summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2014-05-19 17:27:21 -0400
committerJoey Hess2014-05-19 17:27:21 -0400
commitc8a653af5dfd6f876d2c5d77ef047ba47274e3d7 (patch)
tree6251b7031c65f6860efd7426dc242150e697e2e9
parent2e050607079393c3bdac789c0751a203a2a2faf9 (diff)
propellor spin
-rw-r--r--config-joey.hs25
-rw-r--r--src/Propellor/Property/Docker.hs4
-rw-r--r--src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs59
3 files changed, 62 insertions, 26 deletions
diff --git a/config-joey.hs b/config-joey.hs
index 45805897..3d464e37 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -189,28 +189,37 @@ hosts = -- (o) `
(Just "remotes/origin/old-kitenet.net")
-- git-annex autobuilder containers
- , gitAnnexBuilder "amd64" 15
- , gitAnnexBuilder "i386" 45
- -- armel builder has a companion container that run amd64 and
+ , standardGitAnnexBuilder "amd64" 15 "2h"
+ , standardGitAnnexBuilder "i386" 45 "2h"
+ -- armel builder has a companion container using amd64 that
-- runs the build first to get TH splices. They share a home
-- directory, and need to have the same versions of all haskell
- -- libraries installed.
+ -- libraries installed. The armel builder can ssh in to the
+ -- companion.
, Docker.container "armel-git-annex-builder-companion"
(image $ System (Debian Unstable) "amd64")
& Docker.volume GitAnnexBuilder.homedir
& Apt.unattendedUpgrades
+ & GitAnnexBuilder.treeDeps "armel"
+ & GitAnnexBuilder.cabalDeps
+ & GitAnnexBuilder.sshKeyGen
+ & Docker.expose "22"
+ & Apt.serviceInstalledRunning "ssh"
, Docker.container "armel-git-annex-builder"
(image $ System (Debian Unstable) "armel")
& Docker.link "armel-git-annex-builder-companion" "companion"
& Docker.volumes_from "armel-git-annex-builder-companion"
--- & GitAnnexBuilder.builder "armel" "15 * * * *" True
+ & GitAnnexBuilder.builder "armel" "1 3 * * *" "5h" True
+ -- TODO: automate installing haskell libs
+ -- (Currently have to run
+ -- git-annex/standalone/linux/install-haskell-packages)
& Apt.unattendedUpgrades
] ++ monsters
-gitAnnexBuilder :: Architecture -> Int -> Host
-gitAnnexBuilder arch buildminute = Docker.container (arch ++ "-git-annex-builder")
+standardGitAnnexBuilder :: Architecture -> Int -> GitAnnexBuilder.TimeOut -> Host
+standardGitAnnexBuilder arch buildminute timeout = Docker.container (arch ++ "-git-annex-builder")
(image $ System (Debian Unstable) arch)
- & GitAnnexBuilder.builder arch (show buildminute ++ " * * * *") True
+ & GitAnnexBuilder.builder arch (show buildminute ++ " * * * *") timeout True
& Apt.unattendedUpgrades
-- This is my standard system setup.
diff --git a/src/Propellor/Property/Docker.hs b/src/Propellor/Property/Docker.hs
index 09d7d6a4..68fbced5 100644
--- a/src/Propellor/Property/Docker.hs
+++ b/src/Propellor/Property/Docker.hs
@@ -156,6 +156,10 @@ name = runProp "name"
publish :: String -> Property
publish = runProp "publish"
+-- | Expose a container's port without publishing it.
+expose :: String -> Property
+expose = runProp "expose"
+
-- | Username or UID for container.
user :: String -> Property
user = runProp "user"
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 677aa760..9754d4f7 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -18,25 +18,14 @@ gitbuilderdir = homedir </> "gitbuilder"
builddir :: FilePath
builddir = gitbuilderdir </> "build"
-builder :: Architecture -> CronTimes -> Bool -> Property
-builder arch crontimes rsyncupload = combineProperties "gitannexbuilder"
- [ Apt.stdSourcesList Unstable
- , Apt.buildDep ["git-annex"]
- , Apt.installed ["git", "rsync", "moreutils", "ca-certificates",
- "liblockfile-simple-perl", "cabal-install", "vim", "less"]
+type TimeOut = String -- eg, 5h
+
+builder :: Architecture -> CronTimes -> TimeOut -> Bool -> Property
+builder buildarch crontimes timeout rsyncupload = combineProperties "gitannexbuilder"
+ [ treeDeps buildarch
, Apt.serviceInstalledRunning "cron"
- , User.accountFor builduser
- , check (not <$> doesDirectoryExist gitbuilderdir) $ userScriptProperty builduser
- [ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
- , "cd " ++ gitbuilderdir
- , "git checkout " ++ arch
- ]
- `describe` "gitbuilder setup"
- , check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser
- [ "git clone git://git-annex.branchable.com/ " ++ builddir
- ]
- , "git-annex source build deps installed" ==> Apt.buildDepIn builddir
- , Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir "git pull ; ./autobuild"
+ , Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir $
+ "git pull ; timeout " ++ timeout ++ " ./autobuild"
-- The builduser account does not have a password set,
-- instead use the password privdata to hold the rsync server
-- password used to upload the built image.
@@ -55,3 +44,37 @@ builder arch crontimes rsyncupload = combineProperties "gitannexbuilder"
, makeChange $ writeFile f "no password configured"
)
]
+
+treeDeps :: Architecture -> Property
+treeDeps buildarch = combineProperties "gitannexbuilder"
+ [ Apt.stdSourcesList Unstable
+ , Apt.buildDep ["git-annex"]
+ , Apt.installed ["git", "rsync", "moreutils", "ca-certificates",
+ "liblockfile-simple-perl", "cabal-install", "vim", "less"]
+ , User.accountFor builduser
+ , check (not <$> doesDirectoryExist gitbuilderdir) $ userScriptProperty builduser
+ [ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
+ , "cd " ++ gitbuilderdir
+ , "git checkout " ++ buildarch
+ ]
+ `describe` "gitbuilder setup"
+ , check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser
+ [ "git clone git://git-annex.branchable.com/ " ++ builddir
+ ]
+ , "git-annex source build deps installed" ==> Apt.buildDepIn builddir
+ ]
+
+-- Installs current versions of git-annex's deps from cabal, but only
+-- does so once.
+cabalDeps :: Property
+cabalDeps = flagFile go cabalupdated
+ where
+ go = userScriptProperty builduser ["cabal update && cabal install git-annex --only-dependencies || true"]
+ cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
+
+-- Ensure a ssh key is set up.
+sshKeyGen :: Property
+sshKeyGen = flagFile gen f
+ where
+ gen = userScriptProperty builduser ["ssh-keygen -t RSA -N '' -f " ++ f]
+ f = homedir </> ".ssh" </> "id_rsa"