summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
l---------config.hs2
-rw-r--r--debian/changelog17
-rw-r--r--doc/coding_style.mdwn2
-rw-r--r--doc/forum/Adding_support_for_a_SQL_server/comment_9_a952549ea4d54c8becc8e9c1b058eec6._comment12
-rw-r--r--doc/forum/How_can_File.mode_be_used_in_config.hs___63__.mdwn7
-rw-r--r--doc/forum/How_can_File.mode_be_used_in_config.hs___63__/comment_1_c176c1507c6f08917b4e5d2a70b19ee4._comment11
-rw-r--r--doc/forum/Support_writing_as_owner__63__.mdwn1
-rw-r--r--doc/forum/Support_writing_as_owner__63__/comment_1_794b11f84e0dcb29eba36bdfe1220191._comment18
-rw-r--r--doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn23
-rw-r--r--doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment36
-rw-r--r--doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_2_c4453a2fe31d52ce0c5e6e615f1b18b2._comment18
-rw-r--r--doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_3_e83459b7775832e3885999eb28dca045._comment21
-rw-r--r--doc/forum/need_help_to_write_a_property_of_a_generic_kind.mdwn69
-rw-r--r--doc/forum/need_help_to_write_a_property_of_a_generic_kind/comment_1_9de1b00ba845174d2e8df191578cde3c._comment67
-rw-r--r--doc/forum/noisy_imageBuilt.mdwn7
-rw-r--r--doc/forum/noisy_imageBuilt/comment_1_a6384f47cc8abffa9cf26bf4bf7215a7._comment24
-rw-r--r--doc/todo/Debootstrap.built_should_install_the_relevant_archive_keyring_package.mdwn5
-rw-r--r--doc/todo/Sbuild_support_for_Buntish.mdwn4
-rw-r--r--doc/todo/Sbuild_support_for_Buntish/comment_1_1b75bf6efd01918f0a4db958ba8afe2b._comment14
-rw-r--r--doc/todo/Sbuild_support_for_Buntish/comment_2_9bd0cc2462c12d1746b7dbf2496ebfee._comment10
-rw-r--r--doc/todo/Sbuild_support_for_Buntish/comment_3_81d771c54f1baac80a2ac93e4534d7a9._comment64
-rw-r--r--doc/todo/Sbuild_support_for_Buntish/comment_4_c9f3103d192017a3291b82969dfd34f6._comment9
-rw-r--r--doc/todo/Sbuild_support_for_Buntish/comment_5_e976f396ed6e0aa596fed5c7777e08a0._comment10
-rw-r--r--doc/todo/Sbuild_support_for_Buntish/comment_6_8727a5eba0ae8daddba8a023dc845837._comment8
-rw-r--r--doc/todo/serialize_actions_via_free_applicative.mdwn34
-rw-r--r--doc/todo/unpropelling_a_host/comment_2_fb572083e8f8bccef037d43a4f7487c2._comment8
-rw-r--r--joeyconfig.hs1
-rw-r--r--privdata/relocate1
-rw-r--r--propellor.cabal2
-rw-r--r--src/Propellor/Git/VerifiedBranch.hs1
-rw-r--r--src/Propellor/Property/Bootstrap.hs1
-rw-r--r--src/Propellor/Property/Ccache.hs1
-rw-r--r--src/Propellor/Property/Cron.hs1
-rw-r--r--src/Propellor/Property/Debootstrap.hs1
-rw-r--r--src/Propellor/Property/DiskImage.hs1
-rw-r--r--src/Propellor/Property/File.hs1
-rw-r--r--src/Propellor/Property/HostingProvider/Linode.hs1
-rw-r--r--src/Propellor/Property/Localdir.hs61
-rw-r--r--src/Propellor/Property/Mount.hs14
-rw-r--r--src/Propellor/Property/Openssl.hs2
-rw-r--r--src/Propellor/Property/PropellorRepo.hs29
-rw-r--r--src/Propellor/Property/Sbuild.hs17
-rw-r--r--src/Propellor/Property/Schroot.hs2
-rw-r--r--src/Propellor/Property/Service.hs1
-rw-r--r--src/Propellor/Property/SiteSpecific/Branchable.hs2
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs1
-rw-r--r--src/Propellor/Property/Ssh.hs1
-rw-r--r--src/Propellor/Property/Systemd.hs1
-rw-r--r--src/Propellor/Property/Tor.hs1
-rw-r--r--src/Propellor/Shim.hs1
-rw-r--r--src/Propellor/Spin.hs3
-rw-r--r--src/Propellor/Utilities.hs2
52 files changed, 594 insertions, 57 deletions
diff --git a/config.hs b/config.hs
index 97d90636..ec313725 120000
--- a/config.hs
+++ b/config.hs
@@ -1 +1 @@
-joeyconfig.hs \ No newline at end of file
+config-simple.hs \ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
index 27496138..ab3df97f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
+propellor (5.7.0) UNRELEASED; urgency=medium
+
+ * Sbuild.built no longer includes Apt.stdSourcesList by default,
+ in order to support non-Debian OS's. (API change)
+ To upgrade: Simply add Sbuild.osDebianStandard to all Sbuild.built
+ calls which have osDebian.
+ Thanks, Sean Whitton
+ * Propellor.Property.PropellorRepo renamed to Propellor.Property.Localdir
+ to widen its scope. (API change)
+ * Sbuild.built uses Localdir.removed to clean up the propellor localdir
+ after it's done running in a schroot.
+ Thanks, Sean Whitton
+ * Added Utility.FileMode to the modules exported by Propellor.Utilities
+ to propellor library users.
+
+ -- Joey Hess <id@joeyh.name> Mon, 01 Apr 2019 11:35:15 -0400
+
propellor (5.6.1) unstable; urgency=medium
* fix Libvirt.hs haddock build
diff --git a/doc/coding_style.mdwn b/doc/coding_style.mdwn
index bf127fe0..8c464b9d 100644
--- a/doc/coding_style.mdwn
+++ b/doc/coding_style.mdwn
@@ -120,6 +120,6 @@ Note for emacs users: You can put the following snippet into a file called
(tab-width . 8)
(fill-column . 80)))
;; Warn about spaces used for indentation:
- (haskell-mode . ((eval . (highlight-regexp "^ *")))))
+ (haskell-mode . ((eval . (highlight-regexp "^ +")))))
Also consider [haskell-tab-indent-mode](https://spwhitton.name/tech/code/haskell-tab-indent/). The standard indentation modes that come with haskell-mode do not work well with tabs for indentation. This mode works well for hacking on Propellor.
diff --git a/doc/forum/Adding_support_for_a_SQL_server/comment_9_a952549ea4d54c8becc8e9c1b058eec6._comment b/doc/forum/Adding_support_for_a_SQL_server/comment_9_a952549ea4d54c8becc8e9c1b058eec6._comment
new file mode 100644
index 00000000..f8ecaa9d
--- /dev/null
+++ b/doc/forum/Adding_support_for_a_SQL_server/comment_9_a952549ea4d54c8becc8e9c1b058eec6._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 9"
+ date="2019-03-26T17:26:03Z"
+ content="""
+Hello,
+
+I have added a function to restore a database from a backup. It works like the Borg.restored property, it will restore only if the database is empty.
+
+Also included is a fix to wait that the server is available. This is needed when a container is just started for example.
+"""]]
diff --git a/doc/forum/How_can_File.mode_be_used_in_config.hs___63__.mdwn b/doc/forum/How_can_File.mode_be_used_in_config.hs___63__.mdwn
new file mode 100644
index 00000000..b2e1837c
--- /dev/null
+++ b/doc/forum/How_can_File.mode_be_used_in_config.hs___63__.mdwn
@@ -0,0 +1,7 @@
+Hello,
+
+if I try to use `File.mode` in my `config.hs`, I do not have access to modes
+defined in `Utility.FileMode` and `System.Posix.Files`. Is that intended? Is
+there a way to do it appart from changing `propellor.cabal`?
+
+Thanks!
diff --git a/doc/forum/How_can_File.mode_be_used_in_config.hs___63__/comment_1_c176c1507c6f08917b4e5d2a70b19ee4._comment b/doc/forum/How_can_File.mode_be_used_in_config.hs___63__/comment_1_c176c1507c6f08917b4e5d2a70b19ee4._comment
new file mode 100644
index 00000000..da031715
--- /dev/null
+++ b/doc/forum/How_can_File.mode_be_used_in_config.hs___63__/comment_1_c176c1507c6f08917b4e5d2a70b19ee4._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2019-04-01T15:49:26Z"
+ content="""
+Yes, you'll need to add a dependency on `unix` to get access to that.
+
+This does seem like an oversight, so I made Propellor.Utilities re-export
+it. But, I think I'd personally choose the dependency on `unix` instead
+of relying on that module, which does not guarantee any API stability.
+"""]]
diff --git a/doc/forum/Support_writing_as_owner__63__.mdwn b/doc/forum/Support_writing_as_owner__63__.mdwn
new file mode 100644
index 00000000..289536ce
--- /dev/null
+++ b/doc/forum/Support_writing_as_owner__63__.mdwn
@@ -0,0 +1 @@
+I have one propellor managed system where the home directory is NFS mounted, with `root_squash` enabled. This means that Ssh.authorizedKey fails with permission problems. On the other hand, root can su to the user in question. It seems like it might be possible for propellor (maybe even desirable?) to write files as the owner, rather than using chown.
diff --git a/doc/forum/Support_writing_as_owner__63__/comment_1_794b11f84e0dcb29eba36bdfe1220191._comment b/doc/forum/Support_writing_as_owner__63__/comment_1_794b11f84e0dcb29eba36bdfe1220191._comment
new file mode 100644
index 00000000..8edcefaa
--- /dev/null
+++ b/doc/forum/Support_writing_as_owner__63__/comment_1_794b11f84e0dcb29eba36bdfe1220191._comment
@@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2019-03-17T15:13:20Z"
+ content="""
+If propellor could fork and then setuid, that would allow this. But..
+
+* forking is problimatic in haskell since the RTS state gets shared
+ and bad things happen
+* the result of the setuid action would need to be communicated back to the
+ main process somehow
+
+The other way would be to re-exec propellor as the user
+with a parameter that somehow tells it what action to run. But I don't know
+a general way to do that, without some way to name the property.
+(A problem which has also complicated some other parts of propellor eg
+running inside chroots.)
+"""]]
diff --git a/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn
new file mode 100644
index 00000000..9b684ca3
--- /dev/null
+++ b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__.mdwn
@@ -0,0 +1,23 @@
+Hello Joey
+
+I try to use
+
+ Ssh.authorizedKey (User "com-sixs") sshKeyPubComSixs
+
+on a system where the account are available in a ldap.
+On this system the group is different from the user name
+name -> grp-name
+
+So I end up with this error message
+
+ chown: invalid group: ‘com-sixs:com-sixs’
+ sixs3.exp.synchrotron-soleil.fr com-sixs has authorized_keys ... failed
+
+so my questions are.
+
+- Is it mandatory to have a user and the identical group on a unix system ?
+- Can we add a Group parameter to the authorizedKey property ?
+
+thanks for your help
+
+Fred
diff --git a/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment
new file mode 100644
index 00000000..2014af74
--- /dev/null
+++ b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_1_609a113d809294c792d406ba72b0a1f2._comment
@@ -0,0 +1,36 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2019-02-13T11:33:20Z"
+ content="""
+something like this
+
+ -- | Ensures that a user's authorized_keys contains a line.
+ -- Any other lines in the file are preserved as-is.
+ authorizedKey' :: User -> Group -> String -> RevertableProperty UnixLike UnixLike
+ authorizedKey' user@(User u) grp l = add <!> remove
+ where
+ add = property' (u ++ \" has authorized_keys\") $ \w -> do
+ f <- liftIO $ dotFile \"authorized_keys\" user
+ ensureProperty w $ modAuthorizedKey' f user grp $
+ f `File.containsLine` l
+ `requires` File.dirExists (takeDirectory f)
+ remove = property' (u ++ \" lacks authorized_keys\") $ \w -> do
+ f <- liftIO $ dotFile \"authorized_keys\" user
+ ifM (liftIO $ doesFileExist f)
+ ( ensureProperty w $ modAuthorizedKey' f user grp $
+ f `File.lacksLine` l
+ , return NoChange
+ )
+
+ modAuthorizedKey' :: FilePath -> User -> Group -> Property UnixLike -> Property UnixLike
+ modAuthorizedKey' f user grp p = p
+ `before` File.mode f (combineModes [ownerWriteMode, ownerReadMode])
+ `before` File.ownerGroup f user grp
+ `before` File.ownerGroup (takeDirectory f) user grp
+
+then it is trivial to rewrite the previous properties :)
+
+but I do no know if this is the right path to follow.
+"""]]
diff --git a/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_2_c4453a2fe31d52ce0c5e6e615f1b18b2._comment b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_2_c4453a2fe31d52ce0c5e6e615f1b18b2._comment
new file mode 100644
index 00000000..1442b72a
--- /dev/null
+++ b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_2_c4453a2fe31d52ce0c5e6e615f1b18b2._comment
@@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2019-02-13T21:48:30Z"
+ content="""
+Make that into a git patch and I will merge it.
+
+However.. If you `git grep userGroup` you will find all the other places
+that propellor assumes a user-group system. Seems it would be worth fixing
+those too, especially the other ones in Ssh.
+
+Seems like another approach to it could be to make
+`userGroup`'s behavior configurable based on another Property
+of the Host that sets Info containing say, a function from `User -> Group`.
+Looks to me that would be doable, if a little bit annoying since userGroup
+would need to change from a pure function to a Propellor action in order to
+use `askInfo`.
+"""]]
diff --git a/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_3_e83459b7775832e3885999eb28dca045._comment b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_3_e83459b7775832e3885999eb28dca045._comment
new file mode 100644
index 00000000..3a6837aa
--- /dev/null
+++ b/doc/forum/chown:_invalid_group:___8216__com-sixs:com-sixs__8217__/comment_3_e83459b7775832e3885999eb28dca045._comment
@@ -0,0 +1,21 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2019-02-17T18:07:39Z"
+ content="""
+Thinking more about a hypothetical property like
+`userGroupFunction (\User u -> Group (u ++ "-group"))`
+the idea seems problimatic because all the properties that install a
+package with a dedicated user and group would seem to need to be changed
+to support putting the user in the group configured by the property.
+
+I suppose it could be documented to be limited to non-system users and
+groups, so only User.accountFor would need to support when making users and
+groups, and Ssh.userKeyAt etc would use it to tell what group to use for a
+non-system user.
+
+Although, is Ssh.userKeyAt etc really limited to being
+used with non-system users? Perhaps User should have an additional
+SystemUser constructor to encode the distinction. Or perhaps this idea of
+mine is going in the wrong direction.
+"""]]
diff --git a/doc/forum/need_help_to_write_a_property_of_a_generic_kind.mdwn b/doc/forum/need_help_to_write_a_property_of_a_generic_kind.mdwn
new file mode 100644
index 00000000..bdbee67e
--- /dev/null
+++ b/doc/forum/need_help_to_write_a_property_of_a_generic_kind.mdwn
@@ -0,0 +1,69 @@
+Hello,
+
+I have written a property to create a Mysql user which take the password from
+privdata. Now, I need to generate many passwords for several PHP sites, so I
+wrote a function to generate password using a hash of a secret salt and
+information from the context (site name). This password will be written in a
+.php file to configure the application.
+
+I added a function `Mysql.userGrantedOnDatabaseWithPassword`, so that I can give
+it the computed password and use a common function to return the property.
+The problem is that when using privdata, the common function should return a:
+
+ ReversibleProperty (HasInfo + DebianLike) UnixLike
+
+And when not using privdata, it should return a:
+
+ ReversibleProperty DebianLike UnixLike
+
+The function takes a parameter to handle the password retrieval (`i` is `(HasInfo
++ DebianLike)` or `DebianLike`):
+
+ ((((String -> Propellor Result) -> Propellor Result) -> Property i) -> Property i)
+
+This is a type similar to `withPrivData`, but adapted to give just the
+password:
+
+ -- | Common code to get password from private data.
+ withPasswordFromPrivData
+ :: IsContext c
+ => User
+ -> c
+ -> ((((String -> Propellor Result) -> Propellor Result)
+ -> Property (HasInfo + UnixLike))
+ -> Property (HasInfo + UnixLike))
+ withPasswordFromPrivData (User username) context = \mkprop ->
+ withPrivData (Password username) context
+ $ \getdata -> mkprop
+ $ \a -> getdata $ \priv -> a $ privDataVal priv
+
+ -- | Common code to pass password from parameter.
+ withPasswordFromParameter
+ :: String
+ -> ((((String -> Propellor Result) -> Propellor Result)
+ -> Property UnixLike) -> Property UnixLike)
+ withPasswordFromParameter password = \mkprop ->
+ mkprop $ \a -> a password
+
+I do not find a way to write the type of my function with the common code, the
+current best is:
+
+ userGrantedProp
+ :: Combines (Property i) (Property UnixLike)
+ => User
+ -> [Privilege]
+ -> ((((String -> Propellor Result) -> Propellor Result)
+ -> Property i) -> Property i)
+ -> String
+ -> (String -> String -> String -> String)
+ -> (String -> String -> String -> String)
+ -> RevertableProperty (CombinedType (Property i) (Property UnixLike)) UnixLike
+ userGrantedProp (User username) privs withPassword setupDesc setupSql userGrants =
+
+But it still does not compile.
+
+The full code is available on my `mysql-wip` branch on
+`http://git.ni.fr.eu.org/nicolas/propellor.git`, I would be glad if you can have
+a look, pure haskell fun guaranteed :-).
+
+Thanks.
diff --git a/doc/forum/need_help_to_write_a_property_of_a_generic_kind/comment_1_9de1b00ba845174d2e8df191578cde3c._comment b/doc/forum/need_help_to_write_a_property_of_a_generic_kind/comment_1_9de1b00ba845174d2e8df191578cde3c._comment
new file mode 100644
index 00000000..283d6864
--- /dev/null
+++ b/doc/forum/need_help_to_write_a_property_of_a_generic_kind/comment_1_9de1b00ba845174d2e8df191578cde3c._comment
@@ -0,0 +1,67 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2019-04-01T15:54:33Z"
+ content="""
+Building that, the first error message is this:
+
+ Expected type: RevertableProperty (HasInfo + DebianLike) UnixLike
+ Actual type: RevertableProperty
+ (CombinedType
+ (Property
+ (Propellor.Types.MetaTypes.MetaTypes
+ '['Propellor.Types.MetaTypes.WithInfo,
+ 'Propellor.Types.MetaTypes.Targeting 'OSDebian,
+ 'Propellor.Types.MetaTypes.Targeting 'OSBuntish,
+ 'Propellor.Types.MetaTypes.Targeting 'OSArchLinux,
+ 'Propellor.Types.MetaTypes.Targeting 'OSFreeBSD]))
+ (Property UnixLike))
+ UnixLike
+
+It's really complaining
+that it expected HasInfo + DebianLike and got HasInfo + UnixLike; ie your
+property seems to also support ArchLinux and FreeBSD. (Whether it really
+does, I don't know.)
+
+There seem to be several similar errors in the supported OS's, which don't
+help with focusing on the other errors..
+
+I have not found a solution to all of those, but part of the problem
+is that, inside a where clause a type annotation with a type variable
+such as `i` is not understood to refer to the same variable in the
+outer type annotation. There's some ghc extension that enables that,
+but I can never remember its name.
+
+After removing those inner type annotations, the remaining type error
+was with userGrantedProp.. So I removed its type annotation as well
+and let ghc infer its type. (Had to enable LANGUAGE TypeFamilies for it
+to be able to.) Here's what ghc thinks it is:
+
+ Top-level binding with no type signature:
+ userGrantedProp :: (Propellor.Types.Singletons.SingI outer,
+ Propellor.Types.MetaTypes.NotSuperset
+ '['Propellor.Types.MetaTypes.Targeting 'OSDebian,
+ 'Propellor.Types.MetaTypes.Targeting 'OSBuntish,
+ 'Propellor.Types.MetaTypes.Targeting 'OSArchLinux,
+ 'Propellor.Types.MetaTypes.Targeting 'OSFreeBSD]
+ (Propellor.Types.MetaTypes.Targets outer)
+ ~ 'Propellor.Types.MetaTypes.CanCombine) =>
+ User
+ -> [Privilege]
+ -> ((((String -> Propellor Result) -> Propellor Result)
+ -> Property (Propellor.Types.MetaTypes.MetaTypes outer))
+ -> Property setupmetatypes)
+ -> Desc
+ -> ([Char] -> String -> [Char] -> [Char])
+ -> ([Char] -> String -> [Char] -> String)
+ -> RevertableProperty setupmetatypes UnixLike
+
+That's not very human friendly a way to write its type, but it gives some
+good direction. Note in particular that the type of withPassword seems to
+involve two different types of Property, not the single `Property i` that
+your original type uses in both places.
+
+I have a feeling though that there may be a bug in the code around withPassword
+that is leading to this type and that the type error is not really the root
+problem.
+"""]]
diff --git a/doc/forum/noisy_imageBuilt.mdwn b/doc/forum/noisy_imageBuilt.mdwn
new file mode 100644
index 00000000..99a275b7
--- /dev/null
+++ b/doc/forum/noisy_imageBuilt.mdwn
@@ -0,0 +1,7 @@
+There is a bunch of output at the last stage of imageBuilt, which ends with
+
+> 5,548,912 0% 22.61MB/s 0:00:00 (xfr#3, to-chk=0/24715)
+> loop deleted : /dev/loop0
+
+This is fine interactively, but when a propellor job fails and I get email, it includes roughly 2500 similar lines, which is not so great.
+It would be nice if it could detect being interactive, or maybe just be quiet all the time.
diff --git a/doc/forum/noisy_imageBuilt/comment_1_a6384f47cc8abffa9cf26bf4bf7215a7._comment b/doc/forum/noisy_imageBuilt/comment_1_a6384f47cc8abffa9cf26bf4bf7215a7._comment
new file mode 100644
index 00000000..5dc1f762
--- /dev/null
+++ b/doc/forum/noisy_imageBuilt/comment_1_a6384f47cc8abffa9cf26bf4bf7215a7._comment
@@ -0,0 +1,24 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2019-03-06T19:01:17Z"
+ content="""
+This output comes from Propellor.Property.Rsync.rsync because it runs
+`rsync --info=progress2`.
+
+I suppose it could check if stdout is going to a tty and only enable
+it then.
+
+However, I do have some code I wrote once that uses propellor to build a live
+disk image that runs propellor to partition and then used the rsync property to
+copy the live image to disk (followed by applying more properties to it to
+configure the system it installed). And that code caught the rsync progress
+output and used it to display some kind of graphical progress bar.
+That kind of thing would be broken by such a change.
+(That's in my secret-project repository.)
+
+I don't know of anyone using such a thing in production, so I think it would be
+ok to just have a `PROPELLOR_VERBOSEPROGRESS=1` that such code could use to
+enable verbose progress from rsync etc, and otherwise disable it when stdout is
+not a tty.
+"""]]
diff --git a/doc/todo/Debootstrap.built_should_install_the_relevant_archive_keyring_package.mdwn b/doc/todo/Debootstrap.built_should_install_the_relevant_archive_keyring_package.mdwn
new file mode 100644
index 00000000..23fa65ef
--- /dev/null
+++ b/doc/todo/Debootstrap.built_should_install_the_relevant_archive_keyring_package.mdwn
@@ -0,0 +1,5 @@
+Attempting to build a Buntish chroot using Debootstrap.built on a Debian host fails until the user installs the ubuntu-archive-keyring package.
+
+Debootstrap.built should ensure that the relevant *-archive-keyring package is installed before invoking debootstrap(1).
+
+--spwhitton
diff --git a/doc/todo/Sbuild_support_for_Buntish.mdwn b/doc/todo/Sbuild_support_for_Buntish.mdwn
new file mode 100644
index 00000000..43a5d2d1
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish.mdwn
@@ -0,0 +1,4 @@
+Property.Sbuild claims to support Buntish Oses, but for me it fails in Apt.stdSourcesList, because that function currently (5.6.1) only supports
+Debian. I suppose the right solution is to extend Apt.stdSourcesList, but maybe Property.Sbuild should do it's own thing?
+
+> Patch applied (and it is an API change) [[done]] --[[Joey]]
diff --git a/doc/todo/Sbuild_support_for_Buntish/comment_1_1b75bf6efd01918f0a4db958ba8afe2b._comment b/doc/todo/Sbuild_support_for_Buntish/comment_1_1b75bf6efd01918f0a4db958ba8afe2b._comment
new file mode 100644
index 00000000..241e62e4
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish/comment_1_1b75bf6efd01918f0a4db958ba8afe2b._comment
@@ -0,0 +1,14 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2019-03-06T19:35:16Z"
+ content="""
+In a way the problem is that schrootProps uses toChildProperty,
+which bypasses Propellor's type-level OS system.
+
+I think it may be possible to move the use of Apt.stdSourcesList
+out of Sbuild.built', and have the user pass those properties into it,
+along with the OS property and their other desired properties,
+and let propellor type check that the properties passed to it all work
+together.
+"""]]
diff --git a/doc/todo/Sbuild_support_for_Buntish/comment_2_9bd0cc2462c12d1746b7dbf2496ebfee._comment b/doc/todo/Sbuild_support_for_Buntish/comment_2_9bd0cc2462c12d1746b7dbf2496ebfee._comment
new file mode 100644
index 00000000..809daba1
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish/comment_2_9bd0cc2462c12d1746b7dbf2496ebfee._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="comment 2"
+ date="2019-03-06T21:39:13Z"
+ content="""
+When implementing the Sbuild module we discussed the use of toChildProps and concluded that it was inevitable.
+
+However, if requiring the user to pass things around a bit more is the price for making the Sbuild module work for other OSs, we had better do it.
+"""]]
diff --git a/doc/todo/Sbuild_support_for_Buntish/comment_3_81d771c54f1baac80a2ac93e4534d7a9._comment b/doc/todo/Sbuild_support_for_Buntish/comment_3_81d771c54f1baac80a2ac93e4534d7a9._comment
new file mode 100644
index 00000000..435af1a2
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish/comment_3_81d771c54f1baac80a2ac93e4534d7a9._comment
@@ -0,0 +1,64 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2019-03-06T22:11:45Z"
+ content="""
+Something like this (only tested it compiles):
+
+ diff --git a/src/Propellor/Property/Sbuild.hs b/src/Propellor/Property/Sbuild.hs
+ index 8cc2e3bec..25d5f6236 100644
+ --- a/src/Propellor/Property/Sbuild.hs
+ +++ b/src/Propellor/Property/Sbuild.hs
+ @@ -29,6 +29,7 @@ Suggested usage in @config.hs@:
+ > where
+ > sidSchrootBuilt = Sbuild.built Sbuild.UseCcache $ props
+ > & osDebian Unstable X86_32
+ +> & Sbuild.standard
+ > & Sbuild.update `period` Weekly (Just 1)
+ > & Sbuild.useHostProxy mybox
+
+ @@ -64,6 +65,7 @@ module Propellor.Property.Sbuild (
+ built,
+ -- * Properties for use inside sbuild schroots
+ update,
+ + standard,
+ useHostProxy,
+ -- * Global sbuild configuration
+ -- blockNetwork,
+ @@ -126,7 +128,7 @@ built'
+ -> String
+ -> String
+ -> RevertableProperty (HasInfo + DebianLike) Linux
+ -built' cc (Props ps) suite arch = provisioned <!> deleted
+ +built' cc ps suite arch = provisioned <!> deleted
+ where
+ provisioned :: Property (HasInfo + DebianLike)
+ provisioned = combineProperties desc $ props
+ @@ -220,10 +222,7 @@ built' cc (Props ps) suite arch = provisioned <!> deleted
+
+ -- the schroot itself
+ schroot = Chroot.debootstrapped Debootstrap.BuilddD
+ - schrootRoot (Props schrootProps)
+ - schrootProps =
+ - ps ++ [toChildProperty Apt.stdSourcesList
+ - , toChildProperty $ Apt.installed ["eatmydata", "ccache"]]
+ + schrootRoot ps
+
+ -- static values
+ suiteArch = suite ++ "-" ++ arch
+ @@ -251,6 +250,14 @@ built' cc (Props ps) suite arch = provisioned <!> deleted
+ where
+ base = ["eatmydata"]
+
+ +-- | Some properties that will be wanted in most any Debian schroot.
+ +--
+ +-- Compiler caching, eatmydata, and standard apt sources.
+ +standard :: Property Debian
+ +standard = propertyList "standard sbuild properties" $ props
+ + & Apt.stdSourcesList
+ + & Apt.installed ["eatmydata", "ccache"]
+ +
+ -- | Ensure that an sbuild schroot's packages and apt indexes are updated
+ --
+ -- This replaces use of sbuild-update(1).
+"""]]
diff --git a/doc/todo/Sbuild_support_for_Buntish/comment_4_c9f3103d192017a3291b82969dfd34f6._comment b/doc/todo/Sbuild_support_for_Buntish/comment_4_c9f3103d192017a3291b82969dfd34f6._comment
new file mode 100644
index 00000000..10d12d46
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish/comment_4_c9f3103d192017a3291b82969dfd34f6._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="Works on my machine ;)"
+ date="2019-03-16T00:19:05Z"
+ content="""
+I had to hand apply most of Joey's patch for reasons that escape me, but it seems to work OK. I just built an ubuntu chroot and used sbuild to build a package in it. I did have to copy part of the definition of standard into my own setup code (the installation of \"eatmydata\" and \"ccache\"). So maybe there is something that could be made smoother there.
+
+"""]]
diff --git a/doc/todo/Sbuild_support_for_Buntish/comment_5_e976f396ed6e0aa596fed5c7777e08a0._comment b/doc/todo/Sbuild_support_for_Buntish/comment_5_e976f396ed6e0aa596fed5c7777e08a0._comment
new file mode 100644
index 00000000..876ef434
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish/comment_5_e976f396ed6e0aa596fed5c7777e08a0._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="comment 5"
+ date="2019-03-18T01:35:38Z"
+ content="""
+`Sbuild.builtFor` assumes that ccache and eatmydata are installed, so I think that those need to be moved out of `Sbuild.standard` and back where they were.
+
+David, have you tested that Debian schroots still work with Joey's patch?
+"""]]
diff --git a/doc/todo/Sbuild_support_for_Buntish/comment_6_8727a5eba0ae8daddba8a023dc845837._comment b/doc/todo/Sbuild_support_for_Buntish/comment_6_8727a5eba0ae8daddba8a023dc845837._comment
new file mode 100644
index 00000000..0c3449c7
--- /dev/null
+++ b/doc/todo/Sbuild_support_for_Buntish/comment_6_8727a5eba0ae8daddba8a023dc845837._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="patch submitted"
+ date="2019-03-29T23:29:22Z"
+ content="""
+I've e-mailed a tested patch to Joey, CCing David.
+"""]]
diff --git a/doc/todo/serialize_actions_via_free_applicative.mdwn b/doc/todo/serialize_actions_via_free_applicative.mdwn
new file mode 100644
index 00000000..8659e76e
--- /dev/null
+++ b/doc/todo/serialize_actions_via_free_applicative.mdwn
@@ -0,0 +1,34 @@
+A persistent problem with propellor is that Propellor actions cannot be
+compared for equality or serialized.
+
+This prevents eg, propellor outside a chroot from passing a Property to run
+to the propellor running inside the chroot. (Because Property contains
+a Propellor action.) A workaround is used, that gives the
+Property a name at compile time.
+
+Another problem is that Propellor actions currently run whatever IO they
+perform, and can't be examined in a no-op mode.
+
+If Propellor actions were somehow represented as an AST, all these problems
+would be eliminated; they could be serialized, compared, examined, and run
+in modes that don't really run them.
+
+(This might also allow the local propellor to ship the AST off to the
+remote propellor to run, without the remote propellor needing to be
+rebuilt, if they share the same version of the AST.)
+
+Unfortunately, a free Monad can't be serialized, it's an AST but an AST
+embedding haskell functions. However, a free Applicative can apparently be
+serialized.
+
+See <https://www.cs.ox.ac.uk/jeremy.gibbons/publications/delivery.pdf>
+and <https://www.reddit.com/r/haskell/comments/7rlgu2/serialize_a_program_written_in_a_free_monad/>
+
+Question is, would an Applicative building an AST be sufficient for
+everything that a Propellor action needs to do?
+
+This needs some investigation of the kind of IO that Propellor actions do.
+Much of it, I suspect is not very monadic, in that it mostly does some IO
+and returns a Result, rather than building up complex IO sequences based on
+previous inputs. --[[Joey]]
+
diff --git a/doc/todo/unpropelling_a_host/comment_2_fb572083e8f8bccef037d43a4f7487c2._comment b/doc/todo/unpropelling_a_host/comment_2_fb572083e8f8bccef037d43a4f7487c2._comment
new file mode 100644
index 00000000..728e3fae
--- /dev/null
+++ b/doc/todo/unpropelling_a_host/comment_2_fb572083e8f8bccef037d43a4f7487c2._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="Patch series submitted"
+ date="2019-04-01T17:21:40Z"
+ content="""
+I've just mailed patches addressing this to Joey.
+"""]]
diff --git a/joeyconfig.hs b/joeyconfig.hs
index 0a92d3f2..5ff9bdf4 100644
--- a/joeyconfig.hs
+++ b/joeyconfig.hs
@@ -71,6 +71,7 @@ darkstar = host "darkstar.kitenet.net" $ props
& Laptop.trimSSD
& Grub.cmdline_Linux_default "i915.enable_psr=1"
! Grub.cmdline_Linux_default "quiet"
+ & User.hasGroup (Use "joey") (Group "dialout")
& JoeySites.dkimMilter
& JoeySites.postfixSaslPasswordClient
diff --git a/privdata/relocate b/privdata/relocate
deleted file mode 100644
index 271692d8..00000000
--- a/privdata/relocate
+++ /dev/null
@@ -1 +0,0 @@
-.joeyconfig
diff --git a/propellor.cabal b/propellor.cabal
index eb36728e..e1179b19 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -104,6 +104,7 @@ Library
Propellor.Property.Libvirt
Propellor.Property.List
Propellor.Property.LightDM
+ Propellor.Property.Localdir
Propellor.Property.Locale
Propellor.Property.Logcheck
Propellor.Property.Lvm
@@ -120,7 +121,6 @@ Library
Propellor.Property.Parted.Types
Propellor.Property.Partition
Propellor.Property.Postfix
- Propellor.Property.PropellorRepo
Propellor.Property.Prosody
Propellor.Property.Qemu
Propellor.Property.Reboot
diff --git a/src/Propellor/Git/VerifiedBranch.hs b/src/Propellor/Git/VerifiedBranch.hs
index 61f5baa0..408e0200 100644
--- a/src/Propellor/Git/VerifiedBranch.hs
+++ b/src/Propellor/Git/VerifiedBranch.hs
@@ -3,7 +3,6 @@ module Propellor.Git.VerifiedBranch where
import Propellor.Base
import Propellor.Git
import Propellor.PrivData.Paths
-import Utility.FileMode
{- To verify origin branch commit's signature, have to convince gpg
- to use our keyring while running git verify-tag.
diff --git a/src/Propellor/Property/Bootstrap.hs b/src/Propellor/Property/Bootstrap.hs
index 25a6af33..6bbb4512 100644
--- a/src/Propellor/Property/Bootstrap.hs
+++ b/src/Propellor/Property/Bootstrap.hs
@@ -15,7 +15,6 @@ import Propellor.Bootstrap
import Propellor.Types.Info
import Propellor.Property.Chroot
import Propellor.PrivData.Paths
-import Utility.FileMode
import Data.List
import qualified Data.ByteString as B
diff --git a/src/Propellor/Property/Ccache.hs b/src/Propellor/Property/Ccache.hs
index ea729b7c..fad3a28f 100644
--- a/src/Propellor/Property/Ccache.hs
+++ b/src/Propellor/Property/Ccache.hs
@@ -11,7 +11,6 @@ import Propellor.Base
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
-import Utility.FileMode
import Utility.DataUnits
import System.Posix.Files
import qualified Data.Semigroup as Sem
diff --git a/src/Propellor/Property/Cron.hs b/src/Propellor/Property/Cron.hs
index b9fb10e0..0271b0b3 100644
--- a/src/Propellor/Property/Cron.hs
+++ b/src/Propellor/Property/Cron.hs
@@ -4,7 +4,6 @@ import Propellor.Base
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
import Propellor.Bootstrap
-import Utility.FileMode
import Data.Char
diff --git a/src/Propellor/Property/Debootstrap.hs b/src/Propellor/Property/Debootstrap.hs
index 923229be..6336e775 100644
--- a/src/Propellor/Property/Debootstrap.hs
+++ b/src/Propellor/Property/Debootstrap.hs
@@ -15,7 +15,6 @@ import qualified Propellor.Property.Apt as Apt
import Propellor.Property.Chroot.Util
import Propellor.Property.Qemu
import Utility.Path
-import Utility.FileMode
import Data.List
import Data.Char
diff --git a/src/Propellor/Property/DiskImage.hs b/src/Propellor/Property/DiskImage.hs
index 29bc2d1c..b7651b98 100644
--- a/src/Propellor/Property/DiskImage.hs
+++ b/src/Propellor/Property/DiskImage.hs
@@ -42,7 +42,6 @@ import Propellor.Types.Info
import Propellor.Types.Bootloader
import Propellor.Container
import Utility.Path
-import Utility.FileMode
import Utility.DataUnits
import Data.List (isPrefixOf, isInfixOf, sortBy, unzip4)
diff --git a/src/Propellor/Property/File.hs b/src/Propellor/Property/File.hs
index 3188879e..e6d657f9 100644
--- a/src/Propellor/Property/File.hs
+++ b/src/Propellor/Property/File.hs
@@ -3,7 +3,6 @@
module Propellor.Property.File where
import Propellor.Base
-import Utility.FileMode
import qualified Data.ByteString.Lazy as L
import Data.List (isInfixOf, isPrefixOf)
diff --git a/src/Propellor/Property/HostingProvider/Linode.hs b/src/Propellor/Property/HostingProvider/Linode.hs
index ebe8d261..fc5d1a0c 100644
--- a/src/Propellor/Property/HostingProvider/Linode.hs
+++ b/src/Propellor/Property/HostingProvider/Linode.hs
@@ -3,7 +3,6 @@ module Propellor.Property.HostingProvider.Linode where
import Propellor.Base
import qualified Propellor.Property.Grub as Grub
import qualified Propellor.Property.File as File
-import Utility.FileMode
-- | Configures grub to use the serial console as set up by Linode.
-- Useful when running a distribution supplied kernel.
diff --git a/src/Propellor/Property/Localdir.hs b/src/Propellor/Property/Localdir.hs
new file mode 100644
index 00000000..018a054b
--- /dev/null
+++ b/src/Propellor/Property/Localdir.hs
@@ -0,0 +1,61 @@
+{-# LANGUAGE DeriveDataTypeable #-}
+
+-- | Properties to manipulate propellor's @/usr/local/propellor@ on spun hosts
+
+module Propellor.Property.Localdir where
+
+import Propellor.Base
+import Propellor.Git.Config
+import Propellor.Types.Info
+import Propellor.Property.Chroot (inChroot)
+import Propellor.Property.Mount (partialBindMountsOf, umountLazy)
+
+-- | Sets the url to use as the origin of propellor's git repository.
+--
+-- By default, the url is taken from the deploy or origin remote of
+-- the repository that propellor --spin is run in. Setting this property
+-- overrides that default behavior with a different url.
+--
+-- When hosts are being updated without using -- --spin, eg when using
+-- the `Propellor.Property.Cron.runPropellor` cron job, this property can
+-- be set to redirect them to a new git repository url.
+hasOriginUrl :: String -> Property (HasInfo + UnixLike)
+hasOriginUrl u = setInfoProperty p (toInfo (InfoVal (OriginUrl u)))
+ where
+ p :: Property UnixLike
+ p = property ("propellor repo url " ++ u) $ do
+ curru <- liftIO getRepoUrl
+ if curru == Just u
+ then return NoChange
+ else makeChange $ setRepoUrl u
+
+newtype OriginUrl = OriginUrl String
+ deriving (Show, Typeable)
+
+-- | Removes the @/usr/local/propellor@ directory used to spin the host, after
+-- ensuring other properties. Without this property, that directory is left
+-- behind after the spin.
+--
+-- Does not perform other clean up, such as removing Haskell libraries that were
+-- installed in order to build propellor, or removing cronjobs such as created
+-- by 'Propellor.Property.Cron.runPropellor'.
+removed :: Property UnixLike
+removed = check (doesDirectoryExist localdir) $
+ property "propellor's /usr/local dir to be removed" $ do
+ endAction "removing /usr/local/propellor" atend
+ return NoChange
+ where
+ atend _ = do
+ ifM inChroot
+ -- In a chroot, all we have to do is unmount localdir,
+ -- and then delete it
+ ( liftIO $ umountLazy localdir
+ -- Outside of a chroot, if we don't unmount any bind
+ -- mounts of localdir before deleting it, another run of
+ -- propellor will have problems reestablishing those
+ -- bind mounts in order to spin chroots
+ , liftIO $ partialBindMountsOf localdir
+ >>= mapM_ umountLazy
+ )
+ liftIO $ removeDirectoryRecursive localdir
+ return NoChange
diff --git a/src/Propellor/Property/Mount.hs b/src/Propellor/Property/Mount.hs
index 53129f50..03c4f04d 100644
--- a/src/Propellor/Property/Mount.hs
+++ b/src/Propellor/Property/Mount.hs
@@ -89,6 +89,20 @@ mountPointsBelow target = filter (\p -> simplifyPath p /= simplifyPath target)
. filter (dirContains target)
<$> mountPoints
+-- | Get mountpoints which are bind mounts of subdirectories of mounted
+-- filesystems
+--
+-- E.g. as created by @mount --bind /etc/foo /etc/bar@ where @/etc/foo@ is not
+-- itself a mount point, but just a subdirectory. These are sometimes known as
+-- "partial bind mounts"
+partialBindMountsOf :: FilePath -> IO [MountPoint]
+partialBindMountsOf sourceDir =
+ map (drop 2 . dropWhile (/= ']')) . filter getThem . lines
+ <$> readProcess "findmnt" ["-rn", "--output", "source,target"]
+ where
+ getThem l = bracketed `isSuffixOf` (takeWhile (/= ' ') l)
+ bracketed = "[" ++ sourceDir ++ "]"
+
-- | Filesystem type mounted at a given location.
getFsType :: MountPoint -> IO (Maybe FsType)
getFsType p = findmntField "fstype" [p]
diff --git a/src/Propellor/Property/Openssl.hs b/src/Propellor/Property/Openssl.hs
index a91b8195..0cb7c9c2 100644
--- a/src/Propellor/Property/Openssl.hs
+++ b/src/Propellor/Property/Openssl.hs
@@ -5,10 +5,8 @@ module Propellor.Property.Openssl where
import Propellor.Base
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.File as File
-import Utility.FileMode
import Utility.SafeCommand
-
installed :: Property DebianLike
installed = Apt.installed ["openssl"]
diff --git a/src/Propellor/Property/PropellorRepo.hs b/src/Propellor/Property/PropellorRepo.hs
deleted file mode 100644
index 825efdfd..00000000
--- a/src/Propellor/Property/PropellorRepo.hs
+++ /dev/null
@@ -1,29 +0,0 @@
-{-# LANGUAGE DeriveDataTypeable #-}
-
-module Propellor.Property.PropellorRepo where
-
-import Propellor.Base
-import Propellor.Git.Config
-import Propellor.Types.Info
-
--- | Sets the url to use as the origin of propellor's git repository.
---
--- By default, the url is taken from the deploy or origin remote of
--- the repository that propellor --spin is run in. Setting this property
--- overrides that default behavior with a different url.
---
--- When hosts are being updated without using -- --spin, eg when using
--- the `Propellor.Property.Cron.runPropellor` cron job, this property can
--- be set to redirect them to a new git repository url.
-hasOriginUrl :: String -> Property (HasInfo + UnixLike)
-hasOriginUrl u = setInfoProperty p (toInfo (InfoVal (OriginUrl u)))
- where
- p :: Property UnixLike
- p = property ("propellor repo url " ++ u) $ do
- curru <- liftIO getRepoUrl
- if curru == Just u
- then return NoChange
- else makeChange $ setRepoUrl u
-
-newtype OriginUrl = OriginUrl String
- deriving (Show, Typeable)
diff --git a/src/Propellor/Property/Sbuild.hs b/src/Propellor/Property/Sbuild.hs
index 8cc2e3be..3de82af3 100644
--- a/src/Propellor/Property/Sbuild.hs
+++ b/src/Propellor/Property/Sbuild.hs
@@ -29,6 +29,7 @@ Suggested usage in @config.hs@:
> where
> sidSchrootBuilt = Sbuild.built Sbuild.UseCcache $ props
> & osDebian Unstable X86_32
+> & Sbuild.osDebianStandard
> & Sbuild.update `period` Weekly (Just 1)
> & Sbuild.useHostProxy mybox
@@ -65,6 +66,7 @@ module Propellor.Property.Sbuild (
-- * Properties for use inside sbuild schroots
update,
useHostProxy,
+ osDebianStandard,
-- * Global sbuild configuration
-- blockNetwork,
keypairGenerated,
@@ -86,8 +88,8 @@ import qualified Propellor.Property.File as File
-- import qualified Propellor.Property.Firewall as Firewall
import qualified Propellor.Property.Schroot as Schroot
import qualified Propellor.Property.Reboot as Reboot
+import qualified Propellor.Property.Localdir as Localdir
import qualified Propellor.Property.User as User
-import Utility.FileMode
import Data.List
@@ -222,8 +224,11 @@ built' cc (Props ps) suite arch = provisioned <!> deleted
schroot = Chroot.debootstrapped Debootstrap.BuilddD
schrootRoot (Props schrootProps)
schrootProps =
- ps ++ [toChildProperty Apt.stdSourcesList
- , toChildProperty $ Apt.installed ["eatmydata", "ccache"]]
+ ps ++ [toChildProperty $ Apt.installed ["eatmydata", "ccache"]
+ -- Drop /usr/local/propellor since build chroots should be
+ -- clean. Note that propellor does not have to install its
+ -- build-deps into the chroot, so this is sufficient cleanup
+ , toChildProperty $ Localdir.removed]
-- static values
suiteArch = suite ++ "-" ++ arch
@@ -251,6 +256,12 @@ built' cc (Props ps) suite arch = provisioned <!> deleted
where
base = ["eatmydata"]
+-- | Properties that will be wanted in almost any Debian schroot, but not in
+-- schroots for other operating systems.
+osDebianStandard :: Property Debian
+osDebianStandard = propertyList "standard Debian sbuild properties" $ props
+ & Apt.stdSourcesList
+
-- | Ensure that an sbuild schroot's packages and apt indexes are updated
--
-- This replaces use of sbuild-update(1).
diff --git a/src/Propellor/Property/Schroot.hs b/src/Propellor/Property/Schroot.hs
index 2f399b7c..82afdc79 100644
--- a/src/Propellor/Property/Schroot.hs
+++ b/src/Propellor/Property/Schroot.hs
@@ -9,8 +9,6 @@ import Propellor.Types.Info
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
-import Utility.FileMode
-
data UseOverlays = UseOverlays deriving (Eq, Show, Typeable)
-- | Indicate that a schroots on a host should use @union-type=overlay@
diff --git a/src/Propellor/Property/Service.hs b/src/Propellor/Property/Service.hs
index 1c230ce0..396fbaf1 100644
--- a/src/Propellor/Property/Service.hs
+++ b/src/Propellor/Property/Service.hs
@@ -5,7 +5,6 @@ module Propellor.Property.Service where
import Propellor.Base
import Propellor.Types.Info
import qualified Propellor.Property.File as File
-import Utility.FileMode
type ServiceName = String
diff --git a/src/Propellor/Property/SiteSpecific/Branchable.hs b/src/Propellor/Property/SiteSpecific/Branchable.hs
index 3c4d44a1..79a5b45f 100644
--- a/src/Propellor/Property/SiteSpecific/Branchable.hs
+++ b/src/Propellor/Property/SiteSpecific/Branchable.hs
@@ -56,7 +56,7 @@ server hosts = propertyList "branchable server" $ props
]
[ Borg.KeepDays 7
, Borg.KeepWeeks 5
- , Borg.KeepMonths 12
+ , Borg.KeepMonths 3
, Borg.KeepYears 1
]
& Ssh.userKeys (User "root") (Context "branchable.com")
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index e3dbbabd..c5cfbc71 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -25,7 +25,6 @@ import qualified Propellor.Property.Network as Network
import qualified Propellor.Property.Fail2Ban as Fail2Ban
import qualified Propellor.Property.LetsEncrypt as LetsEncrypt
import qualified Propellor.Property.Mount as Mount
-import Utility.FileMode
import Utility.Split
import Data.List
diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs
index c23a121b..59698ec0 100644
--- a/src/Propellor/Property/Ssh.hs
+++ b/src/Propellor/Property/Ssh.hs
@@ -40,7 +40,6 @@ import qualified Propellor.Property.Service as Service
import qualified Propellor.Property.Apt as Apt
import Propellor.Property.User
import Propellor.Types.Info
-import Utility.FileMode
import System.PosixCompat
import qualified Data.Map as M
diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs
index 9c9f5914..9e9a1de1 100644
--- a/src/Propellor/Property/Systemd.hs
+++ b/src/Propellor/Property/Systemd.hs
@@ -55,7 +55,6 @@ import qualified Propellor.Property.Chroot as Chroot
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.File as File
import Propellor.Property.Systemd.Core
-import Utility.FileMode
import Utility.Split
import Data.List
diff --git a/src/Propellor/Property/Tor.hs b/src/Propellor/Property/Tor.hs
index 8794bc7f..426d4209 100644
--- a/src/Propellor/Property/Tor.hs
+++ b/src/Propellor/Property/Tor.hs
@@ -7,7 +7,6 @@ import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.Service as Service
import qualified Propellor.Property.ConfFile as ConfFile
-import Utility.FileMode
import Utility.DataUnits
import System.Posix.Files
diff --git a/src/Propellor/Shim.hs b/src/Propellor/Shim.hs
index b8ebdf46..2c5aaa5e 100644
--- a/src/Propellor/Shim.hs
+++ b/src/Propellor/Shim.hs
@@ -8,7 +8,6 @@ module Propellor.Shim (setup, cleanEnv, file) where
import Propellor.Base
import Utility.LinuxMkLibs
-import Utility.FileMode
import Data.List
import System.Posix.Files
diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs
index 4a945e82..7f479f10 100644
--- a/src/Propellor/Spin.hs
+++ b/src/Propellor/Spin.hs
@@ -29,9 +29,8 @@ import Propellor.Gpg
import Propellor.Bootstrap
import Propellor.Types.CmdLine
import Propellor.Types.Info
-import Propellor.Property.PropellorRepo (OriginUrl(..))
+import Propellor.Property.Localdir (OriginUrl(..))
import qualified Propellor.Shim as Shim
-import Utility.FileMode
import Utility.SafeCommand
import Utility.Process.NonConcurrent
diff --git a/src/Propellor/Utilities.hs b/src/Propellor/Utilities.hs
index 56e7f2fb..289f3206 100644
--- a/src/Propellor/Utilities.hs
+++ b/src/Propellor/Utilities.hs
@@ -19,6 +19,7 @@ module Propellor.Utilities (
, module Utility.Tmp.Dir
, module Utility.Monad
, module Utility.Misc
+ , module Utility.FileMode
) where
import Utility.PartialPrelude
@@ -33,3 +34,4 @@ import Utility.Tmp
import Utility.Tmp.Dir
import Utility.Monad
import Utility.Misc
+import Utility.FileMode