From d755267dd9611d13fd6f6791c28b1325ef4c67e1 Mon Sep 17 00:00:00 2001 From: CroneKorkN Date: Sun, 22 Jun 2025 22:22:52 +0200 Subject: [PATCH 1/6] proxmox --- bundles/ifupdown/items.py | 3 + bundles/network/metadata.py | 103 +++++++++++++------------- bundles/proxmox-ve/items.py | 21 ++++++ bundles/proxmox-ve/metadata.py | 99 +++++++++++++++++++++++++ bundles/systemd-networkd/items.py | 1 - data/apt/keys/proxmox-ve-bookworm.gpg | Bin 0 -> 1187 bytes groups/os/debian-11.py | 3 + groups/os/debian-12-common.py | 26 +++++++ groups/os/debian-12-pve.py | 10 +++ groups/os/debian-12.py | 4 + groups/os/linux.py | 1 - nodes/home.router.py | 8 +- nodes/home.server.py | 20 ++--- 13 files changed, 231 insertions(+), 68 deletions(-) create mode 100644 bundles/ifupdown/items.py create mode 100644 bundles/proxmox-ve/items.py create mode 100644 bundles/proxmox-ve/metadata.py create mode 100644 data/apt/keys/proxmox-ve-bookworm.gpg create mode 100644 groups/os/debian-12-common.py create mode 100644 groups/os/debian-12-pve.py diff --git a/bundles/ifupdown/items.py b/bundles/ifupdown/items.py new file mode 100644 index 0000000..9972a7e --- /dev/null +++ b/bundles/ifupdown/items.py @@ -0,0 +1,3 @@ +# svc_systemd = { +# 'ifupdown.service': {}, +# } diff --git a/bundles/network/metadata.py b/bundles/network/metadata.py index 8e8adbd..9e70910 100644 --- a/bundles/network/metadata.py +++ b/bundles/network/metadata.py @@ -36,61 +36,64 @@ def dhcp(metadata): 'systemd/units', ) def units(metadata): - units = {} + if node.has_bundle('systemd-networkd'): + units = {} - for network_name, network_conf in metadata.get('network').items(): - interface_type = network_conf.get('type', None) + for network_name, network_conf in metadata.get('network').items(): + interface_type = network_conf.get('type', None) - # network + # network - units[f'{network_name}.network'] = { - 'Match': { - 'Name': network_name if interface_type == 'vlan' else network_conf['interface'], - }, - 'Network': { - 'DHCP': network_conf.get('dhcp', 'no'), - 'IPv6AcceptRA': network_conf.get('dhcp', 'no'), - 'VLAN': set(network_conf.get('vlans', set())) - } - } - - # type - - if interface_type: - units[f'{network_name}.network']['Match']['Type'] = interface_type - - # ips - - for i in [4, 6]: - if network_conf.get(f'ipv{i}', None): - units[f'{network_name}.network'].update({ - f'Address#ipv{i}': { - 'Address': network_conf[f'ipv{i}'], - }, - }) - if f'gateway{i}' in network_conf: - units[f'{network_name}.network'].update({ - f'Route#ipv{i}': { - 'Gateway': network_conf[f'gateway{i}'], - 'GatewayOnlink': 'yes', - } - }) - - # as vlan - - if interface_type == 'vlan': - units[f"{network_name}.netdev"] = { - 'NetDev': { - 'Name': network_name, - 'Kind': 'vlan', + units[f'{network_name}.network'] = { + 'Match': { + 'Name': network_name if interface_type == 'vlan' else network_conf['interface'], }, - 'VLAN': { - 'Id': network_conf['id'], + 'Network': { + 'DHCP': network_conf.get('dhcp', 'no'), + 'IPv6AcceptRA': network_conf.get('dhcp', 'no'), + 'VLAN': set(network_conf.get('vlans', set())) } } - return { - 'systemd': { - 'units': units, + # type + + if interface_type: + units[f'{network_name}.network']['Match']['Type'] = interface_type + + # ips + + for i in [4, 6]: + if network_conf.get(f'ipv{i}', None): + units[f'{network_name}.network'].update({ + f'Address#ipv{i}': { + 'Address': network_conf[f'ipv{i}'], + }, + }) + if f'gateway{i}' in network_conf: + units[f'{network_name}.network'].update({ + f'Route#ipv{i}': { + 'Gateway': network_conf[f'gateway{i}'], + 'GatewayOnlink': 'yes', + } + }) + + # as vlan + + if interface_type == 'vlan': + units[f"{network_name}.netdev"] = { + 'NetDev': { + 'Name': network_name, + 'Kind': 'vlan', + }, + 'VLAN': { + 'Id': network_conf['id'], + } + } + + return { + 'systemd': { + 'units': units, + } } - } + else: + return {} diff --git a/bundles/proxmox-ve/items.py b/bundles/proxmox-ve/items.py new file mode 100644 index 0000000..d00540f --- /dev/null +++ b/bundles/proxmox-ve/items.py @@ -0,0 +1,21 @@ +files = { + '/etc/apt/apt.conf.d/10pveapthook': { + 'content_type': 'any', + 'mode': '0644', + }, + '/etc/apt/apt.conf.d/76pveconf': { + 'content_type': 'any', + 'mode': '0444', + }, + '/etc/apt/apt.conf.d/76pveproxy': { + 'content_type': 'any', + 'mode': '0444', + }, + '/etc/network/interfaces': { + 'content_type': 'any', + }, +} + +symlinks['/etc/ssh/ssh_host_rsa_key.pub'] = { + 'target': '/etc/ssh/ssh_host_managed_key.pub', +} diff --git a/bundles/proxmox-ve/metadata.py b/bundles/proxmox-ve/metadata.py new file mode 100644 index 0000000..0abe2ae --- /dev/null +++ b/bundles/proxmox-ve/metadata.py @@ -0,0 +1,99 @@ +defaults = { + 'apt': { + 'packages': { + 'linux-image-amd64': { + 'installed': False, + }, + 'proxmox-default-kernel': {}, + # after reboot + 'proxmox-ve': {}, + 'postfix': {}, + 'open-iscsi': {}, + 'chrony': {}, + 'os-prober': { + 'installed': False, + }, + 'dnsmasq-base': {}, + }, + 'sources': { + 'proxmox-ve': { + 'options': { + 'aarch': 'amd64', + }, + 'urls': { + 'http://download.proxmox.com/debian/pve', + }, + 'suites': { + '{codename}', + }, + 'components': { + 'pve-no-subscription', + }, + 'key': 'proxmox-ve-{codename}', + }, + }, + }, + # 'nftables': { + # 'input': { + # 'tcp dport 8006 accept', + # }, + # }, + 'zfs': { + 'datasets': { + 'tank/proxmox-ve': { + 'mountpoint': '/var/lib/proxmox-ve', + }, + } + } +} + + +# @metadata_reactor.provides( +# 'systemd', +# ) +# def bridge(metadata): +# return { +# 'systemd': { +# 'units': { +# # f'internal.network': { +# # 'Network': { +# # 'Bridge': 'br0', +# # }, +# # }, +# 'br0.netdev': { +# 'NetDev': { +# 'Name': 'br0', +# 'Kind': 'bridge' +# }, +# }, +# 'br0.network': { +# 'Match': { +# 'Name': 'br0', +# }, +# 'Network': { +# 'Unmanaged': 'yes' +# }, +# }, +# }, +# }, +# } + + +@metadata_reactor.provides( + 'nginx/vhosts', +) +def nginx(metadata): + return { + 'nginx': { + 'has_websockets': True, + 'vhosts': { + metadata.get('proxmox-ve/domain'): { + 'content': 'nginx/proxy_pass.conf', + 'context': { + 'target': 'https://localhost:8006', + 'websockets': True, + } + }, + }, + }, + } diff --git a/bundles/systemd-networkd/items.py b/bundles/systemd-networkd/items.py index 47bb2bd..af033ba 100644 --- a/bundles/systemd-networkd/items.py +++ b/bundles/systemd-networkd/items.py @@ -21,4 +21,3 @@ directories = { svc_systemd = { 'systemd-networkd.service': {}, } - diff --git a/data/apt/keys/proxmox-ve-bookworm.gpg b/data/apt/keys/proxmox-ve-bookworm.gpg new file mode 100644 index 0000000000000000000000000000000000000000..8e6e95e806e13e71e6175e9433e61c8b965edaec GIT binary patch literal 1187 zcmV;U1YG->0u2OXgJqln5CF^rXIo4a$3{!qI0{XK^pS@vp;huGOd+dKK}<2F8PfX1 zWf%Lxk-IT9WvvaMILjf4;grdsH+|(D6h18Mz72WuTXMP*9R(1aO)0SdrPuZ6k(zql`5Jf49aHba}!$=dmx-1s&1qbX!%19!rr1?HF zYsk1fmeD`5yL(+S(YnJgJa=oubCegXLn7|juqzqZBrgAuWo>Djgl>tqaPIC_y0>1@ z6|duk)NVxb_w7~8E_>YK6c@(KkbwPnl0uiwEX~3NN^qQW13nmd0KksaCa!iT!4w*W z_^5BYCr+zzb^$e{@NY?!ztqLujAb^Rfn2$xqg;}*+5acDnC)FT6No^;-=l@^!nPCB zqJFgQs#u50RcjZQ&ve$Y_ucVvkJSUv(P>I`TQoB42EFF}xxM+F%^5_VQ6?Cvmjgw~ zg-bqnEicROZd(Bo_djVbPI?u=`!uK0Px-|U2Bu9_u7IrJm;lj9G98GXAzRR&H@F2S z5$vJas!OX&3ZOvko-THjD0!scq6Y^aCQ<~7Gt2VA z?5BvxsA9&kMlDj=arG;cicsk#jpLH=)O$^-wyWp@MEcpDvu#p>Bjov+dvi%-+ ztJ284{ZW4X9!R19ds_5hHRQ>eYpav206~0TF+PygJ*R0sbbvx;l!m>{fU*JVH5FJ& z0l0c`O93|wL7+DbsZOW>uSfUNYW|2Lo!mDtf=FK={1#uKfkj~_@dYDOvpbC`y%QTt z8!xN|h3pm1A@Gfm^@`tn&S*uF2MH3ab6Px3>~9Di*gktsNs?4nHGZSR^G!I`gedM~ zSZXf4p8FQi zs<`~{1|zS;dAq<(lTB2_R*FA|s-x2M>&3@QO*RnzO#$ z!+~v^sL%u8W47sY1j5tedb;L>Jd^-?xipbWa2%u`Tb9HWE!?)_?y^#_ Date: Fri, 27 Jun 2025 15:02:11 +0200 Subject: [PATCH 2/6] mariadb use ini parser --- bundles/mariadb/files/override.conf | 11 ----------- bundles/mariadb/items.py | 6 ++---- libs/ini.py | 5 ++--- 3 files changed, 4 insertions(+), 18 deletions(-) delete mode 100644 bundles/mariadb/files/override.conf diff --git a/bundles/mariadb/files/override.conf b/bundles/mariadb/files/override.conf deleted file mode 100644 index ae2fccd..0000000 --- a/bundles/mariadb/files/override.conf +++ /dev/null @@ -1,11 +0,0 @@ -% for section, options in sorted(conf.items()): -[${section}] -% for key, value in sorted(options.items()): -% if value is None: -${key} -% else: -${key} = ${value} -% endif -% endfor - -% endfor diff --git a/bundles/mariadb/items.py b/bundles/mariadb/items.py index 58fd34e..7ff4e83 100644 --- a/bundles/mariadb/items.py +++ b/bundles/mariadb/items.py @@ -20,10 +20,8 @@ directories = { files = { '/etc/mysql/conf.d/override.conf': { - 'context': { - 'conf': node.metadata.get('mariadb/conf'), - }, - 'content_type': 'mako', + 'content': repo.libs.ini.dumps(node.metadata.get('mariadb/conf')), + 'content_type': 'text', }, } diff --git a/libs/ini.py b/libs/ini.py index f042569..f530144 100644 --- a/libs/ini.py +++ b/libs/ini.py @@ -14,7 +14,7 @@ class CaseSensitiveConfigParser(ConfigParser): return value def parse(text): - config = CaseSensitiveConfigParser() + config = CaseSensitiveConfigParser(allow_no_value=True) config.read_string(text) return { @@ -24,8 +24,7 @@ def parse(text): def dumps(dict): sorted_dict = json.loads(json.dumps(dict, sort_keys=True, cls=MetadataJSONEncoder)) - - parser = CaseSensitiveConfigParser() + parser = CaseSensitiveConfigParser(allow_no_value=True) parser.read_dict(sorted_dict) writable = Writable() -- 2.39.5 From 23947bd96769498c86725eb5c3c69af34d811409 Mon Sep 17 00:00:00 2001 From: CroneKorkN Date: Fri, 27 Jun 2025 23:05:21 +0200 Subject: [PATCH 3/6] mariadb fixed --- bundles/mariadb/items.py | 2 -- bundles/mariadb/metadata.py | 4 ++-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/bundles/mariadb/items.py b/bundles/mariadb/items.py index 7ff4e83..6758c48 100644 --- a/bundles/mariadb/items.py +++ b/bundles/mariadb/items.py @@ -10,8 +10,6 @@ directories = { 'group': 'mysql', 'needs': [ 'zfs_dataset:tank/mariadb', - ], - 'needs': [ 'pkg_apt:mariadb-server', 'pkg_apt:mariadb-client', ], diff --git a/bundles/mariadb/metadata.py b/bundles/mariadb/metadata.py index 8b65e31..ee406cb 100644 --- a/bundles/mariadb/metadata.py +++ b/bundles/mariadb/metadata.py @@ -3,12 +3,12 @@ defaults = { 'packages': { 'mariadb-server': { 'needs': { - #'zfs_dataset:tank/mariadb', + 'zfs_dataset:tank/mariadb', }, }, 'mariadb-client': { 'needs': { - #'zfs_dataset:tank/mariadb', + 'zfs_dataset:tank/mariadb', }, }, }, -- 2.39.5 From df38fdb99ebd55d227c497bed354b297bd22ac11 Mon Sep 17 00:00:00 2001 From: CroneKorkN Date: Fri, 27 Jun 2025 23:05:26 +0200 Subject: [PATCH 4/6] new router --- nodes/home.router.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nodes/home.router.py b/nodes/home.router.py index b4ec4fc..12169fd 100644 --- a/nodes/home.router.py +++ b/nodes/home.router.py @@ -15,7 +15,7 @@ 'id': '1d6a43e5-858c-42f9-9c40-ab63d61c787c', 'network': { 'external': { - 'interface': 'enx00e04c220682', + 'interface': 'enp2s0', 'ipv4': '10.0.99.126/24', 'gateway4': '10.0.99.1', 'vlans': {'iot', 'internet', 'guest', 'rolf', 'internal', 'proxmox'}, -- 2.39.5 From 800bd90778fc6b60c81c56b6043c8d13820ea9c1 Mon Sep 17 00:00:00 2001 From: CroneKorkN Date: Sat, 28 Jun 2025 21:56:11 +0200 Subject: [PATCH 5/6] remove apcupsd --- nodes/home.server.py | 1 - 1 file changed, 1 deletion(-) diff --git a/nodes/home.server.py b/nodes/home.server.py index ecc3253..4b30c61 100644 --- a/nodes/home.server.py +++ b/nodes/home.server.py @@ -12,7 +12,6 @@ 'build-server', ], 'bundles': [ - 'apcupsd', 'build-agent', 'crystal', 'gitea', -- 2.39.5 From 8d941ebef4cf9c55ae287387b555d7e334406f57 Mon Sep 17 00:00:00 2001 From: CroneKorkN Date: Sat, 28 Jun 2025 21:57:30 +0200 Subject: [PATCH 6/6] open fw for iperf --- groups/os/debian.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/groups/os/debian.py b/groups/os/debian.py index 69bb0d2..270fa60 100644 --- a/groups/os/debian.py +++ b/groups/os/debian.py @@ -47,6 +47,14 @@ 'mtr-tiny': {}, }, }, + # iperf3 + 'nftables': { + 'input': { + 'tcp dport 5201 accept', + 'udp dport 5201 accept', + }, + }, + }, 'os': 'debian', 'pip_command': 'pip3', -- 2.39.5