summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorFélix Sipma2018-02-23 14:11:15 +0100
committerFélix Sipma2018-02-23 14:11:15 +0100
commit6749014553b13ad148cde450baefb241a98ed771 (patch)
treeb54c2652118d3a8732f471b6d445127b25159510 /src
parent530d9ff6bea5570d051d07546a128d456b3c5c3b (diff)
add Propellor.Property.Dhparams
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Dhparams.hs26
1 files changed, 26 insertions, 0 deletions
diff --git a/src/Propellor/Property/Dhparams.hs b/src/Propellor/Property/Dhparams.hs
new file mode 100644
index 00000000..2c30cb87
--- /dev/null
+++ b/src/Propellor/Property/Dhparams.hs
@@ -0,0 +1,26 @@
+-- | Maintainer: Félix Sipma <felix+propellor@gueux.org>
+
+module Propellor.Property.Dhparams where
+
+import Propellor.Base
+import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.File as File
+import Utility.FileMode
+import Utility.SafeCommand
+
+
+length' :: Int
+length' = 2048
+
+file :: FilePath
+file = "/etc/ssl/private/dhparams.pem"
+
+safeDhparams :: Property DebianLike
+safeDhparams = propertyList "safe dhparams" $ props
+ & File.dirExists (takeDirectory file)
+ & Apt.installed ["openssl"]
+ & check (not <$> doesFileExist file) (createDhparams file length')
+
+createDhparams :: FilePath -> Int -> Property UnixLike
+createDhparams f l = property ("generate new dhparams: " ++ f) $ liftIO $ withUmask 0o0177 $ withFile f WriteMode $ \h ->
+ cmdResult <$> boolSystem' "openssl" [Param "dhparam", Param (show l)] (\p -> p { std_out = UseHandle h })