summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
l---------config.hs2
-rw-r--r--debian/changelog2
-rw-r--r--doc/forum/Adding_support_for_a_SQL_server/comment_2_e18fc448f51478617e5b2b9b05ce4a0f._comment10
-rw-r--r--doc/forum/Adding_support_for_a_SQL_server/comment_3_14b6968853d30a2054cc675c6005f29f._comment16
-rw-r--r--doc/forum/DNS_-_Support_for_Multiline_TXT_records.mdwn19
-rw-r--r--doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_1_b97c158ae4e3abb6e4c90a2c91e0c207._comment25
-rw-r--r--doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_2_ccd261bdc9615b7490ec0f6824f35e19._comment15
-rw-r--r--doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_3_00f57bb6a54dee0dfbb799babf72a827._comment7
-rw-r--r--doc/forum/Separation_of_data_and_code.mdwn11
-rw-r--r--doc/forum/Separation_of_data_and_code/comment_1_0ba5dff744eeba857ab7fadfad883b13._comment16
-rw-r--r--doc/user/s.mdwn3
-rw-r--r--privdata/relocate1
-rw-r--r--src/Propellor/Property/Dns.hs25
13 files changed, 149 insertions, 3 deletions
diff --git a/config.hs b/config.hs
index 97d90636..ec313725 120000
--- a/config.hs
+++ b/config.hs
@@ -1 +1 @@
-joeyconfig.hs \ No newline at end of file
+config-simple.hs \ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
index 659bd8d1..468fdaee 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,8 @@ propellor (5.4.1) UNRELEASED; urgency=medium
method of parsing git log output. Needs git 2.0.
* Added ConfFile.containsShellSetting, ConfFile.lacksShellSetting,
and EtcDefault.set properties. Thanks, Sean Whitton
+ * Dns: Support TXT values longer than bind's maximum string length
+ of 255 bytes. Thanks, rsiddharth.
* Docker and HostingProvider.CloudAtCost modules are not being
maintained, so marked them as such, including build-time warnings.
Seeking a maintainer for the Docker module; I anticipate
diff --git a/doc/forum/Adding_support_for_a_SQL_server/comment_2_e18fc448f51478617e5b2b9b05ce4a0f._comment b/doc/forum/Adding_support_for_a_SQL_server/comment_2_e18fc448f51478617e5b2b9b05ce4a0f._comment
new file mode 100644
index 00000000..74654902
--- /dev/null
+++ b/doc/forum/Adding_support_for_a_SQL_server/comment_2_e18fc448f51478617e5b2b9b05ce4a0f._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 2"
+ date="2018-06-19T18:56:28Z"
+ content="""
+I am looking for a solution which could be integrated to propellor. Is it possible to include those additional libraries in propellor sources and have them included in the build on demand? I am not very familiar with the haskell build systems.
+
+About generated passwords, a nice solution would be to do it in PrivData. The user would provide a salt as the private data and it would be combined to context to generate a password. I can try find how this could be done.
+"""]]
diff --git a/doc/forum/Adding_support_for_a_SQL_server/comment_3_14b6968853d30a2054cc675c6005f29f._comment b/doc/forum/Adding_support_for_a_SQL_server/comment_3_14b6968853d30a2054cc675c6005f29f._comment
new file mode 100644
index 00000000..b566f3c5
--- /dev/null
+++ b/doc/forum/Adding_support_for_a_SQL_server/comment_3_14b6968853d30a2054cc675c6005f29f._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2018-06-23T19:13:59Z"
+ content="""
+Well, cabal files can have flags that enable additional dependencies, but
+using them complicates testing the program since you have to try building
+it with different combinations of flags. And deploying propellor with the
+desired flags turned on would be an additional complication.
+
+I feel that additional libraries that depend on propellor and the sql
+library and provide properties is a better approach. The user can easily
+add the dependency to their ~/.propellor/config.cabal, and the necessary
+dependencies will be automatically installed when propellor is deploying
+itself to a new host.
+"""]]
diff --git a/doc/forum/DNS_-_Support_for_Multiline_TXT_records.mdwn b/doc/forum/DNS_-_Support_for_Multiline_TXT_records.mdwn
new file mode 100644
index 00000000..e6f2b478
--- /dev/null
+++ b/doc/forum/DNS_-_Support_for_Multiline_TXT_records.mdwn
@@ -0,0 +1,19 @@
+bind9 has a limit on the number of characters in a single line TXT record. I was unable to provision the DKIM TXT record using propellor due to this limit.
+
+I added a new MTXT record type to `Propellor.Types.DNS.Record` ([patch][1]).
+
+MTXT creates a multiline TXT record. It splits the record's text (say
+"long string...\n...xyz") at `'\n'` and creates a TXT record of the
+form:
+
+
+ domain IN TXT ( "long string..."
+ "...xyz" )
+
+
+I'm [currently using this recipe][2] to provision the DKIM TXT record.
+
+I want to know if there is a better way to do this without having to add the MTXT record type?
+
+[1]: https://ricketyspace.net/file/0001-add-MTXT-record-type-to-Propellor.Types.DNS.Record.patch
+[2]: https://git.ricketyspace.net/propellor/tree/config.hs?id=67f47e5a23e8c7814014ea58f2dbc9f7c58ede3a#n722
diff --git a/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_1_b97c158ae4e3abb6e4c90a2c91e0c207._comment b/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_1_b97c158ae4e3abb6e4c90a2c91e0c207._comment
new file mode 100644
index 00000000..5595af19
--- /dev/null
+++ b/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_1_b97c158ae4e3abb6e4c90a2c91e0c207._comment
@@ -0,0 +1,25 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2018-06-23T18:42:32Z"
+ content="""
+It seems that the limit is 255 characters, and this
+limit applies to any string in a bind zone file,
+rather than being a maximim line length. A single line can contain multiple
+such strings, although there's probably a maximum line length somewhere
+too, so using parens to extend across multiple lines is wise.
+
+The values inside the parens are concacenated together, no newline is added
+to the string that bind builds up from them AFAICS.
+
+So it seems your code is stripping out the newlines from the TXT value.
+Which probably doesn't matter for DKIM public key material,
+and I don't think that bind zone files support multiline strings anyway.
+But a single line could be too long and splitting on newlines would not
+help then.
+
+So, I think the thing to do would be to make `rValue` break TXT
+strings into substrings no longer than 255 characters. Then you don't
+need a new constructor, and long SSHFP etc records could also be handled
+that way.
+"""]]
diff --git a/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_2_ccd261bdc9615b7490ec0f6824f35e19._comment b/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_2_ccd261bdc9615b7490ec0f6824f35e19._comment
new file mode 100644
index 00000000..3fbd389f
--- /dev/null
+++ b/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_2_ccd261bdc9615b7490ec0f6824f35e19._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="s@aa9ff9ce06b08acfd2a93ebd342ce6879430fbdd"
+ nickname="s"
+ avatar="http://cdn.libravatar.org/avatar/81bf27f8b35011d1846711fa37a5588f"
+ subject="comment 2"
+ date="2018-06-24T14:58:53Z"
+ content="""
+joeyh, Thanks for the feedback.
+
+I updated the definition of `TXT`'s `rValue` according to your suggestion and removed the `MTXT` record -- [patch][patch].
+
+I would like to get the patch merged into upstream, let me know if I've to refactor it.
+
+[patch]: https://ricketyspace.net/file/0001-update-rValue-of-Dns-TXT-record-type.patch
+"""]]
diff --git a/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_3_00f57bb6a54dee0dfbb799babf72a827._comment b/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_3_00f57bb6a54dee0dfbb799babf72a827._comment
new file mode 100644
index 00000000..8809f999
--- /dev/null
+++ b/doc/forum/DNS_-_Support_for_Multiline_TXT_records/comment_3_00f57bb6a54dee0dfbb799babf72a827._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2018-06-24T15:21:29Z"
+ content="""
+Looks good to me, merged.
+"""]]
diff --git a/doc/forum/Separation_of_data_and_code.mdwn b/doc/forum/Separation_of_data_and_code.mdwn
new file mode 100644
index 00000000..3a09a237
--- /dev/null
+++ b/doc/forum/Separation_of_data_and_code.mdwn
@@ -0,0 +1,11 @@
+I'm using Fedora for the desktop and CentOS on my server. I have many software packages to install. I store them in shell scripts, with lines like this:
+
+ yum -y install vim-common vim-enhanced gvim vim-X11 # the latter for clipboard support
+
+I'm thinking about some more elaborate way to do that (to put some packages to specific hosts and groups). Propellor seems an interesting tool for that, but when I see an [example configuration file](https://git.joeyh.name/index.cgi/propellor.git/tree/joeyconfig.hs), it looks like this is a mixture of data and logic, which is considered [not a very good practice](https://softwareengineering.stackexchange.com/questions/229479/how-did-separation-of-code-and-data-become-a-practice).
+
+I know that Haskell itself is a very declarative language (in the sense it's not imperative), but still I have this feeling of a mixture of code with constants. What do you think of that?
+
+Is there a way to cleanly store names of packages (with comments and some configuration options (e.g. on what hosts they should be used)) in one place and use propellor's logic to install them in another place?
+
+I understand that the power of propellor is to `do` things apart of just enumerating them, but I think that this separation could be useful.
diff --git a/doc/forum/Separation_of_data_and_code/comment_1_0ba5dff744eeba857ab7fadfad883b13._comment b/doc/forum/Separation_of_data_and_code/comment_1_0ba5dff744eeba857ab7fadfad883b13._comment
new file mode 100644
index 00000000..ae50a008
--- /dev/null
+++ b/doc/forum/Separation_of_data_and_code/comment_1_0ba5dff744eeba857ab7fadfad883b13._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2018-07-06T20:19:27Z"
+ content="""
+I was going to write something asserting that it's entirely data,
+and not code, though typed data expressed in a programming language.
+
+However, I think it's better to say that this code/data distinction is
+much less a useful distinction that commonly thought, one that things,
+especially in the configuration management space often chafe under (see
+all the turing complete ill-specified languages built on top of what
+started out as some pure data format that are in use by almost every other
+configuration management tool), and that Propellor is an attempt to
+move in a more useful and less ridigly defined direction.
+"""]]
diff --git a/doc/user/s.mdwn b/doc/user/s.mdwn
new file mode 100644
index 00000000..08ef7bc8
--- /dev/null
+++ b/doc/user/s.mdwn
@@ -0,0 +1,3 @@
+s [propels some computers][1] using propellor.
+
+[1]: https://git.ricketyspace.net/propellor/tree/config.hs
diff --git a/privdata/relocate b/privdata/relocate
deleted file mode 100644
index 271692d8..00000000
--- a/privdata/relocate
+++ /dev/null
@@ -1 +0,0 @@
-.joeyconfig
diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs
index d99a76b0..8e38a75e 100644
--- a/src/Propellor/Property/Dns.hs
+++ b/src/Propellor/Property/Dns.hs
@@ -26,6 +26,7 @@ import Utility.Applicative
import qualified Data.Map as M
import qualified Data.Set as S
+import qualified Data.List.Split as Split (chunksOf)
import Data.List
-- | Primary dns server for a domain, using bind.
@@ -321,11 +322,33 @@ rValue (SSHFP x y s) = Just $ unwords
, s
]
rValue (INCLUDE f) = Just f
-rValue (TXT s) = Just $ [q] ++ filter (/= q) s ++ [q]
+rValue (TXT s) = Just $ zoneFileString s
where
+ op = '('
+ cp = ')'
+ w = ' '
q = '"'
rValue (PTR _) = Nothing
+-- Bind has a limit on the length of a string in its zone file,
+-- but a string can be split into sections that are glued together
+-- inside parens to configure a longer value.
+--
+-- This adds quotes around each substring.
+zoneFileString :: String -> String
+zoneFileString s = concat
+ [ [op, w]
+ , (intercalate "\n\t" $
+ map (\x -> [q] ++ filter (/= q) x ++ [q]) $
+ Split.chunksOf 255 s)
+ , [w, cp]
+ ]
+ where
+ op = '('
+ cp = ')'
+ w = ' '
+ q = '"'
+
-- | Adjusts the serial number of the zone to always be larger
-- than the serial number in the Zone record,
-- and always be larger than the passed SerialNumber.