summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Propellor/CmdLine.hs2
-rw-r--r--README10
-rw-r--r--propellor.cabal2
3 files changed, 12 insertions, 2 deletions
diff --git a/Propellor/CmdLine.hs b/Propellor/CmdLine.hs
index 2ab83f33..c3576b94 100644
--- a/Propellor/CmdLine.hs
+++ b/Propellor/CmdLine.hs
@@ -186,7 +186,7 @@ spin host = do
sendGitClone :: HostName -> String -> IO ()
sendGitClone host url = void $ actionMessage ("Pushing git repository to " ++ host) $
- withTmpFile "gitbundle" $ \tmp _ -> allM id
+ withTmpFile "propellor.git." $ \tmp _ -> allM id
-- TODO: ssh connection caching, or better push method
-- with less connections.
[ boolSystem "git" [Param "bundle", Param "create", File tmp, Param "HEAD"]
diff --git a/README b/README
index 99bc000d..a568d0f5 100644
--- a/README
+++ b/README
@@ -26,6 +26,14 @@ of which classes and share which configuration. It might be nice to use
reclass[1], but then again a host is configured using simply haskell code,
and so it's easy to factor out things like classes of hosts as desired.
+## security
+
+Propellor's security model is that the hosts it's used to deploy are
+untrusted, and that the central git repository server is untrusted.
+
+The only trusted machine is the laptop where you run propellor --spin
+to connect to a remote host.
+
## bootstrapping and private data
To bootstrap propellor on a new host, use: propellor --spin $host
@@ -47,6 +55,8 @@ in such a file, use: propellor --set $host $field
The field name will be something like 'Password "root"'; see PrivData.hs
for available fields.
+
+
## using git://... securely
It's often easiest for a remote host to use a git:// or http://
diff --git a/propellor.cabal b/propellor.cabal
index c350261d..9843da5f 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -28,7 +28,7 @@ Executable propellor
GHC-Options: -Wall
Build-Depends: MissingH, directory, filepath, base >= 4.5, base < 5,
IfElse, process, bytestring, hslogger, unix-compat, ansi-terminal,
- containers, base64-bytestring
+ containers
if (! os(windows))
Build-Depends: unix