypT4Lk2oJEPWjcCJQHqpPQZXbnclXRlK5Ea0NVpaQdGK+v
JS4HGxFFjSkvTKAZYgwOk93qlpFeDML3TuSgWxuw4NIDitvewudnaWzfl9tDIoVS JS4HGxFFjSkvTKAZYgwOk93qlpFeDML3TuSgWxuw4NIDitvewudnaWzfl9tDIoVS
Bb16nwJ8bMDzovC/RBE14rRKYtMLmBsRzGYHWd0NnX+FitAS9uURHuFxghv9GFPh Bb16nwJ8bMDzovC/RBE14rRKYtMLmBsRzGYHWd0NnX+FitAS9uURHuFxghv9GFPh
eTaXvc4glM94HBUAEQEAAbQmR3JhZmFuYSBMYWJzIDxlbmdpbmVlcmluZ0BncmFm eTaXvc4glM94HBUAEQEAAbQmR3JhZmFuYSBMYWJzIDxlbmdpbmVlcmluZ0BncmFm
YW5hLmNvbT6JAdQEEwEKAD4CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQS1 YW5hLmNvbT6JAdQEEwEKAD4WIQS1Oud7rbYwpoMEYAWWP6J3EEWFRQUCZOeGaQIb
Oud7rbYwpoMEYAWWP6J3EEWFRQUCaKhvPQUJB4NP1AAKCRCWP6J3EEWFRUjOC/9Y AwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCWP6J3EEWFRUiADACa
dWOWJLJVKzLx8uv5YVzebyw15HevhKahbznJX5fHnE8irjkiPFltVEZ4T37s5afR i+xytv2keEFJWjXNnFAx6/obnHRcXOI3w6nH/zL8gNI7YN5jcdQT2NYvKVYTb3fW
GBEJnR1UFd80s7jzwbuoZh/zEB3jN8q50g64AznuzDa0PWKzaY7Tgkssx3+hs6TS GuMsjHWgat5Gq3AtJrOKABpZ6qeYNPk0Axn/dKtOTwXjZ4pKX3bbUYvVfs0fCEZv
vIwV4z8T7f56lDudeHxHXx+htRnZ3ebKNPCJS7+G12GF6W3C3znpdjgvhVUB0uxd B0HHIj2wI9kgMpoTrkj22LE8layZTPOoQ+3/FbLzS8hN3CYZj25mHN7bpZq8EbV3
+42V0fRqk2GLNZeKS9988fi5dYRAy9Ozwced7ByCFjde9FBgUtrH3mG1/ibzLEh0 8FW9EU0HM0tg6CvoxkRiVqAuAC0KnVIZAdhD4dlYKuncq64nMvT1A5wxSYbnE+uf
4k02nYjc8mrH32t4UCWpxQEJ1vZA2vT2HN3/cH/4uyFdyU6OHkMyMbz6lmeXe71d mnWQQhhS6BOwRqN054yw1FrWNDFsvnOSHmr8dIiriv+aZYvx5JQFJ7oZP3LwdYyg
F5hOB4+/RP6Ndyj7ViRNDbm70NRBaFne/+YOJvmMfJTCh7YbF5qEn1ihGkJJ0ohE ocQcAJA8HFTIk3P6uJiIF/zdDzocgdKs+IYDoId0hxX7sGCvqdrsveq8n3m7uQiN
u2IB+EGEhyiDm8SIsj1uMw7n17iIPNtbsU5GgnmLtfguP/WbwKV2UeuxTpiOeYb6 7FvSiV0eXIdV4F7340kc8EKiYwpuYSaZX0UWKLenzlUvD+W4pZCWtoXzPsW7PKUt
blDwRlh48uHMlA5HBW+487Jktw3iPj1IKhdtAC9CU3xAvzDcseMbgmM6Xj2bSQG5 q1xdW0+NY+AGLCvSJCc5F4S5kFCObfBAYBbldjwwJFocdq/YOvvWYTPyV7kJeJS5
AY0EZOeGaQEMALNIFUricEIwtZiX7vSDjwxobbqPKqzdek8x3ud0CyYlrbGHy0k+ AY0EZOeGaQEMALNIFUricEIwtZiX7vSDjwxobbqPKqzdek8x3ud0CyYlrbGHy0k+
FDEXstjJQQ1s9rjJSu3sv5wyg9GDAUH3nzO976n/ZZvKPti3p2XU2UFx5gYkaaFV FDEXstjJQQ1s9rjJSu3sv5wyg9GDAUH3nzO976n/ZZvKPti3p2XU2UFx5gYkaaFV
D56yYxqGY0YU5ft6BG+RUz3iEPg3UBUzt0sCIYnG9+CsDqGOnRYIIa46fu2/H9Vu D56yYxqGY0YU5ft6BG+RUz3iEPg3UBUzt0sCIYnG9+CsDqGOnRYIIa46fu2/H9Vu
@ -27,15 +27,15 @@ D56yYxqGY0YU5ft6BG+RUz3iEPg3UBUzt0sCIYnG9+CsDqGOnRYIIa46fu2/H9Vu
3zht8luFOYpJr2lVzp7n3NwB4zW08RptTzTgFAaW/NH2JjYI+rDvQm4jNs08Dtsp 3zht8luFOYpJr2lVzp7n3NwB4zW08RptTzTgFAaW/NH2JjYI+rDvQm4jNs08Dtsp
nm4OQvBA9Df/6qwMEOZ9i10ixqk+55UpQFJ3nf4uKlSUM7bKXXVcD/odq804Y/K4 nm4OQvBA9Df/6qwMEOZ9i10ixqk+55UpQFJ3nf4uKlSUM7bKXXVcD/odq804Y/K4
y3csE059YVIyaPexEvYSYlHE2odJWRg2Q1VehmrOSC8Qps3xpU7dTHXD74ZpaYbr y3csE059YVIyaPexEvYSYlHE2odJWRg2Q1VehmrOSC8Qps3xpU7dTHXD74ZpaYbr
haViRS5v/lCsiwARAQABiQG8BBgBCgAmAhsMFiEEtTrne622MKaDBGAFlj+idxBF haViRS5v/lCsiwARAQABiQG8BBgBCgAmFiEEtTrne622MKaDBGAFlj+idxBFhUUF
hUUFAmiobzkFCQeDT9AACgkQlj+idxBFhUVsmQwA0PA/zd7NqtnZ/Z8857gp2Wq2 AmTnhmkCGwwFCQPCZwAACgkQlj+idxBFhUUNbQv8DCcfi3GbWfvp9pfY0EJuoFJX
/e4EX8nRjsW2ZlrZfbU5oMQv9OZZ4z1UjIKEUV+TnCwXEKXTMJomdekQSSayVVx/ LNgci7z7smXq7aqDp2huYQ+MulnPAydjRCVW2fkHItF2Ks6l+2/8t5Xz0eesGxST
u5w+0YM8gRuQGrG8hW0GRR8sHIeuwBFlyQrlwxUwXvDOPDYyieETjaQqMucupIKo xTyR31ARENMXaq78Lq+itZ+usOSDNuwJcEmJM6CceNMLs4uFkX2GRYhchkry7P0C
IPm3CjFySvfizvSWUVSWBnGmQfpv6OiGYawvwfewcQHUdLMgWN3lYlzGQJL4+OMm lkLxUTiB43ooi+CqILtlNxH7kM1O4Ncs6UGZMXf2IiG9s3JDCsYVPkC5QDMOPkTy
7XcB8VNTa586Q00fmjDfktHYvGpmhqr3gsd4gS3AjTk0zI65qXBRJkdqVnwUrMUD 2ZriF56uPerlJveF0dC61RZ6RlM3iSJ9Fwvea0Oy4rwkCcs5SHuwoDTFyxiyz0QC
8TcxXYNXf90mhR0NWkLmp6kBYiW8+QY6ndMmRVpodg1A87qgMYaZUAAlxCS4XKTU 9iqi3fG3iSbLvY9UtJ6X+BtDqdXLAT9Pq527mukPP3LwpEqFVyNQKnGLdLOu2YXc
r+/YMDYOWgLN6i4UeYG/3/hsnAEHm5ITojfh6cLfdlhjohFTnD0IYw3AsNJXRzKB TWWWseSQkHRzBmjD18KTD74mg4aXxEabyT4snrXpi5+UGLT4KXGV5syQO6Lc0OGw
1g5FTBKLLLIdXgS/3rWV1qjAd3drQVIMCku6HKl/vT4ftrBHeSyV7eLwOYbe3/bw 9O/0qAIU+YW7ojbKv8fr+NB31TGhGYWASjYlN1NvPotRAK6339O0/Rqr9xGgy3AY
8VMx+lmMheD8/qJMia1om0iBBRSXRjY//f+Lllqm SR+ic2Y610IM7xccKuTVAW9UofKQwJZChqae9VVZ
=TH3J =J9CI
-----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----

120
data/apt/keys/influxdata.asc
View file

@ -1,99 +1,29 @@
-----BEGIN PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGPIEtQBEADSkkGhaEytmsAzvHtUn/1/wIW5RTp6tHWlEsz3b2iZ3LEpNlfe mQINBGPIEycBEACpG4qSjhxA6fh4QJVJxFVBvCFt9tVx/hDbKH0Ryy9iilyMeReC
EqfUiK88edtEFgmioozHif2ZBRj2pyV2gckPmXna2b0UOefAAibMSTYXwhUQRgw4 AS1/CZnSv/fhDNKmVPckf6on72z/ODwZcVfMV6DHkxmZ6x/tQrS6CWfKkupsON2H
DNbecJk6J3HfcsXBVO4jGcR98UCVmpslZkqax1b/q+ju5BGA1PBHZZqGyooVWdv2 KS3t4HUivahwHPlWtbfDqsWNwTAsZqklKpJQWY2ADPwurkbCmtYSjsgbLuWe23Pd
5fmJ6ZPdMWKr6lyCVbMKU3Z3zzsWlsqsA1aadNbwsg1vPHemVwGiI1esQFZo2ltS nJpLTHtlChM0ntW/l7Le1zYjGPUGoxMJgjg1YG8fi2l/zS0Of8bdQ26ps+WRvrSQ
K37Ar9hJSMreVeU5k0Vrg5rWaQnNEjcpVJQMHapMxTG3RZzZrl6jMVCFKia4JWPk RKhfAkfIgUiCXxBpDlN1spN73ZlAkaSb+myTfEKyJR55Yt9pHfkDdJh26RVgE1+N
LBcPL4GP6qlHxLng/lv+6uullddv8dMxFwr8uClyvyoJcTjL78RMFG5+6AqK8v89 GuLmm6oidaD9lTlNJ9P8wlLzoof3xJXYprgLLz/HmgtawnJ+DxFIXoXNNpUmhORJ
Xy2BpQfOWnlBC492+X7wEAZX9zVhRg1cqZKn9l3YkIf1tQnSXu7S4oqLRsc/53rw 6Hb2Z5IKIyGIwXhQVe2Lw7B8awBNV99zUw517Wuax3RYx7Hwhntz9gFxS4GRxaCo
QuD2YxyIbDEG5vYBrQouL6cgasRGYpzDak9qEOrtuckWZAZc89VxK3jJ9S5MxLha uLCFQ0AgDCkMHyEHufQo1XdjIB7fz6U551y5GMQw6/rjMnUM9ZI68SQ/FWou2cQf
t55FNC6rhx0kLu5tK6RvsExp6bomUDfPWOUUoyJsVXqWi7A57nm2zFfLkaFYDXaX 533PyayvWOYQM4pP7ZmbzyCd393XlMaPWA5dyUOqv7Vcmv0IsAbncX6/KJmZAhKG
ijgfTsahvkI6BxVJ0QJTEOyx/ymURcelbfDAez6Mx6mDXD4kmsYoa/IXBPPvHwbK qu19xb6rv3ab2RbcU422guK3C/h/URPZJbSjf2w4jUV5UDe2veZg6BEVn7Sk5bW0
MdDZm5kyB0eyWpubAKvLGESe093xUQq9Sy77R/vZ78CXUvLL/udOfjm+QQARAQAB ceX8n0GVbPNG7CvRduJPjXNzsz3FzmUS8QFFde3H5gl1T0f6GcfhmKgKEQARAQAB
tDdJbmZsdXhEYXRhIFBhY2thZ2UgU2lnbmluZyBLZXkgPHN1cHBvcnRAaW5mbHV4 tDdJbmZsdXhEYXRhIFBhY2thZ2UgU2lnbmluZyBLZXkgPHN1cHBvcnRAaW5mbHV4
ZGF0YS5jb20+iQJOBBMBCgA4FiEEJMl1y6YaAk7htjF4fD1XFZ/C+ScFAmPIEtQC ZGF0YS5jb20+iQJVBBMBCAA/BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUJBaOk
GwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQfD1XFZ/C+SekJQ/9HPftk2YP /BYhBJ1TnZDTMo3H1sjTudj/jh99+LB+BQJjyB9PAhsDAAoJENj/jh99+LB+klgQ
PZgWUVOiFswKORLSp6REycxUFzl8vliHfkglR+FmCGeNJdB+Aw14kKzHXPh1RZ8p AKOKdwTyKOr6+mnRrACz5U3EFxfAXXFGan9Ka7Nzgz4K+FOnTtT1gWwqrPPmTKQk
ghlwl4oirXsiqOFGVtHS/4ne1mGpk5bw8R/pGWwrtIUEUtQULRHshUL4T2FcBJwt epNUMcelfX1kCA08yCm0nyw2niqxES40W33ergKUj6jlDx7UQYXWsDQGD9IKksa8
RdeJbZAyRKnnw9Ub1CtT02RyQsPCkFJIjQpTyZwRBrk4Z/Br9z12cQLrZXCOxmhw MWfZlJ3zlrsGKXA4oa+kfY+vltWDVP8WhLcQzm2LywbKvr3WgY80GZbnRjoekiBK
lWvbC0Bn8EeJAk35xYHHJuK+eJx+lnstxl5c+5qZg+z5X0lXjg22vFwiYvJ7bxjH oMKztQVMJG5yNZBo9B4JrqB3wMpnXZxEtqZcBPsJJdXTFKHsQ7kB9TMNorbUvDNH
cwG8QSDVkUsyqLIsLwz+Y1Rb404Pq9tWg0dN8hdDa6kV4pi0L3rx5PJMZb/ufkR+ ohwsprgMw84vHikEk9jyCypXpYq/E/wvkM0CeIUJ36S2vGvACib7BiY6Xv0BQbM4
9gBUV6dOYWbzmDHhMe89xKUeNBRV4AZ9no8QtB0s5PzUNB2EB1m94R/W+dQGt8ZP rWq2Rrjag1y5vVAF9gJkeo/3rhM6lE1ahDCRq0QcBMVzbxiE+3COIzRPmz14J3Yn
Q9tn1kd+SqqbzOWHgxr7o7BvFfU3wNrc1MwMBTOiYVlCgJFUc2gvOV2Vs09OBRsG 0pkvzlVkNj5UZR8q91ESl+UxkFCP1wzcXgs0dpJWirQIOZ9E2eYv3LcjE68xjW1k
uZEBS0xpoXemAnp54YazKKYqgiyWNZNIboWVzN5YXatXv5jc3pFwYPP2FGy9VEj0 c5q1GOGvJI7aXADxUZ4lFbz+NUb4Ts4HXHc8gV1Gm0vvmIqv2YfAvL5DXbKLdZxh
HvZh+GaAs62vrBcNi6aj4LqHeuv7gWEcVrMWeGaQcxGpr+MESh0W1ryS+DaW+g00 73CxKvBMmTXIEQ+vQJ3p1ZnUnb+l6DoxEFWg/hXHmE5jY3P6HIVFdliXF5FEs1lr
6VN7SOhsygcBU2NyxUNjwqZ7/YXjtjaHnC19rHFc5C1Ny2OfTAS+vU+1WSLZ3fih 9snU2Pn1BDL+TBN7SX0QbKqArWA4qyn6eGH8Z1ULoUVBPCjwC9QuInp/9fqifFYo
kpWlWICNP6CppJ663egz8arvDjnQEeHSSxa5Ag0EY8gTJwEQAKkbipKOHEDp+HhA OM3A51MDGyc/HCVG6jNJEI5h71QGHlPfyQybpjy7rQSe
lUnEVUG8IW321XH+ENsofRHLL2KKXIx5F4IBLX8JmdK/9+EM0qZU9yR/qifvbP84 =YwXc
PBlxV8xXoMeTGZnrH+1CtLoJZ8qS6mw43YcpLe3gdSK9qHAc+Va1t8OqxY3BMCxm
qSUqklBZjYAM/C6uRsKa1hKOyBsu5Z7bc92cmktMe2UKEzSe1b+Xst7XNiMY9Qaj
EwmCODVgbx+LaX/NLQ5/xt1Dbqmz5ZG+tJBEqF8CR8iBSIJfEGkOU3Wyk3vdmUCR
pJv6bJN8QrIlHnli32kd+QN0mHbpFWATX40a4uabqiJ1oP2VOU0n0/zCUvOih/fE
ldimuAsvP8eaC1rCcn4PEUhehc02lSaE5EnodvZnkgojIYjBeFBV7YvDsHxrAE1X
33NTDnXta5rHdFjHsfCGe3P2AXFLgZHFoKi4sIVDQCAMKQwfIQe59CjVd2MgHt/P
pTnnXLkYxDDr+uMydQz1kjrxJD8Vai7ZxB/nfc/JrK9Y5hAzik/tmZvPIJ3f3deU
xo9YDl3JQ6q/tVya/QiwBudxfr8omZkCEoaq7X3Fvqu/dpvZFtxTjbaC4rcL+H9R
E9kltKN/bDiNRXlQN7a95mDoERWftKTltbRx5fyfQZVs80bsK9F24k+Nc3OzPcXO
ZRLxAUV17cfmCXVPR/oZx+GYqAoRABEBAAGJBHIEGAEKACYWIQQkyXXLphoCTuG2
MXh8PVcVn8L5JwUCY8gTJwIbAgUJBaOagAJACRB8PVcVn8L5J8F0IAQZAQoAHRYh
BJ1TnZDTMo3H1sjTudj/jh99+LB+BQJjyBMnAAoJENj/jh99+LB+Ti8QAJLJw0Uq
AGxio0ejT7jYrf56NMIYnIp9VdlHYQQyJP8/WyiQHq0w+mxNy+3RkfUscI5hqhHv
/UWoPAbNiy18qeVsivnGkCwegPVvQyE18j3YHW4TWN6pjirSu/5DMeLUMJcVm6eP
KDDwJF2aF/xBUgF8ctFYxvThwG2FnRiBq3P1pdp2D9FAIPHGtmkVJs+yuO9NonA8
7YDCu0r4buisQhDNpvEJFPXaTb0Jo4Q3Xg6db2IVVdCr1K1VgEE4oG8wLDW8e8u1
hdD3I/pG7DgP40/y3QFleq18Sts0SUemIoOO79h/xHCA9xlIppSs3yNu/5n8M6J7
ar2vvzq34LmR68Wenw9ErmaVZpOdjGlGDWCcqefhFfl6Kvn1H93zVWt+FSyrQrsW
or2OwTrDXyijeCmfqYyN182B3R+E5NajJvSd4X504MPgVaAqKsWrqbMGqpyTPMCg
H/LteOBA9rKm/yZvWqrttHIBiCnlkqbMVC/KqwA1jlbJV24yGJ3byMPe7KvqUoc3
lMlV6duOuFblLWCVAsDUpuFoRe7hrmN6dcjn/vGpZbVMA5mqvkLdLbl+8B+7h5Bt
gyRobmrc+spaikIoyffgAvMCqTWDJGP240xw23CzI42i2A2lNQibr8xTK1XefCJz
z4iitOlixvElDvAdjaB3OXLngZhY95c6+tVydcAP/2DmBeCml5dNDdG+aEaP5ieL
FIZq9ex8gY3GYaoC4x0nZs+o6H4yBzdyKZPk2NoPB4yOKLb2FpOTMYtH4ekUgEYV
CKiyu8n8G48j8anYYFsH2l6K3imkiMUrNL0LqVNRk+gbLh1uRQs96TXBT0bgv0Ed
WBee8rjCpsx3ZIBQX7UsJfKLJFjjMiXPXjWjHDb5RRyyJ/qjWFZ/cdoUpRCJtnSR
bd21ho3uHsFuJgNy3OXYhsvc5xTafdKYQcWvyU9MvNLnLkyVCY2U9sUIL8H4QqcE
AoeUIMT7QjN1uCxx2DaiS5mtgvf6Lzs19FQmxVql9DgD/d2BpI6v4e/A/UPGlP22
ho+gu70J/z1zQGiwcC3J02wofzby4UZjyRT4QaKMA8s+R9L3L4kyejWBTI02lunR
fzhisvu3UKXKnoWDZ0msRrPdMCZFgf6C2DYJa8kK3iqaS2Xjzt2Fert8nT1dp003
wQbxZ7+Takb62meVSUxo5NwKCF3f2PgkgZ+Dbj80Jtp0KEiOpRquUmf1+8bCiGl6
LCfZp8OZLeZ5GhUanyJjy41Kc3yi7FwyUQt4qMI5reAeEvFks9BjUc4O9Ke2JUQn
nzJFOkWza20F9abgR7vpI0XbXeJnlhokw7QU1Kj8BBkwpn13BRgucaJrHnKf4WoN
mkkO7wkTEAhz6IuBGjMguQINBGhwK6ABEACtsIMXIPGPeNXXxnY7Uh+i28Stamec
5WJ8KSQ3CIAl4J/mXujhnwmfDrpB/Y12V5Bg/1DeCjCT1iKBiUT2JbhcTkUQnatZ
XF41ChnbK7LTjwbLTCoOo0OJJzDe0QNZ7CLXSk6Dv0gfBpe7KpZOXLVfGuqhrnrv
Ta1qgz5TeBermbRLUVin7R7oyibqPoHWELNjXDokm8Ub0f3tw3mE6I/D1TIkNTpf
covBR6Ss9/qheh4nJEnl7SmNrQbK1pMdtLKKd/0i5EgUlAw22Ygj6xa/aeUCjcG6
4pBv/xWFtxLyy+WVBIyfM+lo9KRKJ2pld8DAYBxiPCKpQMWpfS1fwHYRvEFn/DvC
JFS/Md0nUHkSooCKkbeNchs93gtCJOyuJ/RBnPKrpIPU5DglBqZxFvw3R7Jihx8n
6F5ZztOzqV1IngObsfs8SBtm3nUrhn6Hg1YkfT3XYDsCugZoMLfpfrwKqmdGBA2J
E27g80Ot32uTy9GN6uBdrQp01n+Coo1EyiH5bY5nMSAOfN2IygzlkEZJXuXPzmHP
wJUg0JCdqxSFkU2JdyCPGbQyoyplbMyd48PlEDHUcoV1CsW2rdIrbhYYFl1lVetI
gLYCrZi+xZpmH8Tby60hk9d5+s5AHLSKLbsuMgmF7oGeXAs7ZUQi07PHaEOjeL0L
jfsK507DwMn9bQARAQABiQRyBBgBCgAmFiEEJMl1y6YaAk7htjF4fD1XFZ/C+ScF
AmhwK6ACGwIFCQaguoACQAkQfD1XFZ/C+SfBdCAEGQEKAB0WIQSsENdEnzQ63O/d
wrbaYcJqBYW9OwUCaHAroAAKCRDaYcJqBYW9O1hEEACQ8/5ThIjjhvS6ZkIzTab4
e5/qj3tUpUFJH82wsf1E55U1bTEPOj82avXTQLWK6f+hn2YABc03j89URBytA99k
T400y/vjWPSNMm8w++VzGMIiPer7soKMZGGFYfsAClkk5VZ3o9bCFy9ROG98q5fr
MpYkXUJmvJvoZVDRdbhW+RE37g0g5i89EtFvF6JSEpzaPs7pqJUsXK02R65lT5qy
YVJxUqVWCpVaazsj37Inh0zeERRlGnmfPCOfbycFv0AQBwEwY0IGdb3/7vmKSKBb
5LRoiv/yO76NJWDbPXB7AqW5DPtBdU/j8x7YrI8GgM/4ADvBkuxSbReKGCxlbOeX
KEf+SBGbPjtY35hRST14TUmOryaFek/f39nYiFByXiPvjcoOfH1dZZOnj+BwW4AP
LSSFjUTBMZbTkvGfOQlThiX7y2H0J4LKXp5j1FGzQGel0Ij+sO09vDQ1iQ/bXvq6
ZGAVVR4HMOLoEC/YI4WbnONZdtpmUUykvtO5zN4lBEseION83kmxPyvVRAtd0ctq
IDIxGdnToaYQCsYOf0lsqk+KdI81xskUgegqEBjGcRq6ShhKNHTJiJVFNeIm+XA7
I5Kl468xtyEeDUsrUJzW9zs7G+XCGEjx5Jq++4hSRu96dfEaS/Kz3O3SWIxmKc5u
Lq3gKEm2O/QZY3sDK4DVNfSoD/98Gb+YCcvnDB+1tBeDiLOp1/2EG2WXkmnkiHBD
0Ifw72miBhwpBmjlBZTdyfjZkvcs5Ga2H7Dfw6EAMJlpV0Wt4z3170W6va81I/Av
mGUPknVHyExez9vqcJWCCQ/xKvrQ25EoTpAzkueEWzuVruTQkc0vuUlOM/gGUbxS
uhbyiH6AVrJ/6QgZw/iSdcTHG50976bSjHpLUQaTiMXglx+wuMb8ECck4cT18FEF
6sle/4MTtLYcm6IJbFk5pVGmJSpTlSCArWqyKG8d8Lqe/XolB2+YJf/JF53ariL8
AHoyCEBUAUnYqEbjSKMUWvIXdIeezvhTk7VVRN3ssdfUBX1/t1R46rz0oiP/9Bol
AKXupdNIwxWCCABDxWVkR6PtWo3mqGhbh3MqXdElpdD84BDahvEU/mIzZkln6Bhr
CnKRBt4mxHVs/jUR5IOBX5foEKJM3GFU+OQ0bi8gzYxfoF6mfO42Km2RvrqHpBJa
OtMEDP2hvCZi+O9WZYNna74u4IFEIpULAeoU3e/7B4DJNOtHTPRmdwpHrZBszrz7
tYTqYmqG1DjiGieki6Byvw0/9XIYoHZBuLu51iHj3WwOeuYj2Gi5boq+YXumW9xQ
gUgyWu8M6XFa4UCzpx50Zay/BWA9LsRxUUpDNCjysg4gDuw9WflUI+LdlrvKFBX9
AHMnjg==
=UiOS
-----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----

9
data/grafana/flux.mako
View file

@ -8,21 +8,16 @@ from(bucket: "${bucket}")
|> filter(fn: (r) => exists r["${exist}"]) // WTF |> filter(fn: (r) => exists r["${exist}"]) // WTF
% endfor % endfor
|> aggregateWindow(every: v.windowPeriod, fn: mean, createEmpty: false) // aggregate early for best performance |> aggregateWindow(every: v.windowPeriod, fn: mean, createEmpty: false) // aggregate early for best performance
% if over is not None: % if minimum:
|> filter(fn: (r) => r._value > ${over}) |> filter(fn: (r) => r._value > ${minimum})
% endif % endif
% if function == 'derivative': % if function == 'derivative':
|> derivative(nonNegative: true) |> derivative(nonNegative: true)
% elif function == 'difference':
|> difference(nonNegative: true)
% endif % endif
% if boolean_to_int: % if boolean_to_int:
|> map(fn: (r) => ({r with _value: if r._value == true then 1 else 0 })) |> map(fn: (r) => ({r with _value: if r._value == true then 1 else 0 }))
% endif % endif
% if negative: % if negative:
|> map(fn: (r) => ({r with _value: r._value * - 1.0})) |> map(fn: (r) => ({r with _value: r._value * - 1.0}))
% endif
% if multiply is not None:
|> map(fn: (r) => ({r with _value: r._value * ${multiply}}))
% endif % endif
|> yield(name: "mean") |> yield(name: "mean")

2
data/grafana/rows/cpu.py
View file

@ -51,7 +51,7 @@
}, },
'min': 0, 'min': 0,
'soft_max': 3, 'soft_max': 3,
'display_name': '${__field.labels.resource}', 'display_name': '__field.labels.resource',
'unit': 'percent', 'unit': 'percent',
'tooltip': 'multi', 'tooltip': 'multi',
'legend': { 'legend': {

4
data/grafana/rows/disk_io.py
View file

@ -16,7 +16,7 @@
}, },
}, },
'unit': 'Bps', 'unit': 'Bps',
'display_name': '${__field.labels.name}', 'display_name': '__field.labels.name',
'tooltip': 'multi', 'tooltip': 'multi',
}, },
'write': { 'write': {
@ -36,7 +36,7 @@
}, },
}, },
'unit': 'Bps', 'unit': 'Bps',
'display_name': '${__field.labels.name}', 'display_name': '__field.labels.name',
'tooltip': 'multi', 'tooltip': 'multi',
}, },
} }

4
data/grafana/rows/health.py
View file

@ -17,7 +17,7 @@
}, },
'tooltip': 'multi', 'tooltip': 'multi',
'unit': 'MHz', 'unit': 'MHz',
'display_name': '${__field.labels.cpu}', 'display_name': '__field.labels.cpu',
'min': 0, 'min': 0,
}, },
# 'temperature': { # 'temperature': {
@ -57,6 +57,6 @@
}, },
'tooltip': 'multi', 'tooltip': 'multi',
'unit': 'degrees', 'unit': 'degrees',
'display_name': '${__field.labels.chip}', 'display_name': '__field.labels.chip',
}, },
} }

4
data/grafana/rows/net_io.py
View file

@ -13,7 +13,7 @@
}, },
}, },
'unit': 'Bps', 'unit': 'Bps',
'display_name': '${__field.labels.interface}', 'display_name': '__field.labels.interface',
'tooltip': 'multi', 'tooltip': 'multi',
}, },
'out': { 'out': {
@ -30,7 +30,7 @@
}, },
}, },
'unit': 'Bps', 'unit': 'Bps',
'display_name': '${__field.labels.interface}', 'display_name': '__field.labels.interface',
'tooltip': 'multi', 'tooltip': 'multi',
}, },
} }

6
data/grafana/rows/postfix_queue.py
View file

@ -12,7 +12,7 @@
'function': 'max', 'function': 'max',
}, },
}, },
'display_name': '${__field.labels.queue}' 'display_name': '__field.labels.queue'
}, },
'size': { 'size': {
'stacked': True, 'stacked': True,
@ -27,7 +27,7 @@
'function': 'max', 'function': 'max',
}, },
}, },
'display_name': '${__field.labels.queue}' 'display_name': '__field.labels.queue'
}, },
'age': { 'age': {
'stacked': True, 'stacked': True,
@ -42,6 +42,6 @@
'function': 'max', 'function': 'max',
}, },
}, },
'display_name': '${__field.labels.queue}' 'display_name': '__field.labels.queue'
}, },
} }

8
data/grafana/rows/proc_cpu_ram.py
View file

@ -9,11 +9,11 @@
'cpu_usage', 'cpu_usage',
], ],
}, },
'over': 0.2, 'minimum': 0.2,
}, },
}, },
'unit': 'percent', 'unit': 'percent',
'display_name': '${__field.labels.process_name}', 'display_name': '__field.labels.process_name',
'legend': { 'legend': {
'displayMode': 'table', 'displayMode': 'table',
'placement': 'right', 'placement': 'right',
@ -32,11 +32,11 @@
'memory_rss', 'memory_rss',
], ],
}, },
'over': 10*(10**6), 'minimum': 10*(10**6),
}, },
}, },
'unit': 'bytes', 'unit': 'bytes',
'display_name': '${__field.labels.process_name}', 'display_name': '__field.labels.process_name',
'legend': { 'legend': {
'displayMode': 'table', 'displayMode': 'table',
'placement': 'right', 'placement': 'right',

8
data/grafana/rows/proc_io.py
View file

@ -10,11 +10,11 @@
], ],
}, },
'function': 'derivative', 'function': 'derivative',
'over': 1024, 'minimum': 1024,
}, },
}, },
'unit': 'bytes', 'unit': 'bytes',
'display_name': '${__field.labels.comm}', 'display_name': '__field.labels.comm',
'legend': { 'legend': {
'displayMode': 'table', 'displayMode': 'table',
'placement': 'right', 'placement': 'right',
@ -34,11 +34,11 @@
], ],
}, },
'function': 'derivative', 'function': 'derivative',
'over': 1, 'minimum': 1,
}, },
}, },
'unit': 'bytes', 'unit': 'bytes',
'display_name': '${__field.labels.comm}', 'display_name': '__field.labels.comm',
'legend': { 'legend': {
'displayMode': 'table', 'displayMode': 'table',
'placement': 'right', 'placement': 'right',

97
data/grafana/rows/routeros_errors.py
View file

@ -1,97 +0,0 @@
{
'critical': {
'stacked': True,
'queries': {
'generic': {
'filters': {
'_measurement': 'mikrotik_interface_generic',
'_field': [
'in_errors',
'out_errors',
],
'operating_system': 'routeros',
},
'function': 'difference',
'over': 0,
},
'mikrotik': {
'filters': {
'_measurement': 'mikrotik_interface_detailed',
'_field': [
'rx_fcs_errors',
'rx_align_errors',
'rx_code_errors',
'rx_carrier_errors',
'rx_jabber',
'rx_fragment',
'rx_length_errors',
'tx_late_collisions',
'tx_excessive_collisions',
'link_downs',
],
'operating_system': 'routeros',
},
'function': 'difference',
'over': 0,
},
},
'min': 0,
'unit': 'cps',
'tooltip': 'multi',
'display_name': '${__field.name} ${__field.labels.ifName} ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'table',
'placement': 'right',
'calcs': [
'max',
],
},
},
'warning': {
'stacked': True,
'queries': {
'generic': {
'filters': {
'_measurement': 'mikrotik_interface_generic',
'_field': [
'in_discards',
'out_discards',
],
'operating_system': 'routeros',
},
'function': 'difference',
'over': 0,
},
'mikrotik': {
'filters': {
'_measurement': 'mikrotik_interface_detailed',
'_field': [
'rx_too_short',
'rx_too_long',
'rx_drop',
'tx_drop',
'rx_pause',
'tx_pause',
'tx_pause_honored',
'tx_collisions',
'tx_total_collisions',
],
'operating_system': 'routeros',
},
'function': 'difference',
'over': 0,
},
},
'min': 0,
'unit': 'cps',
'tooltip': 'multi',
'display_name': '${__field.name} ${__field.labels.ifName} ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'table',
'placement': 'right',
'calcs': [
'max',
],
},
},
}

107
data/grafana/rows/routeros_health.py
View file

@ -1,107 +0,0 @@
{
'temperature': {
'stacked': False,
'queries': {
'temp': {
'filters': {
'_measurement': 'mikrotik_health',
'sensor': [
'temperature',
'cpu-temperature',
'switch-temperature',
'board-temperature1',
'sfp-temperature',
],
'_field': [
'value',
],
'operating_system': 'routeros',
},
},
},
'min': 0,
'unit': 'celsius',
'tooltip': 'multi',
'display_name': '${__field.labels.sensor}',
'legend': {
'displayMode': 'hidden',
},
},
'fan': {
'stacked': False,
'queries': {
'temp': {
'filters': {
'_measurement': 'mikrotik_health',
'sensor': [
'fan1-speed',
'fan2-speed',
],
'_field': [
'value',
],
'operating_system': 'routeros',
},
},
},
'min': 0,
'unit': 'rpm',
'tooltip': 'multi',
'display_name': '${__field.labels.sensor}',
'legend': {
'displayMode': 'hidden',
},
},
'psu_current': {
'stacked': False,
'queries': {
'temp': {
'filters': {
'_measurement': 'mikrotik_health',
'sensor': [
'psu1-current',
'psu2-current',
],
'_field': [
'value',
],
'operating_system': 'routeros',
},
'multiply': 0.1,
},
},
'min': 0,
'unit': 'ampere',
'tooltip': 'multi',
'display_name': '${__field.labels.sensor}',
'legend': {
'displayMode': 'hidden',
},
},
'psu_voltage': {
'stacked': False,
'queries': {
'temp': {
'filters': {
'_measurement': 'hw',
'sensor': [
'psu1-voltage',
'psu2-voltage',
],
'_field': [
'value',
],
'operating_system': 'routeros',
},
'multiply': 0.1,
},
},
'min': 0,
'unit': 'volt',
'tooltip': 'multi',
'display_name': '${__field.labels.sensor}',
'legend': {
'displayMode': 'hidden',
},
},
}

54
data/grafana/rows/routeros_packets.py
View file

@ -1,54 +0,0 @@
{
'in': {
'stacked': True,
'queries': {
'in': {
'filters': {
'_measurement': 'mikrotik_interface_generic',
'_field': [
'in_ucast_pkts',
'in_mcast_pkts',
'in_bcast_pkts',
],
'ifType': [6],
'operating_system': 'routeros',
},
'function': 'derivative',
'over': 0,
},
},
'min': 0,
'unit': 'pps',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
'out': {
'stacked': True,
'queries': {
'out': {
'filters': {
'_measurement': 'mikrotik_interface_generic',
'_field': [
'out_ucast_pkts',
'out_mcast_pkts',
'out_bcast_pkts',
],
'ifType': [6],
'operating_system': 'routeros',
},
'function': 'derivative',
'over': 0,
},
},
'min': 0,
'unit': 'pps',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
}

68
data/grafana/rows/routeros_poe.py
View file

@ -1,68 +0,0 @@
{
'power': {
'stacked': True,
'queries': {
'power': {
'filters': {
'_measurement': 'mikrotik_poe',
'_field': ['power'],
'operating_system': 'routeros',
},
'function': 'mean',
'multiply': 0.1,
'over': 0,
},
},
'min': 0,
'unit': 'watt',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
'current': {
'stacked': True,
'queries': {
'voltage': {
'filters': {
'_measurement': 'mikrotik_poe',
'_field': ['current'],
'operating_system': 'routeros',
},
'function': 'mean',
'multiply': 0.1,
'over': 0,
},
},
'min': 0,
'unit': 'ampere',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
'voltage': {
'stacked': False,
'queries': {
'voltage': {
'filters': {
'_measurement': 'mikrotik_poe',
'_field': ['voltage'],
'operating_system': 'routeros',
},
'function': 'mean',
'multiply': 0.1,
'over': 0,
},
},
'min': 0,
'unit': 'volt',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
}

46
data/grafana/rows/routeros_throughput.py
View file

@ -1,46 +0,0 @@
{
'in': {
'stacked': True,
'queries': {
'in': {
'filters': {
'_measurement': 'mikrotik_interface_generic',
'_field': ['in_octets'],
'ifType': [6],
'operating_system': 'routeros',
},
'function': 'derivative',
'over': 0,
},
},
'min': 0,
'unit': 'bps',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
'out': {
'stacked': True,
'queries': {
'out': {
'filters': {
'_measurement': 'mikrotik_interface_generic',
'_field': ['out_octets'],
'ifType': [6],
'operating_system': 'routeros',
},
'function': 'derivative',
'over': 0,
},
},
'min': 0,
'unit': 'bps',
'tooltip': 'multi',
'display_name': '${__field.labels.ifName} - ${__field.labels.ifAlias}',
'legend': {
'displayMode': 'hidden',
},
},
}

6
data/grafana/rows/smartctl.py
View file

@ -11,7 +11,7 @@
'function': 'mean', 'function': 'mean',
}, },
}, },
'display_name': '${__field.labels.device}', 'display_name': '__field.labels.device',
'min': 0, 'min': 0,
'unit': 'celsius', 'unit': 'celsius',
'tooltip': 'multi', 'tooltip': 'multi',
@ -29,7 +29,7 @@
'function': 'last', 'function': 'last',
}, },
}, },
'display_name': '${__field.labels.device}', 'display_name': '__field.labels.device',
'min': 0, 'min': 0,
'tooltip': 'multi', 'tooltip': 'multi',
}, },
@ -42,7 +42,7 @@
}, },
}, },
}, },
'display_name': '${__field.labels.device} ${__field.name}', 'display_name': '__field.labels.device} ${__field.name',
'min': 0, 'min': 0,
'tooltip': 'multi', 'tooltip': 'multi',
'legend': { 'legend': {

10
groups/locations/home.py
View file

@ -1,9 +1 @@
{ {}
'metadata': {
'nftables': {
'input': {
'udp dport 161 accept',
},
},
},
}

20
groups/os/routeros.py
View file

@ -9,13 +9,6 @@
'routeros', 'routeros',
], ],
'metadata': { 'metadata': {
'grafana_rows': {
'routeros_errors',
'routeros_throughput',
'routeros_poe',
'routeros_packets',
'routeros_health',
},
'routeros': { 'routeros': {
'gateway': '10.0.0.1', 'gateway': '10.0.0.1',
'bridge_priority': '0x8000', 'bridge_priority': '0x8000',
@ -25,15 +18,10 @@
'iot': '2', 'iot': '2',
'internet': '3', 'internet': '3',
'proxmox': '4', 'proxmox': '4',
'wokeonlan': '5',
'gast': '9', 'gast': '9',
'rolf': '51', 'rolf': '51',
}, },
'vlan_groups': { 'vlan_groups': {
'home': {
'untagged': 'home',
'tagged': set(),
},
'infra': { 'infra': {
'untagged': 'home', 'untagged': 'home',
'tagged': { 'tagged': {
@ -42,23 +30,15 @@
'proxmox', 'proxmox',
'gast', 'gast',
'rolf', 'rolf',
'wokeonlan',
}, },
}, },
'internet': { 'internet': {
'untagged': 'internet', 'untagged': 'internet',
'tagged': set(), 'tagged': set(),
}, },
'wokeonlan': {
'untagged': 'wokeonlan',
'tagged': set(),
},
}, },
'vlan_ports': {}, 'vlan_ports': {},
}, },
'telegraf': {
'influxdb_node': 'home.server',
},
}, },
'os': 'routeros', 'os': 'routeros',
} }

30
hass_get_temp.py
View file

@ -1,30 +0,0 @@
#! /usr/bin/env python3
import requests
from datetime import datetime, timedelta, timezone
BASE = "https://homeassistant.ckn.li"
TOKEN = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI1YjY0ZWE5N2FiMzM0NTQ0OGMyNjhmZTIxYzAxZTE1MSIsImlhdCI6MTc1NjAzOTAxNCwiZXhwIjoyMDcxMzk5MDE0fQ.X-sQli-NTpCjeXpn19zf-maPRDldkSeTuhKZua1k8uM"
ENTITY = "sensor.hue_outdoor_motion_sensor_2_temperature"
HEADERS = {
"Authorization": f"Bearer {TOKEN}",
"Content-Type": "application/json",
}
begin = datetime(2025, 7, 1, 0, 0, 0, tzinfo=timezone.utc)
current = begin
now = datetime.now(timezone.utc)
while current < now:
current += timedelta(hours=1)
resp = requests.get(
f"{BASE}/api/history/period/{current.isoformat()}",
params={
"end_time": current.isoformat(),
"filter_entity_id": ENTITY
},
headers=HEADERS,
timeout=15,
)
print(current, resp.json())

18
hooks/test_ptr_records.py
View file

@ -1,18 +0,0 @@
from subprocess import check_output
def test_node(repo, node, **kwargs):
for node in repo.nodes_in_group('mailserver'):
domain = node.metadata.get('mailserver/hostname')
expected_ptr_record = f"{domain}."
expected_a_record = node.hostname
# check A record
actual_a_record = check_output(['dig', '+short', 'A', domain, '@9.9.9.9'], text=True).strip()
if actual_a_record != expected_a_record:
raise AssertionError(f"A record for {expected_a_record} on node {node.name} is {actual_a_record}, expected {expected_a_record}")
# check otr record
actual_ptr_record = check_output(['dig', '+short', '-x', expected_a_record, '@9.9.9.9'], text=True).strip()
if actual_ptr_record != expected_ptr_record:
raise AssertionError(f"PTR record for {expected_a_record} on node {node.name} is {actual_ptr_record}, expected {expected_ptr_record}")

14
hooks/unique_node_ids.py
View file

@ -1,14 +0,0 @@
def test_unique_node_ids(repo):
ids = {}
for node in repo.nodes:
if node.metadata.get('id') in ids:
raise ValueError(f"Duplicate node ID found: {node.metadata.get('id')} in node {node.name} and {ids[node.metadata.get('id')]}")
ids[node.metadata.get('id')] = node.name
def apply_start(repo, target, nodes, interactive=False, **kwargs):
test_unique_node_ids(repo)
def test(repo, **kwargs):
test_unique_node_ids(repo)

7
hooks/wake_on_lan.py
View file

@ -1,8 +1,5 @@
def wake_on_lan(node):
node.repo.libs.wol.wake(node)
def node_apply_start(repo, node, **kwargs): def node_apply_start(repo, node, **kwargs):
wake_on_lan(node) repo.libs.wol.wake(node)
def node_run_start(repo, node, cmd, **kwargs): def node_run_start(repo, node, cmd, **kwargs):
wake_on_lan(node) repo.libs.wol.wake(node)

28
libs/version.py
View file

@ -1,28 +0,0 @@
from functools import total_ordering
@total_ordering
class Version():
def __init__(self, string):
self._tuple = self.tupelize(string)
def __lt__(self, other):
return self._tuple < self.tupelize(other)
def __eq__(self, other):
return self._tuple == self.tupelize(other)
def __repr__(self):
return f'{type(self).__name__}({repr(self._tuple)})'
def __str__(self):
return '.'.join(str(i) for i in self._tuple)
@staticmethod
def tupelize(version):
if isinstance(version, (int, float, str, Version)):
return tuple(int(i) for i in str(version).split('.'))
elif type(version) == tuple:
return version
else:
raise TypeError(type(version))

6
nodes/home.backups.py
View file

@ -12,7 +12,7 @@
'smartctl', 'smartctl',
'wol-sleeper', 'wol-sleeper',
'zfs', 'zfs',
#'zfs-mirror', 'zfs-mirror',
], ],
'metadata': { 'metadata': {
'id': '9cf52515-63a1-4659-a8ec-6c3c881727e5', 'id': '9cf52515-63a1-4659-a8ec-6c3c881727e5',
@ -25,7 +25,7 @@
}, },
'wakeonlan': { 'wakeonlan': {
'interface': 'enp0s31f6', 'interface': 'enp0s31f6',
'ipv4': '10.0.5.5/24', 'ipv4': '10.0.0.6/24',
'mac': '4c:cc:6a:d5:96:f8', 'mac': '4c:cc:6a:d5:96:f8',
}, },
}, },
@ -38,7 +38,7 @@
}, },
'wol-sleeper': { 'wol-sleeper': {
'network': 'wakeonlan', 'network': 'wakeonlan',
'waker': 'home.router', 'waker': 'home.server',
}, },
'zfs-mirror': { 'zfs-mirror': {
'server': 'wb.offsite-backups', 'server': 'wb.offsite-backups',

11
nodes/home.bootshorn-laptop.py
View file

@ -1,5 +1,5 @@
{ {
'hostname': '10.0.0.150', 'hostname': '10.0.0.162',
'bundles': [ 'bundles': [
'bootshorn', 'bootshorn',
'systemd', 'systemd',
@ -7,14 +7,5 @@
], ],
'metadata': { 'metadata': {
'id': '25c6f3fd-0d32-42c3-aeb3-0147bc3937c7', 'id': '25c6f3fd-0d32-42c3-aeb3-0147bc3937c7',
'network': {
'internal': {
'ipv4': '10.0.0.150/24',
'mac': 'd6:d8:61:33:f2:05',
},
},
}, },
} }
# rsync -avh --progress -e 'ssh -o "StrictHostKeyChecking no"' 10.0.0.150:/opt/bootshorn/recordings /hdd/bootshorn
# rsync -avh --progress -e 'ssh -o "StrictHostKeyChecking no"' 10.0.0.196:/opt/bootshorn/events ~/Downloads/bootshorn-events

3
nodes/home.homeassistant.py
View file

@ -33,9 +33,6 @@
# ssh-ed25519 # ssh-ed25519
# AAAAC3NzaC1lZDI1NTE5AAAAIJT9Spe+BYue7iiutl3rSf6PlU6dthHizyK+ZWnLodrA # AAAAC3NzaC1lZDI1NTE5AAAAIJT9Spe+BYue7iiutl3rSf6PlU6dthHizyK+ZWnLodrA
# root@home.server # root@home.server
# - >-
# ssh-ed25519
# AAAAC3NzaC1lZDI1NTE5AAAAILMVroYmswD4tLk6iH+2tvQiyaMe42yfONDsPDIdFv6I ckn
# sftp: true # sftp: true
# compatibility_mode: false # compatibility_mode: false
# allow_agent_forwarding: false # allow_agent_forwarding: false

2
nodes/home.homematic.py
View file

@ -25,7 +25,7 @@
'users': { 'users': {
'root': { 'root': {
'authorized_users': { 'authorized_users': {
'root@home.server': {}, 'root@home.server',
}, },
}, },
}, },

6
nodes/home.hue.py
View file

@ -1,6 +1,6 @@
{ {
'dummy': True, 'dummy': True,
'hostname': '10.0.0.143', 'hostname': '10.0.2.100',
'groups': [ 'groups': [
'home', 'home',
], ],
@ -8,13 +8,13 @@
'id': '87879bc1-130f-4fca-a8d2-e1d93a794df4', 'id': '87879bc1-130f-4fca-a8d2-e1d93a794df4',
'network': { 'network': {
'internal': { 'internal': {
'ipv4': '10.0.0.143/24', 'ipv4': '10.0.2.100/24',
'mac': '00:17:88:67:e7:f2', 'mac': '00:17:88:67:e7:f2',
}, },
}, },
'dns': { 'dns': {
'hue.ckn.li': { 'hue.ckn.li': {
'A': {'10.0.0.143'}, 'A': {'10.0.2.100'},
}, },
}, },
}, },

8
nodes/home.router.py
View file

@ -12,7 +12,6 @@
'kea-dhcpd', 'kea-dhcpd',
'wireguard', 'wireguard',
'pppoe', 'pppoe',
'wol-waker',
], ],
'metadata': { 'metadata': {
'id': '1d6a43e5-858c-42f9-9c40-ab63d61c787c', 'id': '1d6a43e5-858c-42f9-9c40-ab63d61c787c',
@ -43,13 +42,6 @@
'ipv4': '10.0.4.1/24', 'ipv4': '10.0.4.1/24',
'dhcp_server': True, 'dhcp_server': True,
}, },
'wakeonlan': {
'type': 'vlan',
'vlan_interface': 'internal',
'id': 5,
'ipv4': '10.0.5.1/24',
'dhcp_server': True,
},
'guest': { 'guest': {
'type': 'vlan', 'type': 'vlan',
'vlan_interface': 'internal', 'vlan_interface': 'internal',

6
nodes/home.server.py
View file

@ -31,8 +31,8 @@
'systemd-swap', 'systemd-swap',
'twitch-clip-download', 'twitch-clip-download',
'raspberrymatic-cert', 'raspberrymatic-cert',
'wol-waker',
'zfs', 'zfs',
'routeros-monitoring',
], ],
'metadata': { 'metadata': {
'id': 'af96709e-b13f-4965-a588-ef2cd476437a', 'id': 'af96709e-b13f-4965-a588-ef2cd476437a',
@ -207,10 +207,6 @@
'hdd/nextcloud/ckn-privat': { 'hdd/nextcloud/ckn-privat': {
'mountpoint': '/var/lib/nextcloud/ckn-privat/files', 'mountpoint': '/var/lib/nextcloud/ckn-privat/files',
}, },
'hdd/bootshorn': {
'mountpoint': '/hdd/bootshorn',
'dedup': 'on',
},
}, },
}, },
}, },

17
nodes/home.switch-rack-10g.py
View file

@ -1,9 +1,7 @@
{ {
'hostname': '10.0.0.63', 'hostname': '10.0.0.63',
'username': 'admin',
'password': '!decrypt:encrypt$gAAAAABoYFUx2faf18aV3rzNNuBA-4xZ22LQJ2HinpgsjkoTQS_l2TbmDtiAZI1jt-kWfTZ48d5_UPX-VDmY9qb4Sgn2Iz7Yee3CrB4hl85TyutilukTIP8=', 'password': '!decrypt:encrypt$gAAAAABoYFUx2faf18aV3rzNNuBA-4xZ22LQJ2HinpgsjkoTQS_l2TbmDtiAZI1jt-kWfTZ48d5_UPX-VDmY9qb4Sgn2Iz7Yee3CrB4hl85TyutilukTIP8=',
'groups': [ 'groups': [
'home',
'routeros', 'routeros',
], ],
'metadata': { 'metadata': {
@ -17,35 +15,30 @@
'ports': { 'ports': {
'sfp-sfpplus1': { 'sfp-sfpplus1': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.router',
}, },
'sfp-sfpplus2': { 'sfp-sfpplus2': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.server',
}, },
'sfp-sfpplus3': { 'sfp-sfpplus3': {
'vlan_group': 'home', 'vlan_group': 'infra',
'comment': 'home.backups',
}, },
'sfp-sfpplus4': { 'sfp-sfpplus4': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp-sfpplus5': { 'sfp-sfpplus5': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp-sfpplus6': { 'sfp-sfpplus6': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp-sfpplus7': { 'sfp-sfpplus7': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp-sfpplus8': { 'sfp-sfpplus8': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.switch-vorratsraum-poe',
}, },
'ether1': { 'ether1': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.switch-rack-poe',
}, },
}, },
}, },

28
nodes/home.switch-rack-poe.py
View file

@ -1,9 +1,7 @@
{ {
'hostname': '10.0.0.64', 'hostname': '10.0.0.64',
'username': 'admin',
'password': '!decrypt:encrypt$gAAAAABob2elR_Sm13u-oG1ff_zOeEsay8PZ0Wgbl810hAZNhvuTYWJuNAJ1oyelC6sy7WsD2CC33oVLeb6m0EtNARtMs-2gKu9KlT7Xat1MvV-iatDKvro=', 'password': '!decrypt:encrypt$gAAAAABob2elR_Sm13u-oG1ff_zOeEsay8PZ0Wgbl810hAZNhvuTYWJuNAJ1oyelC6sy7WsD2CC33oVLeb6m0EtNARtMs-2gKu9KlT7Xat1MvV-iatDKvro=',
'groups': [ 'groups': [
'home',
'routeros', 'routeros',
], ],
'metadata': { 'metadata': {
@ -17,43 +15,39 @@
'ports': { 'ports': {
'ether1': { 'ether1': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.switch-rack-10g',
}, },
'ether2': { 'ether2': {
'vlan_group': 'home', 'vlan_group': 'infra',
'comment': 'unifi-cloudkey',
}, },
'ether3': { 'ether3': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether4': { 'ether4': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether5': { 'ether5': {
'vlan_group': 'wokeonlan', 'vlan_group': 'infra',
'comment': 'home.backups',
}, },
'ether6': { 'ether6': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether7': { 'ether7': {
'vlan_group': 'home', 'vlan_group': 'infra',
'comment': 'usv',
}, },
'ether8': { 'ether8': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp9': { 'sfp9': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp10': { 'sfp10': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp11': { 'sfp11': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp12': { 'sfp12': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
}, },
}, },

55
nodes/home.switch-vorratsraum-poe.py
View file

@ -1,9 +1,7 @@
{ {
'hostname': '10.0.0.60', 'hostname': '10.0.0.60',
'username': 'admin',
'password': '!decrypt:encrypt$gAAAAABoYVzxzO0R_bnW3S3Ggiq2LCCAGaKtXToviGZjgIlH2NpL9ojO8aNlSPPcGTKbn5z5RxSxjOlL161U0Ctdf6Rns2e5I5p5TIcsQ7c9qnAiaV-Hhuw=', 'password': '!decrypt:encrypt$gAAAAABoYVzxzO0R_bnW3S3Ggiq2LCCAGaKtXToviGZjgIlH2NpL9ojO8aNlSPPcGTKbn5z5RxSxjOlL161U0Ctdf6Rns2e5I5p5TIcsQ7c9qnAiaV-Hhuw=',
'groups': [ 'groups': [
'home',
'routeros', 'routeros',
], ],
'metadata': { 'metadata': {
@ -17,92 +15,87 @@
'ports': { 'ports': {
'sfp-sfpplus1': { 'sfp-sfpplus1': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.switch-rack-10g',
}, },
'sfp-sfpplus2': { 'sfp-sfpplus2': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.switch-wohnzimmer-10g',
}, },
'sfp-sfpplus3': { 'sfp-sfpplus3': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'sfp-sfpplus4': { 'sfp-sfpplus4': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether1': { 'ether1': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether2': { 'ether2': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'switch-gartenhaus-unifi',
}, },
'ether3': { 'ether3': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether4': { 'ether4': {
'vlan_group': 'internet', 'vlan_group': 'internet',
'comment': 'fritzbox',
}, },
'ether5': { 'ether5': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether6': { 'ether6': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether7': { 'ether7': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether8': { 'ether8': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether9': { 'ether9': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether10': { 'ether10': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether11': { 'ether11': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether12': { 'ether12': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether13': { 'ether13': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether14': { 'ether14': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether15': { 'ether15': {
'vlan_group': 'home', 'vlan_group': 'infra',
'comment': 'noctua-fan',
}, },
'ether16': { 'ether16': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether17': { 'ether17': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether18': { 'ether18': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether19': { 'ether19': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether20': { 'ether20': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether21': { 'ether21': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether22': { 'ether22': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether23': { 'ether23': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
'ether24': { 'ether24': {
'vlan_group': 'home', 'vlan_group': 'infra',
}, },
}, },
}, },

9
nodes/home.switch-wohnzimmer-10g.py
View file

@ -1,9 +1,7 @@
{ {
'hostname': '10.0.0.62', 'hostname': '10.0.0.62',
'username': 'admin',
'password': '!decrypt:encrypt$gAAAAABoYFSyt2JAsdePXiHim1RdQwbarJedhAOE3XpS2rGMBx-F5eCWRCIyLU2g2ocUDUIDfgH3nBipUCkdcd0Bv4vbK-yqKmGSeSH7YXLYwq3ZWuCDsLM=', 'password': '!decrypt:encrypt$gAAAAABoYFSyt2JAsdePXiHim1RdQwbarJedhAOE3XpS2rGMBx-F5eCWRCIyLU2g2ocUDUIDfgH3nBipUCkdcd0Bv4vbK-yqKmGSeSH7YXLYwq3ZWuCDsLM=',
'groups': [ 'groups': [
'home',
'routeros', 'routeros',
], ],
'metadata': { 'metadata': {
@ -17,23 +15,18 @@
'ports': { 'ports': {
'ether1': { 'ether1': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'home.switch-vorratsraum-poe',
}, },
'ether2': { 'ether2': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'wohnzimmer-ap',
}, },
'ether3': { 'ether3': {
'vlan_group': 'home', 'vlan_group': 'infra',
'comment': 'gaming-pc',
}, },
'ether4': { 'ether4': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'schreibtisch-dock',
}, },
'ether5': { 'ether5': {
'vlan_group': 'infra', 'vlan_group': 'infra',
'comment': 'switch-wohnzimmer-unifi',
}, },
}, },
}, },

74
nodes/ovh.secondary.py
View file

@ -27,69 +27,17 @@
}, },
}, },
'left4dead2': { 'left4dead2': {
'servers': { 'server1': {
'vanilla': { 'overlay': 'pve',
'port': 27015, 'port': 27015,
'overlays': ['vanilla'], },
'config': [ 'server2': {
'sv_consistency 0', 'overlay': 'pve',
], 'port': 27016,
}, },
'tick100': { 'server3': {
'port': 27016, 'overlay': 'pve',
'arguments': ['-tickrate 100'], 'port': 27017,
'overlays': ['tickrate', 'vanilla', 'workshop_maps'],
'config': [
'exec server_tickrate.cfg',
'sv_minupdaterate 101',
'sv_maxupdaterate 101',
'sv_mincmdrate 101',
'sv_maxcmdrate 101',
'sv_consistency 0',
],
},
'tick100_maps': {
'port': 27017,
'arguments': ['-tickrate 100'],
'overlays': ['tickrate', 'vanilla', 'workshop_maps'],
'config': [
'exec server_tickrate.cfg',
'sv_minupdaterate 101',
'sv_maxupdaterate 101',
'sv_mincmdrate 101',
'sv_maxcmdrate 101',
'sv_consistency 0',
],
},
'vanilla_maps': {
'port': 27018,
'overlays': ['vanilla', 'workshop_maps'],
'config': [
'sv_consistency 0',
],
},
'tick60_maps': {
'port': 27019,
'arguments': ['-tickrate 60'],
'overlays': ['tickrate', 'vanilla', 'workshop_maps'],
'config': [
'exec server_tickrate.cfg',
'sv_minupdaterate 101',
'sv_maxupdaterate 101',
'sv_mincmdrate 101',
'sv_maxcmdrate 101',
'sv_consistency 0',
],
},
'zonemod': {
'port': 27020,
'arguments': ['-tickrate 60'],
'overlays': ['competitive_rework'],
'config': [
'exec server_competitive_rework.cfg',
'sm_forcematch zonemod',
],
},
}, },
}, },
'bind': { 'bind': {

2
nodes/wb.offsite-backups.py
View file

@ -29,7 +29,7 @@
'users': { 'users': {
'root': { 'root': {
'authorized_users': { 'authorized_users': {
'root@home.backups': {}, 'root@home.backups',
}, },
}, },
}, },

2
requirements.txt
View file

@ -1,4 +1,4 @@
bundlewrap ~=4.0, >=4.24 bundlewrap ~=4.0, >=4.17.2
pycryptodome pycryptodome
PyNaCl PyNaCl
PyYAML PyYAML