summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/README.mdwn12
-rw-r--r--doc/comments.mdwn9
-rw-r--r--doc/forum/remote.origin_not_copied_to_managed_host__63__.mdwn95
-rw-r--r--doc/forum/remote.origin_not_copied_to_managed_host__63__/comment_1_e9e7e5e728ec23fd6025203a1aa0596b._comment25
-rw-r--r--doc/news/version_0.5.0.mdwn8
-rw-r--r--doc/news/version_0.5.1.mdwn8
-rw-r--r--doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment10
-rw-r--r--doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment10
-rw-r--r--doc/todo/ssh__95__user_+_sudo.mdwn1
-rw-r--r--doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment10
-rw-r--r--doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment8
-rw-r--r--doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment10
12 files changed, 200 insertions, 6 deletions
diff --git a/doc/README.mdwn b/doc/README.mdwn
index 3e6d3650..d809a760 100644
--- a/doc/README.mdwn
+++ b/doc/README.mdwn
@@ -12,17 +12,17 @@ Properties are defined using Haskell. Edit `~/.propellor/config.hs`
to get started. There is fairly complete
[API documentation](http://hackage.haskell.org/package/propellor/),
which includes many built-in Properties for dealing with
-[Apt](http://hackage.haskell.org/package/propellor-0.4.0/docs/Propellor-Property-Apt.html)
+[Apt](http://hackage.haskell.org/package/propellor/docs/Propellor-Property-Apt.html)
and
-[Apache](http://hackage.haskell.org/package/propellor-0.4.0/docs/Propellor-Property-Apache.html)
+[Apache](http://hackage.haskell.org/package/propellor/docs/Propellor-Property-Apache.html)
,
-[Cron](http://hackage.haskell.org/package/propellor-0.4.0/docs/Propellor-Property-Cron.html)
+[Cron](http://hackage.haskell.org/package/propellor/docs/Propellor-Property-Cron.html)
and
-[Commands](http://hackage.haskell.org/package/propellor-0.4.0/docs/Propellor-Property-Cmd.html)
+[Commands](http://hackage.haskell.org/package/propellor/docs/Propellor-Property-Cmd.html)
,
-[Dns](http://hackage.haskell.org/package/propellor-0.4.0/docs/Propellor-Property-Dns.html)
+[Dns](http://hackage.haskell.org/package/propellor/docs/Propellor-Property-Dns.html)
and
-[Docker](http://hackage.haskell.org/package/propellor-0.4.0/docs/Propellor-Property-Docker.html), etc.
+[Docker](http://hackage.haskell.org/package/propellor/docs/Propellor-Property-Docker.html), etc.
There is no special language as used in puppet, chef, ansible, etc.. just
the full power of Haskell. Hopefully that power can be put to good use in
diff --git a/doc/comments.mdwn b/doc/comments.mdwn
new file mode 100644
index 00000000..e19962b9
--- /dev/null
+++ b/doc/comments.mdwn
@@ -0,0 +1,9 @@
+[[!sidebar content="""
+[[!inline pages="comment_pending(*)" feedfile=pendingmoderation
+description="comments pending moderation" show=-1]]
+Comments in the [[!commentmoderation desc="moderation queue"]]:
+[[!pagecount pages="comment_pending(*)"]]
+"""]]
+
+Recent comments posted to this site:
+[[!inline pages="comment(*)" template="comment"]]
diff --git a/doc/forum/remote.origin_not_copied_to_managed_host__63__.mdwn b/doc/forum/remote.origin_not_copied_to_managed_host__63__.mdwn
new file mode 100644
index 00000000..6efdbae8
--- /dev/null
+++ b/doc/forum/remote.origin_not_copied_to_managed_host__63__.mdwn
@@ -0,0 +1,95 @@
+The only remote which seems to be copied to /root/.propellor/.git/config is upstream... My /home/user/.propellor/.git/config contains a "origin" remote, but this part (as well as the master branch part) of my git config is not copied to the /root/.propellor/.git/config of a host I'm trying to manage...
+
+propellor fails with the following message:
+
+ user@laptop:~$ PROPELLOR_DEBUG=1 propellor --spin laptop.localdomain
+ if ! cabal build; then cabal configure; cabal build; fi
+ Building propellor-0.5.0...
+ Preprocessing library propellor-0.5.0...
+ In-place registering propellor-0.5.0...
+ Preprocessing executable 'propellor' for propellor-0.5.0...
+ Preprocessing executable 'config' for propellor-0.5.0...
+ ln -sf dist/build/config/config propellor
+
+
+ [2014-04-21 18:07:45 CEST] command line: Spin "laptop.localdomain"
+ [2014-04-21 18:07:45 CEST] call: make ["build"]
+ if ! cabal build; then cabal configure; cabal build; fi
+ Building propellor-0.5.0...
+ Preprocessing library propellor-0.5.0...
+ In-place registering propellor-0.5.0...
+ Preprocessing executable 'propellor' for propellor-0.5.0...
+ Preprocessing executable 'config' for propellor-0.5.0...
+ ln -sf dist/build/config/config propellor
+ Propellor build ... done
+ [2014-04-21 18:07:48 CEST] read: git ["config","remote.deploy.url"]
+ [2014-04-21 18:07:48 CEST] read: git ["config","remote.origin.url"]
+ [2014-04-21 18:07:48 CEST] call: git ["commit","--gpg-sign","--allow-empty","-a","-m","propellor spin"]
+
+ You need a passphrase to unlock the secret key for
+ ...
+
+ [master ee393d6] propellor spin
+ [2014-04-21 18:07:48 CEST] call: git ["push"]
+ Counting objects: 1, done.
+ Writing objects: 100% (1/1), 852 bytes | 0 bytes/s, done.
+ Total 1 (delta 0), reused 0 (delta 0)
+ To git@remote-origin:propellor.git
+ 16a1f8b..ee393d6 master -> master
+ [2014-04-21 18:08:21 CEST] chat: ssh ["-o","ControlPath=/home/user/.ssh/propellor/laptop.localdomain.sock","-o","ControlMaster=auto","-o","ControlPersist=yes","root@laptop.localdomain","sh -c 'if [ ! -d /usr/local/propellor ] ; then apt-get --no-install-recommends --no-upgrade -y install git make && echo STATUSNeedGitClone ; else cd /usr/local/propellor && if ! test -x ./propellor; then make deps build; fi && ./propellor --boot laptop.localdomain ; fi'"]
+ Initialized empty Git repository in /root/.propellor/.git/
+ warning: no common commits
+ From https://github.com/joeyh/propellor
+ * [new branch] joeyconfig -> upstream/joeyconfig
+ * [new branch] master -> upstream/master
+ * [new branch] setup -> upstream/setup
+ * [new tag] 0.1 -> 0.1
+ * [new tag] 0.1.1 -> 0.1.1
+ * [new tag] 0.1.2 -> 0.1.2
+ * [new tag] 0.2.0 -> 0.2.0
+ * [new tag] 0.2.1 -> 0.2.1
+ * [new tag] 0.2.2 -> 0.2.2
+ * [new tag] 0.2.3 -> 0.2.3
+ * [new tag] 0.3.0 -> 0.3.0
+ * [new tag] 0.3.1 -> 0.3.1
+ * [new tag] 0.4.0 -> 0.4.0
+ * [new tag] 0.5.0 -> 0.5.0
+ * [new tag] debian/0.3.1 -> debian/0.3.1
+ * [new tag] debian/0.4.0 -> debian/0.4.0
+ * [new tag] debian/0.5.0 -> debian/0.5.0
+ Merge made by the 'ours' strategy.
+ if [ "cabal" = ./Setup ]; then ghc --make Setup; fi
+ cabal configure
+ Warning: The package list for 'hackage.haskell.org' does not exist. Run 'cabal
+ update' to download it.
+ Resolving dependencies...
+ Configuring propellor-0.5.0...
+ if ! cabal build; then cabal configure; cabal build; fi
+ Building propellor-0.5.0...
+ Preprocessing executable 'propellor' for propellor-0.5.0...
+ [ 1 of 14] Compiling Utility.Env ( Utility/Env.hs, dist/build/propellor/propellor-tmp/Utility/Env.o )
+ ...
+ [14 of 14] Compiling Main ( propellor.hs, dist/build/propellor/propellor-tmp/Main.o )
+ Linking dist/build/propellor/propellor ...
+ Preprocessing library propellor-0.5.0...
+ [ 1 of 58] Compiling Utility.QuickCheck ( Utility/QuickCheck.hs, dist/build/Utility/QuickCheck.o )
+ ...
+ [58 of 58] Compiling Propellor.CmdLine ( Propellor/CmdLine.hs, dist/build/Propellor/CmdLine.o )
+ In-place registering propellor-0.5.0...
+ Preprocessing executable 'config' for propellor-0.5.0...
+ [ 1 of 44] Compiling Utility.QuickCheck ( Utility/QuickCheck.hs, dist/build/config/config-tmp/Utility/QuickCheck.o )
+ ...
+ [44 of 44] Compiling Main ( config.hs, dist/build/config/config-tmp/Main.o )
+ Linking dist/build/config/config ...
+ ln -sf dist/build/config/config propellor
+ fatal: No remote repository specified. Please, specify either a URL or a
+ remote name from which new revisions should be fetched.
+ Git fetch ... failed
+ merge: origin/master - not something we can merge
+ propellor: /usr/local/propellor/.lock: openFd: does not exist (No such file or directory)
+ Setting up your propellor repo in /root/.propellor
+
+
+
+ ** error: protocol error (perhaps the remote propellor failed to run?)
+ propellor: user error (ssh ["-o","ControlPath=/home/user/.ssh/propellor/laptop.localdomain.sock","-o","ControlMaster=auto","-o","ControlPersist=yes","root@laptop.localdomain","sh -c 'if [ ! -d /usr/local/propellor ] ; then apt-get --no-install-recommends --no-upgrade -y install git make && echo STATUSNeedGitClone ; else cd /usr/local/propellor && if ! test -x ./propellor; then make deps build; fi && ./propellor --boot laptop.localdomain ; fi'"] exited 1)
diff --git a/doc/forum/remote.origin_not_copied_to_managed_host__63__/comment_1_e9e7e5e728ec23fd6025203a1aa0596b._comment b/doc/forum/remote.origin_not_copied_to_managed_host__63__/comment_1_e9e7e5e728ec23fd6025203a1aa0596b._comment
new file mode 100644
index 00000000..df403694
--- /dev/null
+++ b/doc/forum/remote.origin_not_copied_to_managed_host__63__/comment_1_e9e7e5e728ec23fd6025203a1aa0596b._comment
@@ -0,0 +1,25 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.114"
+ subject="comment 1"
+ date="2014-04-24T17:47:41Z"
+ content="""
+I tried using propellor from scratch on a fresh system, and I cannot reproduce this problem.
+
+/root/.propellor should only be created if /usr/bin/propellor is run as root. A normal use of propellor does not run /usr/bin/propellor as root (and your commands don't show you doing that).
+
+This is the instant where something unexplained happens:
+
+<pre>
+[2014-04-21 18:08:21 CEST] chat: ssh [\"-o\",\"ControlPath=/home/user/.ssh/propellor/laptop.localdomain.sock\",\"-o\",\"ControlMaster=auto\",\"-o\",\"ControlPersist=yes\",\"root@laptop.localdomain\",\"sh -c 'if [ ! -d /usr/local/propellor ] ; then apt-get --no-install-recommends --no-upgrade -y install git make && echo STATUSNeedGitClone ; else cd /usr/local/propellor && if ! test -x ./propellor; then make deps build; fi && ./propellor --boot laptop.localdomain ; fi'\"]
+Initialized empty Git repository in /root/.propellor/.git/
+</pre>
+
+It ssh's in, and it apparently runs propellor. But apparently without running \"make deps build\" first, which is weird. (And as we see later, without /usr/local/propellor existing at all, which is weirder!)
+The ./propellor (in /usr/local/propellor) that it's supposed to run should be a symlink to dist/build/config/config, which is the program built from config.hs. It's not the same program as /usr/bin/propellor, which is a wrapper build from propellor.hs. However, it appears that in your case, when it sshed in, it ran /usr/bin/propellor, or something that behaves a lot like it..
+
+My guesses:
+
+1. Perhaps you modified the source tree in some strange way. (Doubtful)
+2. Perhaps you have some other configuration, eg a ssh authorized keys file for root with a forced command that runs /usr/bin/propellor. This will defeat propellor's own bootstrap code, and would exactly explain what you pasted.
+"""]]
diff --git a/doc/news/version_0.5.0.mdwn b/doc/news/version_0.5.0.mdwn
new file mode 100644
index 00000000..2d3e1470
--- /dev/null
+++ b/doc/news/version_0.5.0.mdwn
@@ -0,0 +1,8 @@
+propellor 0.5.0 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Removed root domain records from SOA. Instead, use RootDomain
+ when calling Dns.primary.
+ * Dns primary and secondary properties are now revertable.
+ * When unattendedUpgrades is enabled on an Unstable or Testing system,
+ configure it to allow the upgrades.
+ * New website, https://propellor.branchable.com/"""]] \ No newline at end of file
diff --git a/doc/news/version_0.5.1.mdwn b/doc/news/version_0.5.1.mdwn
new file mode 100644
index 00000000..c523ae60
--- /dev/null
+++ b/doc/news/version_0.5.1.mdwn
@@ -0,0 +1,8 @@
+propellor 0.5.1 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Primary DNS servers now have allow-transfer automatically populated
+ with the IP addresses of secondary dns servers. So, it's important
+ that all secondary DNS servers have an ipv4 (and/or ipv6) property
+ configured.
+ * Deal with old ssh connection caching sockets.
+ * Add missing build deps and deps. Closes: #[745459](http://bugs.debian.org/745459)"""]] \ No newline at end of file
diff --git a/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment b/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment
new file mode 100644
index 00000000..ff217423
--- /dev/null
+++ b/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="gueux"
+ ip="109.190.19.251"
+ subject="CMD"
+ date="2014-04-21T13:49:08Z"
+ content="""
+It would be great to be able to set the CMD of a docker container.
+
+http://docs.docker.io/reference/builder/#cmd
+"""]]
diff --git a/doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment b/doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment
new file mode 100644
index 00000000..24ec5da3
--- /dev/null
+++ b/doc/todo/docker_todo_list/comment_2_441591f9aa106e8d6d1fa7fd6be0fc6f._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.114"
+ subject="comment 2"
+ date="2014-04-24T23:31:09Z"
+ content="""
+propellor does not build docker containers, I think that's the point where a CMD is set.
+
+It would probably make sense to have a mode where docker run is not passed any explicit command to run, which would let the predefined CMD be used. Although this would not let propellor run inside the container, so it could not perform any provisioning of it. In this mode, propellor would only be able to ensure that a container was installed and start it running with its default configuration.
+"""]]
diff --git a/doc/todo/ssh__95__user_+_sudo.mdwn b/doc/todo/ssh__95__user_+_sudo.mdwn
new file mode 100644
index 00000000..2269cecd
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo.mdwn
@@ -0,0 +1 @@
+It would be great to be able to ssh to a user different from root, and then to use sudo to run commands.
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment
new file mode 100644
index 00000000..e0dc1d7f
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.214"
+ subject="comment 1"
+ date="2014-04-21T13:31:13Z"
+ content="""
+Running propellor that way would probably need ssh to allocate a tty in order for sudo's password prompt to work. And it adds complexity. Does it add security? I don't think so, PermitRootLogin=without-password or PasswordAuthentication=no is not going to let anyone brute force the root account.
+
+PermitRootLogin=forced-commands-only might be worth making easy to set up, so the only command that can be run with some special propellor-specific ssh key is propellor.
+"""]]
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment
new file mode 100644
index 00000000..8dc6299b
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="gueux"
+ ip="109.190.19.251"
+ subject="comment 2"
+ date="2014-04-21T13:54:39Z"
+ content="""
+I didn't knew \"PermitRootLogin=forced-commands-only\", it seems great!
+"""]]
diff --git a/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment b/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment
new file mode 100644
index 00000000..506b543a
--- /dev/null
+++ b/doc/todo/ssh__95__user_+_sudo/comment_3_d1e4040677b39342be00359210c02156._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="209.250.56.114"
+ subject="comment 3"
+ date="2014-04-24T22:17:31Z"
+ content="""
+Except that it led you to run into the failure mode described at [[forum/remote.origin_not_copied_to_managed_host?]]
+
+So now we have a concrete change to make: Make /usr/bin/propellor work if it's forced as the only command that can be run. Including making propellor's host bootstrapping work via it.
+"""]]