summaryrefslogtreecommitdiff
path: root/src/Propellor/Property
diff options
context:
space:
mode:
authorJoey Hess2015-10-10 13:46:00 -0400
committerJoey Hess2015-10-10 13:46:00 -0400
commit1b2a63f7fda4411adc71da3f43b173ffe7e7eb10 (patch)
tree7ee1b0f6ae8e42869afbed34374c939c7a245c94 /src/Propellor/Property
parentb3a5cb70dc04843a5b841f987bd60b8689edb58b (diff)
propellor spin
Diffstat (limited to 'src/Propellor/Property')
-rw-r--r--src/Propellor/Property/Apache.hs30
-rw-r--r--src/Propellor/Property/OpenId.hs33
2 files changed, 45 insertions, 18 deletions
diff --git a/src/Propellor/Property/Apache.hs b/src/Propellor/Property/Apache.hs
index 49e3d525..b4bbdc32 100644
--- a/src/Propellor/Property/Apache.hs
+++ b/src/Propellor/Property/Apache.hs
@@ -5,7 +5,14 @@ import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.Service as Service
-type ConfigFile = [String]
+installed :: Property NoInfo
+installed = Apt.installed ["apache2"]
+
+restarted :: Property NoInfo
+restarted = Service.restarted "apache2"
+
+reloaded :: Property NoInfo
+reloaded = Service.reloaded "apache2"
-- | A basic virtual host, publishing a directory, and logging to
-- the combined apache log file.
@@ -21,6 +28,8 @@ virtualHost hn (Port p) docroot = siteEnabled hn
, "</VirtualHost>"
]
+type ConfigFile = [String]
+
siteEnabled :: HostName -> ConfigFile -> RevertableProperty
siteEnabled hn cf = enable <!> disable
where
@@ -65,6 +74,16 @@ modEnabled modname = enable <!> disable
`onChange` reloaded
isenabled = boolSystem "a2query" [Param "-q", Param "-m", Param modname]
+-- | Make apache listen on the specified ports.
+--
+-- Note that ports are also specified inside a site's config file,
+-- so that also needs to be changed.
+listenPorts :: [Port] -> Property NoInfo
+listenPorts ps = "/etc/apache2/ports.conf" `File.hasContent` map portline ps
+ `onChange` restarted
+ where
+ portline (Port n) = "Listen " ++ show n
+
-- This is a list of config files because different versions of apache
-- use different filenames. Propellor simply writes them all.
siteCfg :: HostName -> [FilePath]
@@ -75,15 +94,6 @@ siteCfg hn =
, "/etc/apache2/sites-available/" ++ hn ++ ".conf"
]
-installed :: Property NoInfo
-installed = Apt.installed ["apache2"]
-
-restarted :: Property NoInfo
-restarted = Service.restarted "apache2"
-
-reloaded :: Property NoInfo
-reloaded = Service.reloaded "apache2"
-
-- | Configure apache to use SNI to differentiate between
-- https hosts.
--
diff --git a/src/Propellor/Property/OpenId.hs b/src/Propellor/Property/OpenId.hs
index 1f6f2559..6becee62 100644
--- a/src/Propellor/Property/OpenId.hs
+++ b/src/Propellor/Property/OpenId.hs
@@ -3,19 +3,29 @@ module Propellor.Property.OpenId where
import Propellor
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
-import qualified Propellor.Property.Service as Service
+import qualified Propellor.Property.Apache as Apache
import Data.List
-providerFor :: [User] -> String -> Property HasInfo
-providerFor users baseurl = propertyList desc $ map toProp
- [ Apt.serviceInstalledRunning "apache2"
- , Apt.installed ["simpleid"]
- `onChange` Service.restarted "apache2"
- , File.fileProperty (desc ++ " configured")
+-- | Openid provider, using the simpleid PHP CGI, with apache.
+--
+-- Runs on usual port by defualt. When a nonstandard port is specified,
+-- apache is limited to listening only on that port. Warning: Specifying
+-- a port won't compose well with other apache properties on the same
+-- host.
+providerFor :: [User] -> HostName -> Maybe Port -> Property HasInfo
+providerFor users hn mp = propertyList desc $ props
+ & Apt.serviceInstalledRunning "apache2"
+ & apacheconfigured
+ & Apt.installed ["simpleid"]
+ `onChange` Apache.restarted
+ & File.fileProperty (desc ++ " configured")
(map setbaseurl) "/etc/simpleid/config.inc"
- ] ++ map identfile users
+ & propertyList desc (map identfile users)
where
+ baseurl = hn ++ case mp of
+ Nothing -> ""
+ Just (Port p) -> show p
url = "http://"++baseurl++"/simpleid"
desc = "openid provider " ++ url
setbaseurl l
@@ -23,6 +33,13 @@ providerFor users baseurl = propertyList desc $ map toProp
"define('SIMPLEID_BASE_URL', '"++url++"');"
| otherwise = l
+ apacheconfigured = case mp of
+ Nothing -> toProp $
+ Apache.virtualHost hn (Port 80) "/var/www/html"
+ Just p -> propertyList desc $ props
+ & Apache.listenPorts [p]
+ & Apache.virtualHost hn p "/var/www/html"
+
-- the identities directory controls access, so open up
-- file mode
identfile (User u) = File.hasPrivContentExposed