summaryrefslogtreecommitdiff
path: root/HostProp.hs
diff options
context:
space:
mode:
authorJoey Hess2014-03-30 02:37:45 -0400
committerJoey Hess2014-03-30 02:37:45 -0400
commitc4afc9c90f9016b3ecfa96193c531c73ccbdeae4 (patch)
treea478d34bd26b9af628a139ea11ffb760976a4f60 /HostProp.hs
parent47a0785fbc45a60560fbe4d34582f5215485c00f (diff)
rename
Diffstat (limited to 'HostProp.hs')
-rw-r--r--HostProp.hs61
1 files changed, 0 insertions, 61 deletions
diff --git a/HostProp.hs b/HostProp.hs
deleted file mode 100644
index 1bc1373a..00000000
--- a/HostProp.hs
+++ /dev/null
@@ -1,61 +0,0 @@
-import Property
-import HostName
-import qualified Property.Apt as Apt
-import qualified Property.Ssh as Ssh
-import qualified Property.User as User
-import qualified Property.Hostname as Hostname
-import qualified Property.Reboot as Reboot
-import qualified Property.Tor as Tor
-import qualified Property.GitHome as GitHome
-
-main :: IO ()
-main = ensureProperties . getProperties =<< getHostName
-
-{- This is where the system's HostName, either as returned by uname
- - or one specified on the command line, is converted into a list of
- - Properties for that system. -}
-getProperties :: HostName -> [Property]
-getProperties hostname@"clam.kitenet.net" =
- [ cleanCloudAtCost hostname
- , standardSystem Apt.Unstable
- -- This is not an important system so I don't want to need to
- -- manually upgrade it.
- , Apt.unattendedUpgrades True
- -- Clam is a tor bridge.
- , Tor.isBridge
- -- Should come last as it reboots.
- --, Apt.installed ["systemd-sysv"] `onChange` Reboot.now
- ]
--- add more hosts here...
---getProperties "foo" =
-getProperties h = error $ "Unknown host: " ++ h ++ " (perhaps you should specify the real hostname on the command line?)"
-
--- This is my standard system setup
-standardSystem :: Apt.Suite -> Property
-standardSystem suite = propertyList "standard system"
- [ Apt.stdSourcesList suite `onChange` Apt.upgrade
- , Apt.installed ["etckeeper"]
- , Apt.installed ["ssh"]
- , GitHome.installedFor "root"
- -- Harden the system, but only once root's authorized_keys
- -- is safely in place.
- , check (Ssh.hasAuthorizedKeys "root") $
- Ssh.passwordAuthentication False
- , check (Ssh.hasAuthorizedKeys "root") $
- User.lockedPassword "root"
- , Apt.installed ["vim"]
- , User.nonsystem "joey"
- , Apt.installed ["sudo"]
- -- nopasswd because no password is set up for joey.
- , lineInFile "/etc/sudoers" "joey ALL=(ALL:ALL) NOPASSWD:ALL"
- , GitHome.installedFor "joey"
- ]
-
--- Clean up a system as installed by cloudatcost.com
-cleanCloudAtCost :: HostName -> Property
-cleanCloudAtCost hostname = propertyList "cloudatcost cleanup"
- [ User.nuked "user"
- , Apt.removed ["exim4"] `onChange` Apt.autoRemove
- , Hostname.set hostname
- , Ssh.uniqueHostKeys
- ]