summaryrefslogtreecommitdiff
path: root/src/Propellor
diff options
context:
space:
mode:
authorJoey Hess2015-06-01 16:05:31 -0400
committerJoey Hess2015-06-01 16:05:31 -0400
commita50edc3d9f1fc630ba5f72aba6cfec9aca71c204 (patch)
tree9d8e958c2e78c08d71afa99b5b9e081a9451b803 /src/Propellor
parenta7045f737efe76c7346a1ac34f10d0d8d311ff89 (diff)
better types for systemd port publishing
Diffstat (limited to 'src/Propellor')
-rw-r--r--src/Propellor/Property/Systemd.hs59
1 files changed, 34 insertions, 25 deletions
diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs
index 973314ac..34e51ba9 100644
--- a/src/Propellor/Property/Systemd.hs
+++ b/src/Propellor/Property/Systemd.hs
@@ -1,3 +1,5 @@
+{-# LANGUAGE TypeSynonymInstances #-}
+
module Propellor.Property.Systemd (
-- * Services
module Propellor.Property.Systemd.Core,
@@ -22,9 +24,12 @@ module Propellor.Property.Systemd (
-- * Container configuration
containerCfg,
resolvConfed,
- publish,
+ Publishable(..),
+ privateNetwork,
+ ForwardedPort(..),
Proto(..),
- publish',
+ PortSpec(..),
+ publish,
bind,
bindRo,
) where
@@ -288,32 +293,36 @@ resolvConfed = containerCfg "bind=/etc/resolv.conf"
privateNetwork :: RevertableProperty
privateNetwork = containerCfg "private-network"
--- | Publish a container's (tcp) port to same port on the host.
---
--- This automatically enables privateNetwork, so all non-published ports
--- will not be accessible outside the container.
---
--- Note that this feature was first added in systemd version 220.
-publish :: Port -> RevertableProperty
-publish p = publish' TCP p p
- `requires` privateNetwork
+class Publishable a where
+ toPublish :: a -> String
+
+instance Publishable Port where
+ toPublish p = show p
+
+data ForwardedPort = ForwardedPort
+ { hostPort :: Port
+ , containerPort :: Port
+ }
+
+instance Publishable ForwardedPort where
+ toPublish fp = show (hostPort fp) ++ ":" ++ show (containerPort fp)
data Proto = TCP | UDP
-publish'
- :: Proto
- -> Port -- ^ Host port
- -> Port -- ^ Container port
- -> RevertableProperty
-publish' proto hostport containerport = containerCfg $ "--port=" ++
- intercalate ":"
- [ sproto proto
- , show hostport
- , show containerport
- ]
- where
- sproto TCP = "tcp"
- sproto UDP = "udp"
+data PortSpec = PortSpec Proto ForwardedPort
+
+instance Publishable PortSpec where
+ toPublish (PortSpec TCP fp) = "tcp:" ++ toPublish fp
+ toPublish (PortSpec UDP fp) = "udp:" ++ toPublish fp
+
+-- | Publish a port from the container on the host.
+--
+-- Note that this will only work if the container's network is set up
+-- by other properties.
+--
+-- This feature was first added in systemd version 220.
+publish :: Publishable p => p -> RevertableProperty
+publish p = containerCfg $ "--port=" ++ toPublish p
-- | Bind mount a file or directory from the host into the container.
--