summaryrefslogtreecommitdiff
path: root/CHANGELOG
diff options
context:
space:
mode:
Diffstat (limited to 'CHANGELOG')
-rw-r--r--[l---------]CHANGELOG1170
1 files changed, 1169 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index d526672c..cb313e2f 120000..100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1 +1,1169 @@
-debian/changelog \ No newline at end of file
+propellor (3.2.3) unstable; urgency=medium
+
+ * Improve extraction of gpg secret key id list, to work with gpg 2.1.
+ * The propellor wrapper checks if ./config.hs exists; if so it runs
+ using the configuration in the current directory, rather than
+ ~/.propellor/config.hs
+ * Debootstap: Fix too tight permissions lock down of debootstrapped
+ chroots, which prevented non-root users from doing anything in the
+ chroot.
+
+ -- Joey Hess <id@joeyh.name> Tue, 22 Nov 2016 11:36:18 -0400
+
+propellor (3.2.2) unstable; urgency=medium
+
+ * Added Linode.serialGrub property.
+ * Clean up build warnings about redundant constraints when built with ghc 8.0.
+ * Added Group.hasUser property. Thanks, Daniel Brooks
+
+ -- Joey Hess <id@joeyh.name> Fri, 11 Nov 2016 17:54:44 -0400
+
+propellor (3.2.1) unstable; urgency=medium
+
+ * Simplify Debootstrap.sourceInstall since #770217 was fixed.
+ * Debootstap.installed: Fix inverted logic that made this never install
+ debootstrap. Thanks, mithrandi.
+
+ -- Joey Hess <id@joeyh.name> Mon, 03 Oct 2016 18:06:31 -0400
+
+propellor (3.2.0) unstable; urgency=medium
+
+ [ Sean Whitton ]
+ * Using ccache with Sbuild.built & Sbuild.builtFor is now toggleable: these
+ properties now take a parameter of type Sbuild.UseCcache. (API Change)
+ * Sbuild.piupartsConf: no longer takes an Apt.Url. (API Change)
+ * Sbuild.piupartsConf & Sbuild.piupartsConfFor: does nothing if corresponding
+ schroot not built.
+ Previously, these properties built the schroot if it was missing.
+ * Sbuild.built & Sbuild.piupartsConf: add an additional alias to sid chroots.
+ This is for compatibility with `dgit sbuild`.
+ * Further improvements to Sbuild.hs haddock.
+
+ [ Joey Hess ]
+ * Tor.hiddenService: Converted port parameter from Int to Port. (API change)
+ * Tor.hiddenServiceAvailable: The hidden service hostname file may not
+ be available immedaitely after configuring tor; avoid ugly error in
+ this case.
+
+ -- Joey Hess <id@joeyh.name> Sat, 10 Sep 2016 11:39:40 -0400
+
+propellor (3.1.2) unstable; urgency=medium
+
+ [ Joey Hess ]
+ * Ssh.knownHost: Bug fix: Only fix up the owner of the known_hosts
+ file after it exists.
+
+ [ Sean Whitton ]
+ * Sbuild.keypairInsecurelyGenerated: Improved to be more robust.
+ * Pass --allow-unrelated-histories to git merge when run with git 2.9 or
+ newer. This fixes the /usr/bin/propellor wrapper with this version of git.
+ * Sbuild.built & Sbuild.builtFor no longer require Sbuild.keypairGenerated.
+ Transition guide: If you are using sbuild 0.70.0 or newer, you should
+ `rm -r /var/lib/sbuild/apt-keys`. Otherwise, you should add either
+ Sbuild.keypairGenerated or Sbuild.keypairInsecurelyGenerated to your host.
+ * Sbuild haddock improvements:
+ - State that we don't support squeeze and Buntish older than trusty.
+ This is due to our enhancements, such as eatmydata.
+ - State that you need sbuild 0.70.0 or newer to build for stretch.
+ This is due to gpg2 hitting Debian stretch.
+ - Explain when a keygen is required.
+ - Update sample ~/.sbuildrc for sbuild 0.71.0.
+ - Add hint for customising chroots with propellor.
+ - Update example usage of System type.
+
+ -- Joey Hess <id@joeyh.name> Sun, 28 Aug 2016 14:39:23 -0400
+
+propellor (3.1.1) unstable; urgency=medium
+
+ * Haddock build fix.
+ Thanks, Sean Whitton
+
+ -- Joey Hess <id@joeyh.name> Thu, 23 Jun 2016 08:12:57 -0400
+
+propellor (3.1.0) unstable; urgency=medium
+
+ * Architecture changed from String to an ADT. (API Change)
+ Transition guide: Change "amd64" to X86_64, "i386" to X86_32,
+ "armel" to ARMEL, etc.
+ Thanks, Félix Sipma.
+ * The Debian data type now includes a DebianKernel. (API Change)
+ This won't affect most config.hs, as osDebian defaults to
+ Linux. Added osDebian' can be used to specify a different kernel.
+ Thanks, Félix Sipma.
+ * Improve exception handling. A property that threw a non-IOException
+ used to stop the whole propellor run. Now, all non-async exceptions
+ only make the property that threw them fail. (Implicit API change)
+ * Added StopPropellorException and stopPropellorMessage which can be
+ used in the unusual case where a failure of one property should stop
+ propellor from trying to ensure any other properties.
+ * tryPropellor returns Either SomeException instead of Either IOException
+ (API change)
+ * Switch letsencrypt to certbot package name.
+ * Sbuild: Add keyringInsecurelyGenerated which is useful on throwaway
+ build VMs.
+ Thanks, Sean Whitton
+ * Added Propellor.Property.SiteSpecific.Exoscale.
+ Thanks, Sean Whitton
+ * Property.Reboot: Added toDistroKernel and toKernelNewerThan.
+ Thanks, Sean Whitton
+ * Added ConfFile.hasIniSection.
+ Thanks, Félix Sipma.
+ * Apt.install: When asked to install a package that apt does not know
+ about, it used to incorrectly succeed. Now it will fail.
+ * Property.Firejail: New module.
+ Thanks, Sean Whitton
+ * File: Write privdata files in binary rather than text, which avoids
+ failure when they do not contain valid unicode.
+ Thanks, Andrew Schurman
+ * Generalized fileProperty can now operate on a file as either a series
+ of lines, or a ByteString.
+
+ [ Sean Whitton ]
+ * New info property Schroot.useOverlays to indicate whether you want schroots
+ set up by propellor to use the Linux kernel's OverlayFS.
+ * Schroot.overlaysInTmpfs sets Schroot.useOverlays info property.
+ * If you have indicated that you want schroots to use OverlayFS and the
+ current kernel does not support it, Sbuild.built will attempt to reboot
+ into a kernel that does, or fail if it can't find one.
+ * Sbuild.built will no longer add duplicate `aliases=UNRELEASED,sid...` lines
+ to more than one schroot config. It will not remove any such lines that the
+ previous version of propellor added, though.
+ * Sbuild.keypairGenerated works around Debian bug #792100 by creating the
+ directory /root/.gnupg in advance.
+ * Ccache.hasCache now sets the setgid bit on the cache directory, as
+ ccache requires.
+
+ -- Joey Hess <id@joeyh.name> Wed, 22 Jun 2016 15:29:27 -0400
+
+propellor (3.0.5) unstable; urgency=medium
+
+ * Modules added for Sbuild and Ccache.
+ Thanks, Sean Whitton
+ * Systemd: Added killUserProcesses property, which can be reverted
+ to return systemd to its default behavior before version 230 started
+ killing processes like screen sessions.
+ * Systemd: Added logindConfigured property.
+
+ -- Joey Hess <id@joeyh.name> Mon, 06 Jun 2016 17:13:21 -0400
+
+propellor (3.0.4) unstable; urgency=medium
+
+ * Run letsencrypt with --noninteractive.
+ * Fix build with ghc 8.0.1.
+ Thanks, davean.
+ * Module added for the Borg backup system.
+ Thanks, Félix Sipma.
+ * Fix build with directory-1.2.6.2.
+
+ -- Joey Hess <id@joeyh.name> Sun, 22 May 2016 15:54:49 -0400
+
+propellor (3.0.3) unstable; urgency=medium
+
+ * Remove Propellor.DotDir from the propellor library, as its use of
+ Paths_propellor prevents use of the module out of propellor's tree.
+ This module is only needed for the wrapper program anyway, which
+ handles --init.
+
+ -- Joey Hess <id@joeyh.name> Sun, 01 May 2016 17:51:37 -0400
+
+propellor (3.0.2) unstable; urgency=medium
+
+ * Added Apt.periodicUpdates.
+ Thanks, Félix Sipma.
+ * Apt.unattendedUpgrades: Enable mailing problem reports to root.
+ Thanks, Félix Sipma.
+ * Added Propellor.Property.Fstab, and moved the fstabbed property to there.
+ * Attic module added for the backup system.
+ Thanks, Félix Sipma.
+ * Fix build with directory-1.2.6.2.
+
+ -- Joey Hess <id@joeyh.name> Sat, 30 Apr 2016 15:46:50 -0400
+
+propellor (3.0.1) unstable; urgency=medium
+
+ * propellor --init now runs cabal sandbox init if cabal has been
+ configured with require-sandbox: True.
+ Thanks, Sean Whitton
+ * Re-bundled concurrent-output so propellor can be deployed to Debian
+ stable systems without installing it (insecurely) from hackage.
+
+ -- Joey Hess <id@joeyh.name> Tue, 05 Apr 2016 13:35:54 -0400
+
+propellor (3.0.0) unstable; urgency=medium
+
+ * Property types have been improved to indicate what systems they target.
+ This prevents using eg, Property FreeBSD on a Debian system.
+ Transition guide for this sweeping API change:
+ - First, upgrade to propellor 2.17.2 and deploy that to all your hosts.
+ Otherwise, propellor --spin will fail when you upgrade to
+ propellor 3.0.0.
+ - Change "host name & foo & bar"
+ to "host name $ props & foo & bar"
+ - Similarly, `propertyList` and `combineProperties` need `props`
+ to be used to combine together properties; they no longer accept
+ lists of properties. (If you have such a list, use `toProps`.)
+ - And similarly, Chroot, Docker, and Systemd container need `props`
+ to be used to combine together the properies used inside them.
+ - The `os` property is removed. Instead use `osDebian`, `osBuntish`,
+ or `osFreeBSD`. These tell the type checker the target OS of a host.
+ - Change "Property NoInfo" to "Property UnixLike"
+ - Change "Property HasInfo" to "Property (HasInfo + UnixLike)"
+ - Change "RevertableProperty NoInfo" to
+ "RevertableProperty UnixLike UnixLike"
+ - Change "RevertableProperty HasInfo" to
+ "RevertableProperty (HasInfo + UnixLike) UnixLike"
+ - GHC needs {-# LANGUAGE TypeOperators #-} to use these fancy types.
+ This is enabled by default for all modules in propellor.cabal. But
+ if you are using propellor as a library, you may need to enable it
+ manually.
+ - If you know a property only works on a particular OS, like Debian
+ or FreeBSD, use that instead of "UnixLike". For example:
+ "Property Debian"
+ - It's also possible make a property support a set of OS's, for example:
+ "Property (Debian + FreeBSD)"
+ - Removed `infoProperty` and `simpleProperty` constructors, instead use
+ `property` to construct a Property.
+ - Due to the polymorphic type returned by `property`, additional type
+ signatures tend to be needed when using it. For example, this will
+ fail to type check, because the type checker cannot guess what type
+ you intend the intermediate property "go" to have:
+ foo :: Property UnixLike
+ foo = go `requires` bar
+ where
+ go = property "foo" (return NoChange)
+ To fix, specify the type of go:
+ go :: Property UnixLike
+ - `ensureProperty` now needs to be passed a witness to the type of the
+ property it's used in.
+ change this: foo = property desc $ ... ensureProperty bar
+ to this: foo = property' desc $ \w -> ... ensureProperty w bar
+ - General purpose properties like cmdProperty have type "Property UnixLike".
+ When using that to run a command only available on Debian, you can
+ tighten the type to only the OS that your more specific property works on.
+ For example:
+ upgraded :: Property Debian
+ upgraded = tightenTargets (cmdProperty "apt-get" ["upgrade"])
+ - Several utility functions have been renamed:
+ getInfo to fromInfo
+ propertyInfo to getInfo
+ propertyDesc to getDesc
+ propertyChildren to getChildren
+ * The new `pickOS` property combinator can be used to combine different
+ properties, supporting different OS's, into one Property that chooses
+ which to use based on the Host's OS.
+ * Re-enabled -O0 in propellor.cabal to reign in ghc's memory use handling
+ these complex new types.
+ * Added dependency on concurrent-output; removed embedded copy.
+ * Apt.PPA: New module, contributed by Evan Cofsky.
+ * Improved propellor's first run experience; propellor --init will
+ walk the user through setting up ~/.propellor, with a choice between
+ a clone of propellor's git repository, or a minimal config, and will
+ configure propellor to use a gpg key.
+ * Stack support. "git config propellor.buildsystem stack" will make
+ propellor build its config using stack.
+ * When propellor is installed using stack, propellor --init will
+ automatically set propellor.buildsystem=stack.
+
+ -- Joey Hess <id@joeyh.name> Sat, 02 Apr 2016 15:33:26 -0400
+
+propellor (2.17.2) unstable; urgency=medium
+
+ * When new dependencies are added to propellor or the propellor config,
+ try harder to get them installed. In particular, this makes
+ propellor --spin work when the remote host needs to get dependencies
+ installed in order to build the updated config.
+ * Apt.update: Also run dpkg --configure -a here as apt for some reason
+ won't even update if dpkg was interrupted.
+
+ -- Joey Hess <id@joeyh.name> Wed, 30 Mar 2016 15:45:08 -0400
+
+propellor (2.17.1) unstable; urgency=medium
+
+ * Avoid generating excessively long paths to the unix socket file
+ used for ssh connection caching. Mostly. Can still generate a too long
+ one if $HOME is longer than 60 bytes.
+ * Uwsgi: add ".ini" extension to app config files.
+ Files without extensions were ignored by uwsgi.
+ Thanks, Félix Sipma.
+
+ -- Joey Hess <id@joeyh.name> Mon, 28 Mar 2016 11:06:34 -0400
+
+propellor (2.17.0) unstable; urgency=medium
+
+ * Added initial support for FreeBSD.
+ Thanks, Evan Cofsky.
+ * Added Propellor.Property.ZFS.
+ Thanks, Evan Cofsky.
+ * Firewall: Reorganized Chain data type. (API change)
+ Thanks, Félix Sipma.
+ * Firewall: Separated Table and Target (API change)
+ Thanks, Félix Sipma.
+ * Ssh: change type of listenPort from Int to Port (API change)
+ Thanks, Félix Sipma.
+ * Firewall: add TCPFlag, Frequency, TCPSyn, ICMPTypeMatch, NatDestination
+ Thanks, Félix Sipma.
+ * Network: Filter out characters not allowed in interfaces.d files.
+ Thanks, Félix Sipma.
+ * Apt.upgrade: Run dpkg --configure -a first, to recover from
+ interrupted upgrades.
+ * Apt: Add safeupgrade.
+ * Force ssh, scp, and git commands to be run in the foreground.
+ Should fix intermittent hangs of propellor --spin.
+ * Avoid repeated re-building on systems such as FreeBSD where building
+ re-links the binary even when there are no changes.
+ * Locale.available: Run locale-gen, instead of dpkg-reconfigure locales,
+ which modified the locale.gen file and sometimes caused the property to
+ need to make changes every time.
+ * Speed up propellor's build of itself, by asking cabal to only build
+ the propellor-config binary and not all the libraries.
+ * Tor.named: Fix bug that sometimes caused the property to fail the first
+ time, though retrying succeeded.
+
+ -- Joey Hess <id@joeyh.name> Thu, 24 Mar 2016 14:53:31 -0400
+
+propellor (2.16.0) unstable; urgency=medium
+
+ * Obnam: Only let one backup job run at a time when a host has multiple
+ different backup properties, to avoid concurrent jobs fighting over
+ scarce resources (particularly memory). Other jobs block on a lock
+ file.
+ * Removed references to a Debian derivative from code and documentation
+ because of an unfortunate trademark use policy.
+ http://joeyh.name/blog/entry/trademark_nonsense/
+ * That included changing a data constructor to "Buntish", an API change.
+ * Firewall.rule: Now takes a Table parameter. (API change)
+ * Firewall: add InIFace/OutIFace Rules, add Source/Destination Rules,
+ add CustomTarget, and more improvements.
+ Thanks, Félix Sipma.
+ * Ssh.authorizedKey: Fix bug preventing it from working when the
+ authorized_keys file does not yet exist.
+ * Removed Ssh.unauthorizedKey and made Ssh.authorizedKey revertable.
+ (API change)
+
+ -- Joey Hess <id@joeyh.name> Sat, 27 Feb 2016 13:31:57 -0400
+
+propellor (2.15.4) unstable; urgency=medium
+
+ * Build /usr/src/propellor/propellor.git reproducibly,
+ which makes the whole Debian package build reproducibly.
+ Thanks, Sean Whitton.
+ * Obnam: To cause old generations to be forgotten, keepParam can be
+ passed to a backup property; this causes obnam forget to be run.
+ * Delete /etc/apt/apt.conf.d/50unattended-upgrades.ucf-dist when
+ unattended-upgrades is installed, to work around #812380 which results
+ in many warnings from apt, including in cron mails.
+ * Added Propellor.Property.LetsEncrypt
+ * Apache.httpsVirtualHost: New property, setting up a https vhost
+ with the certificate automatically obtained using letsencrypt.
+ * Allow using combineProperties and propertyList with lists of
+ RevertableProperty.
+
+ -- Joey Hess <id@joeyh.name> Thu, 11 Feb 2016 12:49:10 -0400
+
+propellor (2.15.3) unstable; urgency=medium
+
+ * Added Git.bareRepoDefaultBranch property
+ Thanks, Sean Whitton.
+ * Add missing Control.Applicative imports needed by older versions of ghc.
+
+ -- Joey Hess <id@joeyh.name> Tue, 12 Jan 2016 12:37:22 -0400
+
+propellor (2.15.2) unstable; urgency=medium
+
+ * Added GNUPGBIN environment variable or git.program git config
+ to control the command run for gpg. Allows eg, GNUPGBIN=gpg2
+ Thanks, Félix Sipma.
+ * Bootstrap apt-get installs run with deconf noninteractive frontend.
+ * spin --via: Avoid committing on relay host.
+ * Postfix: Add service property to enable/disable services in master.cf.
+ * Added Munin module, contributed by Jelmer Vernooij.
+
+ -- Joey Hess <id@joeyh.name> Sun, 03 Jan 2016 16:56:26 -0400
+
+propellor (2.15.1) unstable; urgency=medium
+
+ * Added git configs propellor.spin-branch and propellor.forbid-dirty-spin.
+ Thanks, Sean Whitton.
+ * Added User.systemAccountFor and User.systemAccountFor' properties.
+ Thanks, Félix Sipma.
+ * Gpg.keyImported converted to not use a flag file and instead check
+ if gpg has the provided key already.
+ Thanks, Félix Sipma.
+ * Clean build with ghc 7.10.
+ * Merged Utility changes from git-annex.
+
+ -- Joey Hess <id@joeyh.name> Sat, 19 Dec 2015 16:43:09 -0400
+
+propellor (2.15.0) unstable; urgency=medium
+
+ * Added UncheckedProperty type, along with unchecked to indicate a
+ Property needs its result checked, and checkResult and changesFile
+ to check for changes.
+ * Properties that run an arbitrary command, such as cmdProperty
+ and scriptProperty are converted to use UncheckedProperty, since
+ they cannot tell on their own if the command truely made a change or not.
+ (API Change)
+ Transition guide:
+ - When GHC complains about an UncheckedProperty, add:
+ `assume` MadeChange
+ (Since these properties used to always return MadeChange, that
+ change is always safe to make.)
+ - Or, if you know that the command should modifiy a file, use:
+ `changesFile` filename
+ * The `trivial` combinator has been removed. (API change)
+ Instead, use:
+ `assume` NoChange
+ Or, better, use changesFile or checkResult to accurately report
+ when a property makes a change.
+ * A few properties have had their Result improved, for example
+ Apt.buldDep and Apt.autoRemove now check if a change was made or not.
+ * User.hasDesktopGroups changed to avoid trying to add the user to
+ groups that don't exist.
+ * Added Postfix.saslPasswdSet.
+ * Added Propellor.Property.Locale.
+ Thanks, Sean Whitton.
+ * Added Propellor.Property.Fail2Ban.
+
+ -- Joey Hess <id@joeyh.name> Sun, 06 Dec 2015 15:33:51 -0400
+
+propellor (2.14.0) unstable; urgency=medium
+
+ * Add Propellor.Property.PropellorRepo.hasOriginUrl, an explicit way to
+ set the git repository url normally implicitly set when using --spin.
+ * Added Chroot.noServices property.
+ * DiskImage creation automatically uses Chroot.noServices.
+ * Removed the (unused) dependency on quickcheck.
+ * DebianMirror: Added a DebianMirror type for configuration (API change)
+ Thanks, Félix Sipma.
+ * DebianMirror: Add RsyncExtra to configuration.
+ Thanks, Félix Sipma.
+ * Added Git.repoConfigured and Git.repoAcceptsNonFFs properties.
+ Thanks, Sean Whitton
+ * Added User.hasDesktopGroups property.
+
+ -- Joey Hess <id@joeyh.name> Tue, 24 Nov 2015 16:03:55 -0400
+
+propellor (2.13.0) unstable; urgency=medium
+
+ * RevertableProperty used to be assumed to contain info, but this is
+ now made explicit, with RevertableProperty HasInfo or
+ RevertableProperty NoInfo. (API change)
+ Transition guide:
+ - If you define a RevertableProperty, expect some type check
+ failures like: "Expecting one more argument to ‘RevertableProperty’".
+ - Change it to "RevertableProperty NoInfo"
+ - The compiler will then tell you if it needs "HasInfo" instead.
+ - If you have code that uses the RevertableProperty constructor
+ that fails to type check, use the more powerful <!> operator
+ instead to create the RevertableProperty.
+ * Various property combinators that combined a RevertableProperty
+ with a non-revertable property used to yield a RevertableProperty.
+ This was a bug, because the combined property could not be fully
+ reverted in many cases, and the result is now a non-revertable property.
+ * combineWith now takes an additional parameter to control how revert
+ actions are combined (API change).
+ * Added Propellor.Property.Concurrent for concurrent properties.
+ * Made the execProcess exported by propellor, and everything built on it,
+ avoid scrambled output when run concurrently.
+ * Propellor now depends on STM and text.
+ * The cabal file now builds propellor with -O. While -O0 makes ghc
+ take less memory while building propellor, it can lead to bad memory
+ usage at runtime due to eg, disabled stream fusion.
+ * Add File.isCopyOf. Thanks, Per Olofsson.
+
+ -- Joey Hess <id@joeyh.name> Sun, 08 Nov 2015 14:51:15 -0400
+
+propellor (2.12.0) unstable; urgency=medium
+
+ * The DiskImage module can now make bootable images using grub.
+ * Add a ChrootTarball chroot type, for using pre-built tarballs
+ as chroots. Thanks, Ben Boeckel.
+ * HostName: Improve domain extraction code.
+ * Added Mount.fstabbed property to generate /etc/fstab to replicate
+ current mounts.
+ * HostName: Improve domain extraction code.
+ * Add File.basedOn. Thanks, Per Olofsson.
+ * Changed how the operating system is provided to Chroot (API change).
+ Where before debootstrapped and bootstrapped took a System parameter,
+ the os property should now be added to the Chroot.
+ * Follow-on change to Systemd.container, which now takes a System parameter.
+ * Generalized Property.check so it can be used with Propellor actions as
+ well as IO actions.
+ * Hostname.sane and Hostname.setTo can now safely be used as a property
+ of a chroot, and won't affect the hostname of the host system.
+
+ -- Joey Hess <id@joeyh.name> Fri, 23 Oct 2015 17:38:32 -0400
+
+propellor (2.11.0) unstable; urgency=medium
+
+ * Rewrote Propellor.Property.ControlHeir one more time, renaming it to
+ Propellor.Property.Conductor.
+ * Added Ssh properties to remove authorized_keys and known_hosts lines.
+
+ -- Joey Hess <id@joeyh.name> Wed, 21 Oct 2015 19:49:00 -0400
+
+propellor (2.10.0) unstable; urgency=medium
+
+ * The Propellor.Property.Spin added in the last release is replaced
+ with a very different Propellor.Property.ControlHeir.
+
+ -- Joey Hess <id@joeyh.name> Tue, 20 Oct 2015 21:29:12 -0400
+
+propellor (2.9.0) unstable; urgency=medium
+
+ * Added basic Uwsgi module, maintained by Félix Sipma.
+ * Add Apt.hasForeignArch. Thanks, Per Olofsson.
+ * Improved documentation, particularly of the Propellor module.
+ * The Propellor module no longer exports many of the things it used to,
+ being now focused on only what's needed to write config.hs.
+ Use Propellor.Base to get all the things exported by Propellor before.
+ (API change)
+ * Some renaming of instance methods, and moving of functions to more
+ appropriate modules. (API change)
+ * Added File.isSymlinkedTo. Thanks, Per Olofsson.
+ * fileProperty, and properties derived from it now write the new
+ file content via origfile.propellor-new~, instead of to a randomly named
+ temp file. This allows them to clean up any temp file that may have
+ been left by an interrupted run of propellor.
+ * Added Propellor.Property.Spin, which can be used to make a host be a
+ controller of other hosts, which will automatically spin them each time
+ propellor is run.
+ * Ssh.keyImported is replaced with Ssh.userKeys. (API change)
+ The new property only gets the private key from the privdata; the
+ public key is provided as a parameter, and so is available as
+ Info that other properties can use.
+ * Ssh.keyImported' is renamed to Ssh.userKeyAt, and also changed
+ to only import the private key from the privdata. (API change)
+ * While Ssh.keyImported and Ssh.keyImported' avoided updating existing
+ keys, the new Ssh.userKeys and Ssh.userKeyAt properties will
+ always update out of date key files.
+ * Ssh.pubKey renamed to Ssh.hostPubKey. (API change)
+ * Added --unset-unused
+ * Fix typo: propigate → propagate. Thanks, Felix Gruber.
+ (A minor API change)
+ * Chroot: Converted to use a ChrootBootstrapper type class, so
+ other ways to bootstrap chroots can easily be added in separate
+ modules. (API change)
+
+ -- Joey Hess <id@joeyh.name> Tue, 20 Oct 2015 15:43:12 -0400
+
+propellor (2.8.1) unstable; urgency=medium
+
+ * Guard against power loss etc when building propellor, by updating
+ the executable atomically.
+ * Added Logcheck module, contributed by Jelmer Vernooij.
+ * Added Kerberos module, contributed by Jelmer Vernooij.
+ * Privdata that uses HostContext inside a container will now have the
+ name of the container as its context, rather than the name of
+ the host(s) where the container is used. This allows eg, having different
+ passwords for a user in different containers. Note that previously,
+ propellor would prompt using the container name as the context, but
+ not actually use privdata using that context; so this is a bug fix.
+ * Fix --add-key to not fail committing when no privdata file exists yet.
+
+ -- Joey Hess <id@joeyh.name> Sun, 04 Oct 2015 13:54:59 -0400
+
+propellor (2.8.0) unstable; urgency=medium
+
+ * Added Propellor.Property.Rsync.
+ * Convert Info to use Data.Dynamic, so properties can export and consume
+ info of any type that is Typeable and a Monoid, including data types
+ private to a module. (API change)
+ Thanks to Joachim Breitner for the idea.
+ * Improve propellor wrapper to better handle installation cloning
+ the public propellor repo, by setting that repo to be upstream,
+ so propellor doesnt try to push to a read-only repo.
+ * Added DebianMirror module, contributed by Félix Sipma.
+ * Some hlint cleanups.
+ Thanks, Mario Lang
+ * Added Propellor.Property.Unbound for the caching DNS server.
+ Thanks, Félix Sipma.
+ * Added PTR to Dns.Record. While this is ignored by
+ Propellor.Property.Dns for now, since reverse DNS setup is not
+ implemented there yet, it can be used in other places, eg Unbound.
+ Thanks, Félix Sipma.
+ * PrivData converted to newtype (API change).
+ * Stopped stripping trailing newlines when setting PrivData;
+ this was previously done to avoid mistakes when pasting eg passwords
+ with an unwanted newline. Instead, PrivData consumers should use either
+ privDataLines or privDataVal, to extract respectively lines or a
+ value (without internal newlines) from PrivData.
+ * Allow storing arbitrary ByteStrings in PrivData, extracted using
+ privDataByteString.
+ * Added Aiccu module, contributed by Jelmer Vernooij.
+ * Added --rm-key.
+
+ -- Joey Hess <id@joeyh.name> Tue, 22 Sep 2015 19:35:07 -0400
+
+propellor (2.7.3) unstable; urgency=medium
+
+ * Fix bug that caused provisioning new chroots to fail.
+ * Update for Debian systemd-container package split.
+ * Added Propellor.Property.Parted, for disk partitioning.
+ * Added Propellor.Property.Partition, for partition formatting etc.
+ * Added Propellor.Property.DiskImage, for bootable disk image creation.
+ (Experimental and not yet complete.)
+ * Dropped support for ghc 7.4.
+
+ -- Joey Hess <id@joeyh.name> Thu, 03 Sep 2015 08:52:51 -0700
+
+propellor (2.7.2) unstable; urgency=medium
+
+ * Added Propellor.Property.ConfFile, with support for Windows-style .ini
+ files, and generic support for files containing some sort of sections.
+ Thanks, Sean Whitton for completing the implementation.
+ * Added Propellor.Property.LightDM
+ Thanks, Sean Whitton.
+ * Multiple Tor.hiddenService properties can now be defined for a host;
+ previously only one such property worked per host.
+ Thanks, Félix Sipma.
+
+ -- Joey Hess <id@joeyh.name> Tue, 25 Aug 2015 12:00:25 -0700
+
+propellor (2.7.1) unstable; urgency=medium
+
+ * Make sure that make is installed when bootstrapping propellor.
+ * Fix bug in Firewall's Port datatype to iptable parameter translation code.
+ Thanks, Antoine Eiche.
+
+ -- Joey Hess <id@joeyh.name> Fri, 14 Aug 2015 15:01:37 -0400
+
+propellor (2.7.0) unstable; urgency=medium
+
+ * Ssh.permitRootLogin type changed to allow configuring WithoutPassword
+ and ForcedCommandsOnly (API change)
+ * setSshdConfig type changed, and setSshdConfigBool added with old type.
+ * Fix a bug in shim generation code for docker and chroots, that
+ sometimes prevented deployment of docker containers.
+ * Added onChangeFlagOnFail which is often a safer alternative to
+ onChange.
+ Thanks, Antoine Eiche.
+ * Work around broken git pull option parser in git 2.5.0,
+ which broke use of --upload-pack to send a git push when running
+ propellor --spin.
+
+ -- Joey Hess <id@joeyh.name> Thu, 30 Jul 2015 12:05:46 -0400
+
+propellor (2.6.0) unstable; urgency=medium
+
+ * Replace String type synonym Docker.Image by a data type
+ which allows to specify an image name and an optional tag. (API change)
+ Thanks, Antoine Eiche.
+ * Added --unset to delete a privdata field.
+ * Version dependency on exceptions.
+ * Systemd: Add masked property.
+ Thanks, Sean Whitton
+ * Fix make install target to work even when git is not configured.
+
+ -- Joey Hess <id@joeyh.name> Fri, 10 Jul 2015 22:36:29 -0400
+
+propellor (2.5.0) unstable; urgency=medium
+
+ * cmdProperty' renamed to cmdPropertyEnv to make way for a new,
+ more generic cmdProperty' (API change)
+ * Add docker image related properties.
+ Thanks, Antoine Eiche.
+ * Export CommandParam, boolSystem, safeSystem, shellEscape, and
+ createProcess from Propellor.Property.Cmd, so they are available
+ for use in constricting your own Properties when using propellor
+ as a library.
+ * Improve enter-machine scripts for systemd-nspawn containers to unset most
+ environment variables.
+ * Fix Postfix.satellite bug; the default relayhost was set to the
+ domain, not to smtp.domain as documented.
+ * Mount /proc inside a chroot before provisioning it, to work around #787227
+ * --spin now works when given a short hostname that only resolves to an
+ ipv6 address.
+ * Added publish property for systemd-spawn containers, for port publishing.
+ (Needs systemd version 220.)
+ * Added bind and bindRo properties for systemd-spawn containers.
+ * Firewall: Port was changed to a newtype, and the Port and PortRange
+ constructors of Rules were changed to DPort and DportRange, respectively.
+ (API change)
+ * Docker: volume and publish accept Bound FilePath and Bound Port,
+ respectively. They also continue to accept Strings, for backwards
+ compatibility.
+ * Docker: Added environment property.
+ Thanks Antoine Eiche.
+
+ -- Joey Hess <id@joeyh.name> Tue, 09 Jun 2015 17:08:43 -0400
+
+propellor (2.4.0) unstable; urgency=medium
+
+ * Propellor no longer supports Debian wheezy (oldstable).
+ * Git.bareRepo: Fix bug in calls to userScriptProperty.
+ Thanks, Jelmer Vernooij.
+ * Removed Obnam.latestVersion which was only needed for Debian wheezy
+ backport.
+ * Merged Utility changes from git-annex.
+ * Switched from MonadCatchIO-transformers to the newer transformers and
+ exceptions libraries.
+ * Ensure build deps are installed before building propellor in --spin
+ and cron job, even if propellor was already built before, to deal with
+ upgrades that add new dependencies.
+
+ -- Joey Hess <id@joeyh.name> Wed, 06 May 2015 14:28:59 -0400
+
+propellor (2.3.0) unstable; urgency=medium
+
+ * Make propellor resistent to changes to shared libraries, such as libffi,
+ which might render the propellor binary unable to run. This is dealt with
+ by checking the binary both when running propellor on a remote host,
+ and by Cron.runPropellor. If the binary doesn't work, it will be rebuilt.
+ * Note that since a new switch had to be added to allow testing the binary,
+ upgrading to this version will cause a rebuild from scratch of propellor.
+ * Added hasLoginShell and shellEnabled.
+ * debCdn changed to new httpredir.debian.org official replacement for
+ http.debian.net.
+ * API change: Added User and Group newtypes, and Properties that
+ used to use the type UserName = String were changed to use them.
+
+ -- Joey Hess <id@joeyh.name> Wed, 22 Apr 2015 13:46:24 -0400
+
+propellor (2.2.1) unstable; urgency=medium
+
+ * userScriptProperty now passes --shell /bin/sh, so it can be used
+ even for users with nonstandard shells.
+ * Fix bug in docker propellor shim setup introduced in last release,
+ which broke provisioning of new docker containers.
+
+ -- Joey Hess <id@joeyh.name> Thu, 12 Mar 2015 20:08:34 -0400
+
+propellor (2.2.0) unstable; urgency=medium
+
+ * When running shimmed (eg in a docker container),
+ improve process name visible in ps.
+ * Add shebang to cron.daily etc files.
+ * Some changes to tor configuration, minor API change.
+ * Propellor now builds itself, and gets its build dependencies installed
+ when deploying to a new host, without needing the Makefile.
+
+ -- Joey Hess <id@joeyh.name> Mon, 09 Mar 2015 12:02:31 -0400
+
+propellor (2.1.0) unstable; urgency=medium
+
+ * Additional tor properties, including support for making relays,
+ and naming bridges, relays, etc.
+ * New Cron.Times data type, which allows Cron.job to install
+ daily/monthly/weekly jobs that anacron can run. (API change)
+ * Fix Git.daemonRunning to restart inetd after enabling the git server.
+ * Ssh.authorizedKey: Make the authorized_keys file and .ssh directory
+ be owned by the user, not root.
+ * Ssh.knownHost: Make the .ssh directory be owned by the user, not root.
+
+ -- Joey Hess <id@joeyh.name> Thu, 12 Feb 2015 12:36:26 -0400
+
+propellor (2.0.0) unstable; urgency=medium
+
+ * Property has been converted to a GADT, and will be Property NoInfo
+ or Property HasInfo.
+ This was done to make sure that ensureProperty is only used on
+ properties that do not have Info.
+ Transition guide:
+ - Change all "Property" to "Property NoInfo" or "Property HasInfo"
+ (The compiler can tell you if you got it wrong!)
+ - To construct a RevertableProperty, it is useful to use the new
+ (<!>) operator
+ - Constructing a list of properties can be problimatic, since
+ Property NoInto and Property HasInfo are different types and cannot
+ appear in the same list. To deal with this, "props" has been added,
+ and can built up a list of properties of different types,
+ using the same (&) and (!) operators that are used to build
+ up a host's properties.
+ * Add descriptions of how to set missing fields to --list-fields output.
+ * Properties now form a tree, instead of the flat list used before.
+ This includes the properties used inside a container.
+ * Fix info propagation from fallback combinator's second Property.
+ * Added systemd configuration properties.
+ * Added journald configuration properties.
+ * Added more network interface configuration properties.
+ * Implemented OS.preserveNetwork.
+
+ -- Joey Hess <id@joeyh.name> Sun, 25 Jan 2015 15:23:08 -0400
+
+propellor (1.3.2) unstable; urgency=medium
+
+ * SSHFP records are also generated for CNAMES of hosts.
+ * Merge Utiity modules from git-annex.
+ * Ignore bogus DNS when spinning the local host.
+
+ -- Joey Hess <id@joeyh.name> Thu, 15 Jan 2015 14:02:07 -0400
+
+propellor (1.3.1) unstable; urgency=medium
+
+ * Fix bug that prevented deploying ssh host keys when the file for the
+ key didn't already exist.
+ * DNS records for hosts with known ssh public keys now automatically
+ include SSHFP records.
+
+ -- Joey Hess <id@joeyh.name> Sun, 04 Jan 2015 19:51:34 -0400
+
+propellor (1.3.0) unstable; urgency=medium
+
+ * --spin checks if the DNS matches any configured IP address property
+ of the host, and if not, sshes to the host by IP address.
+ * Detect #774376 and refuse to use docker if the system is so broken
+ that docker exec doesn't enter a chroot.
+ * Update intermediary propellor in --spin --via
+ * Added support for DNSSEC.
+ * Ssh.hostKey and Ssh.hostKeys no longer install public keys from
+ the privdata. Instead, the public keys are included in the
+ configuration. (API change)
+ * Ssh.hostKeys now removes any host keys of types that the host is not
+ configured to have.
+ * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType
+ parameter. (API change)
+ * CloudAtCost.deCruft no longer forces randomHostKeys.
+ * Fix build with process 1.2.1.0.
+
+ -- Joey Hess <id@joeyh.name> Sun, 04 Jan 2015 17:17:44 -0400
+
+propellor (1.2.2) unstable; urgency=medium
+
+ * Revert ensureProperty warning message, too many false positives in places
+ where Info is correctly propagated. Better approach needed.
+
+ -- Joey Hess <id@joeyh.name> Sun, 21 Dec 2014 21:41:11 -0400
+
+propellor (1.2.1) unstable; urgency=medium
+
+ * Added CryptPassword to PrivDataField, for password hashes as produced
+ by crypt(3).
+ * User.hasPassword and User.hasSomePassword will now use either
+ a CryptPassword or a Password from privdata, depending on which is set.
+
+ -- Joey Hess <id@joeyh.name> Wed, 17 Dec 2014 16:30:44 -0400
+
+propellor (1.2.0) unstable; urgency=medium
+
+ * Display a warning when ensureProperty is used on a property which has
+ Info and is so prevented from propigating it.
+ * Removed boolProperty; instead the new toResult can be used. (API change)
+ * Include Propellor.Property.OS, which was accidentially left out of the
+ cabal file in the last release.
+ * Fix Apache.siteEnabled to update the config file and reload apache when
+ configuration has changed.
+
+ -- Joey Hess <id@joeyh.name> Tue, 09 Dec 2014 00:05:09 -0400
+
+propellor (1.1.0) unstable; urgency=medium
+
+ * --spin target --via relay causes propellor to bounce through an
+ intermediate relay host, which handles any necessary uploads
+ when provisioning the target host.
+ * --spin can be passed multiple hosts, and it will provision each host
+ in turn.
+ * Add --merge, to combine multiple --spin commits into a single, more useful
+ commit.
+ * Hostname parameters not containing dots are looked up in the DNS to
+ find the full hostname.
+ * propellor --spin can now deploy propellor to hosts that do not have
+ git, ghc, or apt-get. This is accomplished by uploading a fairly
+ portable precompiled tarball of propellor.
+ * Propellor.Property.OS contains properties that can be used to do a clean
+ reinstall of the OS of an existing host. This can be used, for example,
+ to do an in-place conversion from Fedora to Debian.
+ This is experimental; use with caution!
+ * Added group-related properties. Thanks, Félix Sipma.
+ * Added Git.barerepo. Thanks, Félix Sipma.
+ * Added Grub.installed and Grub.boots properties.
+ * New HostContext can be specified when a PrivData value varies per host.
+ * hasSomePassword and hasPassword now default to using HostContext.
+ To specify a different context, use hasSomePassword' and
+ hasPassword' (API change)
+ * hasSomePassword and hasPassword now make sure shadow passwords are enabled.
+ * cron.runPropellor now runs propellor, rather than using its Makefile.
+ This is more robust.
+ * propellor.debug can be set in the git config to enable more persistent
+ debugging output.
+ * Run apt-cache policy with LANG=C so it works on other locales.
+ * endAction can be used to register an action to run once propellor
+ has successfully run on a host.
+
+ -- Joey Hess <id@joeyh.name> Sun, 07 Dec 2014 15:23:59 -0400
+
+propellor (1.0.0) unstable; urgency=medium
+
+ * propellor --spin can now be used to update remote hosts, without
+ any central git repository needed. The central git repository is
+ still useful for running propellor from cron, but this simplifies
+ getting started with propellor, and allows for more ad-hoc usage.
+ * The git repo url, if any, is updated whenever propellor --spin is used.
+ * Added prosody module, contributed by Félix Sipma.
+ * Can be used to configure tor hidden services. Thanks, Félix Sipma.
+ * When multiple gpg keys are added, ensure that the privdata file
+ can be decrypted by all of them.
+ * Convert GpgKeyId to newtype. (API change)
+ * DigitalOcean.distroKernel property now reboots into the distribution
+ kernel when necessary.
+ * Avoid outputting color setting sequences when not run on a terminal.
+ * Docker code simplified by using `docker exec`; needs docker 1.3.1.
+ * Docker containers are now a separate data type, cannot be included
+ in the main host list, and are instead passed to
+ Docker.docked. (API change)
+ * Added support for using debootstrap from propellor.
+ * Propellor can now be used to provision chroots.
+ * systemd-nspawn containers can now be managed by propellor, very similar
+ to its handling of docker containers.
+ * Debian package will be maintained by Gergely Nagy.
+
+ -- Joey Hess <id@joeyh.name> Fri, 21 Nov 2014 20:58:02 -0400
+
+propellor (0.9.2) unstable; urgency=medium
+
+ * Added nginx module, contributed by Félix Sipma.
+ * Added firewall module, contributed by Arnaud Bailly.
+ * Apache: Fix daemon reload when enabling a new module or site.
+ * Docker: Stop using docker.io; that was a compat symlink in
+ the Debian package which has been removed in docker.io 1.3.1~dfsg1-2.
+ Closes: #769452
+ * Orphaned the Debian package, as I am retiring from Debian.
+
+ -- Joey Hess <joeyh@debian.org> Sat, 08 Nov 2014 15:57:36 -0400
+
+propellor (0.9.1) unstable; urgency=medium
+
+ * Docker: Add ability to control when containers restart.
+ * Docker: Default to always restarting containers, so they come back
+ up after reboots and docker daemon upgrades. (API change)
+ * Fix loop when a docker host that does not exist was docked.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 24 Oct 2014 09:57:31 -0400
+
+propellor (0.9.0) unstable; urgency=medium
+
+ * Avoid encoding the current stable suite in propellor's code,
+ since that poses a difficult transition around the release,
+ and can easily be wrong if an older version of propellor is used.
+ Instead, the os property for a stable system includes the suite name
+ to use, eg Stable "wheezy".
+ * stdSourcesList uses the stable suite name, to avoid unwanted
+ immediate upgrades to the next stable release. (API change)
+ * debCdn switched from cdn.debian.net to http.debian.net, which seems to be
+ better managed now.
+ * Docker: Avoid committing container every time it's started up.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 10 Oct 2014 11:37:45 -0400
+
+propellor (0.8.3) unstable; urgency=medium
+
+ * The Debian package now includes a single-revision git repository in
+ /usr/src/propellor/, and ~/.propellor/ is set up to use this repository as
+ its origin remote. This avoids relying on the security of the github
+ repository when using the Debian package.
+ * The /usr/bin/propellor wrapper will warn when ~/.propellor/ is out of date
+ and a newer version is available, after which git merge upstream/master
+ can be run to merge it.
+ * Included the config.hs symlink to config-simple.hs in the cabal and Debian
+ packages.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 22 Aug 2014 13:02:01 -0400
+
+propellor (0.8.2) unstable; urgency=medium
+
+ * Fix bug in File.containsLines that caused lines that were already in the
+ file to sometimes be appended to the end.
+ * Hostname.sane also configures /etc/mailname.
+ * Fixed Postfix.satellite to really configure relayhost = smtp.domain.
+ * Avoid reconfiguring postfix unncessarily when it already has a relayhost.
+ * Deal with apache 2.4's change in the name of site-available config files.
+ * Hostname aliases can now be used in several places, including --spin
+ and Ssh.knownHost.
+
+ -- Joey Hess <joeyh@debian.org> Mon, 04 Aug 2014 01:12:19 -0400
+
+propellor (0.8.1) unstable; urgency=medium
+
+ * Run apt-get update in initial bootstrap.
+ * --list-fields now includes a table of fields that are not currently set,
+ but would be used if they got set.
+ * Remove .gitignore from cabal file list, to avoid build failure on Debian.
+ Closes: #754334
+
+ -- Joey Hess <joeyh@debian.org> Wed, 09 Jul 2014 22:11:31 -0400
+
+propellor (0.8.0) unstable; urgency=medium
+
+ * Completely reworked privdata storage. There is now a single file,
+ and each host is sent only the privdata that its Properties actually use.
+
+ To transition existing privdata, run propellor against a host and
+ watch out for the red failure messages, and run the suggested commands
+ to store the privdata using the new storage scheme. You may find
+ it useful to run the old version of propellor to extract data from the old
+ privdata files during this migration.
+
+ Several properties that use privdata now require a context to be
+ specified. If in doubt, you can use anyContext, or
+ Context "hostname.example.com"
+
+ * Add --edit to edit a privdata value in $EDITOR.
+ * Add --list-fields to list all currently set privdata fields, along with
+ the hosts that use them.
+ * Fix randomHostKeys property to run openssh-server's postinst in a
+ non-failing way.
+ * Hostname.sane now cleans up the 127.0.0.1 localhost line in /etc/hosts,
+ to avoid eg, apache complaining "Could not reliably determine the
+ server's fully qualified domain name".
+
+ -- Joey Hess <joeyh@debian.org> Sun, 06 Jul 2014 18:28:08 -0400
+
+propellor (0.7.0) unstable; urgency=medium
+
+ * combineProperties no longer stops when a property fails; now it continues
+ trying to satisfy all properties on the list before propigating the
+ failure.
+ * Attr is renamed to Info. (API change)
+ * Renamed wrapper to propellor to make cabal installation of propellor work.
+ * When git gpg signature of a fetched git branch cannot be verified,
+ propellor will now continue running, but without merging in that branch.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 13 Jun 2014 10:06:40 -0400
+
+propellor (0.6.0) unstable; urgency=medium
+
+ * Docker containers now propagate DNS attributes out to the host they're
+ docked in. So if a docker container sets a DNS alias, every container
+ it's docked in will automatically be added to a DNS round-robin,
+ when propellor is used to manage DNS for the domain.
+ * Apt.stdSourcesList no longer needs a suite to be specified. (API change)
+ * Added --dump to dump out a field of a host's privdata. Useful for editing
+ it.
+ * Propellor's output now includes the hostname being provisioned, or
+ when provisioning a docker container, the container name.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 05 Jun 2014 17:32:14 -0400
+
+propellor (0.5.3) unstable; urgency=medium
+
+ * Fix unattended-upgrades config for !stable.
+ * Ensure that kernel hostname is same as /etc/hostname when configuring
+ hostname.
+ * Added modules for some hosting providers (DigitalOcean, CloudAtCost).
+
+ -- Joey Hess <joeyh@debian.org> Thu, 29 May 2014 14:29:53 -0400
+
+propellor (0.5.2) unstable; urgency=medium
+
+ * A bug that caused propellor to hang when updating a running docker
+ container appears to have been fixed. Note that since it affects
+ the propellor process that serves as "init" of docker containers,
+ they have to be restarted for the fix to take effect.
+ * Licence changed from GPL to BSD.
+ * A few changes to allow building Propellor on OSX. One user reports
+ successfully using it there.
+
+ -- Joey Hess <joeyh@debian.org> Sat, 17 May 2014 16:42:55 -0400
+
+propellor (0.5.1) unstable; urgency=medium
+
+ * Primary DNS servers now have allow-transfer automatically populated
+ with the IP addresses of secondary dns servers. So, it's important
+ that all secondary DNS servers have an ipv4 (and/or ipv6) property
+ configured.
+ * Deal with old ssh connection caching sockets.
+ * Add missing build deps and deps. Closes: #745459
+
+ -- Joey Hess <joeyh@debian.org> Thu, 24 Apr 2014 18:09:58 -0400
+
+propellor (0.5.0) unstable; urgency=medium
+
+ * Removed root domain records from SOA. Instead, use RootDomain
+ when calling Dns.primary. (API change)
+ * Dns primary and secondary properties are now revertable.
+ * When unattendedUpgrades is enabled on an Unstable or Testing system,
+ configure it to allow the upgrades.
+ * New website, https://propellor.branchable.com/
+
+ -- Joey Hess <joeyh@debian.org> Sat, 19 Apr 2014 17:38:02 -0400
+
+propellor (0.4.0) unstable; urgency=medium
+
+ * Propellor can configure primary DNS servers, including generating
+ zone files, which is done by looking at the properties of hosts
+ in a domain.
+ * The `cname` property was renamed to `alias` as it does not always
+ generate CNAME in the DNS. (API change)
+ * Constructor of Property has changed (use `property` function instead).
+ (API change)
+ * All Property combinators now combine together their Attr settings.
+ So Attr settings can be made inside a propertyList, for example.
+ * Run all cron jobs under chronic from moreutils to avoid unnecessary
+ mails.
+
+ -- Joey Hess <joeyh@debian.org> Sat, 19 Apr 2014 02:09:56 -0400
+
+propellor (0.3.1) unstable; urgency=medium
+
+ * Merge scheduler bug fix from git-annex.
+ * Support for provisioning hosts with ssh and gpg keys.
+ * Obnam support.
+ * Apache support.
+ * Postfix satellite system support.
+ * Properties can now be satisfied differently on different operating
+ systems.
+ * Standard apt configuration for stable now includes backports.
+ * Cron jobs generated by propellor use flock(1) to avoid multiple
+ instances running at a time.
+ * Add support for SSH ed25519 keys.
+ (Thanks, Franz Pletz.)
+
+ -- Joey Hess <joeyh@debian.org> Thu, 17 Apr 2014 20:07:33 -0400
+
+propellor (0.3.0) unstable; urgency=medium
+
+ * ipv6to4: Ensure interface is brought up automatically on boot.
+ * Enabling unattended upgrades now ensures that cron is installed and
+ running to perform them.
+ * Properties can be scheduled to only be checked after a given time period.
+ * Fix bootstrapping of dependencies.
+ * Fix compilation on Debian stable.
+ * Include security updates in sources.list for stable and testing.
+ * Use ssh connection caching, especially when bootstrapping.
+ * Properties now run in a Propellor monad, which provides access to
+ attributes of the host. (API change)
+
+ -- Joey Hess <joeyh@debian.org> Fri, 11 Apr 2014 01:19:05 -0400
+
+propellor (0.2.3) unstable; urgency=medium
+
+ * docker: Fix laziness bug that caused running containers to be
+ unnecessarily stopped and committed.
+ * Add locking so only one propellor can run at a time on a host.
+ * docker: When running as effective init inside container, wait on zombies.
+ * docker: Added support for configuring shared volumes and linked
+ containers.
+
+ -- Joey Hess <joeyh@debian.org> Tue, 08 Apr 2014 02:07:37 -0400
+
+propellor (0.2.2) unstable; urgency=medium
+
+ * Now supports provisioning docker containers with architecture/libraries
+ that do not match the host.
+ * Fixed a bug that caused file modes to be set to 600 when propellor
+ modified the file (did not affect newly created files).
+
+ -- Joey Hess <joeyh@debian.org> Fri, 04 Apr 2014 01:07:32 -0400
+
+propellor (0.2.1) unstable; urgency=medium
+
+ * First release with Debian package.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 03 Apr 2014 01:43:14 -0400
+
+propellor (0.2.0) unstable; urgency=low
+
+ * Added support for provisioning Docker containers.
+ * Bootstrap deployment now pushes the git repo to the remote host
+ over ssh, securely.
+ * propellor --add-key configures a gpg key, and makes propellor refuse
+ to pull commits from git repositories not signed with that key.
+ This allows propellor to be securely used with public, non-encrypted
+ git repositories without the possibility of MITM.
+ * Added support for type-safe reversions. Only some properties can be
+ reverted; the type checker will tell you if you try something that won't
+ work.
+ * New syntactic sugar for building a list of properties, including
+ revertable properties.
+
+ -- Joey Hess <joeyh@debian.org> Wed, 02 Apr 2014 13:57:42 -0400