summaryrefslogtreecommitdiff
path: root/config-joey.hs
diff options
context:
space:
mode:
Diffstat (limited to 'config-joey.hs')
-rw-r--r--config-joey.hs85
1 files changed, 49 insertions, 36 deletions
diff --git a/config-joey.hs b/config-joey.hs
index 73c9687b..dec2701b 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -76,7 +76,6 @@ darkstar = host "darkstar.kitenet.net"
& ipv6 "2001:4830:1600:187::2" -- sixxs tunnel
& Apt.buildDep ["git-annex"] `period` Daily
- & Docker.configured
& JoeySites.postfixClientRelay (Context "darkstar.kitenet.net")
& JoeySites.dkimMilter
@@ -84,7 +83,6 @@ darkstar = host "darkstar.kitenet.net"
gnu :: Host
gnu = host "gnu.kitenet.net"
& Apt.buildDep ["git-annex"] `period` Daily
- & Docker.configured
& JoeySites.postfixClientRelay (Context "gnu.kitenet.net")
& JoeySites.dkimMilter
@@ -98,18 +96,18 @@ clam = standardSystem "clam.kitenet.net" Unstable "amd64"
& Ssh.randomHostKeys
& Apt.unattendedUpgrades
& Network.ipv6to4
+
& Tor.isRelay
& Tor.named "kite1"
& Tor.bandwidthRate (Tor.PerMonth "400 GB")
- & Docker.configured
- & Docker.garbageCollected `period` Daily
- & Docker.docked webserver
+ & Systemd.nspawned webserver
& File.dirExists "/var/www/html"
- & File.notPresent "/var/www/html/index.html"
- & "/var/www/index.html" `File.hasContent` ["hello, world"]
+ & File.notPresent "/var/www/index.html"
+ & "/var/www/html/index.html" `File.hasContent` ["hello, world"]
& alias "helloworld.kitenet.net"
- & Docker.docked oldusenetShellBox
+
+ & Systemd.nspawned oldusenetShellBox
& JoeySites.scrollBox
& alias "scroll.joeyh.name"
@@ -133,9 +131,11 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64"
& Apt.serviceInstalledRunning "ntp"
& Systemd.persistentJournal
- & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer
+ & Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+ GitAnnexBuilder.standardAutoBuilder
(System (Debian Testing) "amd64") fifteenpast "2h")
- & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer
+ & Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+ GitAnnexBuilder.standardAutoBuilder
(System (Debian Testing) "i386") fifteenpast "2h")
& Systemd.nspawned (GitAnnexBuilder.androidAutoBuilderContainer
(Cron.Times "1 1 * * *") "3h")
@@ -151,15 +151,20 @@ honeybee = standardSystem "honeybee.kitenet.net" Testing "armhf"
-- (Also, system is not currently running a stock kernel,
-- although it should be able to.)
& Postfix.satellite
- & Apt.serviceInstalledRunning "ntp"
& Apt.serviceInstalledRunning "aiccu"
+ & Apt.serviceInstalledRunning "swapspace"
+ & Apt.serviceInstalledRunning "ntp"
-- Not using systemd-nspawn because it's broken (kernel issue?)
- -- & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer
- -- osver Cron.Daily "22h")
+ -- & Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+ -- GitAnnexBuilder.armAutoBuilder
+ -- builderos Cron.Daily "22h")
& Chroot.provisioned
(Chroot.debootstrapped builderos mempty "/var/lib/container/armel-git-annex-builder"
- & GitAnnexBuilder.standardAutoBuilder builderos Cron.Daily "22h")
+ & "/etc/timezone" `File.hasContent` ["America/New_York"]
+ & GitAnnexBuilder.armAutoBuilder
+ builderos (Cron.Times "1 1 * * *") "12h"
+ )
where
-- Using unstable to get new enough ghc for TH on arm.
builderos = System (Debian Unstable) "armel"
@@ -247,9 +252,6 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
, "zsh"
]
- & Docker.configured
- & Docker.garbageCollected `period` Daily
-
& alias "nntp.olduse.net"
& JoeySites.oldUseNetServer hosts
@@ -306,13 +308,14 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
& myDnsSecondary
& Docker.configured
- & Docker.docked oldusenetShellBox
& Docker.docked openidProvider
`requires` Apt.serviceInstalledRunning "ntp"
& Docker.docked ancientKitenet
& Docker.docked jerryPlay
& Docker.garbageCollected `period` (Weekly (Just 1))
+ & Systemd.nspawned oldusenetShellBox
+
& JoeySites.scrollBox
& alias "scroll.joeyh.name"
& alias "eu.scroll.joeyh.name"
@@ -320,7 +323,7 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
-- For https port 443, shellinabox with ssh login to
-- kitenet.net
& alias "shell.kitenet.net"
- & Docker.docked kiteShellBox
+ & Systemd.nspawned kiteShellBox
-- Nothing is using http port 80, so listen on
-- that port for ssh, for traveling on bad networks that
-- block 22.
@@ -397,22 +400,21 @@ iabak = host "iabak.archiveteam.org"
--' __|II| ,.
---- __|II|II|__ ( \_,/\
--'-------'\o/-'-.-'-.-'-.- __|II|II|II|II|___/ __/ -'-.-'-.-'-.-'-.-'-.-'-
--------------------------- | [Docker] / --------------------------
+-------------------------- | [Containers] / --------------------------
-------------------------- : / ---------------------------
--------------------------- \____, o ,' ----------------------------
---------------------------- '--,___________,' -----------------------------
-- Simple web server, publishing the outside host's /var/www
-webserver :: Docker.Container
+webserver :: Systemd.Container
webserver = standardStableContainer "webserver"
- & Docker.publish "80:80"
- & Docker.volume "/var/www:/var/www"
+ & Systemd.bind "/var/www"
& Apt.serviceInstalledRunning "apache2"
-- My own openid provider. Uses php, so containerized for security
-- and administrative sanity.
openidProvider :: Docker.Container
-openidProvider = standardStableContainer "openid-provider"
+openidProvider = standardStableDockerContainer "openid-provider"
& alias "openid.kitenet.net"
& Docker.publish "8081:80"
& OpenId.providerFor [User "joey", User "liw"]
@@ -420,32 +422,30 @@ openidProvider = standardStableContainer "openid-provider"
-- Exhibit: kite's 90's website.
ancientKitenet :: Docker.Container
-ancientKitenet = standardStableContainer "ancient-kitenet"
+ancientKitenet = standardStableDockerContainer "ancient-kitenet"
& alias "ancient.kitenet.net"
& Docker.publish "1994:80"
& Apt.serviceInstalledRunning "apache2"
- & Git.cloned (User "root") "git://kitenet-net.branchable.com/" "/var/www"
+ & Git.cloned (User "root") "git://kitenet-net.branchable.com/" "/var/www/html"
(Just "remotes/origin/old-kitenet.net")
-oldusenetShellBox :: Docker.Container
+oldusenetShellBox :: Systemd.Container
oldusenetShellBox = standardStableContainer "oldusenet-shellbox"
& alias "shell.olduse.net"
- & Docker.publish "4200:4200"
& JoeySites.oldUseNetShellBox
jerryPlay :: Docker.Container
-jerryPlay = standardContainer "jerryplay" Unstable "amd64"
+jerryPlay = standardDockerContainer "jerryplay" Unstable "amd64"
& alias "jerryplay.kitenet.net"
& Docker.publish "2202:22"
& Docker.publish "8001:80"
& Apt.installed ["ssh"]
& User.hasSomePassword (User "root")
& Ssh.permitRootLogin True
-
-kiteShellBox :: Docker.Container
+
+kiteShellBox :: Systemd.Container
kiteShellBox = standardStableContainer "kiteshellbox"
& JoeySites.kiteShellBox
- & Docker.publish "443:443"
type Motd = [String]
@@ -476,12 +476,25 @@ standardSystemUnhardened hn suite arch motd = host hn
& Apt.removed ["exim4", "exim4-daemon-light", "exim4-config", "exim4-base"]
`onChange` Apt.autoRemove
-standardStableContainer :: Docker.ContainerName -> Docker.Container
+-- This is my standard container setup, Featuring automatic upgrades.
+standardContainer :: Systemd.MachineName -> DebianSuite -> Architecture -> Systemd.Container
+standardContainer name suite arch = Systemd.container name chroot
+ & os system
+ & Apt.stdSourcesList `onChange` Apt.upgrade
+ & Apt.unattendedUpgrades
+ & Apt.cacheCleaned
+ where
+ system = System (Debian suite) arch
+ chroot = Chroot.debootstrapped system mempty
+
+standardStableContainer :: Systemd.MachineName -> Systemd.Container
standardStableContainer name = standardContainer name (Stable "jessie") "amd64"
--- This is my standard container setup, Featuring automatic upgrades.
-standardContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Docker.Container
-standardContainer name suite arch = Docker.container name (dockerImage system)
+standardStableDockerContainer :: Docker.ContainerName -> Docker.Container
+standardStableDockerContainer name = standardDockerContainer name (Stable "jessie") "amd64"
+
+standardDockerContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Docker.Container
+standardDockerContainer name suite arch = Docker.container name (dockerImage system)
& os system
& Apt.stdSourcesList `onChange` Apt.upgrade
& Apt.unattendedUpgrades