summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/SiteSpecific
diff options
context:
space:
mode:
Diffstat (limited to 'src/Propellor/Property/SiteSpecific')
-rw-r--r--src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs131
-rw-r--r--src/Propellor/Property/SiteSpecific/GitHome.hs1
-rw-r--r--src/Propellor/Property/SiteSpecific/IABak.hs7
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs8
4 files changed, 57 insertions, 90 deletions
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 511fd888..7f893431 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -6,9 +6,9 @@ import Propellor
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.User as User
import qualified Propellor.Property.Cron as Cron
-import qualified Propellor.Property.Ssh as Ssh
import qualified Propellor.Property.File as File
-import qualified Propellor.Property.Docker as Docker
+import qualified Propellor.Property.Systemd as Systemd
+import qualified Propellor.Property.Chroot as Chroot
import Propellor.Property.Cron (Times)
builduser :: UserName
@@ -48,8 +48,6 @@ autobuilder arch crontimes timeout = combineProperties "gitannexbuilder" $ props
tree :: Architecture -> Property HasInfo
tree buildarch = combineProperties "gitannexbuilder tree" $ props
& Apt.installed ["git"]
- -- gitbuilderdir directory already exists when docker volume is used,
- -- but with wrong owner.
& File.dirExists gitbuilderdir
& File.ownerGroup gitbuilderdir (User builduser) (Group builduser)
& gitannexbuildercloned
@@ -69,7 +67,6 @@ tree buildarch = combineProperties "gitannexbuilder tree" $ props
buildDepsApt :: Property HasInfo
buildDepsApt = combineProperties "gitannexbuilder build deps" $ props
& Apt.buildDep ["git-annex"]
- & Apt.installed ["liblockfile-simple-perl"]
& buildDepsNoHaskellLibs
& Apt.buildDepIn builddir
`describe` "git-annex source build deps installed"
@@ -84,6 +81,13 @@ buildDepsNoHaskellLibs = Apt.installed
"alex", "happy", "c2hs"
]
+haskellPkgsInstalled :: String -> Property NoInfo
+haskellPkgsInstalled dir = flagFile go ("/haskellpkgsinstalled")
+ where
+ go = userScriptProperty (User builduser)
+ [ "cd " ++ builddir ++ " && ./standalone/" ++ dir ++ "/install-haskell-packages"
+ ]
+
-- Installs current versions of git-annex's deps from cabal, but only
-- does so once.
cabalDeps :: Property NoInfo
@@ -92,46 +96,60 @@ cabalDeps = flagFile go cabalupdated
go = userScriptProperty (User builduser) ["cabal update && cabal install git-annex --only-dependencies || true"]
cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
-standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Docker.Container
-standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.container (arch ++ "-git-annex-builder")
- (dockerImage $ System (Debian Testing) arch)
- & os (System (Debian Testing) arch)
- & Apt.stdSourcesList
- & Apt.installed ["systemd"]
- & Apt.unattendedUpgrades
- & User.accountFor (User builduser)
- & tree arch
- & buildDepsApt
- & autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout
- & Docker.tweaked
-
-androidAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container
-androidAutoBuilderContainer dockerImage crontimes timeout =
- androidContainer dockerImage "android-git-annex-builder" (tree "android") builddir
+autoBuilderContainer :: (System -> Property HasInfo) -> System -> Times -> TimeOut -> Systemd.Container
+autoBuilderContainer mkprop osver@(System _ arch) crontime timeout =
+ Systemd.container name bootstrap
+ & mkprop osver
+ & buildDepsApt
+ & autobuilder arch crontime timeout
+ where
+ name = arch ++ "-git-annex-builder"
+ bootstrap = Chroot.debootstrapped osver mempty
+
+standardAutoBuilder :: System -> Property HasInfo
+standardAutoBuilder osver@(System _ arch) =
+ propertyList "standard git-annex autobuilder" $ props
+ & os osver
+ & Apt.stdSourcesList
+ & Apt.unattendedUpgrades
+ & User.accountFor (User builduser)
+ & tree arch
+
+armAutoBuilder :: System -> Times -> TimeOut -> Property HasInfo
+armAutoBuilder osver@(System _ arch) crontime timeout =
+ propertyList "arm git-annex autobuilder" $ props
+ & standardAutoBuilder osver
+ & buildDepsNoHaskellLibs
+ -- Works around ghc crash with parallel builds on arm.
+ & (homedir </> ".cabal" </> "config")
+ `File.lacksLine` "jobs: $ncpus"
+ -- Install patched haskell packages for portability to
+ -- arm NAS's using old kernel versions.
+ & haskellPkgsInstalled "linux"
+ & autobuilder arch crontime timeout
+
+androidAutoBuilderContainer :: Times -> TimeOut -> Systemd.Container
+androidAutoBuilderContainer crontimes timeout =
+ androidContainer "android-git-annex-builder" (tree "android") builddir
& Apt.unattendedUpgrades
& autobuilder "android" crontimes timeout
-- Android is cross-built in a Debian i386 container, using the Android NDK.
androidContainer
:: (IsProp (Property (CInfo NoInfo i)), (Combines (Property NoInfo) (Property i)))
- => (System -> Docker.Image)
- -> Docker.ContainerName
+ => Systemd.MachineName
-> Property i
-> FilePath
- -> Docker.Container
-androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.container name
- (dockerImage osver)
+ -> Systemd.Container
+androidContainer name setupgitannexdir gitannexdir = Systemd.container name bootstrap
& os osver
& Apt.stdSourcesList
- & Apt.installed ["systemd"]
- & Docker.tweaked
& User.accountFor (User builduser)
& File.dirExists gitbuilderdir
& File.ownerGroup homedir (User builduser) (Group builduser)
- & buildDepsApt
& flagFile chrootsetup ("/chrootsetup")
`requires` setupgitannexdir
- & flagFile haskellpkgsinstalled ("/haskellpkgsinstalled")
+ & haskellPkgsInstalled "android"
where
-- Use git-annex's android chroot setup script, which will install
-- ghc-android and the NDK, all build deps, etc, in the home
@@ -139,54 +157,5 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe
chrootsetup = scriptProperty
[ "cd " ++ gitannexdir ++ " && ./standalone/android/buildchroot-inchroot"
]
- haskellpkgsinstalled = userScriptProperty (User builduser)
- [ "cd " ++ gitannexdir ++ " && ./standalone/android/install-haskell-packages"
- ]
- osver = System (Debian Testing) "i386"
-
--- armel builder has a companion container using amd64 that
--- runs the build first to get TH splices. They need
--- to have the same versions of all haskell libraries installed.
-armelCompanionContainer :: (System -> Docker.Image) -> Docker.Container
-armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-companion"
- (dockerImage $ System (Debian Unstable) "amd64")
- & os (System (Debian Testing) "amd64")
- & Apt.stdSourcesList
- & Apt.installed ["systemd"]
- -- This volume is shared with the armel builder.
- & Docker.volume gitbuilderdir
- & User.accountFor (User builduser)
- -- Install current versions of build deps from cabal.
- & tree "armel"
- & buildDepsNoHaskellLibs
- & cabalDeps
- -- The armel builder can ssh to this companion.
- & Docker.expose "22"
- & Apt.serviceInstalledRunning "ssh"
- & Ssh.authorizedKeys (User builduser) (Context "armel-git-annex-builder")
- & Docker.tweaked
-
-armelAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container
-armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "armel-git-annex-builder"
- (dockerImage $ System (Debian Unstable) "armel")
- & os (System (Debian Testing) "armel")
- & Apt.stdSourcesList
- & Apt.installed ["systemd"]
- & Apt.installed ["openssh-client"]
- & Docker.link "armel-git-annex-builder-companion" "companion"
- & Docker.volumes_from "armel-git-annex-builder-companion"
- & User.accountFor (User builduser)
- -- TODO: automate installing haskell libs
- -- (Currently have to run
- -- git-annex/standalone/linux/install-haskell-packages
- -- which is not fully automated.)
- & buildDepsNoHaskellLibs
- & autobuilder "armel" crontimes timeout
- `requires` tree "armel"
- & Ssh.keyImported SshRsa (User builduser) (Context "armel-git-annex-builder")
- & trivial writecompanionaddress
- & Docker.tweaked
- where
- writecompanionaddress = scriptProperty
- [ "echo \"$COMPANION_PORT_22_TCP_ADDR\" > " ++ homedir </> "companion_address"
- ] `describe` "companion_address file"
+ osver = System (Debian (Stable "jessie")) "i386"
+ bootstrap = Chroot.debootstrapped osver mempty
diff --git a/src/Propellor/Property/SiteSpecific/GitHome.hs b/src/Propellor/Property/SiteSpecific/GitHome.hs
index d6dce7c0..40f2ecd8 100644
--- a/src/Propellor/Property/SiteSpecific/GitHome.hs
+++ b/src/Propellor/Property/SiteSpecific/GitHome.hs
@@ -3,7 +3,6 @@ module Propellor.Property.SiteSpecific.GitHome where
import Propellor
import qualified Propellor.Property.Apt as Apt
import Propellor.Property.User
-import Utility.SafeCommand
-- | Clones Joey Hess's git home directory, and runs its fixups script.
installedFor :: User -> Property NoInfo
diff --git a/src/Propellor/Property/SiteSpecific/IABak.hs b/src/Propellor/Property/SiteSpecific/IABak.hs
index 4ddc6380..8ed3b38f 100644
--- a/src/Propellor/Property/SiteSpecific/IABak.hs
+++ b/src/Propellor/Property/SiteSpecific/IABak.hs
@@ -35,7 +35,7 @@ gitServer knownhosts = propertyList "iabak git server" $ props
& Cron.niceJob "shardstats" (Cron.Times "*/30 * * * *") (User "root") "/"
"/usr/local/IA.BAK/shardstats-all"
& Cron.niceJob "shardmaint" Cron.Daily (User "root") "/"
- "/usr/local/IA.BAK/shardmaint"
+ "/usr/local/IA.BAK/shardmaint-fast; /usr/local/IA.BAK/shardmaint"
registrationServer :: [Host] -> Property HasInfo
registrationServer knownhosts = propertyList "iabak registration server" $ props
@@ -64,14 +64,13 @@ graphiteServer = propertyList "iabak graphite server" $ props
, "pattern = ^carbon\\."
, "retentions = 60:90d"
, "[iabak-connections]"
- , "pattern = ^iabak\.shardstats\.connections"
+ , "pattern = ^iabak\\.shardstats\\.connections"
, "retentions = 1h:1y,3h:10y"
- , "[iabak]"
+ , "[iabak-default]"
, "pattern = ^iabak\\."
, "retentions = 10m:30d,1h:1y,3h:10y"
, "[default_1min_for_1day]"
, "pattern = .*"
- , "retentions = 60s:1d"
]
& graphiteCSRF
& cmdProperty "graphite-manage" ["syncdb", "--noinput"] `flagFile` "/etc/flagFiles/graphite-syncdb"
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 36808919..b6524f69 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -15,7 +15,6 @@ import qualified Propellor.Property.User as User
import qualified Propellor.Property.Obnam as Obnam
import qualified Propellor.Property.Apache as Apache
import qualified Propellor.Property.Postfix as Postfix
-import Utility.SafeCommand
import Utility.FileMode
import Data.List
@@ -30,7 +29,6 @@ scrollBox = propertyList "scroll server" $ props
"libghc-bytestring-dev", "libghc-mtl-dev", "libghc-ncurses-dev",
"libghc-random-dev", "libghc-monad-loops-dev", "libghc-text-dev",
"libghc-ifelse-dev", "libghc-case-insensitive-dev",
- "libghc-transformers-dev",
"libghc-data-default-dev", "libghc-optparse-applicative-dev"]
& userScriptProperty (User "scroll")
[ "cd " ++ d </> "scroll"
@@ -389,7 +387,7 @@ twitRss = combineProperties "twitter rss" $ props
-- Work around for expired ssl cert.
pumpRss :: Property NoInfo
pumpRss = Cron.job "pump rss" (Cron.Times "15 * * * *") (User "joey") "/srv/web/tmp.kitenet.net/"
- "wget https://pump2rss.com/feed/joeyh@identi.ca.atom -O pump.atom.new --no-check-certificate 2>/dev/null; sed 's/ & / /g' pump.atom.new > pump.atom"
+ "wget https://rss.io.jpope.org/feed/joeyh@identi.ca.atom -O pump.atom.new --no-check-certificate 2>/dev/null; sed 's/ & / /g' pump.atom.new > pump.atom"
ircBouncer :: Property HasInfo
ircBouncer = propertyList "IRC bouncer" $ props
@@ -407,7 +405,7 @@ ircBouncer = propertyList "IRC bouncer" $ props
kiteShellBox :: Property NoInfo
kiteShellBox = propertyList "kitenet.net shellinabox"
- [ Apt.installed ["openssl", "shellinabox"]
+ [ Apt.installed ["openssl", "shellinabox", "openssh-client"]
, File.hasContent "/etc/default/shellinabox"
[ "# Deployed by propellor"
, "SHELLINABOX_DAEMON_START=1"
@@ -861,6 +859,8 @@ legacyWebSites = propertyList "legacy web sites" $ props
, " AllowOverride None"
, Apache.allowAll
, "</Directory>"
+ , "RewriteEngine On"
+ , "RewriteRule .* http://www.sowsearpoetry.org/ [L]"
]
& alias "wortroot.kitenet.net"
& alias "www.wortroot.kitenet.net"