summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2015-03-12 20:09:31 -0400
committerJoey Hess2015-03-12 20:09:31 -0400
commitbc60edb50a41a326e64ccd25a36ac27215ef4b9e (patch)
tree7e3849d123da0dda038d2f5e3d88025635beb444
parent4f101f8560e29958b08306c86a1b8ca34e8a6a0c (diff)
parent9292cee1aa7967a0afe6d45f58a6d429d1b56b55 (diff)
Merge branch 'joeyconfig'
Conflicts: privdata.joey/privdata.gpg
-rw-r--r--config-joey.hs15
-rw-r--r--debian/changelog9
-rw-r--r--propellor.cabal2
-rw-r--r--src/Propellor/Property/Cmd.hs2
-rw-r--r--src/Propellor/Property/Postfix.hs2
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs66
-rw-r--r--src/Propellor/Property/Ssh.hs1
-rw-r--r--src/Propellor/Shim.hs2
8 files changed, 94 insertions, 5 deletions
diff --git a/config-joey.hs b/config-joey.hs
index f9f4eaa7..d51b7c91 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -96,6 +96,10 @@ clam = standardSystem "clam.kitenet.net" Unstable "amd64"
& "/var/www/index.html" `File.hasContent` ["hello, world"]
& alias "helloworld.kitenet.net"
& Docker.docked oldusenetShellBox
+
+ & JoeySites.scrollBox
+ & alias "scroll.joeyh.name"
+ & alias "us.scroll.joeyh.name"
-- ssh on some extra ports to deal with horrible networks
-- while travelling
@@ -272,10 +276,14 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
& Docker.docked jerryPlay
& Docker.garbageCollected `period` (Weekly (Just 1))
+ & JoeySites.scrollBox
+ & alias "scroll.joeyh.name"
+ & alias "eu.scroll.joeyh.name"
+
-- For https port 443, shellinabox with ssh login to
-- kitenet.net
& alias "shell.kitenet.net"
- & JoeySites.kiteShellBox
+ & Docker.docked kiteShellBox
-- Nothing is using http port 80, so listen on
-- that port for ssh, for traveling on bad networks that
-- block 22.
@@ -348,6 +356,11 @@ jerryPlay = standardContainer "jerryplay" Unstable "amd64"
& Apt.installed ["ssh"]
& User.hasSomePassword "root"
& Ssh.permitRootLogin True
+
+kiteShellBox :: Docker.Container
+kiteShellBox = standardStableContainer "kiteshellbox"
+ & JoeySites.kiteShellBox
+ & Docker.publish "443:443"
type Motd = [String]
diff --git a/debian/changelog b/debian/changelog
index f15affbf..9ac8c3f8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+propellor (2.2.1) unstable; urgency=medium
+
+ * userScriptProperty now passes --shell /bin/sh, so it can be used
+ even for users with nonstandard shells.
+ * Fix bug in docker propellor shim setup introduced in last release,
+ which broke provisioning of new docker containers.
+
+ -- Joey Hess <id@joeyh.name> Thu, 12 Mar 2015 20:08:34 -0400
+
propellor (2.2.0) unstable; urgency=medium
* When running shimmed (eg in a docker container),
diff --git a/propellor.cabal b/propellor.cabal
index ff37003c..c8f093ac 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
Name: propellor
-Version: 2.2.0
+Version: 2.2.1
Cabal-Version: >= 1.6
License: BSD3
Maintainer: Joey Hess <id@joeyh.name>
diff --git a/src/Propellor/Property/Cmd.hs b/src/Propellor/Property/Cmd.hs
index 7fd189df..ae8238f5 100644
--- a/src/Propellor/Property/Cmd.hs
+++ b/src/Propellor/Property/Cmd.hs
@@ -40,6 +40,6 @@ scriptProperty script = cmdProperty "sh" ["-c", shellcmd]
-- | A property that can satisfied by running a series of shell commands,
-- as user (cd'd to their home directory).
userScriptProperty :: UserName -> [String] -> Property NoInfo
-userScriptProperty user script = cmdProperty "su" ["-c", shellcmd, user]
+userScriptProperty user script = cmdProperty "su" ["--shell", "/bin/sh", "-c", shellcmd, user]
where
shellcmd = intercalate " ; " ("set -e" : "cd" : script)
diff --git a/src/Propellor/Property/Postfix.hs b/src/Propellor/Property/Postfix.hs
index 0abd783e..8557f083 100644
--- a/src/Propellor/Property/Postfix.hs
+++ b/src/Propellor/Property/Postfix.hs
@@ -38,7 +38,7 @@ satellite = check (not <$> mainCfIsSet "relayhost") setup
[ Apt.reConfigure "postfix"
[ ("postfix/main_mailer_type", "select", "Satellite system")
, ("postfix/root_address", "string", "root")
- , ("postfix/destinations", "string", " ")
+ , ("postfix/destinations", "string", "localhost")
, ("postfix/mailname", "string", hn)
]
, mainCf ("relayhost", domain)
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 303a6935..1e0268b0 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -22,6 +22,72 @@ import Data.List
import System.Posix.Files
import Data.String.Utils
+scrollBox :: Property HasInfo
+scrollBox = propertyList "scroll server" $ props
+ & User.accountFor "scroll"
+ & Git.cloned "scroll" "git://git.kitenet.net/scroll" (d </> "scroll") Nothing
+ & Apt.installed ["ghc", "make", "cabal-install", "libghc-vector-dev",
+ "libghc-bytestring-dev", "libghc-mtl-dev", "libghc-ncurses-dev",
+ "libghc-random-dev", "libghc-monad-loops-dev",
+ "libghc-ifelse-dev", "libghc-case-insensitive-dev",
+ "libghc-data-default-dev"]
+ & userScriptProperty "scroll"
+ [ "cd " ++ d </> "scroll"
+ , "git pull"
+ , "cabal configure"
+ , "make"
+ ]
+ & s `File.hasContent`
+ [ "#!/bin/sh"
+ , "set -e"
+ , "echo Preparing to run scroll!"
+ , "cd " ++ d
+ , "mkdir -p tmp"
+ , "TMPDIR= t=$(tempfile -d tmp)"
+ , "export t"
+ , "rm -f \"$t\""
+ , "mkdir \"$t\""
+ , "cd \"$t\""
+ , "echo"
+ , "echo Press Enter to start the game."
+ , "read me"
+ , "SHELL=/bin/sh script --timing=timing -c " ++ g
+ ] `onChange` (s `File.mode` (combineModes (ownerWriteMode:readModes ++ executeModes)))
+ & g `File.hasContent`
+ [ "#!/bin/sh"
+ , "if ! ../../scroll/scroll; then"
+ , "echo Scroll seems to have ended unexpectedly. Possibly a bug.."
+ , "else"
+ , "echo Thanks for playing scroll! https://joeyh.name/code/scroll/"
+ , "fi"
+ , "echo Your game was recorded, as ID:$(basename \"$t\")"
+ , "echo if you would like to talk about how it went, email scroll@joeyh.name"
+ , "echo 'or, type comments below (finish with a dot on its own line)'"
+ , "echo"
+ , "echo Your comments:"
+ , "mail -s \"scroll test $t\" joey@kitenet.net"
+ ] `onChange` (g `File.mode` (combineModes (ownerWriteMode:readModes ++ executeModes)))
+ & Apt.installed ["bsd-mailx"]
+ -- prevent port forwarding etc by not letting scroll log in via ssh
+ & Ssh.sshdConfig `File.containsLine` ("DenyUsers scroll")
+ `onChange` Ssh.restarted
+ & cmdProperty "chsh" ["scroll", "-s", s]
+ & User.hasPassword "scroll"
+ & Apt.serviceInstalledRunning "telnetd"
+ & Apt.installed ["shellinabox"]
+ & File.hasContent "/etc/default/shellinabox"
+ [ "# Deployed by propellor"
+ , "SHELLINABOX_DAEMON_START=1"
+ , "SHELLINABOX_PORT=4242"
+ , "SHELLINABOX_ARGS=\"--disable-ssl --no-beep --service=:scroll:scroll:" ++ d ++ ":" ++ s ++ "\""
+ ]
+ `onChange` Service.restarted "shellinabox"
+ & Service.running "shellinabox"
+ where
+ d = "/home/scroll"
+ s = d </> "login.sh"
+ g = d </> "game.sh"
+
oldUseNetServer :: [Host] -> Property HasInfo
oldUseNetServer hosts = propertyList "olduse.net server" $ props
& Apt.installed ["leafnode"]
diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs
index f44688c1..320136ee 100644
--- a/src/Propellor/Property/Ssh.hs
+++ b/src/Propellor/Property/Ssh.hs
@@ -1,5 +1,6 @@
module Propellor.Property.Ssh (
PubKeyText,
+ sshdConfig,
setSshdConfig,
permitRootLogin,
passwordAuthentication,
diff --git a/src/Propellor/Shim.hs b/src/Propellor/Shim.hs
index e1ea2825..5fc1ea05 100644
--- a/src/Propellor/Shim.hs
+++ b/src/Propellor/Shim.hs
@@ -34,7 +34,7 @@ setup propellorbin propellorbinpath dest = checkAlreadyShimmed propellorbin $ do
fromMaybe (error "cannot find ld-linux linker") $
headMaybe $ filter ("ld-linux" `isInfixOf`) libs'
let linkersym = takeDirectory linker </> takeFileName propellorbin
- createSymbolicLink linkersym (takeFileName linker)
+ createSymbolicLink (takeFileName linker) linkersym
let gconvdir = (dest ++) $ takeDirectory $
fromMaybe (error "cannot find gconv directory") $