summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2017-07-17 16:51:00 -0400
committerJoey Hess2017-07-17 16:51:00 -0400
commit7e53d16aa18f343de70830219095fbf8e1566a2f (patch)
treeb31044c089a6099a7b2ebfed27c3de6a21085f93
parente2792f93555c0d35313c976604c4ee20f3dd36e2 (diff)
parentc987a3a3bd14171071b85c5937773a47b23859ff (diff)
Merge branch 'master' into joeyconfig
l---------config.hs2
-rw-r--r--debian/changelog15
-rw-r--r--doc/news/Linux.Conf.Au.presentation.mdwn5
-rw-r--r--doc/news/version_4.3.1.mdwn4
-rw-r--r--doc/news/version_4.3.2.mdwn3
-rw-r--r--doc/news/version_4.3.4.mdwn7
-rw-r--r--doc/news/version_4.4.0.mdwn8
-rw-r--r--doc/todo/Propellor.Property.Versioned_support_asymmetric_RevertableProperty_types.mdwn7
-rw-r--r--doc/todo/merge_request:_Timezone.hs.mdwn9
-rw-r--r--doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment15
-rw-r--r--doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn23
-rw-r--r--privdata/relocate1
-rw-r--r--propellor.cabal3
-rw-r--r--src/Propellor/Property/ConfFile.hs14
-rw-r--r--src/Propellor/Property/LightDM.hs14
-rw-r--r--src/Propellor/Property/Sudo.hs24
-rw-r--r--src/Propellor/Property/Timezone.hs21
-rw-r--r--src/Propellor/Property/Versioned.hs4
-rw-r--r--src/Propellor/Types.hs4
19 files changed, 145 insertions, 38 deletions
diff --git a/config.hs b/config.hs
index 97d90636..ec313725 120000
--- a/config.hs
+++ b/config.hs
@@ -1 +1 @@
-joeyconfig.hs \ No newline at end of file
+config-simple.hs \ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
index e7ec04bc..986dfd75 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,15 @@
-propellor (4.3.4) UNRELEASED; urgency=medium
+propellor (4.4.0) unstable; urgency=medium
+
+ * Propellor.Property.Timezone: New module, contributed by Sean Whitton.
+ * Propellor.Property.Sudo.enabledFor: Made revertable.
+ (minor API change)
+ * Propellor.Property.LightDM.autoLogin: Made revertable.
+ (minor API change)
+ * Propellor.Property.Conffile: Added lacksIniSetting.
+
+ -- Joey Hess <id@joeyh.name> Mon, 17 Jul 2017 12:55:02 -0400
+
+propellor (4.3.4) unstable; urgency=medium
* Propellor.Property.Versioned: New module which allows different
versions of a property or host to be written down in a propellor config
@@ -6,7 +17,7 @@ propellor (4.3.4) UNRELEASED; urgency=medium
* LightDM.autoLogin: Use [Seat:*] rather than the old [SeatDefaults].
The new name has been supported since lightdm 1.15.
- -- Joey Hess <id@joeyh.name> Thu, 13 Jul 2017 15:52:24 -0400
+ -- Joey Hess <id@joeyh.name> Sat, 15 Jul 2017 17:22:53 -0400
propellor (4.3.3) unstable; urgency=medium
diff --git a/doc/news/Linux.Conf.Au.presentation.mdwn b/doc/news/Linux.Conf.Au.presentation.mdwn
deleted file mode 100644
index 54180979..00000000
--- a/doc/news/Linux.Conf.Au.presentation.mdwn
+++ /dev/null
@@ -1,5 +0,0 @@
-<video controls src="http://mirror.linux.org.au/pub/linux.conf.au/2017/Type_driven_configuration_management_with_Propellor.webm"></video>
-
-[video](http://mirror.linux.org.au/pub/linux.conf.au/2017/Type_driven_configuration_management_with_Propellor.webm)
-
-Also see this writeup in [Linux Weekly News](https://lwn.net/Articles/713653/)
diff --git a/doc/news/version_4.3.1.mdwn b/doc/news/version_4.3.1.mdwn
deleted file mode 100644
index 5c07307d..00000000
--- a/doc/news/version_4.3.1.mdwn
+++ /dev/null
@@ -1,4 +0,0 @@
-propellor 4.3.1 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * Added Propellor.Property.FreeDesktop module.
- * Added reservedSpacePercentage to the PartSpec EDSL."""]] \ No newline at end of file
diff --git a/doc/news/version_4.3.2.mdwn b/doc/news/version_4.3.2.mdwn
deleted file mode 100644
index 1a85d2d4..00000000
--- a/doc/news/version_4.3.2.mdwn
+++ /dev/null
@@ -1,3 +0,0 @@
-propellor 4.3.2 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * Really include Propellor.Property.FreeDesktop."""]] \ No newline at end of file
diff --git a/doc/news/version_4.3.4.mdwn b/doc/news/version_4.3.4.mdwn
new file mode 100644
index 00000000..5d308401
--- /dev/null
+++ b/doc/news/version_4.3.4.mdwn
@@ -0,0 +1,7 @@
+propellor 4.3.4 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Propellor.Property.Versioned: New module which allows different
+ versions of a property or host to be written down in a propellor config
+ file. Has many applications, including staged upgrades and rollbacks.
+ * LightDM.autoLogin: Use [Seat:*] rather than the old [SeatDefaults].
+ The new name has been supported since lightdm 1.15."""]] \ No newline at end of file
diff --git a/doc/news/version_4.4.0.mdwn b/doc/news/version_4.4.0.mdwn
new file mode 100644
index 00000000..db86c536
--- /dev/null
+++ b/doc/news/version_4.4.0.mdwn
@@ -0,0 +1,8 @@
+propellor 4.4.0 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Propellor.Property.Timezone: New module, contributed by Sean Whitton.
+ * Propellor.Property.Sudo.enabledFor: Made revertable.
+ (minor API change)
+ * Propellor.Property.LightDM.autoLogin: Made revertable.
+ (minor API change)
+ * Propellor.Property.Conffile: Added lacksIniSetting."""]] \ No newline at end of file
diff --git a/doc/todo/Propellor.Property.Versioned_support_asymmetric_RevertableProperty_types.mdwn b/doc/todo/Propellor.Property.Versioned_support_asymmetric_RevertableProperty_types.mdwn
new file mode 100644
index 00000000..c60cd4d6
--- /dev/null
+++ b/doc/todo/Propellor.Property.Versioned_support_asymmetric_RevertableProperty_types.mdwn
@@ -0,0 +1,7 @@
+Currently, this module requires `RevertableProperty t t`.
+That can be annoying, it would be good to support at least
+`RevertablePropery (HasInfo + t) t` and ideally all
+`RevertableProperty t1 t2`
+
+There should be no reason that can't be done; I was just having
+problems getting the type checker happy on the day I wrote it. --[[Joey]]
diff --git a/doc/todo/merge_request:_Timezone.hs.mdwn b/doc/todo/merge_request:_Timezone.hs.mdwn
new file mode 100644
index 00000000..a8ba3eae
--- /dev/null
+++ b/doc/todo/merge_request:_Timezone.hs.mdwn
@@ -0,0 +1,9 @@
+Please consider merging branch `timezone` of repo `https://git.spwhitton.name/propellor`.
+
+Adds `Timezone.configured`.
+
+I think that this works fine on stretch, but on Jessie there is some oddness. For example, if you set the timezone of a host to `US/Arizona`, the apt reconfiguration will put `America/Phoenix` in /etc/timezone, resulting in the property reporting a change every time that it is run. I think this is harmless.
+
+--spwhitton
+
+> [[merged|done]] --[[Joey]]
diff --git a/doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment b/doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment
new file mode 100644
index 00000000..026b13de
--- /dev/null
+++ b/doc/todo/merge_request:_Timezone.hs/comment_1_9cfb5e48940e58f2064cbb5edf462c06._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-07-16T15:57:20Z"
+ content="""
+I generally consider properties that do work every time to be a minor bug.
+
+I wonder if it would be better to preseed tzdata rather than writing the
+config file. I observe the same substitution from eg, US/Eastern to
+America/New_York in the file when reconfiguring noninteractively,
+but reconfiguring interactively I can select US/Eastern and that gets
+into the file.
+
+Anyway, merged as this is certianly a good starting point.
+"""]]
diff --git a/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn b/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn
index 450416f2..62f619db 100644
--- a/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn
+++ b/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn
@@ -1,11 +1,20 @@
-The properties in `Sbuild.hs` should use apt-cacher-ng instead of a bind mount of `/var/cache/apt/archives`. This has at least three advantages:
+Please consider merging branch `apt-cacher-ng` of repo `https://git.spwhitton.name/propellor`.
-1. more than one instance of sbuild can run at once
+Sample text for changelog/description of changes:
-2. sbuild can run even if apt is doing something else with its cache
-
-3. the `piupartsConf` properties are no longer needed.
+ * Add Apt.proxy property to set a host's apt proxy.
+ * Add Apt.useLocalCacher property to set up apt-cacher-ng.
+ * Rework Sbuild properties to use apt proxies/cachers instead of bind-mounting
+ the host's apt cache. This makes it possible to run more than one build at
+ a time, and lets sbuild run even if apt's cache is locked by the host's apt.
+ - If Apt.proxy is set, it is assumed that the proxy does some sort of
+ caching, and sbuild chroots are set up to use the same proxy.
+ - If Apt.proxy is not set, we install apt-cacher-ng, and point sbuild
+ chroots at the local apt cacher.
+ - Drop Sbuild.piupartsConfFor, Sbuild.piupartsConf, Sbuild.shareAptCache
+ (API change)
+ No longer needed now that we are using apt proxies/cachers.
+ - Update sample config in haddock for Propellor.Property.Sbuild.
+ Please compare both your config.hs and your ~/.sbuildrc against the haddock.
--spwhitton
-
-[[!tag user/spwhitton]]
diff --git a/privdata/relocate b/privdata/relocate
deleted file mode 100644
index 271692d8..00000000
--- a/privdata/relocate
+++ /dev/null
@@ -1 +0,0 @@
-.joeyconfig
diff --git a/propellor.cabal b/propellor.cabal
index 1bcc1618..d4417578 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
Name: propellor
-Version: 4.3.3
+Version: 4.4.0
Cabal-Version: >= 1.20
License: BSD2
Maintainer: Joey Hess <id@joeyh.name>
@@ -150,6 +150,7 @@ Library
Propellor.Property.Sudo
Propellor.Property.Systemd
Propellor.Property.Systemd.Core
+ Propellor.Property.Timezone
Propellor.Property.Tor
Propellor.Property.Unbound
Propellor.Property.User
diff --git a/src/Propellor/Property/ConfFile.hs b/src/Propellor/Property/ConfFile.hs
index ce092ec9..76d52bd9 100644
--- a/src/Propellor/Property/ConfFile.hs
+++ b/src/Propellor/Property/ConfFile.hs
@@ -9,6 +9,7 @@ module Propellor.Property.ConfFile (
IniSection,
IniKey,
containsIniSetting,
+ lacksIniSetting,
hasIniSection,
lacksIniSection,
iniFileContains,
@@ -93,6 +94,19 @@ containsIniSetting f (header, key, value) = adjustIniSection
go (l:ls) = if isKeyVal l then confline : ls else l : go ls
isKeyVal x = (filter (/= ' ') . takeWhile (/= '=')) x `elem` [key, '#':key]
+-- | Removes a key=value setting from a section of an .ini file.
+-- Note that the section heading is left in the file, so this is not a
+-- perfect reversion of containsIniSetting.
+lacksIniSetting :: FilePath -> (IniSection, IniKey, String) -> Property UnixLike
+lacksIniSetting f (header, key, value) = adjustIniSection
+ (f ++ " section [" ++ header ++ "] lacks " ++ key ++ "=" ++ value)
+ header
+ (filter (/= confline))
+ id
+ f
+ where
+ confline = key ++ "=" ++ value
+
-- | Ensures that a .ini file exists and contains a section
-- with a given key=value list of settings.
hasIniSection :: FilePath -> IniSection -> [(IniKey, String)] -> Property UnixLike
diff --git a/src/Propellor/Property/LightDM.hs b/src/Propellor/Property/LightDM.hs
index 44f0e9f0..d471d314 100644
--- a/src/Propellor/Property/LightDM.hs
+++ b/src/Propellor/Property/LightDM.hs
@@ -10,8 +10,12 @@ installed :: Property DebianLike
installed = Apt.installed ["lightdm"]
-- | Configures LightDM to skip the login screen and autologin as a user.
-autoLogin :: User -> Property DebianLike
-autoLogin (User u) = "/etc/lightdm/lightdm.conf" `ConfFile.containsIniSetting`
- ("Seat:*", "autologin-user", u)
- `describe` "lightdm autologin"
- `requires` installed
+autoLogin :: User -> RevertableProperty DebianLike DebianLike
+autoLogin (User u) = (setup <!> cleanup)
+ `describe` ("lightdm autologin for " ++ u)
+ where
+ cf = "/etc/lightdm/lightdm.conf"
+ setting = ("Seat:*", "autologin-user", u)
+ setup = cf `ConfFile.containsIniSetting` setting
+ `requires` installed
+ cleanup = tightenTargets $ cf `ConfFile.lacksIniSetting` setting
diff --git a/src/Propellor/Property/Sudo.hs b/src/Propellor/Property/Sudo.hs
index 45ab8af2..1614801d 100644
--- a/src/Propellor/Property/Sudo.hs
+++ b/src/Propellor/Property/Sudo.hs
@@ -9,23 +9,33 @@ import Propellor.Property.User
-- | Allows a user to sudo. If the user has a password, sudo is configured
-- to require it. If not, NOPASSWORD is enabled for the user.
-enabledFor :: User -> Property DebianLike
-enabledFor user@(User u) = go `requires` Apt.installed ["sudo"]
+enabledFor :: User -> RevertableProperty DebianLike DebianLike
+enabledFor user@(User u) = setup `requires` Apt.installed ["sudo"] <!> cleanup
where
- go :: Property UnixLike
- go = property' desc $ \w -> do
+ setup :: Property UnixLike
+ setup = property' desc $ \w -> do
locked <- liftIO $ isLockedPassword user
ensureProperty w $
fileProperty desc
(modify locked . filter (wanted locked))
- "/etc/sudoers"
- desc = u ++ " is sudoer"
+ sudoers
+ where
+ desc = u ++ " is sudoer"
+
+ cleanup :: Property DebianLike
+ cleanup = tightenTargets $
+ fileProperty desc (filter notuserline) sudoers
+ where
+ desc = u ++ " is not sudoer"
+
+ sudoers = "/etc/sudoers"
sudobaseline = u ++ " ALL=(ALL:ALL)"
+ notuserline l = not (sudobaseline `isPrefixOf` l)
sudoline True = sudobaseline ++ " NOPASSWD:ALL"
sudoline False = sudobaseline ++ " ALL"
wanted locked l
-- TOOD: Full sudoers file format parse..
- | not (sudobaseline `isPrefixOf` l) = True
+ | notuserline l = True
| "NOPASSWD" `isInfixOf` l = locked
| otherwise = True
modify locked ls
diff --git a/src/Propellor/Property/Timezone.hs b/src/Propellor/Property/Timezone.hs
new file mode 100644
index 00000000..96a5e59c
--- /dev/null
+++ b/src/Propellor/Property/Timezone.hs
@@ -0,0 +1,21 @@
+-- | Maintainer: Sean Whitton <spwhitton@spwhitton.name>
+
+module Propellor.Property.Timezone where
+
+import Propellor.Base
+import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.File as File
+
+-- | A timezone from /usr/share/zoneinfo
+type Timezone = String
+
+-- | Sets the system's timezone
+configured :: Timezone -> Property DebianLike
+configured zone = File.hasContent "/etc/timezone" [zone]
+ `onChange` update
+ `describe` (zone ++ " timezone configured")
+ where
+ update = Apt.reConfigure "tzdata" mempty
+ -- work around a bug in recent tzdata. See
+ -- https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1554806/
+ `requires` File.notPresent "/etc/localtime"
diff --git a/src/Propellor/Property/Versioned.hs b/src/Propellor/Property/Versioned.hs
index d6517ab9..58d3e8d5 100644
--- a/src/Propellor/Property/Versioned.hs
+++ b/src/Propellor/Property/Versioned.hs
@@ -18,11 +18,11 @@
--
-- > demo :: Versioned Int (RevertableProperty DebianLike DebianLike)
-- > demo ver =
--- > ver ( (== 1) --> Apache.modEnabled "foo"
+-- > ver ( (== 1) --> Apache.modEnabled "foo"
-- > `requires` Apache.modEnabled "foosupport"
-- > <|> (== 2) --> Apache.modEnabled "bar"
-- > <|> (> 2) --> Apache.modEnabled "baz"
--- > )
+-- > )
-- >
-- > foo :: Host
-- > foo = host "foo.example.com" $ props
diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs
index 155662c2..b7c7c7f7 100644
--- a/src/Propellor/Types.hs
+++ b/src/Propellor/Types.hs
@@ -107,6 +107,10 @@ adjustPropertySatisfy (Property t d s i c) f = Property t d (f <$> s) i c
-- | A property that can be reverted. The first Property is run
-- normally and the second is run when it's reverted.
+--
+-- See `Propellor.Property.Versioned.Versioned`
+-- for a way to use RevertableProperty to define different
+-- versions of a host.
data RevertableProperty setupmetatypes undometatypes = RevertableProperty
{ setupRevertableProperty :: Property setupmetatypes
, undoRevertableProperty :: Property undometatypes