diff --git a/init-server.py b/init-server.py index f40a517..2f34b7a 100755 --- a/init-server.py +++ b/init-server.py @@ -13,12 +13,9 @@ from ssh_lib.utils import add_user, enable_sudo, put, setup_time, sudo_cmd def prepare_shared(c): - add_user( - c, - 'ofm', - passwd='x', - ) - enable_sudo(c, 'ofm') + # creates ofm user with uid=2000, disabled password and nopasswd sudo + add_user(c, 'ofm', uid=2000) + enable_sudo(c, 'ofm', nopasswd=True) pkg_upgrade(c) pkg_clean(c) @@ -36,6 +33,7 @@ def prepare_tile_gen(c): 'prepare-virtualenv.sh', 'planetiler_planet.sh', 'planetiler_monaco.sh', + 'gen_planet.sh', 'gen_monaco.sh', 'extract.sh', ]: diff --git a/scripts/tile_gen/extract.sh b/scripts/tile_gen/extract.sh index 1cb6c3d..1ad4bd8 100644 --- a/scripts/tile_gen/extract.sh +++ b/scripts/tile_gen/extract.sh @@ -42,27 +42,24 @@ mke2fs -t ext4 -v \ mkdir mnt sudo mount -v \ -t ext4 \ + -o nobarrier,noatime,data=writeback,commit=100 \ image.ext4 mnt - sudo /data/ofm/tile_gen/venv/bin/mb-util output.mbtiles mnt/extract sudo umount mnt resize2fs -M image.ext4 e2fsck -vf image.ext4 - -filefrag -e image.ext4 - -tune2fs -E mount_opts=ro image.ext4 - -cp --sparse=never sparsefile regularfile +#fsck.ext4 -f -C 0 /dev/sda1; +# +#filefrag -e image.ext4 +# +#tune2fs -E mount_opts=ro image.ext4 +# +#cp --sparse=never sparsefile regularfile +# -# -o barriers=[0|1] -# -o data=writeback - -# set mount option -#tune2fs -E mount_opts=ro diff --git a/scripts/tile_gen/gen_planet.sh b/scripts/tile_gen/gen_planet.sh new file mode 100644 index 0000000..124a1da --- /dev/null +++ b/scripts/tile_gen/gen_planet.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +DATE=$(date +"%Y%m%d_%H%M%S") + +RUN_FOLDER="/data/ofm/runs/planet_$DATE" + +mkdir -p "$RUN_FOLDER" +cd "$RUN_FOLDER" || exit + +bash /data/ofm/tile_gen/planetiler_planet.sh "$DATE" + diff --git a/ssh_lib/utils.py b/ssh_lib/utils.py index 2f8ddf2..ac801df 100644 --- a/ssh_lib/utils.py +++ b/ssh_lib/utils.py @@ -17,7 +17,7 @@ def put(c, local_path, remote_path, permissions=None, owner='root', group=None): c.sudo(f"mv '{tmp_path}' '{remote_path}'") c.sudo(f"rm -rf '{tmp_path}'") - set_permission(c, remote_path, permissions, owner, group) + set_permission(c, remote_path, permissions=permissions, owner=owner, group=group) def put_str(c, remote_path, str_): @@ -41,11 +41,10 @@ def sudo_cmd(c, cmd, user=None): c.sudo(f'bash -c "{cmd}"', user=user) -def set_permission(c, path, permissions=None, owner=None, group=None): +def set_permission(c, path, *, permissions=None, owner=None, group=None): if owner: if not group: group = owner - c.sudo(f"chown {owner}:{group} '{path}'") if permissions: @@ -104,9 +103,11 @@ def get_username(c): return c.run('whoami').stdout.strip() -def add_user(c, username, passwd=None): - # ssh-key login only - c.sudo(f'adduser --disabled-password --gecos "" {username}', warn=True) +def add_user(c, username, passwd=None, uid=None): + uid_str = f'--uid={uid}' if uid else '' + + # --disabled-password - ssh-key login only + c.sudo(f'adduser --disabled-password --gecos "" {uid_str} {username}', warn=True) if passwd: sudo_cmd(c, f'echo "{username}:{passwd}" | chpasswd') @@ -116,8 +117,12 @@ def remove_user(c, username): c.sudo(f'rm -rf /home/{username}') -def enable_sudo(c, username): +def enable_sudo(c, username, nopasswd=False): c.sudo(f'usermod -aG sudo {username}') + if nopasswd: + put_str(c, '/etc/sudoers.d/tmp.', f'{username} ALL=(ALL) NOPASSWD:ALL') + set_permission(c, '/etc/sudoers.d/tmp.', permissions='440', owner='root') + c.sudo(f'mv /etc/sudoers.d/tmp. /etc/sudoers.d/{username}') def ssh_copy_id(c, username, key_file_path): @@ -135,7 +140,7 @@ def ssh_copy_id(c, username, key_file_path): c.sudo(f'chown {username}:{username} {ssh_dir}') put_str(c, f'{ssh_dir}/authorized_keys', public_key_str) - set_permission(c, f'{ssh_dir}/authorized_keys', '400', username, username) + set_permission(c, f'{ssh_dir}/authorized_keys', permissions='400', owner=username) def setup_time(c):