summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--config-joey.hs37
-rw-r--r--debian/changelog8
-rw-r--r--debian/control1
-rw-r--r--propellor.cabal2
-rw-r--r--src/Propellor/Bootstrap.hs1
-rw-r--r--src/Propellor/Property/Firewall.hs19
-rw-r--r--src/Propellor/Property/Network.hs9
-rw-r--r--src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs5
-rw-r--r--src/Propellor/Property/SiteSpecific/IABak.hs1
9 files changed, 54 insertions, 29 deletions
diff --git a/config-joey.hs b/config-joey.hs
index 32b70c14..5c3fbaa0 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -145,29 +145,30 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64"
honeybee :: Host
honeybee = standardSystem "honeybee.kitenet.net" Testing "armhf"
[ "Arm git-annex build box." ]
- & ipv6 "2001:4830:1600:187::2"
-
- -- No unattended upgrades as there is currently no console access.
- -- (Also, system is not currently running a stock kernel,
- -- although it should be able to.)
+
+ -- I have to travel to get console access, so no automatic
+ -- upgrades, and try to be robust.
+ & "/etc/default/rcS" `File.containsLine` "FSCKFIX=yes"
+
+ & Apt.installed ["flash-kernel"]
+ & "/etc/flash-kernel/machine" `File.hasContent` ["Cubietech Cubietruck"]
+ & Apt.installed ["linux-image-armmp"]
+ & Network.dhcp "eth0" `requires` Network.cleanInterfacesFile
& Postfix.satellite
+
+ -- ipv6 used for remote access thru firewalls
& Apt.serviceInstalledRunning "aiccu"
+ & ipv6 "2001:4830:1600:187::2"
+
+ -- In case compiler needs more than available ram
& Apt.serviceInstalledRunning "swapspace"
+
+ -- No hardware clock.
& Apt.serviceInstalledRunning "ntp"
- -- Not using systemd-nspawn because it's broken (kernel issue?)
- -- & Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
- -- GitAnnexBuilder.armAutoBuilder
- -- builderos Cron.Daily "22h")
- & Chroot.provisioned
- (Chroot.debootstrapped builderos mempty "/var/lib/container/armel-git-annex-builder"
- & "/etc/timezone" `File.hasContent` ["America/New_York"]
- & GitAnnexBuilder.armAutoBuilder
- builderos (Cron.Times "1 1 * * *") "12h"
- )
- where
- -- Using unstable to get new enough ghc for TH on arm.
- builderos = System (Debian Unstable) "armel"
+ & Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+ GitAnnexBuilder.armAutoBuilder
+ (System (Debian Unstable) "armel") Cron.Daily "22h")
-- This is not a complete description of kite, since it's a
-- multiuser system with eg, user passwords that are not deployed
diff --git a/debian/changelog b/debian/changelog
index 2decb1f0..1116016a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+propellor (2.7.1) unstable; urgency=medium
+
+ * Make sure that make is installed when bootstrapping propellor.
+ * Fix bug in Firewall's Port datatype to iptable parameter translation code.
+ Thanks, Antoine Eiche.
+
+ -- Joey Hess <id@joeyh.name> Fri, 14 Aug 2015 15:01:37 -0400
+
propellor (2.7.0) unstable; urgency=medium
* Ssh.permitRootLogin type changed to allow configuring WithoutPassword
diff --git a/debian/control b/debian/control
index 51107783..25c3d474 100644
--- a/debian/control
+++ b/debian/control
@@ -40,6 +40,7 @@ Depends: ${misc:Depends}, ${shlibs:Depends},
libghc-transformers-dev,
libghc-exceptions-dev (>= 0.6),
git,
+ make,
Description: property-based host configuration management in haskell
Propellor enures that the system it's run in satisfies a list of
properties, taking action as necessary when a property is not yet met.
diff --git a/propellor.cabal b/propellor.cabal
index 01c867c8..f00e5594 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
Name: propellor
-Version: 2.7.0
+Version: 2.7.1
Cabal-Version: >= 1.8
License: BSD3
Maintainer: Joey Hess <id@joeyh.name>
diff --git a/src/Propellor/Bootstrap.hs b/src/Propellor/Bootstrap.hs
index 1cf921cf..6812b4ab 100644
--- a/src/Propellor/Bootstrap.hs
+++ b/src/Propellor/Bootstrap.hs
@@ -81,6 +81,7 @@ depsCommand = "( " ++ intercalate " ; " (concat [osinstall, cabalinstall]) ++ "
, "libghc-mtl-dev"
, "libghc-transformers-dev"
, "libghc-exceptions-dev"
+ , "make"
]
installGitCommand :: ShellCommand
diff --git a/src/Propellor/Property/Firewall.hs b/src/Propellor/Property/Firewall.hs
index d643b185..6c95a022 100644
--- a/src/Propellor/Property/Firewall.hs
+++ b/src/Propellor/Property/Firewall.hs
@@ -42,13 +42,18 @@ toIpTable r = map Param $
(toIpTableArg (ruleRules r)) ++ [ "-j" , show $ ruleTarget r ]
toIpTableArg :: Rules -> [String]
-toIpTableArg Everything = []
-toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
-toIpTableArg (DPort port) = ["--dport", show port]
-toIpTableArg (DPortRange (f,t)) = ["--dport", show f ++ ":" ++ show t]
-toIpTableArg (IFace iface) = ["-i", iface]
-toIpTableArg (Ctstate states) = ["-m", "conntrack","--ctstate", concat $ intersperse "," (map show states)]
-toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
+toIpTableArg Everything = []
+toIpTableArg (Proto proto) = ["-p", map toLower $ show proto]
+toIpTableArg (DPort (Port port)) = ["--dport", show port]
+toIpTableArg (DPortRange (Port f, Port t)) =
+ ["--dport", show f ++ ":" ++ show t]
+toIpTableArg (IFace iface) = ["-i", iface]
+toIpTableArg (Ctstate states) =
+ [ "-m"
+ , "conntrack"
+ , "--ctstate", concat $ intersperse "," (map show states)
+ ]
+toIpTableArg (r :- r') = toIpTableArg r <> toIpTableArg r'
data Rule = Rule
{ ruleChain :: Chain
diff --git a/src/Propellor/Property/Network.hs b/src/Propellor/Property/Network.hs
index 4d7ccffb..e01edb62 100644
--- a/src/Propellor/Property/Network.hs
+++ b/src/Propellor/Property/Network.hs
@@ -27,6 +27,15 @@ cleanInterfacesFile = hasContent interfacesFile
]
`describe` ("clean " ++ interfacesFile)
+-- | Configures an interface to get its address via dhcp.
+dhcp :: Interface -> Property NoInfo
+dhcp iface = hasContent (interfaceDFile iface)
+ [ "auto " ++ iface
+ , "iface " ++ iface ++ " inet dhcp"
+ ]
+ `describe` ("dhcp " ++ iface)
+ `requires` interfacesDEnabled
+
-- | Writes a static interface file for the specified interface.
--
-- The interface has to be up already. It could have been brought up by
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 5ccd9996..6a6d5bfd 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -115,8 +115,8 @@ standardAutoBuilder osver@(System _ arch) =
& User.accountFor (User builduser)
& tree arch
-armAutoBuilder :: System -> Times -> TimeOut -> Property HasInfo
-armAutoBuilder osver@(System _ arch) crontime timeout =
+armAutoBuilder :: System -> Property HasInfo
+armAutoBuilder osver =
propertyList "arm git-annex autobuilder" $ props
& standardAutoBuilder osver
& buildDepsNoHaskellLibs
@@ -126,7 +126,6 @@ armAutoBuilder osver@(System _ arch) crontime timeout =
-- Install patched haskell packages for portability to
-- arm NAS's using old kernel versions.
& haskellPkgsInstalled "linux"
- & autobuilder arch crontime timeout
androidAutoBuilderContainer :: Times -> TimeOut -> Systemd.Container
androidAutoBuilderContainer crontimes timeout =
diff --git a/src/Propellor/Property/SiteSpecific/IABak.hs b/src/Propellor/Property/SiteSpecific/IABak.hs
index 7740f820..8c9926bc 100644
--- a/src/Propellor/Property/SiteSpecific/IABak.hs
+++ b/src/Propellor/Property/SiteSpecific/IABak.hs
@@ -36,6 +36,7 @@ gitServer knownhosts = propertyList "iabak git server" $ props
"/usr/local/IA.BAK/shardstats-all"
& Cron.niceJob "shardmaint" Cron.Daily (User "root") "/"
"/usr/local/IA.BAK/shardmaint-fast; /usr/local/IA.BAK/shardmaint"
+ & Apt.installed ["git-annex"]
registrationServer :: [Host] -> Property HasInfo
registrationServer knownhosts = propertyList "iabak registration server" $ props