from fastcore.test import test_eq,test_fail
from jsonschema import ValidationErrorAPI
ufw
def ufw(
logging:str='off', def_incoming:str='deny', def_outgoing:str='allow', internal:NoneType=None, allows:VAR_KEYWORD
):
ufw(internal="enp7s0", OpenSSH=22)['ufw default deny incoming',
'ufw default allow outgoing',
'ufw logging off',
'ufw allow 22/tcp',
'ufw allow in on enp7s0',
'ufw --force enable']user
def user(
name, pub_keys, groups:NoneType=None, shell:str='/bin/bash', sudo:bool=True
):
user('jph', 'mykey', 'docker'){'name': 'jph',
'groups': ['docker', 'sudo'],
'shell': '/bin/bash',
'sudo': ['ALL=(ALL) NOPASSWD:ALL'],
'ssh_authorized_keys': ['mykey']}source
def source(
url, keyid, keyserver
):
dsource = source("https://download.docker.com/linux/ubuntu",
keyid="9DC858229FC7DD38854AE2D88D81803C0EBFCD88",
keyserver="https://download.docker.com/linux/ubuntu/gpg")
dsource{'source': 'deb [signed-by=$KEY_FILE] https://download.docker.com/linux/ubuntu $RELEASE stable',
'keyid': '9DC858229FC7DD38854AE2D88D81803C0EBFCD88',
'keyserver': 'https://download.docker.com/linux/ubuntu/gpg'}apt
def apt(
unattended:bool=False, autoclean:int=30, email:str='', auto_reboot:bool=False, sources:VAR_KEYWORD
):
apt(docker=dsource){'apt': {'conf': 'APT::Periodic::Update-Package-Lists "1";\nAPT::Periodic::Download-Upgradeable-Packages "1";\nAPT::Periodic::AutocleanInterval "7";\nAPT::Periodic::Unattended-Upgrade "0";\nUnattended-Upgrade::Automatic-Reboot "false";\n',
'sources': {'docker': {'source': 'deb [signed-by=$KEY_FILE] https://download.docker.com/linux/ubuntu $RELEASE stable',
'keyid': '9DC858229FC7DD38854AE2D88D81803C0EBFCD88',
'keyserver': 'https://download.docker.com/linux/ubuntu/gpg'}}}}systemd
def systemd(
items
):
systemd({"systemd-journald.service":"[Journal]\nSystemMaxUse=50M\n"})[{'path': '/etc/systemd/system/systemd-journald.service.d/override.conf',
'owner': 'root:root',
'permissions': '0644',
'content': '[Journal]\nSystemMaxUse=50M\n'}]log_rotate
def log_rotate(
freq:str='weekly', num_keep:int=7, fname:str='00-cloud-init-global'
):
phone_home
def phone_home(
url
):
reboot
def reboot(
enable:bool=True, message:str='Rebooting'
):
mounts
def mounts(
devices
):
runcmd
def runcmd(
cmds
):
cc_validate
def cc_validate(
d
):
samp = '''#cloud-config
hostname: example-host
fqdn: example-host.example.com
# User setup configuration
users:
- name: exampleuser
gecos: Example User
sudo: ['ALL=(ALL) NOPASSWD:ALL']'''
cc_validate(yaml.safe_load(samp))This example has an intentional key error (“hostna” instead of “hostname”):
samp = '''#cloud-config
hostna: example-host
fqdn: example-host.example.com'''
try: cc_validate(yaml.safe_load(samp))
except ValidationError: pass
else: raise Exception('Expected validation error')cloud_init_base
def cloud_init_base(
hostname, packages:NoneType=None, check:bool=True, kw:VAR_KEYWORD
):
cloud_init_config
def cloud_init_config(
hostname, username, pub_keys, email:str='', groups:NoneType=None, internal:NoneType=None, cmds:NoneType=None,
devices:NoneType=None, ping_host:NoneType=None, packages:NoneType=None, dropins:NoneType=None,
sources:VAR_KEYWORD
):
packages = [ "unattended-upgrades", "vim-nox", "python3", "rsync", "ubuntu-drivers-common", "python3-pip", "ack", "lsyncd", "wget", "bzip2", "ca-certificates", "git", "build-essential", "software-properties-common", "curl", "grep", "sed", "dpkg", "tmux", "less", "htop", "openssh-client", "python-is-python3", "python3-dev", "cron", "gnupg", "docker-ce", "docker-ce-cli", "containerd.io", "docker-buildx-plugin", "docker-compose-plugin" ]
dsource = source(
"https://download.docker.com/linux/ubuntu",
keyid="9DC858229FC7DD38854AE2D88D81803C0EBFCD88",
keyserver="https://download.docker.com/linux/ubuntu/gpg")
devices = [ ['mydevice', "/data", "ext4", "defaults,nofail", "0", "0"] ]
dropins = {"systemd-journald.service":"[Journal]\nSystemMaxUse=250M\n"}
res = cloud_init_config('myhost', 'jph', 'mykey', 'j@answer.ai', dropins=dropins, groups="docker", internal="enp7s0",
devices=devices, ping_host='https://ping.me', packages=packages, docker=dsource)
print(res[:50])#cloud-config
hostname: myhost
preserve_hostname: