summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2014-04-13 14:01:30 -0400
committerJoey Hess2014-04-13 14:01:30 -0400
commit1495db6cd103bf5f9f4635dbbfe807c7c1f39b2e (patch)
treef01d5ee3b99cc9609cdcefb0fc4076c4b9bb5e91
parentf428ccd9b1fa32fac7415910021be8f51f66857c (diff)
propellor spin
-rw-r--r--Propellor/Property/Apache.hs28
-rw-r--r--Propellor/Property/File.hs9
-rw-r--r--Propellor/Property/SiteSpecific/JoeySites.hs92
-rw-r--r--config-joey.hs38
-rw-r--r--debian/changelog1
-rw-r--r--propellor.cabal1
6 files changed, 136 insertions, 33 deletions
diff --git a/Propellor/Property/Apache.hs b/Propellor/Property/Apache.hs
new file mode 100644
index 00000000..5e32b0da
--- /dev/null
+++ b/Propellor/Property/Apache.hs
@@ -0,0 +1,28 @@
+module Propellor.Property.Apache where
+
+import Propellor
+import qualified Propellor.Property.File as File
+import qualified Propellor.Property.Apt as Apt
+
+type ConfigFile = [String]
+
+siteEnabled :: HostName -> ConfigFile -> RevertableProperty
+siteEnabled hn cf = RevertableProperty enable disable
+ where
+ enable = siteAvailable hn cf
+ `onChange` cmdProperty "a2ensite" ["--quiet", hn]
+ `requires` Apt.installed ["apache2"]
+ disable = File.notPresent (siteCfg hn)
+ `onChange` cmdProperty "a2dissite" ["--quiet", hn]
+
+siteAvailable :: HostName -> ConfigFile -> Property
+siteAvailable hn cf = siteCfg hn `File.hasContent` (comment:cf)
+ `describe` ("apache site available " ++ hn)
+ where
+ comment = "# deployed with propellor, do not modify"
+
+siteCfg :: HostName -> FilePath
+siteCfg hn = "/etc/apache2/sites-available/" ++ hn ++ ".conf"
+
+restart :: Property
+restart = cmdProperty "service" ["apache2", "restart"]
diff --git a/Propellor/Property/File.hs b/Propellor/Property/File.hs
index bd33c9b8..8f23dab7 100644
--- a/Propellor/Property/File.hs
+++ b/Propellor/Property/File.hs
@@ -31,11 +31,14 @@ hasPrivContentExposed f = hasPrivContent f `onChange`
-- | Ensures that a line is present in a file, adding it to the end if not.
containsLine :: FilePath -> Line -> Property
-f `containsLine` l = fileProperty (f ++ " contains:" ++ l) go f
+f `containsLine` l = f `containsLines` [l]
+
+containsLines :: FilePath -> [Line] -> Property
+f `containsLines` l = fileProperty (f ++ " contains:" ++ show l) go f
where
go ls
- | l `elem` ls = ls
- | otherwise = ls++[l]
+ | all (`elem` ls) l = ls
+ | otherwise = ls++l
-- | Ensures that a line is not present in a file.
-- Note that the file is ensured to exist, so if it doesn't, an empty
diff --git a/Propellor/Property/SiteSpecific/JoeySites.hs b/Propellor/Property/SiteSpecific/JoeySites.hs
index 46373170..81557b32 100644
--- a/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -5,6 +5,14 @@ module Propellor.Property.SiteSpecific.JoeySites where
import Propellor
import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.File as File
+import qualified Propellor.Property.Gpg as Gpg
+import qualified Propellor.Property.Ssh as Ssh
+import qualified Propellor.Property.Git as Git
+import qualified Propellor.Property.Service as Service
+import qualified Propellor.Property.User as User
+import qualified Propellor.Property.Obnam as Obnam
+import qualified Propellor.Property.Apache as Apache
oldUseNetShellBox :: Property
oldUseNetShellBox = check (not <$> Apt.isInstalled "oldusenet") $
@@ -21,3 +29,87 @@ oldUseNetShellBox = check (not <$> Apt.isInstalled "oldusenet") $
, "rm -rf /root/tmp/oldusenet"
] `describe` "olduse.net built"
]
+
+-- git.kitenet.net and git.joeyh.name
+gitServer :: [Host] -> Property
+gitServer hosts = propertyList "git.kitenet.net setup"
+ [ Obnam.backup "/srv/git" "33 3 * * *"
+ [ "--repository=sftp://2318@usw-s002.rsync.net/~/git.kitenet.net"
+ , "--encrypt-with=1B169BE1"
+ , "--client-name=wren"
+ ] Obnam.OnlyClient
+ `requires` Gpg.keyImported "1B169BE1" "root"
+ `requires` Ssh.keyImported SshRsa "root"
+ `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
+ `requires` Ssh.authorizedKeys "family"
+ `requires` User.accountFor "family"
+ , Apt.installed ["git", "git-annex", "rsync", "kgb-client-git", "gitweb"]
+ , File.hasPrivContentExposed "/etc/kgb-bot/kgb-client.conf"
+ , toProp $ Git.daemonRunning "/srv/git"
+ , "/etc/gitweb.conf" `File.containsLines`
+ [ "$projectroot = 'srv/git';"
+ , "@git_base_url_list = ('git://git.kitenet.net', 'http://git.kitenet.net/git', 'ssh://git.kitenet.net/srv/git');"
+ , "# disable snapshot download; overloads server"
+ , "$feature{'snapshot'}{'default'} = [];"
+ ]
+ `describe` "gitweb configured"
+ , website "git.kitenet.net"
+ , website "git.joeyh.name"
+ -- ssh keys for branchable and github repo hooks
+ -- TODO: upgrade to newer git-annex-shell for notification
+ -- gitweb
+ ]
+ where
+ website hn = toProp $ Apache.siteEnabled hn (gitapacheconf hn)
+
+gitapacheconf :: HostName -> Apache.ConfigFile
+gitapacheconf hn =
+ [ "<VirtualHost *:80>"
+ , " ServerAdmin joey@kitenet.net"
+ , ""
+ , " ServerName " ++ hn ++ ":80"
+ , ""
+ , " DocumentRoot /srv/web/git.kitenet.net/"
+ , " <Directory /srv/web/git.kitenet.net/>"
+ , " Options Indexes ExecCGI FollowSymlinks"
+ , " AllowOverride None"
+ , " DirectoryIndex index.cgi"
+ , " </Directory>"
+ , ""
+ , " ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/"
+ , " <Directory /usr/lib/cgi-bin>"
+ , " SetHandler cgi-script"
+ , " Options ExecCGI"
+ , " </Directory>"
+ , ""
+ , " ErrorLog /var/log/apache2/error.log"
+ , " LogLevel warn"
+ , " CustomLog /var/log/apache2/access.log combined"
+ , ""
+ , " # Possible values include: debug, info, notice, warn, error, crit,"
+ , " # alert, emerg."
+ , " LogLevel warn"
+ , ""
+ , " CustomLog /var/log/apache2/access.log combined"
+ , " ServerSignature On"
+ , " "
+ , " <Directory \"/usr/share/apache2/icons\">"
+ , " Options Indexes MultiViews"
+ , " AllowOverride None"
+ , " Order allow,deny"
+ , " Allow from all"
+ , " </Directory>"
+ , "</VirtualHost>"
+ ]
+
+-- Note: needs debian unstable for new kgb
+kgbServer :: Property
+kgbServer = propertyList "kgb.kitenet.net setup"
+ [ Apt.serviceInstalledRunning "kgb-bot"
+ , File.hasPrivContent "/etc/kgb-bot/kgb.conf"
+ `onChange` Service.restarted "kgb-bot"
+ , "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1"
+ `describe` "kgb bot enabled"
+ `onChange` Service.running "kgb-bot"
+ ]
+
diff --git a/config-joey.hs b/config-joey.hs
index 9976592e..aba648dc 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -5,7 +5,6 @@ import Propellor.CmdLine
import Propellor.Property.Scheduled
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
-import qualified Propellor.Property.Service as Service
import qualified Propellor.Property.Network as Network
import qualified Propellor.Property.Ssh as Ssh
import qualified Propellor.Property.Cron as Cron
@@ -18,8 +17,6 @@ import qualified Propellor.Property.Dns as Dns
import qualified Propellor.Property.OpenId as OpenId
import qualified Propellor.Property.Docker as Docker
import qualified Propellor.Property.Git as Git
-import qualified Propellor.Property.Gpg as Gpg
-import qualified Propellor.Property.Obnam as Obnam
import qualified Propellor.Property.SiteSpecific.GitHome as GitHome
import qualified Propellor.Property.SiteSpecific.GitAnnexBuilder as GitAnnexBuilder
import qualified Propellor.Property.SiteSpecific.JoeySites as JoeySites
@@ -48,15 +45,10 @@ hosts =
& cname "ancient.kitenet.net"
& Docker.docked hosts "ancient-kitenet"
- -- I'd rather this were on diatom, but I use features
- -- not available in stable.
+ -- I'd rather this were on diatom, but it needs unstable.
& cname "kgb.kitenet.net"
- & Apt.serviceInstalledRunning "kgb-bot"
- & File.hasPrivContent "/etc/kgb-bot/kgb.conf"
- `onChange` Service.restarted "kgb-bot"
- & "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1"
- `describe` "kgb bot enabled"
- `onChange` Service.running "kgb-bot"
+ & JoeySites.kgbServer
+
& Docker.garbageCollected `period` Daily
& Apt.installed ["git-annex", "mtr", "screen"]
@@ -75,31 +67,17 @@ hosts =
-- Important stuff that needs not too much memory or CPU.
, standardSystem "diatom.kitenet.net" Stable
& Hostname.sane
+ & Ssh.hostKey SshDsa
+ & Ssh.hostKey SshRsa
+ & Ssh.hostKey SshEcdsa
& Apt.unattendedUpgrades
& Apt.serviceInstalledRunning "ntp"
& Dns.zones myDnsSecondary
& Apt.serviceInstalledRunning "apache2"
& cname "git.kitenet.net"
- & Ssh.hostKey SshDsa
- & Ssh.hostKey SshRsa
- & Ssh.hostKey SshEcdsa
- & Obnam.backup "/srv/git" "33 3 * * *"
- [ "--repository=sftp://2318@usw-s002.rsync.net/~/git.kitenet.net"
- , "--encrypt-with=1B169BE1"
- , "--client-name=wren"
- ] Obnam.OnlyClient
- `requires` Gpg.keyImported "1B169BE1" "root"
- `requires` Ssh.keyImported SshRsa "root"
- `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
- `requires` Ssh.authorizedKeys "family"
- `requires` User.accountFor "family"
- & Apt.installed ["git", "git-annex", "rsync", "kgb-client-git"]
- & File.hasPrivContentExposed "/etc/kgb-bot/kgb-client.conf"
- & Git.daemonRunning "/srv/git"
- -- ssh keys for branchable and github repo hooks
- -- TODO: upgrade to newer git-annex-shell for notification
- -- gitweb
+ & cname "git.joeyh.name"
+ & JoeySites.gitServer hosts
& cname "downloads.kitenet.net"
& Apt.buildDep ["git-annex"] `period` Daily
diff --git a/debian/changelog b/debian/changelog
index 6593c95d..b3cc554a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,7 @@ propellor (0.3.1) UNRELEASED; urgency=medium
* Merge scheduler bug fix from git-annex.
* Support for provisioning hosts with ssh and gpg keys.
* Obnam support.
+ * Apache support.
-- Joey Hess <joeyh@debian.org> Fri, 11 Apr 2014 15:00:11 -0400
diff --git a/propellor.cabal b/propellor.cabal
index cc616c17..a7b7fbca 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -68,6 +68,7 @@ Library
Exposed-Modules:
Propellor
Propellor.Property
+ Propellor.Property.Apache
Propellor.Property.Apt
Propellor.Property.Cmd
Propellor.Property.Hostname