summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2019-04-26releasing package propellor version 5.8.0Joey Hess
2019-04-22updateJoey Hess
2019-04-16Ssh.userKeys, Ssh.userKeyAt: Create .ssh directory when it does not yet exist.Joey Hess
* Ssh.userKeys, Ssh.userKeyAt: Create .ssh directory when it does not yet exist. * Ssh.userKeyAt: When a relative filepath is provided, it's put inside the user's .ssh directory.
2019-04-09update changelogJoey Hess
2019-04-08change from inChroot to granular container capabilities infoJoey Hess
* Removed inChroot, instead use hasContainerCapability FilesystemContained. (API change) * Hostname: Properties that used to not do anything in a systemd or docker container will now change the container's hostname, since it's namespaced. More container capabilities can easily be added later, to fine grain control what properties will run in different kinds of containers. This changed CmdLine's Read instance, which should be ok, because propellor inside the container is always updated at the same time as propellor outside, so when it chains into the chroot, it will know to expect the capability list. Docker was not setting InChroot before, but now sets both container capabilities, so chroot setting will also work in it. Note that, things that used to check inChroot before would not work in docker, but things that check FilesystemContained now will. It may be that some of those properties don't really work properly in docker. And, Grub.installed used to run grub-mkconfig in a docker container before, I doubt that made sense (was it even safe?); it doesn't do it now. This commit was sponsored by Trenton Cronholm on Patreon.
2019-04-08Fix bug in File.containsShellSettingJoey Hess
It replaced whole shell conffile content with the setting if the file did not previously contain a line setting the key to some value. InsertSection is passed the whole content of the file, which does not contain the section yet (here the section is a single line). Probably this was not noticed because it's common for a shell config file to contain default values, so the buggy InsertSection rarely gets used. This commit was sponsored by Ethan Aubin.
2019-04-05releasing package propellor version 5.7.0Joey Hess
2019-04-03changelog for spwhitton's cron patch setJoey Hess
2019-04-03mention Localdir.removed propertyJoey Hess
2019-04-03changelog for spwhitton's patch setJoey Hess
2019-04-01Added Utility.FileMode to the modules exported by Propellor.UtilitiesJoey Hess
Since File.mode uses FileMode, it seems it ought to be exported by propellor somewhere. I don't want to make propellor Property modules themselves export core data types though, so this is a compromise of dubious utility.
2019-04-01Sbuild.built no longer includes Apt.stdSourcesList by default, in order to ↵Joey Hess
support non-Debian OS's. (API change) To upgrade: Simply add Sbuild.osDebianStandard to all Sbuild.built calls which have osDebian. Thanks, Sean Whitton
2019-01-20releasing package propellor version 5.6.1Joey Hess
2019-01-20changelogJoey Hess
2019-01-18releasing package propellor version 5.6.0Joey Hess
2019-01-18Fix --spin crash when ~/.ssh/ directory did not already exist.Joey Hess
2019-01-18Merge branch 'joeyconfig'Joey Hess
2019-01-18Avoid exposing the constructor of OuterMetaTypesWitness, to avoid the kind ↵Joey Hess
of mistake that led to the withOS bug.
2019-01-18Merge branch 'master' into joeyconfigJoey Hess
2019-01-18fix withOS type level bugJoey Hess
withOS had a type level bug that allowed ensureProperty to be used inside it with a Property that does not match the type of the withOS itself. Propellor.Property.Cron.runPropellor is a Property DebianLike; it was incorrectly a Property UnixLike before and that wrong type was hidden by the withOS bug. This commit was sponsored by Jack Hill on Patreon.
2018-12-30Merged Utility changes from git-annexJoey Hess
Last done in May 2017..
2018-12-30Fix build with ghc 8.6.3Joey Hess
Ghc started complaining that the SingI constraints needs UndecidableInstances. I'm not clear why, when it used to work without that extension. UndecidableInstances were already used in MetaTypes..
2018-12-04libghc-stm-dev package won't be in new versions of debianJoey Hess
In Bootstrap, still try to install the package to support bootstrapping to old systems. If it's not available the bootstrapping will still succeed. The added apt-cache check is only to avoid apt complaining when asked to install a not available package. In debian/control, depend on ghc that includes stm, although propellor still supports being used with older versions of ghc Of course this control file is not being used for the package in debian any longer afaik, so something else will be done there.
2018-11-11merged libvirtJoey Hess
2018-10-23patch appliedJoey Hess
2018-10-20releasing package propellor version 5.5.0Joey Hess
2018-10-14Added Apt.backportInstalledMin.Joey Hess
This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
2018-10-13name bikesheddingJoey Hess
2018-10-09Borg: Added UsesEnvVar.Joey Hess
For eg, BORG_REMOTE_PATH needed to use borg on rsync.net This commit was sponsored by Jochen Bartl on Patreon.
2018-08-20Removed HostingProvider.CloudatCost module as it lacks a maintainerJoey Hess
(If anyone would like to maintain it, send a patch adding it back.) (API change)
2018-08-20Sudo.enabledFor: Write to /etc/sudoers.d/000users rather than to /etc/sudoersJoey Hess
(Any old lines it wrote to /etc/sudoers will be removed.) This fixes a potential ordering problem; the property used to append the line to /etc/sudoers, but that would override more specific lines in the include directory. By putting it in a file that is included first, it'll come before all includes, without needing to parse the sudoers file in order to put it before the includedir line. Note that, if there is a more specific line for the user in /etc/sudoers before the includedir, it will be overridden by the line in /etc/sudoers.d/000users. But, this is not a behavior change from before, when the line was appended to the end. This commit was sponsored by Jeff Goeke-Smith on Patreon.
2018-08-20Added Sudo.sudoersDFile property.Joey Hess
This commit was sponsored by Ewen McNeill on Patreon.
2018-08-19Systemd.escapePath functionJoey Hess
Useful when creating mount units.
2018-08-19Split mailname property out of Hostname.saneJoey Hess
Since bad mailname guesses can lead to ugly surprises. (API change) Kept it in the Hostname module for easy discoverability, and similar to Hostname.searchDomain it sets a value based on the hostname so makes sense to keep it in that module. Didn't implement the mailname equivilant of Hostname.setTo, because it's trivial to write the mailname file with a custom value if desired. This commit was sponsored by John Pellman on Patreon.
2018-08-09letsencrypt': Pass --expand to support expanding the list of domainsJoey Hess
2018-08-08releasing package propellor version 5.4.1Joey Hess
2018-07-11remove build-time warning for dockerJoey Hess
Propellor.Cmdline imports it, which made propellor compilation warn.
2018-07-11Merge branch 'master' into joeyconfigJoey Hess
2018-07-11two unmaintained modulesJoey Hess
2018-06-24Dns: Support TXT values longer than bind's maximum string length of 255 ↵Joey Hess
bytes. Thanks, rsiddharth.
2018-06-16changelogJoey Hess
2018-05-18use git verify-commitJoey Hess
Use git verify-commit to verify gpg signatures, rather than the old method of parsing git log output. These two methods should always have the same result. Note that git verify-commit allows signatures with unknown validity, the same as git log's "U" output which was accepted. So any key in the gpg keyring is allowed to sign the commit. Propellor provides gpg with a keyring containing only the allowed keys. Needs git 2.0, which is in even debian oldstable. This commit was sponsored by Ewen McNeill on Patreon.
2018-05-18modernized and simplified the MetaTypes implementationJoey Hess
now that compatability with ghc 7 is no longer needed. Data.Type.Bool contains effectively the same stuff that was implemented here, so removed my code. Tried to use Data.Type.Equality instead of my EqT, but it seems to be some other type of (type level) equality, and didn't compile. Instead went with the simpler EqT implementation that newer ghc versions allow. The rest of the changes are simply better syntax for defining type families. And upon using that syntax, ghc noticed that `type family a + b` does not have kind "ab" like I wrote before, but is kind *. Tested on debian stable with ghc 8.0.1. This commit was sponsored by John Pellman on Patreon.
2018-05-17releasing package propellor version 5.4.0Joey Hess
2018-05-17tried to improve changelog wordingJoey Hess
2018-05-17Apt.installedBackport replaced with Apt.backportInstalledSean Whitton
Apt.installedBackport would do this: apt-get install -t stretch-backports foo bar Apt.backportInstalled does this: apt-get install foo/stretch-backports bar/stretch-backports The Apt.installedBackport behaviour can install the dependencies of foo and bar from stretch-backports even when the versions in stretch will satisfy the dependencies of the backports of foo and bar. So this property can result in very many more backports being installed on the host when intended. But the number of installed backports should always be minimised. Worse, whether this happens is highly dependent on the system state, and the order in which other properties get ensured. For example, & Apt.installed ["dgit"] & Apt.installedBackport ["dgit"] will install only dgit from stretch-backports, but unless debhelper and devscripts happen to already be installed, & Apt.installedBackport ["dgit"] & Apt.installed ["dgit"] will install dgit, debhelper, devscripts and maybe more from backports. This is surprising, difficult to debug, and breaks the expectation that when the order in which properties are ensured is not specified with connectives like `requires` and `before`, ensuring them in any order will produce the same result. Property renamed because user configs should not silently break, as they would if they did not list dependencies that must be installed from stable-backports. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2018-05-17Restic.installed: stop trying to install a backport on jessieSean Whitton
No such backport exists in the archive. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2018-05-09releasing package propellor version 5.3.6Joey Hess
2018-05-06changelogJoey Hess
2018-05-03Update shim each time propellor is run in a container, to deal with library ↵Joey Hess
version changes. Surprised this didn't come up before, since propellor was run against progressively old versions of libraries when propelling eg, a chroot. It finally broke on an arm box, where libm got updated to a new version and propellor used a symbol from the new version. The comment says that propellor may be running from an existing shim in which case it's reused. That could be a nested chroot or other container, or perhaps propellor was deployed via a precompiled tarball which is built using a shim. The code used to use "checkAlreadyShimmed shim" which I don't see how it deals with either of those scenarios. Changed to "checkAlreadyShimmed propellorbin", which I think will deal with them, but I've not tested such scenarios. Added code to delete old versions of libraries out of the shim directory to avoid masses of old ones piling up over time. Property.Chroot sets up the shim directory and then bind mounts it into the chroot. To avoid deleting the source of a bind mount, made this only delete files in the shim directory, but not the shim directory itself.