PyPI - raijin-server - Versions diffs - 0.2.33__py3-none-any.whl → 0.2.35__py3-none-any.whl - Mend

raijin-server 0.2.33py3-none-any.whl → 0.2.35py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of raijin-server might be problematic. Click here for more details.

Files changed (9) hide show

raijin_server/__init__.py CHANGED Viewed

@@ -1,5 +1,5 @@
 """Pacote principal do CLI Raijin Server."""
-__version__ = "0.2.33"
+__version__ = "0.2.35"
 __all__ = ["__version__"]

raijin_server/modules/minio.py CHANGED Viewed

@@ -124,6 +124,35 @@ def run(ctx: ExecutionContext) -> None:
         "Modo de operacao (standalone/distributed)",
         default="standalone",
     )
+    is_distributed = mode.lower().startswith("d")
+    replicas = 1
+    resources_req_cpu = "250m"
+    resources_req_mem = "512Mi"
+    resources_lim_cpu = "500m"
+    resources_lim_mem = "1Gi"
+    if is_distributed:
+        replicas = typer.prompt(
+            "Qtd de pods MinIO (replicas)",
+            default="4",
+        )
+        resources_req_cpu = typer.prompt(
+            "CPU request por pod (distributed)",
+            default="500m",
+        )
+        resources_req_mem = typer.prompt(
+            "Memoria request por pod (distributed)",
+            default="1Gi",
+        )
+        resources_lim_cpu = typer.prompt(
+            "CPU limit por pod (distributed)",
+            default="1",
+        )
+        resources_lim_mem = typer.prompt(
+            "Memoria limit por pod (distributed)",
+            default="2Gi",
+        )
     root_user = typer.prompt("Root user (admin)", default="minio-admin")
     root_password = typer.prompt(
@@ -147,10 +176,11 @@ def run(ctx: ExecutionContext) -> None:
         # Persistence
         "persistence.enabled=true",
         f"persistence.size={persistence_size}",
-        # Resources (production defaults)
-        "resources.requests.memory=512Mi",
-        "resources.requests.cpu=250m",
-        "resources.limits.memory=1Gi",
+        # Resources
+        f"resources.requests.memory={resources_req_mem}",
+        f"resources.requests.cpu={resources_req_cpu}",
+        f"resources.limits.memory={resources_lim_mem}",
+        f"resources.limits.cpu={resources_lim_cpu}",
         # Tolerations para control-plane
         "tolerations[0].key=node-role.kubernetes.io/control-plane",
         "tolerations[0].operator=Exists",
@@ -161,6 +191,9 @@ def run(ctx: ExecutionContext) -> None:
         # NodeSelector
         f"nodeSelector.kubernetes\\.io/hostname={node_name}",
     ]
+    if is_distributed:
+        values.append(f"replicas={replicas}")
     # Console
     if enable_console:

raijin_server/modules/ssh_hardening.py CHANGED Viewed

@@ -13,7 +13,19 @@ from raijin_server.utils import ExecutionContext, apt_install, require_root, run
 SSHD_DROPIN = Path("/etc/ssh/sshd_config.d/99-raijin.conf")
 FAIL2BAN_JAIL = Path("/etc/fail2ban/jail.d/raijin-sshd.conf")
 AUTHORIZED_KEYS_TEMPLATE = "# gerenciado pelo raijin-server\n{key}\n"
-HARDCODED_PUBKEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOolYckNjqXbvVORhQUz0oqxm/xnaAiLzzZAAVd7+f1Q rafaelluisdacostacoelho@gmail.com"
+def _current_non_root_user() -> str | None:
+    sudo_user = os.environ.get("SUDO_USER")
+    if sudo_user and sudo_user != "root":
+        return sudo_user
+    try:
+        import getpass
+        who = getpass.getuser()
+        return who if who != "root" else None
+    except Exception:
+        return None
 def _user_exists(username: str) -> bool:
@@ -50,9 +62,26 @@ def _write_authorized_keys(username: str, content: str, ctx: ExecutionContext) -
     run_cmd(["chown", "-R", f"{username}:{username}", str(ssh_dir)], ctx)
+def _default_pubkey_path() -> Path:
+    user = _current_non_root_user()
+    if user:
+        candidate = Path(f"/home/{user}/.ssh/authorized_keys")
+        if candidate.exists():
+            return candidate
+    return Path.home() / ".ssh/authorized_keys"
 def _load_public_key(path_input: str) -> str:
-    # Sempre usa a chave embutida solicitada
-    return HARDCODED_PUBKEY
+    path = Path(path_input).expanduser()
+    if path.exists():
+        content = path.read_text().strip()
+        if content:
+            return content
+    typer.echo("Arquivo nao encontrado. Cole a chave publica completa (ssh-ed25519...).")
+    key = typer.prompt("Chave publica", default="")
+    if not key:
+        raise typer.BadParameter("Nenhuma chave publica fornecida.")
+    return key.strip()
 def run(ctx: ExecutionContext) -> None:
@@ -62,25 +91,34 @@ def run(ctx: ExecutionContext) -> None:
     typer.echo("Hardening de SSH em andamento...")
     apt_install(["openssh-server", "fail2ban"], ctx)
-    username = typer.prompt("Usuario administrativo para SSH", default="adminops")
+    username = typer.prompt("Usuario administrativo para SSH", default="thor")
     ssh_port = typer.prompt("Porta SSH", default="22")
     sudo_access = typer.confirm("Adicionar usuario ao grupo sudo?", default=True)
-    extra_users = typer.prompt(
-        "Usuarios adicionais permitidos (opcional, separados por espaco)", default=""
+    current_user = _current_non_root_user()
+    default_extra = current_user if current_user and current_user != username else ""
+    extra_users_raw = typer.prompt(
+        "Usuarios adicionais (serao criados se nao existirem, separados por espaco)",
+        default=default_extra,
     ).strip()
     pubkey_path = typer.prompt(
         "Arquivo com chave publica ou authorized_keys existente",
-        default=str(Path.home() / ".ssh/authorized_keys"),
+        default=str(_default_pubkey_path()),
     )
     public_key = _load_public_key(pubkey_path)
-    allow_users = " ".join(part for part in [username, extra_users] if part).strip()
-    _ensure_user(username, ctx)
-    if sudo_access:
-        run_cmd(["usermod", "-aG", "sudo", username], ctx)
-    _write_authorized_keys(username, public_key, ctx)
+    extra_users = [u for u in extra_users_raw.split() if u]
+    target_users: list[str] = []
+    for u in [username, *extra_users]:
+        if u not in target_users:
+            target_users.append(u)
+    allow_users = " ".join(target_users)
+    for user in target_users:
+        _ensure_user(user, ctx)
+        if user == username and sudo_access:
+            run_cmd(["usermod", "-aG", "sudo", user], ctx)
+        _write_authorized_keys(user, public_key, ctx)
     config = f"""
 # Arquivo gerenciado pelo raijin-server

{raijin_server-0.2.33.dist-info → raijin_server-0.2.35.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: raijin-server
-Version: 0.2.33
+Version: 0.2.35
 Summary: CLI para automacao de setup e hardening de servidores Ubuntu Server.
 Home-page: https://example.com/raijin-server
 Author: Equipe Raijin
@@ -79,18 +79,30 @@ python3 -m venv ~/.venvs/midgard
 source ~/.venvs/midgard/bin/activate
 pip install -U pip setuptools
-# 2) Instalar a partir do source (dev)
-pip install -U raijin-server
+# 2) Instalar a partir do PyPI (ou source)
+pip install -U raijin-server==x.x.x
 # 3) Uso com sudo preservando o venv
 sudo -E ~/.venvs/midgard/bin/raijin-server --version
 sudo -E ~/.venvs/midgard/bin/raijin-server validate
 sudo -E ~/.venvs/midgard/bin/raijin-server full-install
+sudo -E ~/.venvs/midgard/bin/raijin-server menu
 # 4) Quando terminar
 deactivate
 ```
+> **Após instalar:**
+>
+> Execute:
+>
+> ```bash
+> pip install -U raijin-server==x.x.x
+> sudo -E ~/.venvs/midgard/bin/raijin-server menu
+> ```
+>
+> Isso garante que o menu principal do Raijin Server estará disponível no Ubuntu Server.
 > Dica: se precisar reinstalar, remova o venv (`rm -rf ~/.venvs/midgard`), recrie e repita o passo 2. O `-E` no sudo mantém o venv ativo para o Python.
 # 5. Rodar usando root preservando o venv

{raijin_server-0.2.33.dist-info → raijin_server-0.2.35.dist-info}/RECORD RENAMED Viewed

@@ -1,4 +1,4 @@
-raijin_server/__init__.py,sha256=9mc1Ir67QB8rsEgjIVmyYrPQ2TH8VdvVkWeh8977mY4,95
+raijin_server/__init__.py,sha256=Wa2eQSGUaft7BUQFSKQeBX5yVKrKfRVa7mfEzttqLg0,95
 raijin_server/cli.py,sha256=2m7q1znMLbBdnUwN6oOUrCZXEqC2e7SfbjYkymbP4lQ,37884
 raijin_server/config.py,sha256=QNiEVvrbW56XgvNn5-h3bkJm46Xc8mjNqPbvixXD8N0,4829
 raijin_server/healthchecks.py,sha256=lzXdFw6S0hOYbUKbqksh4phb04lXgXdTspP1Dsz4dx8,15401
@@ -22,14 +22,14 @@ raijin_server/modules/kong.py,sha256=eDSagvEP9_BCs9pZ-pCVs1BDdlYOoJfY5PnUSiTvvgc
 raijin_server/modules/kubernetes.py,sha256=9E6zV0zGQWZW92NVpxwYctpi-4JDmi6YzF3tKRI4HlU,13343
 raijin_server/modules/loki.py,sha256=aNiUpnOFppZMXoQwYhn7IoPMzwUz4aHi6pbiqj1PRjc,5022
 raijin_server/modules/metallb.py,sha256=uUuklc_RsQ-W2qDVRMQAxQm9HKGEqso444b1IwBpM6w,8554
-raijin_server/modules/minio.py,sha256=wxL8U1Zl3XtI-wymIeZonmi561v1zf-bY4TTVPKisLA,6221
+raijin_server/modules/minio.py,sha256=rHiyNs1wK2gxAMDUhxhN5zeh8nuyADlmueHiYhEyjL0,7213
 raijin_server/modules/network.py,sha256=QRlYdcryCCPAWG3QQ_W7ld9gJgETI7H8gwntOU7UqFE,4818
 raijin_server/modules/observability_dashboards.py,sha256=fVz0WEOQrUTF5rJ__Nu_onyBuwL_exFmysWMmg8AE9w,7319
 raijin_server/modules/observability_ingress.py,sha256=Fh1rlFWueBNHnOkHuoHYyhILmpO-iQXINybSUYbYsHQ,5738
 raijin_server/modules/prometheus.py,sha256=wT9jdcC-8vVysVKgMR5isGbxxpvGFPRf7fhMAGd9kJU,10761
 raijin_server/modules/sanitize.py,sha256=_RnWn1DUuNrzx3NnKEbMvf5iicgjiN_ubwT59e0rYWY,6040
 raijin_server/modules/secrets.py,sha256=d4j12feQL8m_4-hYN5FfboQHvBc75TFeGno3OzrXokE,9266
-raijin_server/modules/ssh_hardening.py,sha256=go3kY4SZWe71LZLSfEeunhts3AqqHYxmQ7rCeezNFL8,4301
+raijin_server/modules/ssh_hardening.py,sha256=Zd0dlylUBr01SkrI1CS05-0DB9xIto5rWH1bUVs80ow,5422
 raijin_server/modules/traefik.py,sha256=crEYIqAidAhh_H93qIvCbTtJ7BjO-3ef77alLc_--Gg,3535
 raijin_server/modules/velero.py,sha256=yDtqd6yUu0L5wzLCjYXqvvxB_RyaAoZtntb6HoHVAOo,5642
 raijin_server/modules/vpn.py,sha256=hF-0vA17VKTxhQLDBSEeqI5aPQpiaaj4IpUf9l6lr64,8297
@@ -38,9 +38,9 @@ raijin_server/scripts/checklist.sh,sha256=j6E0Kmk1EfjLvKK1VpCqzXJAXI_7Bm67LK4ndy
 raijin_server/scripts/install.sh,sha256=Y1ickbQ4siQ0NIPs6UgrqUr8WWy7U0LHmaTQbEgavoI,3949
 raijin_server/scripts/log_size_metric.sh,sha256=Iv4SsX8AuCYRou-klYn32mX41xB6j0xJGLBO6riw4rU,1208
 raijin_server/scripts/pre-deploy-check.sh,sha256=XqMo7IMIpwUHF17YEmU0-cVmTDMoCGMBFnmS39FidI4,4912
-raijin_server-0.2.33.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
-raijin_server-0.2.33.dist-info/METADATA,sha256=azAxO3niYnCUlG9rKnd7q-Q_1SYv5qSl8aKMKF7qyak,22476
-raijin_server-0.2.33.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-raijin_server-0.2.33.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
-raijin_server-0.2.33.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
-raijin_server-0.2.33.dist-info/RECORD,,
+raijin_server-0.2.35.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
+raijin_server-0.2.35.dist-info/METADATA,sha256=D3rgG1t86vS6joqEpt82Xrm8cx_xnhDYE6lmi34eCbw,22770
+raijin_server-0.2.35.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+raijin_server-0.2.35.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
+raijin_server-0.2.35.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
+raijin_server-0.2.35.dist-info/RECORD,,

{raijin_server-0.2.33.dist-info → raijin_server-0.2.35.dist-info}/WHEEL RENAMED Viewed

File without changes

{raijin_server-0.2.33.dist-info → raijin_server-0.2.35.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{raijin_server-0.2.33.dist-info → raijin_server-0.2.35.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

{raijin_server-0.2.33.dist-info → raijin_server-0.2.35.dist-info}/top_level.txt RENAMED Viewed

File without changes

raijin-server 0.2.33__py3-none-any.whl → 0.2.35__py3-none-any.whl

Potentially problematic release.

raijin-server 0.2.33py3-none-any.whl → 0.2.35py3-none-any.whl