summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/OpenId.hs
diff options
context:
space:
mode:
Diffstat (limited to 'src/Propellor/Property/OpenId.hs')
-rw-r--r--src/Propellor/Property/OpenId.hs38
1 files changed, 29 insertions, 9 deletions
diff --git a/src/Propellor/Property/OpenId.hs b/src/Propellor/Property/OpenId.hs
index 1f6f2559..ae437518 100644
--- a/src/Propellor/Property/OpenId.hs
+++ b/src/Propellor/Property/OpenId.hs
@@ -1,21 +1,34 @@
module Propellor.Property.OpenId where
-import Propellor
+import Propellor.Base
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
-import qualified Propellor.Property.Service as Service
+import qualified Propellor.Property.Apache as Apache
import Data.List
-providerFor :: [User] -> String -> Property HasInfo
-providerFor users baseurl = propertyList desc $ map toProp
- [ Apt.serviceInstalledRunning "apache2"
- , Apt.installed ["simpleid"]
- `onChange` Service.restarted "apache2"
- , File.fileProperty (desc ++ " configured")
+-- | Openid provider, using the simpleid PHP CGI, with apache.
+--
+-- Runs on usual port by default. When a nonstandard port is specified,
+-- apache is limited to listening only on that port. Warning: Specifying
+-- a port won't compose well with other apache properties on the same
+-- host.
+--
+-- It's probably a good idea to put this property inside a docker or
+-- systemd-nspawn container.
+providerFor :: [User] -> HostName -> Maybe Port -> Property HasInfo
+providerFor users hn mp = propertyList desc $ props
+ & Apt.serviceInstalledRunning "apache2"
+ & apacheconfigured
+ & Apt.installed ["simpleid"]
+ `onChange` Apache.restarted
+ & File.fileProperty (desc ++ " configured")
(map setbaseurl) "/etc/simpleid/config.inc"
- ] ++ map identfile users
+ & propertyList desc (map identfile users)
where
+ baseurl = hn ++ case mp of
+ Nothing -> ""
+ Just (Port p) -> show p
url = "http://"++baseurl++"/simpleid"
desc = "openid provider " ++ url
setbaseurl l
@@ -23,6 +36,13 @@ providerFor users baseurl = propertyList desc $ map toProp
"define('SIMPLEID_BASE_URL', '"++url++"');"
| otherwise = l
+ apacheconfigured = case mp of
+ Nothing -> toProp $
+ Apache.virtualHost hn (Port 80) "/var/www/html"
+ Just p -> propertyList desc $ props
+ & Apache.listenPorts [p]
+ & Apache.virtualHost hn p "/var/www/html"
+
-- the identities directory controls access, so open up
-- file mode
identfile (User u) = File.hasPrivContentExposed