bundles: code style improvements

2021-02-12 20:37:36 +01:00 · 2021-02-12 20:37:36 +01:00 · f52df58517
commit f52df58517
parent 2af911c29f
24 changed files with 80 additions and 95 deletions
--- a/bundles/dhcpd/items.py
+++ b/bundles/dhcpd/items.py
@ -43,4 +43,3 @@ svc_systemd = {
        },
    },
 }
-
--- a/bundles/dhcpd/metadata.py
+++ b/bundles/dhcpd/metadata.py
@ -19,12 +19,12 @@ def get_static_allocations(metadata):
        if rnode.metadata.get('location', '') != metadata.get('location', ''):
            continue

-        for identifier, interface in rnode.metadata.get('interfaces', {}).items():
-            if interface.get('dhcp', False):
+        for iface_name, iface_config in rnode.metadata.get('interfaces', {}).items():
+            if iface_config.get('dhcp', False):
                try:
-                    allocations[rnode.name] = {
-                        'ipv4': sorted(interface['ips'])[0],
-                        'mac': interface['mac'],
+                    allocations[f'{rnode.name}_{iface_name}'] = {
+                        'ipv4': sorted(iface_config['ips'])[0],
+                        'mac': iface_config['mac'],
                    }
                except KeyError:
                    pass
@ -41,7 +41,7 @@ def get_static_allocations(metadata):
 )
 def get_listen_interfaces(metadata):
    listen_interfaces = []
-    for identfier, subnet in node.metadata.get('dhcpd/subnets', {}).items():
+    for _, subnet in node.metadata.get('dhcpd/subnets', {}).items():
        listen_interfaces.append(subnet['interface'])

    return {
@ -55,15 +55,15 @@ def get_listen_interfaces(metadata):
    'iptables/bundle_rules/dhcpd',
 )
 def iptables(metadata):
-    iptables = set()
-    for identfier, subnet in node.metadata.get('dhcpd/subnets', {}).items():
-        iptables.add('iptables -A INPUT -i {} -p udp --dport 67:68 -j ACCEPT'.format(subnet['interface']))
+    rules = set()
+    for _, subnet in node.metadata.get('dhcpd/subnets', {}).items():
+        rules.add('iptables -A INPUT -i {} -p udp --dport 67:68 -j ACCEPT'.format(subnet['interface']))

    return {
        'iptables': {
            'bundle_rules': {
                # iptables bundle relies on this being a list.
-                'dhcpd': sorted(list(iptables)),
+                'dhcpd': sorted(list(rules)),
            },
        }
    }
--- a/bundles/icinga2/files/icinga_statusmonitor.py
+++ b/bundles/icinga2/files/icinga_statusmonitor.py
@ -1,8 +1,9 @@
 #!/usr/bin/env python3

-from flask import Flask, Response
 from subprocess import check_output

+from flask import Flask
+
 app = Flask(__name__)

@app.route('/status')
@ -25,5 +26,5 @@ def statuspage():

    if icinga_is_fine and postgres_is_fine:
        return 'OK', 200
-    else:
+
    return 'Something is wrong!', 500
--- a/bundles/icinga2/items.py
+++ b/bundles/icinga2/items.py
@ -264,13 +264,13 @@ icinga_run_deps = {
    'pkg_apt:icinga2',
    'pkg_apt:icinga2-ido-pgsql',
 }
-for name in actions.keys():
+for name in actions:
    icinga_run_deps.add(f'action:{name}')
-for name in directories.keys():
+for name in directories:
    icinga_run_deps.add(f'directory:{name}')
-for name in files.keys():
+for name in files:
    icinga_run_deps.add(f'file:{name}')
-for name in symlinks.keys():
+for name in symlinks:
    icinga_run_deps.add(f'symlink:{name}')

 svc_systemd = {
--- a/bundles/icinga2/metadata.py
+++ b/bundles/icinga2/metadata.py
@ -19,7 +19,6 @@ defaults = {

            # needed for check_rbl
            'libdata-validate-ip-perl': {},
-            'libdata-validate-ip-perl': {},
            'libmonitoring-plugin-perl': {},
            'libnet-dns-perl': {},
            'libreadonly-perl': {},
--- a/bundles/iptables/items.py
+++ b/bundles/iptables/items.py
@ -38,7 +38,7 @@ for bundle, rules in node.metadata.get('iptables', {}).get('bundle_rules', {}).i
    }

 if 'custom_rules' in node.metadata.get('iptables', {}):
-    files[f'/etc/iptables-rules.d/40-custom'] = {
+    files['/etc/iptables-rules.d/40-custom'] = {
        'content': '\n'.join(node.metadata['iptables']['custom_rules']) + '\n',
        'triggers': {
            'action:iptables_enforce',
--- a/bundles/netdata/metadata.py
+++ b/bundles/netdata/metadata.py
@ -21,19 +21,19 @@ defaults = {
 )
 def iptables(metadata):
    interfaces = metadata.get('netdata/restrict-to-interfaces', set())
-    iptables = []
+    rules = []

-    if len(interfaces):
+    if interfaces:
        for iface in sorted(interfaces):
-            iptables.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 19999 -j ACCEPT')
+            rules.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 19999 -j ACCEPT')

    else:
-        iptables.append('iptables_both -A INPUT -p tcp --dport 19999 -j ACCEPT')
+        rules.append('iptables_both -A INPUT -p tcp --dport 19999 -j ACCEPT')

    return {
        'iptables': {
            'bundle_rules': {
-                'netdata': iptables,
+                'netdata': rules,
            },
        },
    }
--- a/bundles/nginx/metadata.py
+++ b/bundles/nginx/metadata.py
@ -147,21 +147,21 @@ def monitoring(metadata):
 )
 def iptables(metadata):
    interfaces = metadata.get('nginx/restrict-to-interfaces', set())
-    iptables = []
+    rules = []

-    if len(interfaces):
+    if interfaces:
        for iface in sorted(interfaces):
-            iptables.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 80 -j ACCEPT')
-            iptables.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 443 -j ACCEPT')
+            rules.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 80 -j ACCEPT')
+            rules.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 443 -j ACCEPT')

    else:
-        iptables.append('iptables_both -A INPUT -p tcp --dport 80 -j ACCEPT')
-        iptables.append('iptables_both -A INPUT -p tcp --dport 443 -j ACCEPT')
+        rules.append('iptables_both -A INPUT -p tcp --dport 80 -j ACCEPT')
+        rules.append('iptables_both -A INPUT -p tcp --dport 443 -j ACCEPT')

    return {
        'iptables': {
            'bundle_rules': {
-                'nginx': iptables,
+                'nginx': rules,
            },
        },
    }
--- a/bundles/postfix/metadata.py
+++ b/bundles/postfix/metadata.py
@ -29,7 +29,6 @@ if node.has_bundle('postfixadmin'):
        'SMTP CONNECT': {
            'check_command': 'check_smtp',
            'vars.notification.sms': True,
-            'vars.notification.sms': True,
        },
        'SMTP SUBMISSION CONNECT': {
            'check_command': 'check_smtp',
@ -52,7 +51,7 @@ else:
 def fill_icinga_spam_blocklist_check_with_hostname(metadata):
    checks = {}

-    for variant, ips in repo.libs.tools.resolve_identifier(repo, node.name).items():
+    for _, ips in repo.libs.tools.resolve_identifier(repo, node.name).items():
        for ip in ips:
            if not ip.is_private:
                checks[f'SPAM BLOCKLIST {ip}'] = {
--- a/bundles/postgresql/metadata.py
+++ b/bundles/postgresql/metadata.py
@ -62,7 +62,7 @@ def default_postgresql_version_for_debian(metadata):
                'version': version_to_be_installed,
            },
        }
-    else:
+
    return {
        'postgresql': {
            'version': version_to_be_installed,
--- a/bundles/powerdns/items.py
+++ b/bundles/powerdns/items.py
@ -171,7 +171,4 @@ if node.metadata['powerdns'].get('features', {}).get('pgsql', False):
        'needed_by': {
            'svc_systemd:pdns',
        },
-        'needed_by': {
-            'svc_systemd:pdns',
-        },
    }
--- a/bundles/powerdns/metadata.py
+++ b/bundles/powerdns/metadata.py
@ -1,5 +1,3 @@
-from bundlewrap.exceptions import NoSuchGroup
-
 defaults = {
    'apt': {
        'packages': {
@ -68,7 +66,7 @@ def get_ips_of_secondary_nameservers(metadata):
    ips = set()
    for rnode in repo.nodes_in_group('dns'):
        if rnode.metadata.get('powerdns/is_secondary', False):
-            for identifier, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
+            for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
                ips.update({str(ip) for ip in found_ips})

    return {
@ -87,7 +85,7 @@ def get_ips_of_primary_nameservers(metadata):
    ips = set()
    for rnode in repo.nodes_in_group('dns'):
        if not rnode.metadata.get('powerdns/is_secondary', False):
-            for identifier, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
+            for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
                ips.update({str(ip) for ip in found_ips})

    return {
@ -121,7 +119,7 @@ def generate_dns_entries_for_nodes(metadata):

        # We're doing this once again to get the nodes which only have
        # private ips.
-        if not ip4 and len(found_ips['ipv4']):
+        if not ip4 and found_ips['ipv4']:
            ip4 = sorted(found_ips['ipv4'])[0]

        if ip4:
--- a/bundles/radvd/items.py
+++ b/bundles/radvd/items.py
@ -9,11 +9,11 @@ if node.has_bundle('pppd'):
    }

    # Will be started and stopped by pppd.
-    should_be_running = None
-    should_be_enabled = False
+    SHOULD_BE_RUNNING = None
+    SHOULD_BE_ENABLED = False
 else:
-    should_be_running = True
-    should_be_enabled = True
+    SHOULD_BE_RUNNING = True
+    SHOULD_BE_ENABLED = True

 files['/etc/radvd.conf'] = {
    'content_type': 'mako',
@ -27,8 +27,8 @@ files['/etc/radvd.conf'] = {

 svc_systemd = {
    'radvd': {
-        'running': should_be_running,
-        'enabled': should_be_enabled,
+        'running': SHOULD_BE_RUNNING,
+        'enabled': SHOULD_BE_ENABLED,
        'needs': {
            'file:/etc/radvd.conf',
        },
--- a/bundles/rspamd/metadata.py
+++ b/bundles/rspamd/metadata.py
@ -64,7 +64,7 @@ def populate_permitted_ips_list_with_ips_from_repo(metadata):
    ips = set()

    for rnode in repo.nodes:
-        for identifier, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
+        for _, found_ips in repo.libs.tools.resolve_identifier(repo, rnode.name).items():
            for ip in found_ips:
                if not ip.is_private:
                    ips.add(str(ip))
--- a/bundles/smartd/metadata.py
+++ b/bundles/smartd/metadata.py
@ -22,7 +22,7 @@ defaults = {
 def zfs_disks_to_metadata(metadata):
    disks = set()

-    for pool, config in metadata.get('zfs/pools', {}).items():
+    for _, config in metadata.get('zfs/pools', {}).items():
        if 'device' in config:
            disks.add(config['device'])
        else:
--- a/bundles/sshmon/items.py
+++ b/bundles/sshmon/items.py
@ -1,9 +1,8 @@
 from os.path import join

-def collect_commands():
-    check_commands = {}
+check_commands = {}

-    for bundle, bundle_config in node.metadata.get('icinga2_api', {}).items():
+for _, bundle_config in node.metadata.get('icinga2_api', {}).items():
    for service, service_config in bundle_config.get('services', {}).items():
        # The default for check_command is also set in metadata.py
        # and in icinga2 bundle
@ -14,8 +13,6 @@ def collect_commands():
        ):
            check_commands[service_config['vars.sshmon_command']] = service_config['command_on_monitored_host']

-    return check_commands
-

 users = {
    'sshmon': {
@ -31,8 +28,6 @@ pkg_apt = {
    'monitoring-plugins': {},
 }

-check_commands = collect_commands()
-
 with open(join(repo.path, 'data', 'sshmon', 'sshmon.pub'), 'r') as fp:
    pubkey = fp.read().strip()

--- a/bundles/sshmon/metadata.py
+++ b/bundles/sshmon/metadata.py
@ -1,5 +1,3 @@
-from bundlewrap.utils import Fault
-
 from re import sub

 defaults = {
--- a/bundles/systemd-networkd/metadata.py
+++ b/bundles/systemd-networkd/metadata.py
@ -4,7 +4,7 @@
 def add_vlan_infos_to_interface(metadata):
    interfaces = {}

-    for iface, config in metadata.get('interfaces', {}).items():
+    for iface in metadata.get('interfaces', {}):
        if not '.' in iface:
            continue

--- a/bundles/transmission/metadata.py
+++ b/bundles/transmission/metadata.py
@ -38,17 +38,17 @@ defaults = {
 )
 def iptables(metadata):
    interfaces = metadata.get('transmission/webinterface-on-interfaces', set())
-    iptables = []
+    rules = []

-    iptables.append('iptables_both -A INPUT -p udp --dport {} -j ACCEPT'.format(
+    rules.append('iptables_both -A INPUT -p udp --dport {} -j ACCEPT'.format(
        metadata.get('transmission/config/peer-port'),
    ))
-    iptables.append('iptables_both -A INPUT -p tcp --dport {} -j ACCEPT'.format(
+    rules.append('iptables_both -A INPUT -p tcp --dport {} -j ACCEPT'.format(
        metadata.get('transmission/config/peer-port'),
    ))

    for iface in sorted(interfaces):
-        iptables.append('iptables_both -A INPUT -i {} -p tcp --dport {} -j ACCEPT'.format(
+        rules.append('iptables_both -A INPUT -i {} -p tcp --dport {} -j ACCEPT'.format(
            iface,
            metadata.get('transmission/config/rpc-port'),
        ))
@ -56,7 +56,7 @@ def iptables(metadata):
    return {
        'iptables': {
            'bundle_rules': {
-                'transmission': iptables,
+                'transmission': rules,
            },
        },
    }
--- a/bundles/unbound/metadata.py
+++ b/bundles/unbound/metadata.py
@ -42,17 +42,16 @@ def cpu_cores_to_config_values(metadata):
 )
 def iptables(metadata):
    interfaces = metadata.get('unbound/restrict-to-interfaces', set())
-    iptables = []
+    rules = []

    for iface in sorted(interfaces):
-        iptables.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 53 -j ACCEPT')
-        iptables.append(f'iptables_both -A INPUT -i {iface} -p udp --dport 53 -j ACCEPT')
+        rules.append(f'iptables_both -A INPUT -i {iface} -p tcp --dport 53 -j ACCEPT')
+        rules.append(f'iptables_both -A INPUT -i {iface} -p udp --dport 53 -j ACCEPT')

    return {
        'iptables': {
            'bundle_rules': {
-                'unbound': iptables,
+                'unbound': rules,
            },
        },
    }
-
--- a/bundles/vnstat/metadata.py
+++ b/bundles/vnstat/metadata.py
@ -26,7 +26,7 @@ defaults = {
 def get_default_interface(metadata):
    interfaces = sorted(metadata.get('interfaces', {}).keys())

-    if len(interfaces):
+    if interfaces:
        return {
            'vnstat': {
                'interface': interfaces[0],
--- a/bundles/wide-dhcp6c/items.py
+++ b/bundles/wide-dhcp6c/items.py
@ -17,11 +17,11 @@ if node.has_bundle('pppd'):
    }

    # Will be started and stopped by pppd.
-    should_be_running = None
-    should_be_enabled = False
+    SHOULD_BE_RUNNING = None
+    SHOULD_BE_ENABLED = False
 else:
-    should_be_running = True
-    should_be_enabled = True
+    SHOULD_BE_RUNNING = True
+    SHOULD_BE_ENABLED = True

 files['/etc/wide-dhcpv6/dhcp6c.conf'] = {
    'content_type': 'mako',
@ -48,8 +48,8 @@ files['/etc/systemd/system/wide-dhcpv6-client.service'] = {

 svc_systemd = {
    'wide-dhcpv6-client': {
-        'running': should_be_running,
-        'enabled': should_be_enabled,
+        'running': SHOULD_BE_RUNNING,
+        'enabled': SHOULD_BE_ENABLED,
        'needs': {
            'file:/etc/systemd/system/wide-dhcpv6-client.service',
            'file:/etc/wide-dhcpv6/dhcp6c.conf',
--- a/bundles/zfs/items.py
+++ b/bundles/zfs/items.py
@ -1,5 +1,5 @@
 from json import dumps
-from os.path import join
+#from os.path import join

 from bundlewrap.metadata import MetadataJSONEncoder

--- a/bundles/zfs/metadata.py
+++ b/bundles/zfs/metadata.py
@ -1,4 +1,4 @@
-import re
+#import re

 defaults = {
    'apt': {
@ -147,7 +147,7 @@ def monitoring(metadata):

    services = {}

-    for poolname, pool_options in metadata.get('zfs/pools').items():
+    for poolname, _ in metadata.get('zfs/pools').items():
        services['ZFS ZPOOL ONLINE {}'.format(poolname)] = {
            'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_zpool_online {}'.format(poolname),
            'vars.notification.mail': True,