Browse Source

Update for lxd20

lxd20
Benoît S. 3 months ago
parent
commit
82677c0e20
  1. 2
      inventory.py
  2. 7
      setup-backup.py
  3. 26
      setup-base.py
  4. 3
      setup-zfs-and-lxd.py

2
inventory.py

@ -1 +1 @@
my_hosts = ['lxd.local']
my_hosts = ['lxd20.benpro.fr']

7
setup-backup.py

@ -9,6 +9,12 @@ apt.packages(
update=True,
)
if not host.fact.command('zpool list backup | grep backup || true'):
server.shell(
name='Create ZFS pool',
commands=['zpool create -o ashift=12 -o autotrim=on -O acltype=posixacl -O canmount=off -O compression=lz4 -O dnodesize=auto -O normalization=formD -O relatime=on -O xattr=sa backup /dev/vdb']
)
files.directory(
name='Ensure /var/backups/lxd exists',
path='/var/backups/lxd',
@ -105,4 +111,3 @@ systemd.service(
running=True,
enabled=True,
)

26
setup-base.py

@ -25,20 +25,27 @@ apt.upgrade(
name='Upgrade apt packages',
)
apt.packages(
name='Install ufw',
packages=['ufw'],
update=False,
server.shell(
name='Add ufw rules',
commands=['ufw limit 22', 'ufw limit 28'],
)
server.shell(
name='Add ufw rules',
commands=['ufw limit 22'],
name='Enable ufw',
commands=['yes | ufw enable'],
)
server.shell(
name='Enable ufw',
commands=['yes | ufw enable'],
files.line(
name='Set port 28 for SSH',
path='/etc/ssh/sshd_config',
line=r'Port .*',
replace='Port 28',
)
systemd.service(
name='Reload sshd',
service='ssh.service',
reloaded=True,
)
apt.packages(
@ -89,4 +96,3 @@ files.put(
group='root',
mode='700',
)

3
setup-zfs-and-lxd.py

@ -12,7 +12,7 @@ apt.packages(
if not host.fact.command('zpool list local | grep local || true'):
server.shell(
name='Create ZFS pool',
commands=['zpool create -o ashift=12 -o autotrim=on -O acltype=posixacl -O canmount=off -O compression=lz4 -O dnodesize=auto -O normalization=formD -O relatime=on -O xattr=sa local /dev/vdb']
commands=['zpool create -o ashift=12 -o autotrim=on -O acltype=posixacl -O canmount=off -O compression=lz4 -O dnodesize=auto -O normalization=formD -O relatime=on -O xattr=sa local /dev/vda2']
)
files.put(
@ -78,4 +78,3 @@ systemd.service(
running=True,
enabled=True,
)
Loading…
Cancel
Save