luna/tower-of-babel-public
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: luna:5122caf74f512a75f5048bf4a1d9987e0ab08044
Branches Tags
luna:mistress
..
compare: luna:2e999f8e9b28832783831e522b391f6227a620e4
Branches Tags
luna:mistress

3 commits
5122caf74f ... 2e999f8e9b

Author SHA1 Message Date
Luna
2e999f8e9b update README 2023-02-22 00:08:30 -03:00
Luna
442f66ebf4 add deploy.py 2023-02-22 00:07:10 -03:00
Luna
5a56f7c766 add inventory/production.py 2023-02-22 00:07:04 -03:00
3 changed files with 133 additions and 1 deletions
Show stats Expand all files Collapse all files

5
README.md
View file

@ -1,3 +1,6 @@
# tower-of-babel-public
a public snapshot of my pyinfra script collection, not upstream
a public snapshot of my pyinfra script collection, not upstream
this is for study, not for use. parts of the internal architecture have been
stripped down to the point i don't know if these scripts will run

53
deploy.py Normal file
View file

@ -0,0 +1,53 @@
import os
import tasks
from pyinfra import host, config
from pyinfra.facts.server import LinuxName, Which
from pyinfra.operations import server, apk, apt
from tasks.secrets import secrets
from tasks.croc import install_croc
config.REQUIRE_PACKAGES = "requirements.txt"
if LinuxName == "Alpine":
# make sure template operations work smoothly
# because they run under smtp
apk.packages(
name="add openssh sftp package for pyinfra file operations",
packages=[
"openssh-sftp-server",
],
)
install_croc()
def main_operations():
if LinuxName == "Ubuntu":
if host.data.remove_ubuntu_snap:
server.shell("snap remove lxd")
server.shell("snap remove core20")
server.shell("snap remove snapd")
apt.purge(["snapd"])
if "pleroma_hosts" in host.groups:
tasks.pleroma.install()
tasks.aproxy.install()
tasks.nginx.install_with_services()
if "static_file_hosts" in host.groups:
tasks.nginx.install_with_services()
if "monitoring_hosts" in host.groups:
tasks.uptime_kuma.install()
tasks.nginx.install_with_services()
# setting so that you can quickly iterate in a specific host
maybe_specific_group = os.environ.get("DEPLOY_GROUPS")
if maybe_specific_group:
if maybe_specific_group in host.groups:
main_operations()
else:
main_operations()

76
inventory/production.py Normal file
View file

@ -0,0 +1,76 @@
from tasks.nginx import NginxServiceEntry, TLSPreset
pleroma_hosts = [
(
"95.216.209.28",
{
"ssh_user": "root",
"vpn_enabled": False,
"postgresql_version": 15,
"pleroma_user": "pleroma_fl4pm",
"pleroma_name": "Pleroma/lun-4",
"pleroma_email": "pladmin@l4.pm",
"pleroma_description": "luna's instance",
"pleroma_db_name": "pleroma_dev",
"pleroma_db_user": "pleroma",
"pleroma_host": "f.l4.pm",
"nginx_image": "openresty/openresty:1.21.4.1-4-alpine",
"nginx_config_folder": "/usr/local/openresty/nginx/conf/nginx.conf",
"nginx_pcre_jit": True,
"nginx_user": None,
"nginx_mime_types_file": "mime.types",
"nginx_lua_package_path": "/etc/lunar/?.lua;/etc/lunar/aproxy/?.lua;;",
"nginx_lua_package_cpath": "/etc/lunar/?.lua;/etc/lunar/aproxy/?.lua;;",
"nginx_init_by_lua_block": """
require("aproxy.main").init()
""",
"nginx_services": {
"f.l4.pm": NginxServiceEntry(
tls=True,
tls_preset=TLSPreset.pleroma,
vpn=False,
internet=True,
proxy_pass="localhost:4000",
client_max_body_size="70m",
http_redirect=True,
lua_code_cache=True,
access_by_lua_block="""
require("aproxy.main").access()
""",
)
},
"nginx_extra_volumes": [
("/opt/aproxy/src", "/etc/lunar/aproxy"),
("/etc/aproxy", "/etc/aproxy"),
],
"aproxy_accounts": [
"luna@f.l4.pm",
],
},
)
]
MONITORING_SERVICE = NginxServiceEntry(
tls=True,
tls_preset=TLSPreset.mozilla_intermediate,
vpn=False,
internet=True,
proxy_pass="localhost:3001",
)
monitoring_hosts = [
(
"51.158.191.23",
{
"ssh_user": "root",
"vpn_enabled": False,
"uptime_kuma_bind_port": 3001,
"nginx_allow_php": True,
"nginx_services": {
"status.l4.pm": MONITORING_SERVICE,
},
},
)
]