summaryrefslogtreecommitdiff
path: root/Propellor
diff options
context:
space:
mode:
authorJoey Hess2014-04-04 01:37:31 -0400
committerJoey Hess2014-04-04 01:37:31 -0400
commit25a002605056ca5b3ad93c038b424c952f1431d1 (patch)
treea60feb5834d09f1edbad8d537ba2fb84e6c4351e /Propellor
parenteffa897faa48262231dfa08aa21d0b93e418db11 (diff)
nope
Diffstat (limited to 'Propellor')
-rw-r--r--Propellor/Config/Joey.hs128
-rw-r--r--Propellor/Config/Simple.hs55
2 files changed, 0 insertions, 183 deletions
diff --git a/Propellor/Config/Joey.hs b/Propellor/Config/Joey.hs
deleted file mode 100644
index c398c2f6..00000000
--- a/Propellor/Config/Joey.hs
+++ /dev/null
@@ -1,128 +0,0 @@
--- | This is the live config file used by propellor's author.
-
-module Propellor.Config.Joey where
-
-import Propellor
-import Propellor.CmdLine
-import qualified Propellor.Property.File as File
-import qualified Propellor.Property.Apt as Apt
-import qualified Propellor.Property.Network as Network
-import qualified Propellor.Property.Ssh as Ssh
-import qualified Propellor.Property.Cron as Cron
-import qualified Propellor.Property.Sudo as Sudo
-import qualified Propellor.Property.User as User
-import qualified Propellor.Property.Hostname as Hostname
---import qualified Propellor.Property.Reboot as Reboot
-import qualified Propellor.Property.Tor as Tor
-import qualified Propellor.Property.Docker as Docker
-import qualified Propellor.Property.SiteSpecific.GitHome as GitHome
-import qualified Propellor.Property.SiteSpecific.GitAnnexBuilder as GitAnnexBuilder
-import qualified Propellor.Property.SiteSpecific.JoeySites as JoeySites
--- Only imported to make sure it continues to build.
-import qualified Propellor.Config.Simple ()
-import Data.List
-
-main :: IO ()
-main = defaultMain [host, Docker.containerProperties container]
-
--- | This is where the system's HostName, either as returned by uname
--- or one specified on the command line, is converted into a list of
--- Properties for that system.
---
--- Edit this to configure propellor!
-host :: HostName -> Maybe [Property]
--- Clam is a tor bridge, and an olduse.net shellbox and other fun stuff.
-host hostname@"clam.kitenet.net" = standardSystem Unstable $ props
- & cleanCloudAtCost hostname
- & Apt.unattendedUpgrades
- & Network.ipv6to4
- & Apt.installed ["git-annex", "mtr"]
- & Tor.isBridge
- & JoeySites.oldUseNetshellBox
- & Docker.configured
- ! Docker.docked container hostname "amd64-git-annex-builder"
- & Docker.garbageCollected
--- Orca is the main git-annex build box.
-host hostname@"orca.kitenet.net" = standardSystem Unstable $ props
- & Hostname.set hostname
- & Apt.unattendedUpgrades
- & Docker.configured
- & Apt.buildDep ["git-annex"]
- & Docker.docked container hostname "amd64-git-annex-builder"
- & Docker.docked container hostname "i386-git-annex-builder"
- & Docker.garbageCollected
--- My laptop
-host _hostname@"darkstar.kitenet.net" = Just $ props
- & Docker.configured
-
--- add more hosts here...
---host "foo.example.com" =
-host _ = Nothing
-
--- | This is where Docker containers are set up. A container
--- can vary by hostname where it's used, or be the same everywhere.
-container :: HostName -> Docker.ContainerName -> Maybe (Docker.Container)
-container _host name
- | name == "webserver" = Just $ Docker.containerFrom
- (image $ System (Debian Unstable) "amd64")
- [ Docker.publish "8080:80"
- , Docker.volume "/var/www:/var/www"
- , Docker.inside $ props
- & serviceRunning "apache2"
- `requires` Apt.installed ["apache2"]
- ]
- | "-git-annex-builder" `isSuffixOf` name =
- let arch = takeWhile (/= '-') name
- in Just $ Docker.containerFrom
- (image $ System (Debian Unstable) arch)
- [ Docker.inside $ props & GitAnnexBuilder.builder arch "15 * * * *" True ]
- | otherwise = Nothing
-
--- | Docker images I prefer to use.
-image :: System -> Docker.Image
-image (System (Debian Unstable) arch) = "joeyh/debian-unstable-" ++ arch
-image _ = "debian-stable-official" -- does not currently exist!
-
--- This is my standard system setup
-standardSystem :: DebianSuite -> [Property] -> Maybe [Property]
-standardSystem suite customprops = Just $
- standardprops : customprops ++ endprops
- where
- standardprops = propertyList "standard system" $ props
- & Apt.stdSourcesList suite `onChange` Apt.upgrade
- & Apt.installed ["etckeeper"]
- & Apt.installed ["ssh"]
- & GitHome.installedFor "root"
- & User.hasSomePassword "root"
- -- Harden the system, but only once root's authorized_keys
- -- is safely in place.
- & check (Ssh.hasAuthorizedKeys "root")
- (Ssh.passwordAuthentication False)
- & User.accountFor "joey"
- & User.hasSomePassword "joey"
- & Sudo.enabledFor "joey"
- & GitHome.installedFor "joey"
- & Apt.installed ["vim", "screen", "less"]
- & Cron.runPropellor "30 * * * *"
- -- I use postfix, or no MTA.
- & Apt.removed ["exim4", "exim4-daemon-light", "exim4-config", "exim4-base"]
- `onChange` Apt.autoRemove
- -- May reboot, so comes last
- -- Currently not enable due to #726375
- endprops = [] -- [Apt.installed ["systemd-sysv"] `onChange` Reboot.now]
-
--- Clean up a system as installed by cloudatcost.com
-cleanCloudAtCost :: HostName -> Property
-cleanCloudAtCost hostname = propertyList "cloudatcost cleanup"
- [ Hostname.set hostname
- , Ssh.uniqueHostKeys
- , "worked around grub/lvm boot bug #743126" ==>
- "/etc/default/grub" `File.containsLine` "GRUB_DISABLE_LINUX_UUID=true"
- `onChange` cmdProperty "update-grub" []
- `onChange` cmdProperty "update-initramfs" ["-u"]
- , combineProperties "nuked cloudatcost cruft"
- [ File.notPresent "/etc/rc.local"
- , File.notPresent "/etc/init.d/S97-setup.sh"
- , User.nuked "user" User.YesReallyDeleteHome
- ]
- ]
diff --git a/Propellor/Config/Simple.hs b/Propellor/Config/Simple.hs
deleted file mode 100644
index 2b379b0d..00000000
--- a/Propellor/Config/Simple.hs
+++ /dev/null
@@ -1,55 +0,0 @@
--- | This is the main configuration file for Propellor, and is used to build
--- the propellor program.
-
-module Propellor.Config.Simple where
-
-import Propellor
-import Propellor.CmdLine
-import qualified Propellor.Property.File as File
-import qualified Propellor.Property.Apt as Apt
-import qualified Propellor.Property.Network as Network
---import qualified Propellor.Property.Ssh as Ssh
-import qualified Propellor.Property.Cron as Cron
---import qualified Propellor.Property.Sudo as Sudo
-import qualified Propellor.Property.User as User
---import qualified Propellor.Property.Hostname as Hostname
---import qualified Propellor.Property.Reboot as Reboot
---import qualified Propellor.Property.Tor as Tor
-import qualified Propellor.Property.Docker as Docker
-
-main :: IO ()
-main = defaultMain [host, Docker.containerProperties container]
-
--- | This is where the system's HostName, either as returned by uname
--- or one specified on the command line, is converted into a list of
--- Properties for that system.
---
--- Edit this to configure propellor!
-host :: HostName -> Maybe [Property]
-host hostname@"mybox.example.com" = Just $ props
- & Apt.stdSourcesList Unstable
- `onChange` Apt.upgrade
- & Apt.unattendedUpgrades
- & Apt.installed ["etckeeper"]
- & Apt.installed ["ssh"]
- & User.hasSomePassword "root"
- & Network.ipv6to4
- & File.dirExists "/var/www"
- & Docker.docked container hostname "webserver"
- & Docker.garbageCollected
- & Cron.runPropellor "30 * * * *"
--- add more hosts here...
---host "foo.example.com" =
-host _ = Nothing
-
--- | This is where Docker containers are set up. A container
--- can vary by hostname where it's used, or be the same everywhere.
-container :: HostName -> Docker.ContainerName -> Maybe (Docker.Container)
-container _ "webserver" = Just $ Docker.containerFrom "joeyh/debian-unstable"
- [ Docker.publish "80:80"
- , Docker.volume "/var/www:/var/www"
- , Docker.inside $ props
- & serviceRunning "apache2"
- `requires` Apt.installed ["apache2"]
- ]
-container _ _ = Nothing