summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2018-05-03Update shim each time propellor is run in a container, to deal with library ↵Joey Hess
version changes. Surprised this didn't come up before, since propellor was run against progressively old versions of libraries when propelling eg, a chroot. It finally broke on an arm box, where libm got updated to a new version and propellor used a symbol from the new version. The comment says that propellor may be running from an existing shim in which case it's reused. That could be a nested chroot or other container, or perhaps propellor was deployed via a precompiled tarball which is built using a shim. The code used to use "checkAlreadyShimmed shim" which I don't see how it deals with either of those scenarios. Changed to "checkAlreadyShimmed propellorbin", which I think will deal with them, but I've not tested such scenarios. Added code to delete old versions of libraries out of the shim directory to avoid masses of old ones piling up over time. Property.Chroot sets up the shim directory and then bind mounts it into the chroot. To avoid deleting the source of a bind mount, made this only delete files in the shim directory, but not the shim directory itself.
2018-05-02changelogJoey Hess
2018-04-30Revert "Added dependency on concurrent-output; removed embedded copy."Joey Hess
This reverts commit 02eca2ae4cf51d8e83d94d8359e15ac053451109. This seems to have broken propellor badly, in testing I'm seeing it crash at the end of a run with "thread blocked indefinitely in an STM transaction" and also during the run it printed out some odd output like: apache2: apache2: dummy IN SSHFP 4 1 35df80973f5877e4041f1b70947385eb2f6a0822 dummy IN SSHFP 4 2 3a0bb426e76eebc5c56e3b0f1428aa9d18539e9621bf8f9e3b7f56a4e7d81c85 Which seems like it might be output of commands that propellor is supposed to be reading? Seems likely that there's a bug or two that have crept into then concurrent-output library since the version embedded in propellor.
2018-04-23stack.yaml: Updated to lts-9.21.Joey Hess
Also tested with lts-11.6 / ghc 8.2.2 and it does build, however the stack in debian stable (and even unstable currently) does not support that version's data.
2018-04-23Added dependency on concurrent-output; removed embedded copy.Joey Hess
Removed deps on transformers, text, stm. Updated debian/control and Propellor.Bootstrap accordingly. Sorted the lists of deps to make it easier to keep them in sync. This commit was sponsored by Nick Daly on Patreon.
2018-04-23semigroup monoid change fallout; drop ghc 7 supportJoey Hess
Fix build with ghc 8.4, which broke due to the Semigroup Monoid change. See https://prime.haskell.org/wiki/Libraries/Proposals/SemigroupMonoid Dropped support for building propellor with ghc 7 (as in debian oldstable), to avoid needing to depend on the semigroups transitional package, but also because it's just too old to be worth supporting. If we indeed drop ghc 7 support entirely, some code to support "jessie" can be removed; concurrent-output can be de-embedded, and the Singletons code can be simplified. This commit was sponsored by Jack Hill on Patreon.
2018-04-22releasing package propellor version 5.3.5Joey Hess
2018-04-22separate Hs-Source-Dirs for binariesJoey Hess
This is a trick I only just learned about, see https://stackoverflow.com/questions/6711151/how-to-avoid-recompiling-in-this-cabal-file#6711739 Significantly increased propellor build speed when your config.hs is in a fork of the propellor repository, by avoiding redundant builds of propellor library. Also avoids needing to list all the build deps 3 times. Also avoids cabal 2.x wanting every module to be listed 3 times. Note that the bulk of wrapper.hs had to move into the propellor library, since that code depended on stuff not exposed by the library. This commit was sponsored by Henrik Riomar on Patreon.
2018-04-18changelogJoey Hess
2018-03-21releasing package propellor version 5.3.4Joey Hess
2018-03-20Firewall: Reorder iptables parameters that are order dependant to make ↵Joey Hess
--to-dest and --to-source work. Thanks, Russell Sim
2018-03-01Apt.trustsKey: Use apt-key to add key rather than manually driving gpg, ↵Joey Hess
which seems to not work anymore. Thanks, Russell Sim.
2018-02-27typoJoey Hess
2018-02-26releasing package propellor version 5.3.3Joey Hess
2018-02-23Added Propllor.Property.Openssl module contributed by contributed by Félix ↵Joey Hess
Sipma.
2018-02-22Avoid crashing if initial fetch from origin fails when spinning a host.Joey Hess
2018-02-19Warn again about new upstream version when ~/.propellor was cloned from the ↵Joey Hess
Debian git bundle using an older version of propellor that set up an upstream remote. This commit was sponsored by Jake Vosloo on Patreon.
2018-02-18releasing package propellor version 5.3.2Joey Hess
2018-02-17changelogJoey Hess
2018-02-11add Propellor.Property.AtomicJoey Hess
Added Propellor.Property.Atomic, which can make a non-atomic property that operates on a directory into an atomic property. Also has a generic version that could be used for things other than directories that can be updated atomically. (Inspired by Vaibhav Sagar's talk on Functional Devops in a Dysfunctional World at LCA 2018.) This commit was sponsored by Fernando Jimenez on Patreon.
2018-02-11add Git.pulled propertyJoey Hess
This commit was sponsored by Nick Daly on Patreon.
2018-02-04releasing package propellor version 5.3.1Joey Hess
2018-02-04Last release mistakenly contained my personal branch not master.Joey Hess
* Last release mistakenly contained my personal branch not master. * contrib/post-merge-hook documentation updated to recommend also using it as a post-checkout hook, to avoid such problems.
2018-02-01releasing package propellor version 5.3.0Joey Hess
2018-02-01Merge branch 'joeyconfig'Joey Hess
2018-02-01Laptop: New module, starting with powertopAutoTuneOnBoot.Joey Hess
This commit was sponsored by Brock Spratlen on Patreon.
2018-02-01Grub: Added properties to configure /etc/default/grub.Joey Hess
This commit was sponsored by Ewen McNeill on Patreon.
2018-01-24Add HasCallStack constraint to pickOS and unsupportedOS, so the call stack ↵Joey Hess
includes the caller. This commit was sponsored by Jochen Bartl on Patreon.
2018-01-17Run su with --loginJoey Hess
To avoid inheriting some problematic environment variables, such as TMP, from the caller. The only potential breakage from this change would be if something used setEnv before one of the affected properties. Audited propellor's source for that, and nothing does. Anything that did would could fail in a concurrent context anyway.
2018-01-06changes to allow GPT BIOS boot partitionsJoey Hess
* Parted: Allow partitions to have no filesystem, for eg, GPT BIOS boot partitions. (API change) * Added rawPartition to PartSpec, for specifying partitions with no filesystem. * Added BiosGrubFlag to PartFlag. Note that man parted does not list the "bios_boot" flag, but I found it in its html documentation. Other flags may also be missing. This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
2018-01-02avoid bogus warningJoey Hess
Avoid bogus warning about new upstream version when /usr/bin/propellor is run on a Debian system, but ~/.propellor was not cloned from the Debian git bundle.
2017-12-30releasing package propellor version 5.2.0Joey Hess
2017-12-30installerJoey Hess
Added Propellor.Property.Installer modules, which can be used to create bootable installer disk images, which then run propellor to install a system. This code was extracted from the demo I gave at my talk at DebConf 2017, from the secret-project repository. That repository was AGPL licensed. I hereby relicense the code committed here under the same 2-clause BSD license as the rest of propellor. Changes from secret-project: Generalized UserInput to a type class, and added a lot more documentation and examples. This commit was sponsored by Brock Spratlen on Patreon.
2017-12-23Sbuild: add notes about Debian jessie hosts and backportsSean Whitton
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2017-12-21Grub.boots, Grub.bootsMounted: Pass --target to grub-install.Joey Hess
This is to support eg, coreboot. The GrubTarget passed to Grub.installed is introspected to determine --target. If multiple grubs are installed, it currently doesn't pass any --target. Might make more sense to run grub-install repeatedly, but I don't know if that case is sane at all. The Xen -> "x86_64-xen" mapping is kind of arbitrarily chosen since there's a i386-xen available too. I don't know when that case would be used in any case though; chainPVGrub uses installed Xen, but it does not run grub-install. If this does become a problem, would probably need to split it into Xen64 and Xen32. Renamed BIOS to GrubTarget in passing to match grub's terminology; BIOS was kind of a joke term for this in propellor. This commit was sponsored by Francois Marier on Patreon.
2017-12-20two diskimage edge case fixesJoey Hess
* DiskImage: Fix rsync crash when a mount point does not exist in the chroot. * Fix bug in unmountBelow that caused unmounting of nested mounts to fail. This commit was sponsored by Jack Hill on Patreon.
2017-12-20disk partition alignmentJoey Hess
Cheap flash drives need partitions aligned to 4 MiB in order to not be slow (and to avoid extra writes). <https://lwn.net/Articles/428584/> And at least 1 MiB alignment is generally a good idea, and most people seem to think 4 MiB is for all drives. I noticed that Parted.partitioned does not do that; the first partition started at an offset of 1 MB, and subsequent partitions from where it ends. (The 1 MB offset came from the PartedVal PartSize instance, and note that it was not 1 MiB.) * Parted: Add an Alignment parameter. (API change) A good default to use is safeAlignment, which is 4MiB, well suited for inexpensive flash drives, and fine for other disks too. Previously, a very non-optimial 1MB (not 1MiB) alignment had been used. * DiskImage: Use safeAlignment. It didn't seem worth making the alignment configurable here. Alignment is implemented by offsetting the first partition's start position so it's aligned (making sure to leave room for the partition table). Each partition is then extended as needed so the next partition will start properly aligned. Note that parted rejects partition tables that don't fit in cylinder bounderies. Before, propellor let parted deal with the fine details of layout, so that was not a problem. Now it's possible to set some wacky Alignment not divisible by 512, or use Byte sizes for partitions and create a partition table that parted rejects. But, using safeAlignment and MegaBytes should always be safe. Also, this fixes a rounding bug in Parted.calcPartTable. It was rounding up to the nearest MegaByte when allocating remaining disk space, so returned partition table that was actually larger than the disk size. This commit was sponsored by an anonymous bitcoiner.
2017-12-20Parted: Fix names used for FAT and VFAT partitions.Joey Hess
Use "fat32" for both; these are not distinguished at the partition table level. This commit was sponsored by Henrik Riomar on Patreon.
2017-11-29bootstrappedFrom: Set up local privdata file.Joey Hess
Avoid needing to --spin host deployed from disk image to let its propellor access its privdata. This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
2017-11-23releasing package propellor version 5.1.0Joey Hess
2017-11-21merged sbuild overhaulJoey Hess
2017-11-20note another API change in changelogSean Whitton
2017-11-19Merge branch 'master' of https://git.joeyh.name/git/propellor into ↵Sean Whitton
sbuild-overhaul
2017-11-19releasing package propellor version 5.0.0Joey Hess
2017-11-19partition table in InfoJoey Hess
Diskimage.imageBuiltFor: New property to build a disk image for a Host, using partition table information configured via the new properties hasPartitionTableType, hasPartition and adjustPartition. This lets Machine properties include eg /boot partitions that are known to be needed by the bootloader, and the user can adjust those partitions and add others. This commit was sponsored by Brock Spratlen on Patreon.
2017-11-19Merge branch 'master' of https://git.joeyh.name/git/propellor into ↵Sean Whitton
sbuild-overhaul
2017-11-18changelog for sbuild changes thus farSean Whitton
2017-11-17Service: Avoid starting services when noServices is used.Joey Hess
Reconsidered making services never run inside chroots, that seemed too potentially limiting. Using Info rather than checking policy-rc.d because it will also work outside of debian, but more because policy-rc.d has an extremely complicated interface and I didn't want to deal with it. This commit was sponsored by Jochen Bartl on Patreon.
2017-11-17propellor spinJoey Hess
2017-11-17don't start services in chrootsJoey Hess
Service: Changed to use invoke-rc.d rather than service for starting services. This notably means that in chroots, services will not be started. This seems like the right thing to do, because running services inside a chroot is problimatic. Use a real container system for running services. Fixes the problem that, when building a disk image, using eg, Apt.servicesInstalledRunning caused the service to be started in the chroot, even though a policy-rc.d was in place to prevent it, because the "service" command does not check policy-rc.d. This commit was sponsored by John Peloquin on Patreon.