From 6a144cf991f26a604b255b5f6b5ba798240375aa Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sat, 17 Jul 2021 11:33:43 +0200 Subject: [PATCH] bundles/users: add option to enable lingering --- bundles/users/items.py | 19 ++++++++++++--- nodes/htz-cloud/miniserver.py | 1 + nodes/htz/ex42-1048908.py | 1 + nodes/rx300.py | 46 ++++++++++++++++++++++++++++++++++- 4 files changed, 62 insertions(+), 5 deletions(-) diff --git a/bundles/users/items.py b/bundles/users/items.py index da0691a..d293c19 100644 --- a/bundles/users/items.py +++ b/bundles/users/items.py @@ -1,9 +1,5 @@ from os.path import join, exists -directories = {} -users = {} -groups = {} - files = { '/etc/bash.bashrc': { 'source': 'bashrc', @@ -76,3 +72,18 @@ for username, attrs in node.metadata['users'].items(): files[home + '/.bashrc'] = { 'delete': True, } + + if attrs.get('enable_linger', False): + linger_test = '' + linger_command = 'enable' + else: + linger_test = '!' + linger_command = 'disable' + + actions[f'ensure_linger_state_for_user_{username}'] = { + 'command': f'loginctl {linger_command}-linger {username}', + 'unless': f'{linger_test} test -f /var/lib/systemd/linger/{username}', + 'needs': { + f'user:{username}', + }, + } diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index 1085b16..b04f175 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -196,6 +196,7 @@ nodes['htz-cloud.miniserver'] = { }, 'users': { 'sophie': { + 'enable_linger': True, 'ssh_pubkey': [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDILcYrMQNRVXAm5L+7No1ZumqfCyRc1QZmTY3O7Q8hsE4+fCAvwsWm2aSMfLL3NnIl8Nm1Rixzic5jdYKYNIY3SlX1wvTB+MhGb2eyVSd7c/Y98aCLSlDkQ2sebjpdA1FoJOeGD3qxqDwj0+KckXU2ZaSSQY7CxVsjH65UxCHqVAg+6uLdNbj7j850s1B9NXVXef+sBQ5jUngXxnqQWwNh2Mn8auwumkeEG4SYf96wyFkLvmBitOng/GyLWl9YPnXXHHDnatcVipy7y34qw4CQ4P84anecbA+Bqr9IcxBW6qYmYgRKEnAcmEfjQd+BI1gCLB1BBEmb/qp+mVLd4tOh sophie@carbon" ], diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index 8829d5f..99cb8ba 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -416,6 +416,7 @@ nodes['htz.ex42-1048908'] = { }, 'users': { 'kunsi': { + 'enable_linger': True, 'groups': [ 'www-data', 'libvirt', diff --git a/nodes/rx300.py b/nodes/rx300.py index 6bf2d03..02fa5a6 100644 --- a/nodes/rx300.py +++ b/nodes/rx300.py @@ -48,14 +48,41 @@ nodes['rx300'] = { # more php 'php-imagick': {}, 'php-yaml': {}, + + # used by user:kunsi + 'mosh': {}, + 'weechat': {}, + 'weechat-core': {}, + 'weechat-curses': {}, + 'weechat-perl': {}, + 'weechat-plugins': {}, + 'weechat-python': {}, + 'weechat-ruby': {}, }, - # XXX remove this once nginx.org has packages for debian bullseye 'repos': { + # XXX remove this once nginx.org has packages for debian bullseye 'nginx': { 'items': atomic({ 'deb http://nginx.org/packages/debian buster nginx', }), }, + 'weechat': { + 'items': { + 'deb https://weechat.org/debian {os_release} main', + }, + }, + }, + }, + 'backup-client': { + 'pre-hooks': { +# 'kunsi-weechat': \ +# 'echo \'core.weechat */layout store\' >> /home/kunsi/.weechat/weechat_fifo\n' \ +# 'echo \'core.weechat */save\' >> /home/kunsi/.weechat/weechat_fifo\n', + }, + }, + 'backups': { + 'paths': { + '/home/kunsi/.weechat', }, }, 'check-mail-received': { @@ -117,6 +144,22 @@ nodes['rx300'] = { 'install_ssh_key': True, 'domain': 'jenkins.franzi.business', }, + 'letsencrypt': { +# 'concat_and_deploy': { +# 'kunsi-weechat': { +# 'match_domain': 'part.of.the.trans-agenda.eu', +# 'target': '/home/kunsi/.weechat/ssl/relay.pem', +# 'chown': 'kunsi:kunsi', +# 'chmod': '0440', +# 'commands': [ +# 'echo \'core.weechat */relay sslcertkey\' >> /home/kunsi/.weechat/weechat_fifo' +# ], +# }, +# }, +# 'domains': { +# 'part.of.the.trans-agenda.eu': set(), +# }, + }, 'miniflux': { 'domain': 'rss.franzi.business', }, @@ -256,6 +299,7 @@ nodes['rx300'] = { }, 'users': { 'kunsi': { + 'enable_linger': True, 'groups': { 'libvirt', },