summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2016-03-20 13:28:53 -0400
committerJoey Hess2016-03-20 13:28:53 -0400
commit394d44880ede6dd7fb916f21ca4fe24d9b3549c6 (patch)
treeae41ec177598827b743449a461a8fd20b27ce174
parent8e27dce708f9af48712dfa26274715ce22cb40e0 (diff)
parent80109620f6af779a2c58bc5766fb77301729f60f (diff)
Merge branch 'master' into typed-os-requirements
-rw-r--r--Makefile2
-rw-r--r--debian/changelog33
-rw-r--r--doc/automated_spins/comment_1_1976b145c519b575c1b0454611036055._comment8
-rw-r--r--doc/automated_spins/comment_2_d0b3cfce5e37727f5b17c14d0f4214d2._comment27
-rw-r--r--doc/automated_spins/comment_3_31fee6824f4f22f8f4fc8e77bf8f8d69._comment8
-rw-r--r--doc/automated_spins/comment_4_0e6a73215c72286ef0053b5d762537ab._comment8
-rw-r--r--doc/components.mdwn2
-rw-r--r--doc/todo/HostingProvider_for_AWS/comment_5_ace17433647f7b2adbce27261cf4cd33._comment14
-rw-r--r--doc/todo/HostingProvider_for_AWS/comment_6_be3608729f362cdf5fc0a338c4a07f67._comment8
-rw-r--r--doc/todo/HostingProvider_for_AWS/comment_7_a77278f07bc0047d1f25c3d6c294b475._comment7
-rw-r--r--doc/todo/OpenVPN___40__PR___35__13__41__.mdwn20
-rw-r--r--doc/todo/SDN_Configuration.mdwn1
-rw-r--r--doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_36e0123127b60d1d9e9cf38783dc0c2c._comment9
-rw-r--r--doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_73842a5ea0d791cd05621778803e0b69._comment8
-rw-r--r--doc/todo/type_level_OS_requirements.mdwn19
-rw-r--r--doc/todo/type_level_OS_requirements/.comment_1_507e3b74c2a3b8f41da5d3eddf197c6f._comment.swpbin0 -> 12288 bytes
-rw-r--r--doc/todo/type_level_OS_requirements/comment_3_124ceb79eaa4eacc9636147dde4c262c._comment8
-rw-r--r--doc/todo/type_level_OS_requirements/comment_4_8d14bbbec4e219015a80f80bf6124181._comment12
-rw-r--r--doc/todo/type_level_OS_requirements/comment_5_35dbd3a2eb073f4c456ac567aec569bd._comment16
-rw-r--r--doc/todo/type_level_OS_requirements/comment_6_b10cb4445eb2519c8b3f7f080c975113._comment21
-rw-r--r--doc/todo/type_level_OS_requirements/comment_7_6fd5354f19ec624d3eaa1c5eb427ebed._comment39
-rw-r--r--doc/todo/type_level_OS_requirements/comment_7_a760b1a3b62f9bd8fd61eb5ec2ff216f._comment10
-rw-r--r--doc/todo/type_level_OS_requirements/comment_9_8d2153620518295f33b83f1506441fdd._comment23
-rw-r--r--doc/todo/type_level_privdata_availability_checking.mdwn20
-rw-r--r--joeyconfig.hs4
-rw-r--r--propellor.cabal10
-rw-r--r--src/Propellor/Bootstrap.hs4
-rw-r--r--src/Propellor/CmdLine.hs9
-rw-r--r--src/Propellor/Property/FreeBSD/Pkg.hs2
-rw-r--r--src/Propellor/Property/FreeBSD/Poudriere.hs2
-rw-r--r--src/Propellor/Property/Tor.hs22
31 files changed, 326 insertions, 50 deletions
diff --git a/Makefile b/Makefile
index d1809458..a9ad2b84 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,5 @@
CABAL?=cabal
-DATE := $(shell dpkg-parsechangelog | grep Date | cut -d " " -f2-)
+DATE := $(shell dpkg-parsechangelog 2>/dev/null | grep Date | cut -d " " -f2-)
# this target is provided (and is first) to keep old versions of the
# propellor cron job working, and will eventually be removed
diff --git a/debian/changelog b/debian/changelog
index 462cad65..b3f19cbb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,28 +1,33 @@
propellor (2.17.0) UNRELEASED; urgency=medium
- * Apt.upgrade: Run dpkg --configure -a first, to recover from
- interrupted upgrades.
- * Apt: Add safeupgrade.
- * Avoid repeated re-building on systems such as FreeBSD where building
- re-links the binary even when there are no changes.
+ * Added initial support for FreeBSD.
+ Thanks, Evan Cofsky.
+ * Added Propellor.Property.ZFS.
+ Thanks, Evan Cofsky.
* Firewall: Reorganized Chain data type. (API change)
Thanks, Félix Sipma.
* Firewall: Separated Table and Target (API change)
Thanks, Félix Sipma.
+ * Ssh: change type of listenPort from Int to Port (API change)
+ Thanks, Félix Sipma.
* Firewall: add TCPFlag, Frequency, TCPSyn, ICMPTypeMatch, NatDestination
Thanks, Félix Sipma.
+ * Network: Filter out characters not allowed in interfaces.d files.
+ Thanks, Félix Sipma.
+ * Apt.upgrade: Run dpkg --configure -a first, to recover from
+ interrupted upgrades.
+ * Apt: Add safeupgrade.
+ * Force ssh, scp, and git commands to be run in the foreground.
+ Should fix intermittent hangs of propellor --spin.
+ * Avoid repeated re-building on systems such as FreeBSD where building
+ re-links the binary even when there are no changes.
* Locale.available: Run locale-gen, instead of dpkg-reconfigure locales,
which modified the locale.gen file and sometimes caused the property to
need to make changes every time.
- * Force ssh, scp, and git commands to be run in the foreground.
- * Network: Filter out characters not allowed in interfaces.d files.
- Thanks, Félix Sipma.
- * Ssh: hange type of listenPort from Int to Port (API change)
- Thanks, Félix Sipma.
- * Added initial support for FreeBSD.
- Thanks, Evan Cofsky.
- * Added Propellor.Property.ZFS.
- Thanks, Evan Cofsky.
+ * Speed up propellor's build of itself, by asking cabal to only build
+ the propellor-config binary and not all the libraries.
+ * Tor.named: Fix bug that sometimes caused the property to fail the first
+ time, though retrying succeeded.
-- Joey Hess <id@joeyh.name> Mon, 29 Feb 2016 17:58:08 -0400
diff --git a/doc/automated_spins/comment_1_1976b145c519b575c1b0454611036055._comment b/doc/automated_spins/comment_1_1976b145c519b575c1b0454611036055._comment
new file mode 100644
index 00000000..24298db9
--- /dev/null
+++ b/doc/automated_spins/comment_1_1976b145c519b575c1b0454611036055._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="arnaud@30aba4d9f1742050874551d3ddc55ca8694809f8"
+ nickname="arnaud"
+ subject="Spinning hosts in parallel"
+ date="2016-03-19T17:52:04Z"
+ content="""
+I just noticed the existence of this conductor property, which seems really interesting. I was trying to understand if and how it would be possible to spinning hosts in parallel. This could be done either as part of a conductor's run, e.g. by traversing the graph in parallel, or from command-line. It seems to me I could use directly `spin` or `spin'` functions to do that from forked threads or processes, with the master process doing the spin commit, but I may be overlooking some potential issues...
+"""]]
diff --git a/doc/automated_spins/comment_2_d0b3cfce5e37727f5b17c14d0f4214d2._comment b/doc/automated_spins/comment_2_d0b3cfce5e37727f5b17c14d0f4214d2._comment
new file mode 100644
index 00000000..c95ae691
--- /dev/null
+++ b/doc/automated_spins/comment_2_d0b3cfce5e37727f5b17c14d0f4214d2._comment
@@ -0,0 +1,27 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2016-03-19T18:49:26Z"
+ content="""
+Yes, that was the main reason to add
+[Propellor.Property.Concurrent](http://hackage.haskell.org/package/propellor-2.16.0/docs/Propellor-Property-Concurrent.html)
+
+It should be able to parallelize any properties using the combinators in
+there. Including `Propellor.Property.Conductor.conducts`
+
+For example:
+
+ conducts hostfoo `concurrently` conducts hostbar `concurrently` conducts hostbaz
+
+Or, something like this to conduct a whole list of hosts in parallel
+(have not tried to compile it, may need minor tweaking):
+
+ concurrentList (pure 10) "conduct web servers in parallel" $
+ PropList $ map toProp $ conduct webservers
+
+ webservers :: [Host]
+
+Note that concurrent output will be serialized, so you'll probably see propellor
+running live on the first host and then the ones that were conducted in the
+background will have their output dumped the console later on.
+"""]]
diff --git a/doc/automated_spins/comment_3_31fee6824f4f22f8f4fc8e77bf8f8d69._comment b/doc/automated_spins/comment_3_31fee6824f4f22f8f4fc8e77bf8f8d69._comment
new file mode 100644
index 00000000..dd2e0986
--- /dev/null
+++ b/doc/automated_spins/comment_3_31fee6824f4f22f8f4fc8e77bf8f8d69._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="arnaud@30aba4d9f1742050874551d3ddc55ca8694809f8"
+ nickname="arnaud"
+ subject="comment 3"
+ date="2016-03-19T22:10:42Z"
+ content="""
+Nice! Need to revisit latest changes to propellor as I may be missing some really cool stuff...
+"""]]
diff --git a/doc/automated_spins/comment_4_0e6a73215c72286ef0053b5d762537ab._comment b/doc/automated_spins/comment_4_0e6a73215c72286ef0053b5d762537ab._comment
new file mode 100644
index 00000000..1a031e9c
--- /dev/null
+++ b/doc/automated_spins/comment_4_0e6a73215c72286ef0053b5d762537ab._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="arnaud@30aba4d9f1742050874551d3ddc55ca8694809f8"
+ nickname="arnaud"
+ subject="comment 4"
+ date="2016-03-20T11:03:01Z"
+ content="""
+Is there a straightforward way to do that from command-line?
+"""]]
diff --git a/doc/components.mdwn b/doc/components.mdwn
index c7b0e98b..801bb6bf 100644
--- a/doc/components.mdwn
+++ b/doc/components.mdwn
@@ -33,7 +33,7 @@ install propellor, and then copy the two files from the
[mininalconfig branch](http://source.propellor.branchable.com/?p=source.git;a=tree;h=refs/heads/minimalconfig;hb=refs/heads/minimalconfig),
or clone it:
- git clone ssh://b-propellor@propellor.branchable.com/propellor.branchable.com .propellor --branch minimalconfig --single-branch
+ git clone git://propellor.branchable.com/ .propellor --branch minimalconfig --single-branch
In this configuration, when propellor is deploying itself to a new host,
it will automatically install the version of the propellor library
diff --git a/doc/todo/HostingProvider_for_AWS/comment_5_ace17433647f7b2adbce27261cf4cd33._comment b/doc/todo/HostingProvider_for_AWS/comment_5_ace17433647f7b2adbce27261cf4cd33._comment
new file mode 100644
index 00000000..da9324ca
--- /dev/null
+++ b/doc/todo/HostingProvider_for_AWS/comment_5_ace17433647f7b2adbce27261cf4cd33._comment
@@ -0,0 +1,14 @@
+[[!comment format=mdwn
+ username="evan@0e4cded17eab71af967a38b123fbc211cf215421"
+ nickname="evan"
+ subject="Amazonka"
+ date="2016-03-10T03:24:47Z"
+ content="""
+[Amazonka](http://brendanhay.nz/amazonka-doc/amazonka-ec2/index.html) is really thorough, and I think I'm going to start writing some properties to spin up some things tomorrow. I wrote some PKI stuff today for work so we can start launching things without SSH open to the world, and this is definitely a good next step.
+
+I've already got a hand-mashed set of subnets I'm really itching to automate.
+
+
+
+Thanks
+"""]]
diff --git a/doc/todo/HostingProvider_for_AWS/comment_6_be3608729f362cdf5fc0a338c4a07f67._comment b/doc/todo/HostingProvider_for_AWS/comment_6_be3608729f362cdf5fc0a338c4a07f67._comment
new file mode 100644
index 00000000..ceaecaed
--- /dev/null
+++ b/doc/todo/HostingProvider_for_AWS/comment_6_be3608729f362cdf5fc0a338c4a07f67._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="evan@0e4cded17eab71af967a38b123fbc211cf215421"
+ nickname="evan"
+ subject="In Fact Amazonka is Fairly Epic"
+ date="2016-03-11T14:14:51Z"
+ content="""
+I'm going to start working with it outside Propellor for a bit to configure our infrastructure, then I think we can really have a good sense of what we can do to start moving bits back into Propellor. To give an idea of just how much is going on, even just building amazonka-ec2 takes around 30 minutes on my laptop. A lot of it is (rightly-so) auto-generated from the AWS API descriptions, and it relies heavily on lenses. One of my goals with my current work is getting our AWS infrastructure built using Amazonka, and with a similar model as Propellor, and I think that'll ultimately be something we'll be able to merge (with a lot of merging effort of course).
+"""]]
diff --git a/doc/todo/HostingProvider_for_AWS/comment_7_a77278f07bc0047d1f25c3d6c294b475._comment b/doc/todo/HostingProvider_for_AWS/comment_7_a77278f07bc0047d1f25c3d6c294b475._comment
new file mode 100644
index 00000000..1d196a51
--- /dev/null
+++ b/doc/todo/HostingProvider_for_AWS/comment_7_a77278f07bc0047d1f25c3d6c294b475._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 7"""
+ date="2016-03-15T16:34:22Z"
+ content="""
+<https://github.com/joeyh/propellor/pull/12>
+"""]]
diff --git a/doc/todo/OpenVPN___40__PR___35__13__41__.mdwn b/doc/todo/OpenVPN___40__PR___35__13__41__.mdwn
new file mode 100644
index 00000000..3847b31c
--- /dev/null
+++ b/doc/todo/OpenVPN___40__PR___35__13__41__.mdwn
@@ -0,0 +1,20 @@
+> Is the ghc ppa needed past 12.04LTS? Past that version, they seem to
+> have ghc 7.6.3 or newer, which is the current target version as it's the
+> version in debian stable. If only specific ubuntu versions need the ghc
+> ppa it would be best to avoid using it on newer ones.
+
+Oh! I hadn't realized 7.6.3 was the target, so I upgraded to 7.10.3 (which is what I've been using for things). I can definitely try a spin without it. I can't remember why I thought 7.6.3 was failing there but I'll definitely dig into it.
+
+> Even type aliases
+> would be an improvement but probably newtypes or ADTs would improve on
+> it. Also there may be some overlap with typees in Propellor.Property.Firewall
+
+Oh yes, definitely. I'll take a pass at that too, and dig into Firewall to see what's there.
+
+> Isn't Property HasInfo a shorter way to write that? I'm somewhat
+> surprised you arrived at the partially applied type family there; ghc
+> normally tells you the simplified type.
+
+ CombinedType (Property NoInfo) (Property HasInfo)
+
+That's an excellent question. I think ultimately I tried a type hole to find out what I was missing, and that's what it came up with, but it also might be differences in ghc versions I stumbled into. I'll give it a try with 7.6.3. I'm using Trusty 14.04.4 for the project this is for.
diff --git a/doc/todo/SDN_Configuration.mdwn b/doc/todo/SDN_Configuration.mdwn
new file mode 100644
index 00000000..f87075f1
--- /dev/null
+++ b/doc/todo/SDN_Configuration.mdwn
@@ -0,0 +1 @@
+I think this may be a bit more of a back-burner thing, but with virtual networking and software-defined networking, like what OpenStack, AWS VPC, and others have, adding another type at the same level as Host currently, but for networks might be an interesting thing to consider ways of doing.
diff --git a/doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_36e0123127b60d1d9e9cf38783dc0c2c._comment b/doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_36e0123127b60d1d9e9cf38783dc0c2c._comment
new file mode 100644
index 00000000..28d39bc0
--- /dev/null
+++ b/doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_36e0123127b60d1d9e9cf38783dc0c2c._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 6"""
+ date="2016-03-08T22:00:37Z"
+ content="""
+When stack.yaml exists, using --spin would need to get stack installed
+on the remote host, and use it to build propellor. Much as --spin currently
+gets cabal and ghc installed and uses them to build.
+"""]]
diff --git a/doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_73842a5ea0d791cd05621778803e0b69._comment b/doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_73842a5ea0d791cd05621778803e0b69._comment
new file mode 100644
index 00000000..c56d2b7c
--- /dev/null
+++ b/doc/todo/detect_and_use___96__GHC__95__PACKAGE__95__PATH__96__/comment_6_73842a5ea0d791cd05621778803e0b69._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="mithrandi@311efa1b2b5c4999c2edae7da06fb825899e8a82"
+ nickname="mithrandi"
+ subject="comment 6"
+ date="2016-03-08T21:16:30Z"
+ content="""
+That sounds reasonable to me. One question, though; would this mean that if you commit stack.yaml to your repo (which I currently don't do), you have to have Propellor available on all the hosts you deploy to?
+"""]]
diff --git a/doc/todo/type_level_OS_requirements.mdwn b/doc/todo/type_level_OS_requirements.mdwn
index 6d5d7aaf..7c2fb78f 100644
--- a/doc/todo/type_level_OS_requirements.mdwn
+++ b/doc/todo/type_level_OS_requirements.mdwn
@@ -11,13 +11,8 @@ For example, `Property i '[Debian, FreeBSD]` combined with `Property i '[Debian,
yields a `Property i '[Debian]` -- the intersection of the OS's supported by
the combined properties.
-Combining two properties that demand different OS's would yield a
-`Property i '[]` -- since the type level OS list is empty,
-
-type error. Can a type level function combine two types successfully, and
-fail to combine two others somehow? Don't know. Maybe combine to an
-IncoherentOS and don't allow a `Property i IncoherentOS` to be used in a
-Host?
+And, combining two properties that demand different OS's would need to be a
+type error.
Another kind of property combination would be to glue two properties that
support different OS's together, yielding a property that supports both,
@@ -37,7 +32,7 @@ the OS of the Host is indeterminite. Which would be fixed by using the `os`
property to specify.
On the other hand, if a Host's list of properties yields a single OS
-(or perhaps no OS requirement), the type needs to be just `Host`.
+the type needs to be just `Host`.
After all, propellor operates on a `[Host]`; if we had `Host OS`,
the list couldn't contain host's with different OS's.
@@ -49,4 +44,12 @@ the Propellor Result extracted from the resulting single property.
This is somewhat similar to [[type_level_port_conflict_detection]].
+----
+
+Note that propellor needs to remain buildable with Debian stable's
+ghc 7.6.3. I was able to get the type level OS implementation backported to
+work with that version, with some added ugliness.
+
--[[Joey]]
+
+[[!tag user/joey]]
diff --git a/doc/todo/type_level_OS_requirements/.comment_1_507e3b74c2a3b8f41da5d3eddf197c6f._comment.swp b/doc/todo/type_level_OS_requirements/.comment_1_507e3b74c2a3b8f41da5d3eddf197c6f._comment.swp
new file mode 100644
index 00000000..79380a08
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/.comment_1_507e3b74c2a3b8f41da5d3eddf197c6f._comment.swp
Binary files differ
diff --git a/doc/todo/type_level_OS_requirements/comment_3_124ceb79eaa4eacc9636147dde4c262c._comment b/doc/todo/type_level_OS_requirements/comment_3_124ceb79eaa4eacc9636147dde4c262c._comment
new file mode 100644
index 00000000..230eccab
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_3_124ceb79eaa4eacc9636147dde4c262c._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2016-03-08T21:06:08Z"
+ content="""
+Asked about what I'm stuck on:
+<http://stackoverflow.com/questions/35878018/how-to-write-an-intersection-function-for-type-level-lists>
+"""]]
diff --git a/doc/todo/type_level_OS_requirements/comment_4_8d14bbbec4e219015a80f80bf6124181._comment b/doc/todo/type_level_OS_requirements/comment_4_8d14bbbec4e219015a80f80bf6124181._comment
new file mode 100644
index 00000000..5db7b68b
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_4_8d14bbbec4e219015a80f80bf6124181._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 4"""
+ date="2016-03-08T21:19:01Z"
+ content="""
+Ok, got intersectSupportedOS fixed.
+
+ *Propellor.Types.OS.TypeLevel> :t (intersectSupportedOS (combineSupportedOS freeBSD debian) debian)
+ (intersectSupportedOS (combineSupportedOS freeBSD debian) debian) :: OSList '['OSDebian]
+
+So, the type level OS lists are ready, on to the next step ... eventually ...
+"""]]
diff --git a/doc/todo/type_level_OS_requirements/comment_5_35dbd3a2eb073f4c456ac567aec569bd._comment b/doc/todo/type_level_OS_requirements/comment_5_35dbd3a2eb073f4c456ac567aec569bd._comment
new file mode 100644
index 00000000..e95a88c8
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_5_35dbd3a2eb073f4c456ac567aec569bd._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 5"""
+ date="2016-03-08T21:56:26Z"
+ content="""
+I got it to throw a nice type error when intersection of two OS lists
+yields an empty list:
+
+ Couldn't match type ‘'CannotCombineOS’ with ‘'CanCombineOS’
+ Expected type: 'CanCombineOS
+ Actual type: CannotCombineOS '['OSDebian] '['OSFreeBSD] '[]
+ In the expression: intersectSupportedOS debian freeBSD
+
+I think the next step would be actually adding the OSList to Property
+and making combining properties combine their OS lists at the type level.
+"""]]
diff --git a/doc/todo/type_level_OS_requirements/comment_6_b10cb4445eb2519c8b3f7f080c975113._comment b/doc/todo/type_level_OS_requirements/comment_6_b10cb4445eb2519c8b3f7f080c975113._comment
new file mode 100644
index 00000000..9741de20
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_6_b10cb4445eb2519c8b3f7f080c975113._comment
@@ -0,0 +1,21 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 6"""
+ date="2016-03-09T15:01:05Z"
+ content="""
+I've added a prototype of `ensureProperty` that enforces at the type level
+that the property it runs will work on an OS that's passed to it.
+
+It was easier than I thought; I didn't turn out to need reification. Just
+pass in the outer OS:
+
+ ensureProperty
+ :: (CannotCombineOS outeros inneros (IntersectOSList outeros inneros) ~ CanCombineOS)
+ => OSList outeros
+ -> Property (OSList inneros)
+ -> IO ()
+ ensureProperty outeros (Property inneros a) = a
+
+At this point, I'm confident this can be rolled out into propellor;
+there should be no big bumps in the road ahead.
+"""]]
diff --git a/doc/todo/type_level_OS_requirements/comment_7_6fd5354f19ec624d3eaa1c5eb427ebed._comment b/doc/todo/type_level_OS_requirements/comment_7_6fd5354f19ec624d3eaa1c5eb427ebed._comment
new file mode 100644
index 00000000..4bc3dfbb
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_7_6fd5354f19ec624d3eaa1c5eb427ebed._comment
@@ -0,0 +1,39 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 7"""
+ date="2016-03-17T17:30:44Z"
+ content="""
+This looks to be adding a new type parameter:
+
+`Property NoInfo DebianOnly`
+
+So does [[type_level_resource_conflict_detection|type_level_port_conflict_detection]].
+
+Would it make sense to include both targeted OS's and used resources in the
+same list of types? Otherwise, we end up with 4 type parameters, which is
+increasingly a mouthful to write:
+
+`Property NoInfo DebianOnly '[]`
+
+Since most properties use no ports or other resources, combining the
+resources lets type alises like DebianOnly be all that needs to be
+specified:
+
+`Property NoInfo DebianOnly`
+
+When there is a resource, can use `':` to add it to the list:
+
+`Property NoInfo (Port 80 ': Port 443 ': DebianOnly)`
+
+Seems reasonable. The implementation of combining such type lists may get
+complicated, because there will be different rules for target OS's vs
+resources.
+
+----
+
+Could also move the NoInfo|HasInfo into the type list. A list without
+HasInfo would be used instead of an explicit NoInfo, so:
+
+`Property (HasInfo ': DebianOnly)`
+
+"""]]
diff --git a/doc/todo/type_level_OS_requirements/comment_7_a760b1a3b62f9bd8fd61eb5ec2ff216f._comment b/doc/todo/type_level_OS_requirements/comment_7_a760b1a3b62f9bd8fd61eb5ec2ff216f._comment
new file mode 100644
index 00000000..1b649fc9
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_7_a760b1a3b62f9bd8fd61eb5ec2ff216f._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="evan@0e4cded17eab71af967a38b123fbc211cf215421"
+ nickname="evan"
+ subject="Buntish Releases"
+ date="2016-03-17T03:31:57Z"
+ content="""
+I just came across another issue where the Buntish release string made a difference. I'll open a PR tomorrow sometime to show what I did (hardcoded) and maybe we can think of something cleverer using the typesystem, too.
+
+Thanks!
+"""]]
diff --git a/doc/todo/type_level_OS_requirements/comment_9_8d2153620518295f33b83f1506441fdd._comment b/doc/todo/type_level_OS_requirements/comment_9_8d2153620518295f33b83f1506441fdd._comment
new file mode 100644
index 00000000..6f4128e2
--- /dev/null
+++ b/doc/todo/type_level_OS_requirements/comment_9_8d2153620518295f33b83f1506441fdd._comment
@@ -0,0 +1,23 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 9"""
+ date="2016-03-19T18:35:20Z"
+ content="""
+I'm currently using a simple sum type to describe the target OS:
+
+ data OS = OSDebian | OSBuntish | OSFreeBSD
+
+This could in theory specify much more information about the
+OS version and architecture.
+Even type-level strings could be used to include release names.
+
+But, the old version of ghc being targeted doesn't have the nice
+Data.Type.Equality stuff; I had to implement my own clumsily
+and it would quickly hit a combinatorial explosion with more data.
+
+(There may be a better way than the way I found which works back to ghc 7.6.3.)
+
+Of course, we can always add more detail later. Since type aliases are
+used, `Propety Debian` which only specifies `OSDebian` now, could easily
+be changed at some point to specify `OSDebian AnyVersion AnyArch`.
+"""]]
diff --git a/doc/todo/type_level_privdata_availability_checking.mdwn b/doc/todo/type_level_privdata_availability_checking.mdwn
index 7f02c700..cb0d157d 100644
--- a/doc/todo/type_level_privdata_availability_checking.mdwn
+++ b/doc/todo/type_level_privdata_availability_checking.mdwn
@@ -11,8 +11,8 @@ It would have one type-level function
type instance HasPrivData "password" "foo.com" = Available
-- ^ supposed to be type level strings
-The file would generate instances of the type family or each available privdata
-value.
+The file would be generated with
+instances of the type family for each available privdata value.
`withPrivData` would use this type level function, and require it to return
Availble. If it didn't, the type checker would blow up.
@@ -23,12 +23,18 @@ may be tricky.)
For this to work, `withPrivData` would need some interesting changes to its
type signature, so that it has available the type level strings describing
the privdata it's supposed to get. Is that practical? I think so,
-actually..
+actually..
- withPrivData :: (HasPrivData source context) => source -> context -> (((PrivData -> Propellor Result) -> Propellor Result) -> Property i) -> Property HasInfo
+Something like this, although my type-level comparison syntax may be off.
-All that's needed is a way to provide a type level string from which a
-string value can be extracted that has the same string as the type. IIRC,
-that's supported by type level strings.
+ withPrivData :: (HasPrivData source context ~ Available) source -> context -> (((PrivData -> Propellor Result) -> Propellor Result) -> Property i) -> Property HasInfo
+
+All that's needed to use this is a way to provide a type level string from
+which a string value can be extracted that has the same string as the type.
+IIRC, that's supported by type level strings.
+
+But.. This may get tricky/unusable when source and context are constructed
+based on data now, since the type-level source and context need to be
+constructed at build time.
--[[Joey]]
diff --git a/joeyconfig.hs b/joeyconfig.hs
index bab8f466..327c268e 100644
--- a/joeyconfig.hs
+++ b/joeyconfig.hs
@@ -45,7 +45,7 @@ main = defaultMain hosts -- / \___-=O`/|O`/__| (____.'
hosts :: [Host] -- * \ | | '--------'
hosts = -- (o) `
[ darkstar
- , gnu
+ , gnu
, clam
, mayfly
, oyster
@@ -143,7 +143,7 @@ clam = standardSystem "clam.kitenet.net" Unstable "amd64"
mayfly :: Host
mayfly = standardSystem "mayfly.kitenet.net" (Stable "jessie") "amd64"
[ "Scratch VM. Contents can change at any time!" ]
- & ipv4 "104.167.118.15"
+ & ipv4 "167.88.36.193"
& CloudAtCost.decruft
& Apt.unattendedUpgrades
diff --git a/propellor.cabal b/propellor.cabal
index f84403f2..c78b6d5f 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -38,10 +38,12 @@ Executable propellor
Main-Is: wrapper.hs
GHC-Options: -threaded -Wall -fno-warn-tabs
Hs-Source-Dirs: src
- Build-Depends: MissingH, directory, filepath, base >= 4.5, base < 5,
- IfElse, process, bytestring, hslogger, unix-compat, ansi-terminal,
- containers (>= 0.5), network, async, time, mtl, transformers,
- exceptions (>= 0.6), stm, text, unix
+ Build-Depends:
+ -- propellor needs to support the ghc shipped in Debian stable
+ base >= 4.5, base < 5,
+ MissingH, directory, filepath, IfElse, process, bytestring, hslogger,
+ unix, unix-compat, ansi-terminal, containers (>= 0.5), network, async,
+ time, mtl, transformers, exceptions (>= 0.6), stm, text
Executable propellor-config
Main-Is: config.hs
diff --git a/src/Propellor/Bootstrap.hs b/src/Propellor/Bootstrap.hs
index 11e59e6f..69eee66c 100644
--- a/src/Propellor/Bootstrap.hs
+++ b/src/Propellor/Bootstrap.hs
@@ -34,7 +34,7 @@ checkBinaryCommand = "if test -x ./propellor && ! ./propellor --check; then " ++
buildCommand :: ShellCommand
buildCommand = intercalate " && "
[ "cabal configure"
- , "cabal build"
+ , "cabal build propellor-config"
, "ln -sf dist/build/propellor-config/propellor-config propellor"
]
@@ -141,7 +141,7 @@ build :: IO Bool
build = catchBoolIO $ do
make "dist/setup-config" ["propellor.cabal"] $
cabal ["configure"]
- unlessM (cabal ["build"]) $ do
+ unlessM (cabal ["build", "propellor-config"]) $ do
void $ cabal ["configure"]
unlessM (cabal ["build"]) $
error "cabal build failed"
diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs
index 1761a11e..ee057d05 100644
--- a/src/Propellor/CmdLine.hs
+++ b/src/Propellor/CmdLine.hs
@@ -122,11 +122,10 @@ defaultMain hostlist = withConcurrentOutput $ do
go cr cmdline@(Spin hs mrelay) = buildFirst cr cmdline $ do
unless (isJust mrelay) commitSpin
forM_ hs $ \hn -> withhost hn $ spin mrelay hn
- go cr (Run hn) = fetchFirst $
- ifM ((==) 0 <$> getRealUserID)
- ( runhost hn
- , go cr (Spin [hn] Nothing)
- )
+ go cr cmdline@(Run hn) = ifM ((==) 0 <$> getRealUserID)
+ ( updateFirst cr cmdline $ runhost hn
+ , fetchFirst $ go cr (Spin [hn] Nothing)
+ )
go cr cmdline@(SimpleRun hn) = forceConsole >>
fetchFirst (buildFirst cr cmdline (runhost hn))
-- When continuing after a rebuild, don't want to rebuild again.
diff --git a/src/Propellor/Property/FreeBSD/Pkg.hs b/src/Propellor/Property/FreeBSD/Pkg.hs
index 913710f7..6bbd2570 100644
--- a/src/Propellor/Property/FreeBSD/Pkg.hs
+++ b/src/Propellor/Property/FreeBSD/Pkg.hs
@@ -2,7 +2,7 @@
--
-- FreeBSD pkgng properties
-{-# Language ScopedTypeVariables, GeneralizedNewtypeDeriving #-}
+{-# Language ScopedTypeVariables, GeneralizedNewtypeDeriving, DeriveDataTypeable #-}
module Propellor.Property.FreeBSD.Pkg where
diff --git a/src/Propellor/Property/FreeBSD/Poudriere.hs b/src/Propellor/Property/FreeBSD/Poudriere.hs
index 7ed7f59e..5467c668 100644
--- a/src/Propellor/Property/FreeBSD/Poudriere.hs
+++ b/src/Propellor/Property/FreeBSD/Poudriere.hs
@@ -2,7 +2,7 @@
--
-- FreeBSD Poudriere properties
-{-# Language GeneralizedNewtypeDeriving #-}
+{-# Language GeneralizedNewtypeDeriving, DeriveDataTypeable #-}
module Propellor.Property.FreeBSD.Poudriere where
diff --git a/src/Propellor/Property/Tor.hs b/src/Propellor/Property/Tor.hs
index e5fcdaa4..0c040f95 100644
--- a/src/Propellor/Property/Tor.hs
+++ b/src/Propellor/Property/Tor.hs
@@ -54,18 +54,32 @@ named n = configured [("Nickname", n')]
torPrivKey :: Context -> Property HasInfo
torPrivKey context = f `File.hasPrivContent` context
`onChange` File.ownerGroup f user (userGroup user)
- -- install tor first, so the directory exists with right perms
- `requires` Apt.installed ["tor"]
+ `requires` torPrivKeyDirExists
where
- f = "/var/lib/tor/keys/secret_id_key"
+ f = torPrivKeyDir </> "secret_id_key"
+
+torPrivKeyDirExists :: Property NoInfo
+torPrivKeyDirExists = File.dirExists torPrivKeyDir
+ `onChange` setperms
+ `requires` installed
+ where
+ setperms = File.ownerGroup torPrivKeyDir user (userGroup user)
+ `before` File.mode torPrivKeyDir 0O2700
+
+torPrivKeyDir :: FilePath
+torPrivKeyDir = "/var/lib/tor/keys"
-- | A tor server (bridge, relay, or exit)
-- Don't use if you just want to run tor for personal use.
server :: Property NoInfo
server = configured [("SocksPort", "0")]
- `requires` Apt.installed ["tor", "ntp"]
+ `requires` installed
+ `requires` Apt.installed ["ntp"]
`describe` "tor server"
+installed :: Property NoInfo
+installed = Apt.installed ["tor"]
+
-- | Specifies configuration settings. Any lines in the config file
-- that set other values for the specified settings will be removed,
-- while other settings are left as-is. Tor is restarted when