summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2014-03-30 21:01:18 -0400
committerJoey Hess2014-03-30 21:01:18 -0400
commitcc16366ff2998866fa3b222114cb989985b48359 (patch)
tree93fae5039b1b723723a8bcea32aeed7821c1d956
parent409cb20373f65c784f1430322b5f28bc58d34943 (diff)
propellor spin
-rw-r--r--CmdLine.hs10
-rw-r--r--Common.hs1
-rw-r--r--PrivData.hs8
-rw-r--r--Propellor.hs3
-rw-r--r--Property/Docker.hs11
-rw-r--r--README2
-rw-r--r--privdata/clam.kitenet.net.gpg34
7 files changed, 45 insertions, 24 deletions
diff --git a/CmdLine.hs b/CmdLine.hs
index 144e22a8..a4ef3bae 100644
--- a/CmdLine.hs
+++ b/CmdLine.hs
@@ -11,7 +11,7 @@ data CmdLine
= Run HostName
| Spin HostName
| Boot HostName
- | Set HostName PrivDataField String
+ | Set HostName PrivDataField
processCmdLine :: IO CmdLine
processCmdLine = go =<< getArgs
@@ -19,8 +19,8 @@ processCmdLine = go =<< getArgs
go ("--help":_) = usage
go ("--spin":h:[]) = return $ Spin h
go ("--boot":h:[]) = return $ Boot h
- go ("--set":h:f:v:[]) = case readish f of
- Just pf -> return $ Set h pf v
+ go ("--set":h:f:[]) = case readish f of
+ Just pf -> return $ Set h pf
Nothing -> error $ "Unknown privdata field " ++ f
go (h:[]) = return $ Run h
go [] = do
@@ -37,7 +37,7 @@ usage = do
, " propellor"
, " propellor hostname"
, " propellor --spin hostname"
- , " propellor --set hostname field value"
+ , " propellor --set hostname field"
]
exitFailure
@@ -47,7 +47,7 @@ defaultMain getprops = go =<< processCmdLine
go (Run host) = ensureProperties (getprops host)
go (Spin host) = spin host
go (Boot host) = boot (getprops host)
- go (Set host field val) = setPrivData host field val
+ go (Set host field) = setPrivData host field
spin :: HostName -> IO ()
spin host = do
diff --git a/Common.hs b/Common.hs
index bcf3283d..93704ce6 100644
--- a/Common.hs
+++ b/Common.hs
@@ -19,3 +19,4 @@ import System.FilePath as X
import Data.Maybe as X
import Data.Either as X
import Utility.Monad as X
+import Utility.Misc as X
diff --git a/PrivData.hs b/PrivData.hs
index e9233660..d1e75c88 100644
--- a/PrivData.hs
+++ b/PrivData.hs
@@ -16,6 +16,7 @@ import Utility.Exception
import Utility.Process
import Utility.Tmp
import Utility.SafeCommand
+import Utility.Misc
{- Note that removing or changing field names will break the
- serialized privdata files, so don't do that!
@@ -38,13 +39,16 @@ getPrivData field = do
m <- catchDefaultIO Nothing $ readish <$> readFile privDataLocal
return $ maybe Nothing (M.lookup field) m
-setPrivData :: HostName -> PrivDataField -> String -> IO ()
-setPrivData host field value = do
+setPrivData :: HostName -> PrivDataField -> IO ()
+setPrivData host field = do
+ putStrLn "Enter private data on stdin; ctrl-D when done:"
+ value <- hGetContentsStrict stdin
makePrivDataDir
let f = privDataFile host
m <- fromMaybe M.empty . readish <$> gpgDecrypt f
let m' = M.insert field value m
gpgEncrypt f (show m')
+ putStrLn "Private data set."
void $ boolSystem "git" [Param "add", File f]
makePrivDataDir :: IO ()
diff --git a/Propellor.hs b/Propellor.hs
index 6870ca56..8b9b6eef 100644
--- a/Propellor.hs
+++ b/Propellor.hs
@@ -8,6 +8,7 @@ import qualified Property.User as User
import qualified Property.Hostname as Hostname
import qualified Property.Reboot as Reboot
import qualified Property.Tor as Tor
+import qualified Property.Docker as Docker
import qualified Property.GitHome as GitHome
main :: IO ()
@@ -22,7 +23,9 @@ getProperties hostname@"clam.kitenet.net" =
, standardSystem Apt.Unstable
-- Clam is a tor bridge.
, Tor.isBridge
+ -- I play with docker on clam.
, Apt.installed ["docker.io"]
+ , Docker.configured
-- This is not an important system so I don't want to need to
-- manually upgrade it.
, Apt.unattendedUpgrades True
diff --git a/Property/Docker.hs b/Property/Docker.hs
new file mode 100644
index 00000000..9d01d0b3
--- /dev/null
+++ b/Property/Docker.hs
@@ -0,0 +1,11 @@
+module Property.Docker where
+
+import Common
+import qualified Property.File as File
+
+{- Configures docker with an authentication file, so that images can be
+ - pushed to index.docker.io. -}
+configured :: Property
+configured = Property "docker configured" $
+ withPrivData DockerAuthentication $ \cfg ->
+ ensureProperty $ "/root/.dockercfg" `File.hasContent` (lines cfg)
diff --git a/README b/README
index 34376263..b646fea9 100644
--- a/README
+++ b/README
@@ -35,7 +35,7 @@ for each host and be annoying.
Instead, propellor --spin $host looks for a privdata/$host.gpg file and
if found decrypts it and sends it to the host using ssh. To set a field
-in such a file, use: propellor --set $host $field $value
+in such a file, use: propellor --set $host $field
The field name is will be something like 'Password "root"'; see PrivData.hs
for available fields.
diff --git a/privdata/clam.kitenet.net.gpg b/privdata/clam.kitenet.net.gpg
index 257e01e9..72f72a86 100644
--- a/privdata/clam.kitenet.net.gpg
+++ b/privdata/clam.kitenet.net.gpg
@@ -1,20 +1,22 @@
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1
-hQIMA7ODiaEXBlRZAQ//SyRFzPr0cVNc0QXGb2fqCEVBuwKPhAyVnkR7exaV8QQ5
-PG16euIse608lLcR6TnnQ5BHB2d7FuSM3czbFX7qUFlJJU87wgw9ApiGXwfMmdmM
-MquAPOgsaxTOlQFY4DPulOCAXXZW61BI+S0O//ajn+wnzJ4Jr1SQ58bzTE3DqmHb
-eSClkbO0oH21ARqYeQ77Vs7VJTlGloT5f+xXMp4d/RxsKVyo8jkry30NDcqklzBQ
-tXgTb38JQRvVdPjI4AQhi+LYjLrl+XCxQjMSktXC8MqXr7c+yuzu8ovE+tTa4xO6
-OOhYN48K6AnyrY6kQAbQeuEk6VY7VFpuc+eirugvV5h+8rH8wvST2/xsC1t/Y1yJ
-NVp5zY7qzMv410dNm7hO7JFiaZmmMc0UcEYRNIIBvy51MJMmSP7KlzLNn4engFM1
-xcfVVYSG1W053jY0AlOpa+8kZPhM9zBFASfUBqEOxUJ4RQE+MGdK8QrdOIl5OevJ
-aZzYr/eFm/01n1ciz/JlNP4QgNBfNgwTAgNbGpcQGCdlp/s2HlgXm0IMLDQuFm6j
-N9V9tK35AELdoFeLlsoriwL3OA8CcMpeF3RLLAIpwXhXgAHxuhzsEwzvmx3DaUTK
-2iV7z8qOeghRgx86pefaBmH4TDMEe6ZeSKWcoDB5lff8+DssIisniiQrDyV6PdzS
-lQGVy7VgTe35k2t8CZpbLzklS72QcEASxUISroC++YTVYejlkEHwd0axY47B8cc2
-9P/ujFFco+IyU8a1b80f6QXbVE7zeS263cTCwMwhO7SBEDYA9FVTZ18eaRvSi05b
-GtCEdu5BuNOkO0XyOSyHuCaVAJN14rH1yJXPwqfUacRxCwlaJK3YH+cTgmeKhYWp
-zmqe4fA2
-=kIsE
+hQIMA7ODiaEXBlRZAQ//fmOcGRNxe/ooyFebOl54oFJtUvmWclBN8ycWb+1FEiED
+4293/YYL13OXStSDCMc1o0Rq6SxRpkD/xavcc2wqBa4rTEvOzU/YdhXRLOCr2QwQ
+Mhn4vtLmQqaQwYz5tzPkfRwtB/Wx/R4dJBfNF5vp+nl788fF+cdgLLSihY+TEPSk
++Wo2PZ0jNvCSpVR99Rh3o3ut57shsVGGa4Z4uaXfLVOu118Z00iyKZ9pHFa7gLH4
+nU1Y8N8JPg0Z+zJvTbJGU66k5LMZx9a/cu/+dwk2KPm3uldld4dwFk9zkmnzsIzS
+UhWWsuea4OGanjDsPZzECkLY/AOWxRL7+4qC6c9vsFagktJezRNqNImeSkYi9fR5
+xw4VnhL5JwC2RF3gMC8XHYSx5C1ByGIq0gaklJjdPRn3Kj7/zSOefgNZC/O+wSfG
+V5W7kW7x6vvMv9og3k4BBpD4p2s94O8xtztLE+wOXxJclFen37FNhwuJyp7PiBN6
+T4PgekpqPfX9Xp4M1tgyUVV9m8Jeof0TtS/YsKeYqaGk1ZKPOJvqXnZTL5LOkaqE
+KTWYnWdBROwNXhsaIUnu8YHqf2mRA5VlCl1Uspd3SIyU1Xh0LL9stPnxdyJGghrG
+RTmTJsEkzPAxnjSop72sEkKjqwkHxNbEkXg690QEPon+m/FAg083yTtKH/whbQ7S
+wFIBtEWDmBQyFmc1fvi1IouM9fUij6AwtJx2JrWE2d68BqE1moFGGiRSnf7itNc0
+YFashaGMSRZAzlx6quMJtg3sE/Xw4zra1b8SkvmH6FoQnQ2rXriG5U4Hc6bW0jIX
+48O96/NbIwabZiwC5BKGmSPpQBDnyzruWR/Qsnw6uar5/ZKsIOvPhICCvChO03So
+6C6WLHFb9trLqpB+r8BOMjUG/FPqZ4lRanQ3Xn///lLD2uuhH27Pmt/XDpwRJgsz
+V+uM6TVQMBe5XyE3LOk7Yn0oosohYF0LFFzQH0mO5cykx+Ctjt1muxKoUmcN99ms
+j99fwMhrk1qlzlu2Yoe5caph4M44TXbQRGhPX7jXDJzYbRdS
+=GYf9
-----END PGP MESSAGE-----