summaryrefslogtreecommitdiff
path: root/config-joey.hs
diff options
context:
space:
mode:
authorJoey Hess2014-05-15 01:04:03 -0400
committerJoey Hess2014-05-15 01:04:03 -0400
commit08ecafb418f9902d0f902ab0cf88bcc07b6df8b2 (patch)
tree0b4713000bb92d6205259a30bd5f803dc33e615d /config-joey.hs
parent2081a49b659ddb1a9c8b647f2703a052ea38953b (diff)
add
Diffstat (limited to 'config-joey.hs')
-rw-r--r--config-joey.hs16
1 files changed, 16 insertions, 0 deletions
diff --git a/config-joey.hs b/config-joey.hs
index 769357ce..9278808c 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -252,6 +252,22 @@ image (System (Debian Unstable) arch) = "joeyh/debian-unstable-" ++ arch
image (System (Debian Stable) arch) = "joeyh/debian-stable-" ++ arch
image _ = "debian-stable-official" -- does not currently exist!
+-- Digital Ocean does not provide any way to boot
+-- the kernel provided by the distribution, except using kexec.
+-- Without this, some old, and perhaps insecure kernel will be used.
+--
+-- Note that this only causes the new kernel to be loaded on reboot.
+-- If the power is cycled, the old kernel still boots up.
+-- TODO: detect this and reboot immediately?
+digitalOceanDistroKernel :: Property
+digitalOceanDistroKernel = propertyList "digital ocean distro kernel hack"
+ [ Apt.installed ["grub-pc", "kexec-tools"]
+ , "/etc/default/kexec" `File.containsLines`
+ [ "LOAD_KEXEC=true"
+ , "USE_GRUB_CONFIG=true"
+ ]
+ ]
+
-- Clean up a system as installed by cloudatcost.com
cleanCloudAtCost :: Property
cleanCloudAtCost = propertyList "cloudatcost cleanup"