summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2015-06-01 16:12:21 -0400
committerJoey Hess2015-06-01 16:13:44 -0400
commit85c3d110882f0f9d70316235221ba8b20754661f (patch)
tree49e2ba8b16791ed9fd51a230478fab0207736131
parenta50edc3d9f1fc630ba5f72aba6cfec9aca71c204 (diff)
reorganize Port type for systemd can use it
-rw-r--r--config-joey.hs2
-rw-r--r--debian/changelog3
-rw-r--r--src/Propellor/Property/Firewall.hs23
-rw-r--r--src/Propellor/Property/Systemd.hs9
-rw-r--r--src/Propellor/Types/OS.hs4
5 files changed, 21 insertions, 20 deletions
diff --git a/config-joey.hs b/config-joey.hs
index ff06333d..83eb5430 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -409,7 +409,7 @@ iabak = host "iabak.archiveteam.org"
-- Simple web server, publishing the outside host's /var/www
webserver :: Systemd.Container
webserver = standardStableContainer "webserver"
- & Systemd.publish 80
+ & Systemd.publish (Port 80)
& Systemd.bind "/var/www"
& Apt.serviceInstalledRunning "apache2"
diff --git a/debian/changelog b/debian/changelog
index a4c40ea5..599143d8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -18,6 +18,9 @@ propellor (2.5.0) UNRELEASED; urgency=medium
* Added publish and publish' properties for systemd-spawn containers.
(Needs systemd version 220.)
* Added bind and bindRo properties for systemd-spawn containers.
+ * Firewall: Port was changed to a newtype, and the Port and PortRange
+ constructors of Rules were changed to DPort and DportRange, respectively.
+ (API change)
-- Joey Hess <id@joeyh.name> Thu, 07 May 2015 12:08:34 -0400
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index ab57b122..d643b185 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -9,7 +9,6 @@ module Propellor.Property.Firewall (
Target(..),
Proto(..),
Rules(..),
- Port,
ConnectionState(..)
) where
@@ -45,8 +44,8 @@ toIpTable r = map Param $
toIpTableArg :: Rules -> [String]
toIpTableArg Everything = []
toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
-toIpTableArg (Port port) = ["--dport", show port]
-toIpTableArg (PortRange (f,t)) = ["--dport", show f ++ ":" ++ show t]
+toIpTableArg (DPort port) = ["--dport", show port]
+toIpTableArg (DPortRange (f,t)) = ["--dport", show f ++ ":" ++ show t]
toIpTableArg (IFace iface) = ["-i", iface]
toIpTableArg (Ctstate states) = ["-m", "conntrack","--ctstate", concat $ intersperse "," (map show states)]
toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
@@ -55,33 +54,31 @@ data Rule = Rule
{ ruleChain :: Chain
, ruleTarget :: Target
, ruleRules :: Rules
- } deriving (Eq, Show, Read)
+ } deriving (Eq, Show)
data Chain = INPUT | OUTPUT | FORWARD
- deriving (Eq,Show,Read)
+ deriving (Eq, Show)
data Target = ACCEPT | REJECT | DROP | LOG
- deriving (Eq,Show,Read)
+ deriving (Eq, Show)
data Proto = TCP | UDP | ICMP
- deriving (Eq,Show,Read)
-
-type Port = Int
+ deriving (Eq, Show)
data ConnectionState = ESTABLISHED | RELATED | NEW | INVALID
- deriving (Eq,Show,Read)
+ deriving (Eq, Show)
data Rules
= Everything
| Proto Proto
-- ^There is actually some order dependency between proto and port so this should be a specific
-- data type with proto + ports
- | Port Port
- | PortRange (Port,Port)
+ | DPort Port
+ | DPortRange (Port,Port)
| IFace Network.Interface
| Ctstate [ ConnectionState ]
| Rules :- Rules -- ^Combine two rules
- deriving (Eq,Show,Read)
+ deriving (Eq, Show)
infixl 0 :-
diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs
index 34e51ba9..9e5ca432 100644
--- a/src/Propellor/Property/Systemd.hs
+++ b/src/Propellor/Property/Systemd.hs
@@ -1,5 +1,3 @@
-{-# LANGUAGE TypeSynonymInstances #-}
-
module Propellor.Property.Systemd (
-- * Services
module Propellor.Property.Systemd.Core,
@@ -24,11 +22,11 @@ module Propellor.Property.Systemd (
-- * Container configuration
containerCfg,
resolvConfed,
- Publishable(..),
privateNetwork,
ForwardedPort(..),
Proto(..),
PortSpec(..),
+ Publishable,
publish,
bind,
bindRo,
@@ -39,7 +37,6 @@ import Propellor.Types.Chroot
import qualified Propellor.Property.Chroot as Chroot
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.File as File
-import Propellor.Property.Firewall (Port)
import Propellor.Property.Systemd.Core
import Utility.FileMode
@@ -297,7 +294,7 @@ class Publishable a where
toPublish :: a -> String
instance Publishable Port where
- toPublish p = show p
+ toPublish (Port n) = show n
data ForwardedPort = ForwardedPort
{ hostPort :: Port
@@ -305,7 +302,7 @@ data ForwardedPort = ForwardedPort
}
instance Publishable ForwardedPort where
- toPublish fp = show (hostPort fp) ++ ":" ++ show (containerPort fp)
+ toPublish fp = toPublish (hostPort fp) ++ ":" ++ toPublish (containerPort fp)
data Proto = TCP | UDP
diff --git a/src/Propellor/Types/OS.hs b/src/Propellor/Types/OS.hs
index 58bd809a..c46d9a28 100644
--- a/src/Propellor/Types/OS.hs
+++ b/src/Propellor/Types/OS.hs
@@ -10,6 +10,7 @@ module Propellor.Types.OS (
User(..),
Group(..),
userGroup,
+ Port(..),
) where
import Network.BSD (HostName)
@@ -42,3 +43,6 @@ newtype Group = Group String
-- | Makes a Group with the same name as the User.
userGroup :: User -> Group
userGroup (User u) = Group u
+
+newtype Port = Port Int
+ deriving (Eq, Show)