Add devpi PyPI caching proxy role for indri
Set up devpi-server as a transparent PyPI caching proxy on indri, accessible via Tailscale at pypi.tail8d86e.ts.net. - Add ansible role with LaunchAgent (KeepAlive service via mise x) - Add health checks to indri-services-check script - Configure to listen on port 3141, data stored in ~/devpi Note: Manual setup required on indri before provisioning: 1. Add devpi packages to ~/.config/mise/config.toml 2. Run mise install && mise x -- devpi-init --serverdir ~/devpi 3. Set up Tailscale service after ansible provisioning Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
parent
50c713b5de
commit
842df27532
6 changed files with 83 additions and 0 deletions
|
|
@ -18,3 +18,5 @@
|
|||
tags: borgmatic
|
||||
- role: forgejo
|
||||
tags: forgejo
|
||||
- role: devpi
|
||||
tags: devpi
|
||||
|
|
|
|||
5
ansible/roles/devpi/defaults/main.yml
Normal file
5
ansible/roles/devpi/defaults/main.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
devpi_port: 3141
|
||||
devpi_serverdir: /Users/erichblume/devpi
|
||||
devpi_log_dir: /Users/erichblume/Library/Logs
|
||||
devpi_host: 0.0.0.0 # Listen on all interfaces for Tailscale
|
||||
5
ansible/roles/devpi/handlers/main.yml
Normal file
5
ansible/roles/devpi/handlers/main.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: reload devpi
|
||||
ansible.builtin.shell: |
|
||||
launchctl unload ~/Library/LaunchAgents/mcquack.eblume.devpi.plist 2>/dev/null || true
|
||||
launchctl load ~/Library/LaunchAgents/mcquack.eblume.devpi.plist
|
||||
34
ansible/roles/devpi/tasks/main.yml
Normal file
34
ansible/roles/devpi/tasks/main.yml
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
---
|
||||
# Note: devpi is installed via mise (pipx/uvx), not managed here.
|
||||
# Add to ~/.config/mise/config.toml on indri:
|
||||
#
|
||||
# [tools]
|
||||
# "pipx:devpi-server" = { version = "latest", uvx = "true", uvx_args = "--with devpi-web" }
|
||||
# "pipx:devpi-client" = { version = "latest", uvx = "true" }
|
||||
#
|
||||
# Then run: mise install
|
||||
# Initialize: mise x -- devpi-init --serverdir {{ devpi_serverdir }}
|
||||
|
||||
- name: Ensure devpi data directory exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ devpi_serverdir }}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: Deploy devpi LaunchAgent plist
|
||||
ansible.builtin.template:
|
||||
src: devpi.plist.j2
|
||||
dest: ~/Library/LaunchAgents/mcquack.eblume.devpi.plist
|
||||
mode: '0644'
|
||||
notify: reload devpi
|
||||
|
||||
- name: Check if devpi LaunchAgent is loaded
|
||||
ansible.builtin.command: launchctl list mcquack.eblume.devpi
|
||||
register: launchctl_check
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: Load devpi LaunchAgent if not loaded
|
||||
ansible.builtin.command: launchctl load ~/Library/LaunchAgents/mcquack.eblume.devpi.plist
|
||||
when: launchctl_check.rc != 0
|
||||
failed_when: false
|
||||
35
ansible/roles/devpi/templates/devpi.plist.j2
Normal file
35
ansible/roles/devpi/templates/devpi.plist.j2
Normal file
|
|
@ -0,0 +1,35 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!-- {{ ansible_managed }} -->
|
||||
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||
<plist version="1.0">
|
||||
<dict>
|
||||
<key>KeepAlive</key>
|
||||
<true/>
|
||||
<key>Label</key>
|
||||
<string>mcquack.eblume.devpi</string>
|
||||
<key>EnvironmentVariables</key>
|
||||
<dict>
|
||||
<key>PATH</key>
|
||||
<string>/opt/homebrew/bin:/usr/bin:/bin</string>
|
||||
</dict>
|
||||
<key>ProgramArguments</key>
|
||||
<array>
|
||||
<string>/opt/homebrew/opt/mise/bin/mise</string>
|
||||
<string>x</string>
|
||||
<string>--</string>
|
||||
<string>devpi-server</string>
|
||||
<string>--serverdir</string>
|
||||
<string>{{ devpi_serverdir }}</string>
|
||||
<string>--host</string>
|
||||
<string>{{ devpi_host }}</string>
|
||||
<string>--port</string>
|
||||
<string>{{ devpi_port }}</string>
|
||||
</array>
|
||||
<key>RunAtLoad</key>
|
||||
<true/>
|
||||
<key>StandardErrorPath</key>
|
||||
<string>{{ devpi_log_dir }}/mcquack.devpi.err.log</string>
|
||||
<key>StandardOutPath</key>
|
||||
<string>{{ devpi_log_dir }}/mcquack.devpi.out.log</string>
|
||||
</dict>
|
||||
</plist>
|
||||
|
|
@ -50,6 +50,7 @@ check_service "transmission" "ssh indri 'brew services list | grep transmission
|
|||
check_service "transmission-metrics" "ssh indri 'launchctl list | grep transmission-metrics | grep -v \"^-\"'"
|
||||
check_service "kiwix-serve" "ssh indri 'launchctl list | grep kiwix | grep -v \"^-\"'"
|
||||
check_service "forgejo" "ssh indri 'brew services list | grep forgejo | grep started'"
|
||||
check_service "devpi" "ssh indri 'launchctl list | grep devpi | grep -v \"^-\"'"
|
||||
|
||||
echo ""
|
||||
echo "HTTP endpoints (via Tailscale):"
|
||||
|
|
@ -57,6 +58,7 @@ check_http "Prometheus" "http://indri:9090/-/healthy"
|
|||
check_http "Grafana" "http://indri:3000/api/health"
|
||||
check_http "Kiwix" "http://indri:5501/"
|
||||
check_http "Forgejo" "http://indri:3001/"
|
||||
check_http "Devpi" "http://indri:3141/+api"
|
||||
# Transmission RPC is localhost-only by design, check via SSH
|
||||
check_service "Transmission RPC" "ssh indri 'curl -sf http://127.0.0.1:9091/transmission/rpc'"
|
||||
# Check that transmission metrics are being collected
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue