summaryrefslogtreecommitdiff
path: root/Propellor/Property/Apt.hs
diff options
context:
space:
mode:
authorJoey Hess2014-04-17 22:09:29 -0400
committerJoey Hess2014-04-17 22:09:29 -0400
commit0e0a70f794c8659a1687278a69f6ee87eebf4798 (patch)
treed662a5ec06479895171b77fd3fe76c2d96e8dbae /Propellor/Property/Apt.hs
parent0485387aa03f2e81c218fe689cb6a9a5a8fe14a4 (diff)
propellor spin
Diffstat (limited to 'Propellor/Property/Apt.hs')
-rw-r--r--Propellor/Property/Apt.hs37
1 files changed, 31 insertions, 6 deletions
diff --git a/Propellor/Property/Apt.hs b/Propellor/Property/Apt.hs
index 3842cb02..fe9b8e26 100644
--- a/Propellor/Property/Apt.hs
+++ b/Propellor/Property/Apt.hs
@@ -17,6 +17,8 @@ sourcesList = "/etc/apt/sources.list"
type Url = String
type Section = String
+type SourcesGenerator = DebianSuite -> [Line]
+
showSuite :: DebianSuite -> String
showSuite Stable = "stable"
showSuite Testing = "testing"
@@ -39,7 +41,7 @@ srcLine l = case words l of
stdSections :: [Section]
stdSections = ["main", "contrib", "non-free"]
-binandsrc :: String -> DebianSuite -> [Line]
+binandsrc :: String -> SourcesGenerator
binandsrc url suite
| isStable suite = [l, srcLine l, bl, srcLine bl]
| otherwise = [l, srcLine l]
@@ -47,14 +49,14 @@ binandsrc url suite
l = debLine (showSuite suite) url stdSections
bl = debLine backportSuite url stdSections
-debCdn :: DebianSuite -> [Line]
+debCdn :: SourcesGenerator
debCdn = binandsrc "http://cdn.debian.net/debian"
-kernelOrg :: DebianSuite -> [Line]
+kernelOrg :: SourcesGenerator
kernelOrg = binandsrc "http://mirrors.kernel.org/debian"
-- | Only available for Stable and Testing
-securityUpdates :: DebianSuite -> [Line]
+securityUpdates :: SourcesGenerator
securityUpdates suite
| isStable suite || suite == Testing =
let l = "deb http://security.debian.org/ " ++ showSuite suite ++ "/updates " ++ unwords stdSections
@@ -67,9 +69,14 @@ securityUpdates suite
-- Since the CDN is sometimes unreliable, also adds backup lines using
-- kernel.org.
stdSourcesList :: DebianSuite -> Property
-stdSourcesList suite = setSourcesList
- (concatMap (\gen -> gen suite) [debCdn, kernelOrg, securityUpdates])
+stdSourcesList suite = stdSourcesList' suite []
+
+stdSourcesList' :: DebianSuite -> [SourcesGenerator] -> Property
+stdSourcesList' suite more = setSourcesList
+ (concatMap (\gen -> gen suite) generators)
`describe` ("standard sources.list for " ++ show suite)
+ where
+ generators = [debCdn, kernelOrg, securityUpdates] ++ more
setSourcesList :: [Line] -> Property
setSourcesList ls = sourcesList `File.hasContent` ls `onChange` update
@@ -208,3 +215,21 @@ reConfigure package vals = reconfigure `requires` setselections
-- package names.
serviceInstalledRunning :: Package -> Property
serviceInstalledRunning svc = Service.running svc `requires` installed [svc]
+
+data AptKey = AptKey
+ { keyname :: String
+ , pubkey :: String
+ }
+
+trustsKey :: AptKey -> RevertableProperty
+trustsKey k = RevertableProperty trust untrust
+ where
+ desc = "apt trusts key " ++ keyname k
+ f = "/etc/apt/trusted.gpg.d" </> keyname k ++ ".gpg"
+ untrust = File.notPresent f
+ trust = check (not <$> doesFileExist f) $ Property desc $ makeChange $ do
+ withHandle StdinHandle createProcessSuccess
+ (proc "gpg" ["--no-default-keyring", "--keyring", f, "--import", "-"]) $ \h -> do
+ hPutStr h (pubkey k)
+ hClose h
+ nukeFile $ f ++ "~" -- gpg dropping