summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog7
-rw-r--r--debian/control2
-rw-r--r--doc/forum/Bootstrapping_with_Cabal_on_Archlinux_fails/comment_9_5119af0e60acf5590194f970f5be1424._comment8
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey.mdwn44
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_1_87df80585805b5558264afae3e8afdcc._comment12
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_2_be582d804ba16e6acd3998eaf3eadb56._comment8
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_3_51eff7a4898830a1adaa30da2b311c41._comment23
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_4_4a0432687efa5b83e4cfefecdb355188._comment26
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_5_2678027d2a3cf08cd977495d0b0afe91._comment30
-rw-r--r--doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_6_c526880fa0d866511c0ffecc6f90fcdf._comment8
-rw-r--r--doc/news/version_5.11.mdwn13
-rw-r--r--doc/news/version_5.8.0.mdwn18
-rw-r--r--doc/todo/Add_Borg.UseUmask.mdwn9
-rw-r--r--doc/todo/Add_Borg.UseUmask/comment_1_461d217284ff2442d2485b59776826f6._comment17
-rw-r--r--doc/todo/Add_Borg.UseUmask/comment_2_a26137bda29948fa501c8a52b8df673c._comment10
-rw-r--r--doc/todo/Fix_Borg.init_on_recent_borg_versions__44___fix_Borg.restored/comment_5_a5dea814e88aa90959f41a500806270f._comment10
-rw-r--r--doc/todo/spin_without_remote_compilation/comment_9_7f8f6e688efeb9a454a3f82777c2743b._comment38
-rw-r--r--src/Propellor/Bootstrap.hs7
18 files changed, 270 insertions, 20 deletions
diff --git a/debian/changelog b/debian/changelog
index 5ddbca1c..849d132d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+propellor (5.12) UNRELEASED; urgency=medium
+
+ * Added libghc-type-errors-dev to debian/control recommends, and
+ install it if available when bootstrapping propellor.
+
+ -- Joey Hess <id@joeyh.name> Thu, 27 Aug 2020 20:57:48 -0400
+
propellor (5.11) unstable; urgency=medium
* Fix display of concurrent output from processes when using
diff --git a/debian/control b/debian/control
index 5a46822f..ef1a7ca4 100644
--- a/debian/control
+++ b/debian/control
@@ -18,6 +18,7 @@ Build-Depends:
libghc-exceptions-dev (>= 0.6),
libghc-text-dev,
libghc-hashable-dev,
+ libghc-type-errors-dev,
Maintainer: Joey Hess <id@joeyh.name>
Standards-Version: 3.9.8
Vcs-Git: git://git.joeyh.name/propellor
@@ -42,6 +43,7 @@ Depends: ${misc:Depends}, ${shlibs:Depends},
libghc-text-dev,
libghc-hashable-dev,
git (>= 2.0),
+Recommends: libghc-type-errors-dev,
Description: property-based host configuration management in haskell
Propellor ensures that the system it's run in satisfies a list of
properties, taking action as necessary when a property is not yet met.
diff --git a/doc/forum/Bootstrapping_with_Cabal_on_Archlinux_fails/comment_9_5119af0e60acf5590194f970f5be1424._comment b/doc/forum/Bootstrapping_with_Cabal_on_Archlinux_fails/comment_9_5119af0e60acf5590194f970f5be1424._comment
new file mode 100644
index 00000000..61612b82
--- /dev/null
+++ b/doc/forum/Bootstrapping_with_Cabal_on_Archlinux_fails/comment_9_5119af0e60acf5590194f970f5be1424._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="problems with worms."
+ date="2020-08-15T14:18:25Z"
+ content="""
+Dangling is the wrong word. I had a symlink pointing to an old build of propellor.
+"""]]
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey.mdwn b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey.mdwn
new file mode 100644
index 00000000..1ddec6d9
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey.mdwn
@@ -0,0 +1,44 @@
+I have the following property for one of my hosts:
+
+[[!format haskell """
+ File.hasPrivContent "/usr/share/debug-me/keyring/a_CS2613_prof.gpg" anyContext
+"""]]
+
+Unsurprisingly, the first time I run `propellor --spin my-host` I get
+
+[[!format text """
+** warning: Missing privdata PrivFile "/usr/share/debug-me/keyring/a_CS2613_prof.gpg" (for any)
+Fix this by running:
+ propellor --set 'PrivFile "/usr/share/debug-me/keyring/a_CS2613_prof.gpg"' 'any' \
+ < /usr/share/debug-me/keyring/a_CS2613_prof.gpg
+"""]]
+
+I cut and paste the suggested lines (after previously copying the file into place manually, but it doesn't seem to change anything. On subsequent runs I get the same thing.
+
+if I run `propellor --dump 'PrivFile "/usr/share/debug-me/keyring/a_CS2613_prof.gpg"' 'any' | gpg` I get
+[[!format text """
+gpg: WARNING: no command supplied. Trying to guess what you mean ...
+[2020-08-20 10:03:07 ADT] command line: Dump (PrivFile "/usr/share/debug-me/keyring/a_CS2613_prof.gpg") (Context "any")
+[2020-08-20 10:03:07 ADT] read: git ["config","gpg.program"]
+[2020-08-20 10:03:07 ADT] process done ExitFailure 1
+[2020-08-20 10:03:07 ADT] chat: gpg ["--decrypt","privdata/privdata.gpg"]
+gpg: encrypted with 4096-bit RSA key, ID 70E3C0DE87068451, created 2019-06-08
+ "David Bremner <bremner@debian.org>"
+[2020-08-20 10:03:08 ADT] process done ExitSuccess
+pub rsa4096 2014-09-22 [SC]
+ 7A18807F100A4570C59684207E4E65C8720B706B
+uid David Bremner <bremner@unb.ca>
+uid David Bremner <david@tethera.net>
+uid David Bremner <bremner@debian.org>
+sub rsa4096 2014-09-22 [E] [expired: 2020-07-23]
+sub rsa3072 2017-07-24 [S] [expired: 2020-07-23]
+sub rsa4096 2017-07-24 [A] [expired: 2020-07-23]
+sub rsa4096 2019-06-08 [S] [expires: 2021-06-07]
+sub rsa4096 2019-06-08 [E] [expires: 2021-06-07]
+sub rsa4096 2019-06-08 [A] [expires: 2021-06-07]
+"""]]
+
+I understand that the propellor run is using a different copy of privdata, but I verified the checksums match between my user propellor install and the one in /usr/local/propellor.
+
+Other uses of `privFileContent` with anyContext work fine on the same host.
+
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_1_87df80585805b5558264afae3e8afdcc._comment b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_1_87df80585805b5558264afae3e8afdcc._comment
new file mode 100644
index 00000000..d8069651
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_1_87df80585805b5558264afae3e8afdcc._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2020-08-20T16:44:27Z"
+ content="""
+I think there could be some confusion here about where you run the
+propellor command to set the privdata.
+
+I always run those commands locally, not on the host being managed by
+propellor. --spin decrypts it and copies the parts a host needs to the
+host.
+"""]]
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_2_be582d804ba16e6acd3998eaf3eadb56._comment b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_2_be582d804ba16e6acd3998eaf3eadb56._comment
new file mode 100644
index 00000000..bffa29c1
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_2_be582d804ba16e6acd3998eaf3eadb56._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="comment 2"
+ date="2020-08-21T23:51:40Z"
+ content="""
+In this case it's both the same host, but I don't think that's important. I'm just saying that propellor --dump verifies the local copy has the privdata, and I verified by checksums that the remote (host being managed) privdata blob is the same.
+"""]]
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_3_51eff7a4898830a1adaa30da2b311c41._comment b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_3_51eff7a4898830a1adaa30da2b311c41._comment
new file mode 100644
index 00000000..2e948dd0
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_3_51eff7a4898830a1adaa30da2b311c41._comment
@@ -0,0 +1,23 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="comment 3"
+ date="2020-08-22T15:08:16Z"
+ content="""
+In this special case I don't really need privData, I worked around it by running `gpg`.
+I'm not sure if my usecase is common enough to warrant extending `Propellor.Property.Gpg`
+
+[[!format haskell \"\"\"
+ & Cmd.cmdProperty \"gpg\" [ \"--output\"
+ , debugMeKeyFile
+ , \"--batch\"
+ , \"--yes\"
+ , \"--export\"
+ , \"7A18807F100A4570C59684207E4E65C8720B706B\"
+ ]
+ `changesFile` debugMeKeyFile
+ `requires` rootGpg
+
+\"\"\"]]
+
+"""]]
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_4_4a0432687efa5b83e4cfefecdb355188._comment b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_4_4a0432687efa5b83e4cfefecdb355188._comment
new file mode 100644
index 00000000..a2688611
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_4_4a0432687efa5b83e4cfefecdb355188._comment
@@ -0,0 +1,26 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="comment 4"
+ date="2020-08-22T17:02:41Z"
+ content="""
+OK, I belatedly see what you mean. It's not relevant if the remote privdata.gpg blob matches or not, since iiuc, only the local one is used by --spin.
+
+I'm having a similar issue with `Property.Gpg.keyImported`.
+
+[[!format text \"\"\"
+** warning: Missing privdata GpgKey (for 815B63982A79F8E7C72786C4762B57BB784206AD)
+Fix this by running:
+ propellor --set 'GpgKey' '815B63982A79F8E7C72786C4762B57BB784206AD' \
+ < (Either a gpg public key, exported with gpg --export -a, or a gpg private key, exported with gpg --export-secret-key -a)
+
+cs2613 root has gpg key \"815B63982A79F8E7C72786C4762B57BB784206AD\" ... failed
+** warning: Missing privdata GpgKey (for 7A18807F100A4570C59684207E4E65C8720B706B)
+Fix this by running:
+ propellor --set 'GpgKey' '7A18807F100A4570C59684207E4E65C8720B706B' \
+ < (Either a gpg public key, exported with gpg --export -a, or a gpg private key, exported with gpg --export-secret-key -a)
+\"\"\"]]
+
+Of course I did what propellor suggests, but it doesn't seem to make a difference. Is it possible gpg armoured text is being treated specially as privdata?
+
+"""]]
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_5_2678027d2a3cf08cd977495d0b0afe91._comment b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_5_2678027d2a3cf08cd977495d0b0afe91._comment
new file mode 100644
index 00000000..dde10ae4
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_5_2678027d2a3cf08cd977495d0b0afe91._comment
@@ -0,0 +1,30 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="comment 5"
+ date="2020-08-22T20:13:07Z"
+ content="""
+In answer to my own question, it's not related to the content.
+Here we can see a PrivFile has content:
+[[!format text \"\"\"
+╭─ convex:~/.propellor
+╰─ (git)-[master]-% propellor --dump 'PrivFile \"/root/foo\"' 'any'
+[2020-08-22 16:57:32 ADT] command line: Dump (PrivFile \"/root/foo\") (Context \"any\")
+[2020-08-22 16:57:32 ADT] read: git [\"config\",\"gpg.program\"]
+[2020-08-22 16:57:32 ADT] process done ExitFailure 1
+[2020-08-22 16:57:32 ADT] chat: gpg [\"--decrypt\",\"privdata/privdata.gpg\"]
+gpg: encrypted with 4096-bit RSA key, ID 70E3C0DE87068451, created 2019-06-08
+ \"David Bremner <bremner@debian.org>\"
+[2020-08-22 16:57:33 ADT] process done ExitSuccess
+sekrit
+\"\"\"]]
+On the other hand, when running `propellor --spin convex.local` I get
+[[!format text \"\"\"
+** warning: Missing privdata PrivFile \"/root/foo\" (for any)
+Fix this by running:
+ propellor --set 'PrivFile \"/root/foo\"' 'any' \
+ < /root/foo
+\"\"\"]]
+
+I tried with a different workstation, spinning itself, and the same machine as above (\"convex\"), with the same results.
+"""]]
diff --git a/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_6_c526880fa0d866511c0ffecc6f90fcdf._comment b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_6_c526880fa0d866511c0ffecc6f90fcdf._comment
new file mode 100644
index 00000000..fa241e4b
--- /dev/null
+++ b/doc/forum/propellor_can__39__t_find_privdata_for_gpg_pubkey/comment_6_c526880fa0d866511c0ffecc6f90fcdf._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="david"
+ avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
+ subject="comment 6"
+ date="2020-08-23T02:22:06Z"
+ content="""
+I confirmed that privdata is being transmitted, but that my test file is not. The resulting `/usr/local/propellor/privdata/local` file is not obviously corrupted, but does not contain the string \"/root/foo\". The file \"/root/foo\" also does not show as used anywhere in the output of `propellor --list-fields`. I'm not sure if that is surprising or not.
+"""]]
diff --git a/doc/news/version_5.11.mdwn b/doc/news/version_5.11.mdwn
new file mode 100644
index 00000000..9dcef85d
--- /dev/null
+++ b/doc/news/version_5.11.mdwn
@@ -0,0 +1,13 @@
+propellor 5.11 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Fix display of concurrent output from processes when using
+ Propellor.Property.Conductor.
+ (Reversion introduced in version 5.5.0.)
+ * Support bootstrapping to hosts using cabal 3.x, with new-dist directory.
+ * Makefile: Fix build with cabal 3.x.
+ * Borg.restored: Fix restoration, which has apparently never worked,
+ at least back to borg 1.0.9.
+ Thanks, Nicolas Schodet.
+ * Borg.init: Added the now required encryption type parameter.
+ Thanks, Nicolas Schodet.
+ (API change)"""]] \ No newline at end of file
diff --git a/doc/news/version_5.8.0.mdwn b/doc/news/version_5.8.0.mdwn
deleted file mode 100644
index a00c611a..00000000
--- a/doc/news/version_5.8.0.mdwn
+++ /dev/null
@@ -1,18 +0,0 @@
-propellor 5.8.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * Fix bug in File.containsShellSetting that replaced whole shell conffile
- content with the setting if the file did not previously contain a line
- setting the key to some value.
- * Removed inChroot, instead use hasContainerCapability FilesystemContained.
- (API change)
- * Hostname: Properties that used to not do anything in a systemd or
- docker container will now change the container's hostname,
- since it's namespaced.
- * Add User.ownsWithPrimaryGroup
- Thanks, Sean Whitton
- * Ssh.userKeys, Ssh.userKeyAt: Create .ssh directory when it does not yet
- exist.
- * Ssh.userKeyAt: When a relative filepath is provided, it's put inside
- the user's .ssh directory.
- * Fix Git.pulled always reporting a change.
- Thanks, Sean Whitton"""]] \ No newline at end of file
diff --git a/doc/todo/Add_Borg.UseUmask.mdwn b/doc/todo/Add_Borg.UseUmask.mdwn
new file mode 100644
index 00000000..64ca8b83
--- /dev/null
+++ b/doc/todo/Add_Borg.UseUmask.mdwn
@@ -0,0 +1,9 @@
+Hello,
+
+Here is again a change for Borg to allow to give the --umask option on each borg invocation.
+
+Please fetch branch `borg-umask` at `http://git.ni.fr.eu.org/nicolas/propellor.git`.
+
+As a side change, I use `{now}` instead of a call to `$(date …)`, I think it's more idiomatic for borg usage.
+
+Tested with stretch and buster.
diff --git a/doc/todo/Add_Borg.UseUmask/comment_1_461d217284ff2442d2485b59776826f6._comment b/doc/todo/Add_Borg.UseUmask/comment_1_461d217284ff2442d2485b59776826f6._comment
new file mode 100644
index 00000000..58e5c7c8
--- /dev/null
+++ b/doc/todo/Add_Borg.UseUmask/comment_1_461d217284ff2442d2485b59776826f6._comment
@@ -0,0 +1,17 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2020-08-20T16:58:14Z"
+ content="""
+I checked and there was no justification given for the use of date rather
+than {now} ... Perhaps it predated that?
+
+The only difference between the two is the use of date for some reason
+included nanaosecond precision. Otherwise the format is the same.
+
+I have no objection to making that change, but I think it needs to be done
+in a separate commit, rather than in passing.
+
+Also, I think `UseUmask Int` could be `UseUmask FileMode`. At least
+FileMode is used in some other parts of propellor that deal with umasks.
+"""]]
diff --git a/doc/todo/Add_Borg.UseUmask/comment_2_a26137bda29948fa501c8a52b8df673c._comment b/doc/todo/Add_Borg.UseUmask/comment_2_a26137bda29948fa501c8a52b8df673c._comment
new file mode 100644
index 00000000..9e0d8453
--- /dev/null
+++ b/doc/todo/Add_Borg.UseUmask/comment_2_a26137bda29948fa501c8a52b8df673c._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 2"
+ date="2020-08-22T13:23:01Z"
+ content="""
+Branch is updated.
+
+I also rebased on 5.11.
+"""]]
diff --git a/doc/todo/Fix_Borg.init_on_recent_borg_versions__44___fix_Borg.restored/comment_5_a5dea814e88aa90959f41a500806270f._comment b/doc/todo/Fix_Borg.init_on_recent_borg_versions__44___fix_Borg.restored/comment_5_a5dea814e88aa90959f41a500806270f._comment
new file mode 100644
index 00000000..a1898304
--- /dev/null
+++ b/doc/todo/Fix_Borg.init_on_recent_borg_versions__44___fix_Borg.restored/comment_5_a5dea814e88aa90959f41a500806270f._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 5"
+ date="2020-08-14T21:11:56Z"
+ content="""
+Actually I have no idea how to implement the privdata for init, restored and backup in a sane way, so I will let this challenge for someone else :)
+
+Thanks for the merge.
+"""]]
diff --git a/doc/todo/spin_without_remote_compilation/comment_9_7f8f6e688efeb9a454a3f82777c2743b._comment b/doc/todo/spin_without_remote_compilation/comment_9_7f8f6e688efeb9a454a3f82777c2743b._comment
new file mode 100644
index 00000000..f2db3de5
--- /dev/null
+++ b/doc/todo/spin_without_remote_compilation/comment_9_7f8f6e688efeb9a454a3f82777c2743b._comment
@@ -0,0 +1,38 @@
+[[!comment format=mdwn
+ username="jsza"
+ avatar="http://cdn.libravatar.org/avatar/72c6bc8c0cdfb0fff175e90c3b036415"
+ subject="comment 9"
+ date="2020-08-24T13:06:47Z"
+ content="""
+Hi, I'm trying to spin using the `Precompiled.precompiled` property from the `precompiled`, branch after having merged master. The first time trying to spin after adding the property, this error occurs:
+
+ > ./propellor --spin host_redacted
+ Build profile: -w ghc-8.8.4 -O1
+ In order, the following will be built (use -v for more details):
+ - propellor-5.11 (exe:propellor-config) (file executables/propellor-config.hs changed)
+ Preprocessing executable 'propellor-config' for propellor-5.11..
+ Building executable 'propellor-config' for propellor-5.11..
+ [1 of 1] Compiling Main ( executables/propellor-config.hs, /home/jayess/propellor/dist-newstyle/build/x86_64-linux/ghc-8.8.4/propellor-5.11/x/propellor-config/build/propellor-config/propellor-config-
+ tmp/Main.o )
+ Linking /home/jayess/propellor/dist-newstyle/build/x86_64-linux/ghc-8.8.4/propellor-5.11/x/propellor-config/build/propellor-config/propellor-config ...
+ Propellor build ... done
+ <git push output snipped>
+ ldd: bin/propellor: No such file or directory
+ propellor: user error (ldd [\"bin/propellor\"] exited 1)
+
+
+Subsequent spin attempts produce this error:
+
+ > ./propellor --spin us4.tempus.xyz
+ Up to date
+ Propellor build ... done
+ <git push output snipped>
+ cp: cannot stat '/home/jayess/propellor/propellor (deleted)': No such file or directory
+ ** error: failed copying in propellor
+ propellor: Cannot continue!
+ CallStack (from HasCallStack):
+ error, called at src/Propellor/Message.hs:143:9 in propellor-5.11-inplace:Propellor.Message
+
+I think `Propellor.Spin.sendPrecompiled` might itself be broken, but I can't quite wrap my head around what's going on here. Any ideas? I'm using `cabal 3.0.0.0` in Debian Unstable.
+
+"""]]
diff --git a/src/Propellor/Bootstrap.hs b/src/Propellor/Bootstrap.hs
index 6aa5720c..0fe01421 100644
--- a/src/Propellor/Bootstrap.hs
+++ b/src/Propellor/Bootstrap.hs
@@ -103,7 +103,7 @@ checkDepsCommand bs sys = go (getBuilder bs)
go Cabal = "if ! cabal configure >/dev/null 2>&1; then " ++ depsCommand bs sys ++ "; fi"
go Stack = "if ! stack build --dry-run >/dev/null 2>&1; then " ++ depsCommand bs sys ++ "; fi"
-data Dep = Dep String | OldDep String
+data Dep = Dep String | OptDep String | OldDep String
-- Install build dependencies of propellor, using the specified
-- Bootstrapper.
@@ -139,7 +139,8 @@ depsCommand bs msys = "( " ++ intercalate " ; " (go bs) ++ ") || true"
useapt builder = "apt-get update" : map aptinstall (debdeps builder)
aptinstall (Dep p) = "DEBIAN_FRONTEND=noninteractive apt-get -qq --no-upgrade --no-install-recommends -y install " ++ p
- aptinstall (OldDep p) = "if LANG=C apt-cache policy " ++ p ++ "| grep -q Candidate:; then " ++ aptinstall (Dep p) ++ "; fi"
+ aptinstall (OptDep p) = "if LANG=C apt-cache policy " ++ p ++ "| grep -q Candidate:; then " ++ aptinstall (Dep p) ++ "; fi"
+ aptinstall (OldDep p) = aptinstall (OptDep p)
pkginstall p = "ASSUME_ALWAYS_YES=yes pkg install " ++ p
pacmaninstall p = "pacman -S --noconfirm --needed " ++ p
@@ -160,6 +161,8 @@ depsCommand bs msys = "( " ++ intercalate " ; " (go bs) ++ ") || true"
, Dep "libghc-exceptions-dev"
, Dep "libghc-text-dev"
, Dep "libghc-hashable-dev"
+ -- Deps that can be skipped on old systems.
+ , OptDep "libghc-type-errors-dev"
-- Deps that are only needed on old systems.
, OldDep "libghc-stm-dev"
]