summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--config-joey.hs32
-rw-r--r--debian/changelog13
-rw-r--r--doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment4
-rw-r--r--propellor.cabal2
-rw-r--r--src/Propellor/Property.hs2
-rw-r--r--src/Propellor/Property/Chroot.hs2
-rw-r--r--src/Propellor/Property/Debootstrap.hs6
-rw-r--r--src/Propellor/Property/OS.hs4
-rw-r--r--src/Propellor/Property/Obnam.hs26
-rw-r--r--src/Propellor/Types/OS.hs2
10 files changed, 63 insertions, 30 deletions
diff --git a/config-joey.hs b/config-joey.hs
index 5c3d376b..e84eb360 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -261,23 +261,32 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
& Ssh.passwordAuthentication True
-- Since ssh password authentication is allowed:
& Fail2Ban.installed
+ & Apt.serviceInstalledRunning "ntp"
+ & "/etc/timezone" `File.hasContent` ["US/Eastern"]
+
& Obnam.backupEncrypted "/" (Cron.Times "33 1 * * *")
- [ "--repository=sftp://2318@usw-s002.rsync.net/~/kite.obnam"
+ [ "--repository=sftp://2318@usw-s002.rsync.net/~/kite-root.obnam"
, "--client-name=kitenet.net"
+ , "--exclude=/home"
, "--exclude=/var/cache"
, "--exclude=/var/tmp"
- , "--exclude=/home/joey/lib"
+ , "--exclude=/srv/git"
+ , "--exclude=/var/spool/oldusenet"
, "--exclude=.*/tmp/"
, "--one-file-system"
, Obnam.keepParam [Obnam.KeepDays 7, Obnam.KeepWeeks 4, Obnam.KeepMonths 6]
] Obnam.OnlyClient (Gpg.GpgKeyId "98147487")
- `requires` Ssh.userKeys (User "root")
- (Context "kite.kitenet.net")
- [ (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5Gza2sNqSKfNtUN4dN/Z3rlqw18nijmXFx6df2GtBoZbkIak73uQfDuZLP+AXlyfHocwdkdHEf/zrxgXS4EokQMGLZhJ37Pr3edrEn/NEnqroiffw7kyd7EqaziA6UOezcLTjWGv+Zqg9JhitYs4WWTpNzrPH3yQf1V9FunZnkzb4gJGndts13wGmPEwSuf+QHbgQvjMOMCJwWSNcJGdhDR66hFlxfG26xx50uIczXYAbgLfHp5W6WuR/lcaS9J6i7HAPwcsPDA04XDinrcpl29QwsMW1HyGS/4FSCgrDqNZ2jzP49Bka78iCLRqfl1efyYas/Zo1jQ0x+pxq2RMr root@kite")
- ]
+ `requires` rootsshkey
+ `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
+ & Obnam.backupEncrypted "/home" (Cron.Times "33 3 * * *")
+ [ "--repository=sftp://2318@usw-s002.rsync.net/~/kite-home.obnam"
+ , "--client-name=kitenet.net"
+ , "--exclude=/home/joey/lib"
+ , "--one-file-system"
+ , Obnam.keepParam [Obnam.KeepDays 7, Obnam.KeepWeeks 4, Obnam.KeepMonths 6]
+ ] Obnam.OnlyClient (Gpg.GpgKeyId "98147487")
+ `requires` rootsshkey
`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
- & Apt.serviceInstalledRunning "ntp"
- & "/etc/timezone" `File.hasContent` ["US/Eastern"]
& alias "smtp.kitenet.net"
& alias "imap.kitenet.net"
@@ -337,6 +346,11 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
& Apache.httpsVirtualHost "letsencrypt.joeyh.name" "/var/www/html"
(LetsEncrypt.AgreeTOS (Just "id@joeyh.name"))
& alias "letsencrypt.joeyh.name"
+ where
+ rootsshkey = Ssh.userKeys (User "root")
+ (Context "kite.kitenet.net")
+ [ (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5Gza2sNqSKfNtUN4dN/Z3rlqw18nijmXFx6df2GtBoZbkIak73uQfDuZLP+AXlyfHocwdkdHEf/zrxgXS4EokQMGLZhJ37Pr3edrEn/NEnqroiffw7kyd7EqaziA6UOezcLTjWGv+Zqg9JhitYs4WWTpNzrPH3yQf1V9FunZnkzb4gJGndts13wGmPEwSuf+QHbgQvjMOMCJwWSNcJGdhDR66hFlxfG26xx50uIczXYAbgLfHp5W6WuR/lcaS9J6i7HAPwcsPDA04XDinrcpl29QwsMW1HyGS/4FSCgrDqNZ2jzP49Bka78iCLRqfl1efyYas/Zo1jQ0x+pxq2RMr root@kite")
+ ]
elephant :: Host
elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
@@ -583,7 +597,7 @@ myDnsPrimary dnssec domain extras = (if dnssec then Dns.signedPrimary (Weekly No
monsters :: [Host] -- Systems I don't manage with propellor,
monsters = -- but do want to track their public keys etc.
[ host "usw-s002.rsync.net"
- & Ssh.hostPubKey SshEd25519 "ssh-ed25519 SHA256:DBW4gxagH9Q3Avnus+dxaoOS5L/Q/tZlT42bcoMp+4Y"
+ & Ssh.hostPubKey SshEd25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB7yTEBGfQYdwG/oeL+U9XPMIh/dW7XNs9T+M79YIOrd"
, host "github.com"
& Ssh.hostPubKey SshRsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="
, host "gitlab.com"
diff --git a/debian/changelog b/debian/changelog
index 729fe42d..cf74edaf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+propellor (2.16.0) UNRELEASED; urgency=medium
+
+ * Obnam: Only let one backup job run at a time when a host has multiple
+ different backup properties, to avoid concurrent jobs fighting over
+ scarce resources (particularly memory). Other jobs block on a lock
+ file.
+ * Removed references to *buntu from code and documentation because of
+ an unfortunate trademark use policy.
+ http://joeyh.name/blog/entry/trademark_nonsense/
+ * That included changing a data constructor to "FooBuntu", an API change.
+
+ -- Joey Hess <id@joeyh.name> Fri, 19 Feb 2016 11:29:53 -0400
+
propellor (2.15.4) unstable; urgency=medium
* Build /usr/src/propellor/propellor.git reproducibly,
diff --git a/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment b/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment
index 5c03304b..ed972c01 100644
--- a/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment
+++ b/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment
@@ -7,13 +7,13 @@ I have heard of propellor being used on OSX. Probably that user wrote their
own code for OSX specific stuff.
Propellor properites can be parameterized by OS. Currently it has support
-for Debian and some untested support for Ubuntu. A property can be parameterized
+for Debian and some untested support for *buntu. A property can be parameterized
like this:
foo :: Property
foo = property "foo" withOS desc $ \o -> case o of
(Just (System (Debian _) _)) -> ensureProperty fooDebian
- (Just (System (Ubuntu _) _)) -> ensureProperty fooUbuntu
+ (Just (System (FooBuntu _) _)) -> ensureProperty fooBuntu
The first step for adding a new OS will be to modify <http://hackage.haskell.org/package/propellor/docs/Propellor-Types-OS.html>.
Compilation will then warn about all OS parameterized properties that
diff --git a/propellor.cabal b/propellor.cabal
index 3e6c3c37..4d8e7f26 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
Name: propellor
-Version: 2.15.4
+Version: 2.16.0
Cabal-Version: >= 1.8
License: BSD3
Maintainer: Joey Hess <id@joeyh.name>
diff --git a/src/Propellor/Property.hs b/src/Propellor/Property.hs
index a83bffc4..eee1409c 100644
--- a/src/Propellor/Property.hs
+++ b/src/Propellor/Property.hs
@@ -255,7 +255,7 @@ isNewerThan x y = do
--
-- > myproperty = withOS "foo installed" $ \o -> case o of
-- > (Just (System (Debian suite) arch)) -> ...
--- > (Just (System (Ubuntu release) arch)) -> ...
+-- > (Just (System (FooBuntu release) arch)) -> ...
-- > Nothing -> ...
withOS :: Desc -> (Maybe System -> Propellor Result) -> Property NoInfo
withOS desc a = property desc $ a =<< getOS
diff --git a/src/Propellor/Property/Chroot.hs b/src/Propellor/Property/Chroot.hs
index cfa70e9f..44d7036d 100644
--- a/src/Propellor/Property/Chroot.hs
+++ b/src/Propellor/Property/Chroot.hs
@@ -90,7 +90,7 @@ data Debootstrapped = Debootstrapped Debootstrap.DebootstrapConfig
instance ChrootBootstrapper Debootstrapped where
buildchroot (Debootstrapped cf) system loc = case system of
(Just s@(System (Debian _) _)) -> Right $ debootstrap s
- (Just s@(System (Ubuntu _) _)) -> Right $ debootstrap s
+ (Just s@(System (FooBuntu _) _)) -> Right $ debootstrap s
Nothing -> Left "Cannot debootstrap; `os` property not specified"
where
debootstrap s = Debootstrap.built loc s cf
diff --git a/src/Propellor/Property/Debootstrap.hs b/src/Propellor/Property/Debootstrap.hs
index 61912b32..445c0629 100644
--- a/src/Propellor/Property/Debootstrap.hs
+++ b/src/Propellor/Property/Debootstrap.hs
@@ -91,7 +91,7 @@ built' installprop target system@(System _ arch) config =
extractSuite :: System -> Maybe String
extractSuite (System (Debian s) _) = Just $ Apt.showSuite s
-extractSuite (System (Ubuntu r) _) = Just r
+extractSuite (System (FooBuntu r) _) = Just r
-- | Ensures debootstrap is installed.
--
@@ -108,12 +108,12 @@ installed = install <!> remove
)
installon (Just (System (Debian _) _)) = aptinstall
- installon (Just (System (Ubuntu _) _)) = aptinstall
+ installon (Just (System (FooBuntu _) _)) = aptinstall
installon _ = sourceInstall
remove = withOS "debootstrap removed" $ ensureProperty . removefrom
removefrom (Just (System (Debian _) _)) = aptremove
- removefrom (Just (System (Ubuntu _) _)) = aptremove
+ removefrom (Just (System (FooBuntu _) _)) = aptremove
removefrom _ = sourceRemove
aptinstall = Apt.installed ["debootstrap"]
diff --git a/src/Propellor/Property/OS.hs b/src/Propellor/Property/OS.hs
index 1f22888c..403b1df3 100644
--- a/src/Propellor/Property/OS.hs
+++ b/src/Propellor/Property/OS.hs
@@ -85,8 +85,8 @@ cleanInstallOnce confirmation = check (not <$> doesFileExist flagfile) $
osbootstrapped = withOS (newOSDir ++ " bootstrapped") $ \o -> case o of
(Just d@(System (Debian _) _)) -> debootstrap d
- (Just u@(System (Ubuntu _) _)) -> debootstrap u
- _ -> error "os is not declared to be Debian or Ubuntu"
+ (Just u@(System (FooBuntu _) _)) -> debootstrap u
+ _ -> error "os is not declared to be Debian or *buntu"
debootstrap targetos = ensureProperty $
-- Ignore the os setting, and install debootstrap from
diff --git a/src/Propellor/Property/Obnam.hs b/src/Propellor/Property/Obnam.hs
index 92c97f18..666328ac 100644
--- a/src/Propellor/Property/Obnam.hs
+++ b/src/Propellor/Property/Obnam.hs
@@ -36,6 +36,10 @@ data NumClients = OnlyClient | MultipleClients
--
-- Note that this property does not make obnam encrypt the backup
-- repository.
+--
+-- Since obnam uses a fair amount of system resources, only one obnam
+-- backup job will be run at a time. Other jobs will wait their turns to
+-- run.
backup :: FilePath -> Cron.Times -> [ObnamParam] -> NumClients -> Property NoInfo
backup dir crontimes params numclients =
backup' dir crontimes params numclients
@@ -59,16 +63,18 @@ backup' dir crontimes params numclients = cronjob `describe` desc
where
desc = dir ++ " backed up by obnam"
cronjob = Cron.niceJob ("obnam_backup" ++ dir) crontimes (User "root") "/" $
- unwords $ catMaybes
- [ if numclients == OnlyClient
- -- forcelock fails if repo does not exist yet
- then Just $ forcelockcmd ++ " 2>/dev/null ;"
- else Nothing
- , Just backupcmd
- , if any isKeepParam params
- then Just $ "&& " ++ forgetcmd
- else Nothing
- ]
+ "flock " ++ shellEscape lockfile ++ " sh -c " ++ shellEscape cmdline
+ lockfile = "/var/lock/propellor-obnam.lock"
+ cmdline = unwords $ catMaybes
+ [ if numclients == OnlyClient
+ -- forcelock fails if repo does not exist yet
+ then Just $ forcelockcmd ++ " 2>/dev/null ;"
+ else Nothing
+ , Just backupcmd
+ , if any isKeepParam params
+ then Just $ "&& " ++ forgetcmd
+ else Nothing
+ ]
forcelockcmd = unwords $
[ "obnam"
, "force-lock"
diff --git a/src/Propellor/Types/OS.hs b/src/Propellor/Types/OS.hs
index 447d4396..6c2dd28e 100644
--- a/src/Propellor/Types/OS.hs
+++ b/src/Propellor/Types/OS.hs
@@ -24,7 +24,7 @@ data System = System Distribution Architecture
data Distribution
= Debian DebianSuite
- | Ubuntu Release
+ | FooBuntu Release -- ^ "*buntu" (The actual name of this distribution is not used in Propellor per <http://joeyh.name/blog/entry/trademark_nonsense/>)
deriving (Show, Eq)
-- | Debian has several rolling suites, and a number of stable releases,