summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
l---------config.hs2
-rw-r--r--debian/changelog19
-rw-r--r--doc/news/version_3.3.0.mdwn26
-rw-r--r--doc/news/version_4.3.0.mdwn6
-rw-r--r--doc/news/version_4.3.1.mdwn4
-rw-r--r--doc/news/version_4.3.2.mdwn3
-rw-r--r--privdata/relocate1
-rw-r--r--propellor.cabal3
-rw-r--r--src/Propellor/Property/Restic.hs14
-rw-r--r--src/Propellor/Property/User.hs25
10 files changed, 52 insertions, 51 deletions
diff --git a/config.hs b/config.hs
index 97d90636..ec313725 120000
--- a/config.hs
+++ b/config.hs
@@ -1 +1 @@
-joeyconfig.hs \ No newline at end of file
+config-simple.hs \ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
index fdc2070e..75566e32 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,19 @@
-propellor (4.3.1) UNRELEASED; urgency=medium
+propellor (4.3.3) UNRELEASED; urgency=medium
+
+ * User: add systemGroup and use it for systemAccountFor'
+ Thanks, Félix Sipma.
+ * Export a Restic.backup' property.
+ Thanks, Félix Sipma.
+
+ -- Joey Hess <id@joeyh.name> Mon, 10 Jul 2017 11:57:49 -0400
+
+propellor (4.3.2) unstable; urgency=medium
+
+ * Really include Propellor.Property.FreeDesktop.
+
+ -- Joey Hess <id@joeyh.name> Thu, 06 Jul 2017 17:28:53 -0400
+
+propellor (4.3.1) unstable; urgency=medium
* Added Propellor.Property.FreeDesktop module.
* Added reservedSpacePercentage to the PartSpec EDSL.
@@ -13,7 +28,7 @@ propellor (4.3.1) UNRELEASED; urgency=medium
"fatal: Couldn't find remote ref HEAD". The previous fix didn't work
reliably.
- -- Joey Hess <id@joeyh.name> Wed, 05 Jul 2017 22:57:42 -0400
+ -- Joey Hess <id@joeyh.name> Thu, 06 Jul 2017 17:03:15 -0400
propellor (4.3.0) unstable; urgency=medium
diff --git a/doc/news/version_3.3.0.mdwn b/doc/news/version_3.3.0.mdwn
deleted file mode 100644
index 19bd5664..00000000
--- a/doc/news/version_3.3.0.mdwn
+++ /dev/null
@@ -1,26 +0,0 @@
-propellor 3.3.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * Arch Linux is now supported by Propellor!
- Thanks to Zihao Wang for this port.
- * Added Propellor.Property.Pacman for Arch's package manager.
- Maintained by Zihao Wang.
- * The types of some properties changed; eg from Property DebianLike
- to Property (DebianLike + ArchLinux). Also, DebianLike and Linux
- are no longer type synonyms; propellor now knows that Linux includes
- ArchLinux. This could require updates to code, so is a minor API change.
- * GHC's fileSystemEncoding is used for all String IO, to avoid
- encoding-related crashes in eg, Propellor.Property.File.
- * Add --build option to simply build config.hs.
- * More informative usage message. Thanks, Daniel Brooks
- * Tor.hiddenService' added to support multiple ports.
- Thanks, Félix Sipma.
- * Apt.noPDiffs added.
- Thanks, Sean Whitton.
- * stack.yaml: Compile with GHC 8.0.1 against lts-7.16.
- Thanks, Andrew Cowie.
- * Added Propellor.Property.File.configFileName and related functions
- to generate good filenames for config directories.
- * Added Apt.suiteAvailablePinned, Apt.pinnedTo.
- Thanks, Sean Whitton.
- * Added File.containsBlock
- Thanks, Sean Whitton."""]] \ No newline at end of file
diff --git a/doc/news/version_4.3.0.mdwn b/doc/news/version_4.3.0.mdwn
deleted file mode 100644
index f300b984..00000000
--- a/doc/news/version_4.3.0.mdwn
+++ /dev/null
@@ -1,6 +0,0 @@
-propellor 4.3.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * DiskImage: Removed grubBooted; properties that used to need it as a
- parameter now look at Info about the bootloader that is installed in
- the chroot that the disk image is created from.
- (API change)"""]] \ No newline at end of file
diff --git a/doc/news/version_4.3.1.mdwn b/doc/news/version_4.3.1.mdwn
new file mode 100644
index 00000000..5c07307d
--- /dev/null
+++ b/doc/news/version_4.3.1.mdwn
@@ -0,0 +1,4 @@
+propellor 4.3.1 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Added Propellor.Property.FreeDesktop module.
+ * Added reservedSpacePercentage to the PartSpec EDSL."""]] \ No newline at end of file
diff --git a/doc/news/version_4.3.2.mdwn b/doc/news/version_4.3.2.mdwn
new file mode 100644
index 00000000..1a85d2d4
--- /dev/null
+++ b/doc/news/version_4.3.2.mdwn
@@ -0,0 +1,3 @@
+propellor 4.3.2 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Really include Propellor.Property.FreeDesktop."""]] \ No newline at end of file
diff --git a/privdata/relocate b/privdata/relocate
deleted file mode 100644
index 271692d8..00000000
--- a/privdata/relocate
+++ /dev/null
@@ -1 +0,0 @@
-.joeyconfig
diff --git a/propellor.cabal b/propellor.cabal
index bdb209b7..7d082807 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
Name: propellor
-Version: 4.3.0
+Version: 4.3.2
Cabal-Version: >= 1.20
License: BSD2
Maintainer: Joey Hess <id@joeyh.name>
@@ -114,6 +114,7 @@ Library
Propellor.Property.FreeBSD
Propellor.Property.FreeBSD.Pkg
Propellor.Property.FreeBSD.Poudriere
+ Propellor.Property.FreeDesktop
Propellor.Property.Fstab
Propellor.Property.Git
Propellor.Property.Gpg
diff --git a/src/Propellor/Property/Restic.hs b/src/Propellor/Property/Restic.hs
index 64cd4091..d9d4d4be 100644
--- a/src/Propellor/Property/Restic.hs
+++ b/src/Propellor/Property/Restic.hs
@@ -9,6 +9,7 @@ module Propellor.Property.Restic
, init
, restored
, backup
+ , backup'
, KeepPolicy (..)
) where
@@ -138,17 +139,17 @@ restored dir repo = go
-- backup job will be run at a time. Other jobs will wait their turns to
-- run.
backup :: FilePath -> ResticRepo -> Cron.Times -> [ResticParam] -> [KeepPolicy] -> Property (HasInfo + DebianLike)
-backup dir repo crontimes extraargs kp = backup' dir repo crontimes extraargs kp
+backup dir repo crontimes extraargs kp = backup' [dir] repo crontimes extraargs kp
`requires` restored dir repo
-- | Does a backup, but does not automatically restore.
-backup' :: FilePath -> ResticRepo -> Cron.Times -> [ResticParam] -> [KeepPolicy] -> Property (HasInfo + DebianLike)
-backup' dir repo crontimes extraargs kp = cronjob
+backup' :: [FilePath] -> ResticRepo -> Cron.Times -> [ResticParam] -> [KeepPolicy] -> Property (HasInfo + DebianLike)
+backup' dirs repo crontimes extraargs kp = cronjob
`describe` desc
`requires` init repo
where
desc = val repo ++ " restic backup"
- cronjob = Cron.niceJob ("restic_backup" ++ dir) crontimes (User "root") "/" $
+ cronjob = Cron.niceJob ("restic_backup" ++ intercalate "_" dirs) crontimes (User "root") "/" $
"flock " ++ shellEscape lockfile ++ " sh -c " ++ shellEscape backupcmd
lockfile = "/var/lock/propellor-restic.lock"
backupcmd = intercalate " && " $
@@ -162,9 +163,8 @@ backup' dir repo crontimes extraargs kp = cronjob
, shellEscape (getPasswordFile repo)
]
++ map shellEscape extraargs ++
- [ "backup"
- , shellEscape dir
- ]
+ [ "backup" ]
+ ++ map shellEscape dirs
pruneCommand = unwords $
[ "restic"
, "-r"
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index ce2611bc..0b5bdddc 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -22,17 +22,18 @@ systemAccountFor :: User -> Property DebianLike
systemAccountFor user@(User u) = systemAccountFor' user Nothing (Just (Group u))
systemAccountFor' :: User -> Maybe FilePath -> Maybe Group -> Property DebianLike
-systemAccountFor' (User u) mhome mgroup = tightenTargets $ check nouser go
+systemAccountFor' (User u) mhome mgroup = case mgroup of
+ Nothing -> prop
+ Just g -> prop
+ `requires` systemGroup g
`describe` ("system account for " ++ u)
where
+ prop = tightenTargets $ check nouser go
nouser = isNothing <$> catchMaybeIO (getUserEntryForName u)
go = cmdProperty "adduser" $
- [ "--system" ]
+ [ "--system", "--home" ]
++
- "--home" : maybe
- ["/nonexistent", "--no-create-home"]
- ( \h -> [ h ] )
- mhome
+ maybe ["/nonexistent", "--no-create-home"] ( \h -> [h] ) mhome
++
maybe [] ( \(Group g) -> ["--ingroup", g] ) mgroup
++
@@ -42,6 +43,16 @@ systemAccountFor' (User u) mhome mgroup = tightenTargets $ check nouser go
, u
]
+systemGroup :: Group -> Property UnixLike
+systemGroup (Group g) = check nogroup go
+ `describe` ("system account for " ++ g)
+ where
+ nogroup = isNothing <$> catchMaybeIO (getGroupEntryForName g)
+ go = cmdProperty "addgroup"
+ [ "--system"
+ , g
+ ]
+
-- | Removes user home directory!! Use with caution.
nuked :: User -> Eep -> Property Linux
nuked user@(User u) _ = tightenTargets $ check hashomedir go
@@ -111,7 +122,7 @@ chpasswd (User user) v ps = makeChange $ withHandle StdinHandle createProcessSuc
hClose h
lockedPassword :: User -> Property DebianLike
-lockedPassword user@(User u) = tightenTargets $
+lockedPassword user@(User u) = tightenTargets $
check (not <$> isLockedPassword user) go
`describe` ("locked " ++ u ++ " password")
where