summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/security.mdwn2
-rw-r--r--joeyconfig.hs3
2 files changed, 3 insertions, 2 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn
index b106b533..d0a5bb6c 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -20,7 +20,7 @@ That is only done when privdata/keyring.gpg exists. To set it up:
propellor --add-key $MYKEYID
In order to be secure from the beginning, when `propellor --spin` is used
-to bootstrap propellor on a new host, it transfers the local git repositry
+to bootstrap propellor on a new host, it transfers the local git repository
to the remote host over ssh. After that, the host knows the gpg key, and
will use it to verify git fetches.
diff --git a/joeyconfig.hs b/joeyconfig.hs
index f6a6926d..fa37e97b 100644
--- a/joeyconfig.hs
+++ b/joeyconfig.hs
@@ -469,7 +469,7 @@ keysafe = host "keysafe.joeyh.name" $ props
& Apt.serviceInstalledRunning "swapspace"
& Cron.runPropellor (Cron.Times "30 * * * *")
& Apt.installed ["etckeeper", "sudo"]
- & Apt.removed ["nfs-common", "exim4", "exim4-base", "exim4-daemon-light", "rsyslog", "acpid", "rpcbind"]
+ & Apt.removed ["nfs-common", "exim4", "exim4-base", "exim4-daemon-light", "rsyslog", "acpid", "rpcbind", "at"]
& User.hasSomePassword (User "root")
& User.accountFor (User "joey")
@@ -483,6 +483,7 @@ keysafe = host "keysafe.joeyh.name" $ props
& Ssh.noPasswords
& Tor.installed
+ -- keysafe installed manually until package is available
iabak :: Host
iabak = host "iabak.archiveteam.org" $ props