summaryrefslogtreecommitdiff
path: root/src/Propellor/Property
AgeCommit message (Collapse)Author
2018-09-02Nullmailer: handle nullmailer configurationnullmailerNicolas Schodet
2018-05-17Merge branch 'joeyconfig'Joey Hess
2018-05-17Apt.installedBackport replaced with Apt.backportInstalledSean Whitton
Apt.installedBackport would do this: apt-get install -t stretch-backports foo bar Apt.backportInstalled does this: apt-get install foo/stretch-backports bar/stretch-backports The Apt.installedBackport behaviour can install the dependencies of foo and bar from stretch-backports even when the versions in stretch will satisfy the dependencies of the backports of foo and bar. So this property can result in very many more backports being installed on the host when intended. But the number of installed backports should always be minimised. Worse, whether this happens is highly dependent on the system state, and the order in which other properties get ensured. For example, & Apt.installed ["dgit"] & Apt.installedBackport ["dgit"] will install only dgit from stretch-backports, but unless debhelper and devscripts happen to already be installed, & Apt.installedBackport ["dgit"] & Apt.installed ["dgit"] will install dgit, debhelper, devscripts and maybe more from backports. This is surprising, difficult to debug, and breaks the expectation that when the order in which properties are ensured is not specified with connectives like `requires` and `before`, ensuring them in any order will produce the same result. Property renamed because user configs should not silently break, as they would if they did not list dependencies that must be installed from stable-backports. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2018-05-17Restic.installed: stop trying to install a backport on jessieSean Whitton
No such backport exists in the archive. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2018-05-09propellor spinJoey Hess
2018-05-07propellor spinJoey Hess
2018-05-06Merge remote-tracking branch 'felix/unbound' into joeyconfigJoey Hess
2018-05-05propellor spinJoey Hess
2018-05-05propellor spinJoey Hess
2018-05-05Unbound: move haddock comment to cachingDnsServerFélix Sipma
2018-05-05propellor spinJoey Hess
2018-05-04propellor spinJoey Hess
2018-05-04updateJoey Hess
2018-05-04Unbound: add a warning note for CNAMEFélix Sipma
2018-05-04Unbound: handle missing recordsFélix Sipma
2018-05-04Unbound: simplify existing recordsFélix Sipma
2018-05-04Unbound: handle SRV recordFélix Sipma
2018-05-03Merge branch 'master' into joeyconfigJoey Hess
2018-05-03Update shim each time propellor is run in a container, to deal with library ↵Joey Hess
version changes. Surprised this didn't come up before, since propellor was run against progressively old versions of libraries when propelling eg, a chroot. It finally broke on an arm box, where libm got updated to a new version and propellor used a symbol from the new version. The comment says that propellor may be running from an existing shim in which case it's reused. That could be a nested chroot or other container, or perhaps propellor was deployed via a precompiled tarball which is built using a shim. The code used to use "checkAlreadyShimmed shim" which I don't see how it deals with either of those scenarios. Changed to "checkAlreadyShimmed propellorbin", which I think will deal with them, but I've not tested such scenarios. Added code to delete old versions of libraries out of the shim directory to avoid masses of old ones piling up over time. Property.Chroot sets up the shim directory and then bind mounts it into the chroot. To avoid deleting the source of a bind mount, made this only delete files in the shim directory, but not the shim directory itself.
2018-05-03propellor spinJoey Hess
2018-05-02make Schroot.overlaysInTmpfs revertableSean Whitton
Useful when a build fails on a tmpfs (usually a package's test suite). Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2018-05-02updateJoey Hess
2018-04-30Merge branch 'master' into joeyconfigJoey Hess
2018-04-30fix broken SemigroupMonoid transition <<loop>>Joey Hess
Turns out that with ghc 8.2.2, the instructions given on the page don't work. And the cppless variant that I had compiles, but into effectively mappend = mappend so it loops. The only way I can see to make it work without cpp is to use mappend = (Sem.<>) which is ugly and a land mine waiting to explode if someone changes it to a nicer mappend = (<>) with a newer version of ghc which will compile it and work ok, while breaking it with 8.2.2. Sigh. I posted to haskell-cafe about this.
2018-04-29Merge branch 'master' into joeyconfigJoey Hess
2018-04-29propellor spinJoey Hess
2018-04-23more ghc 8.4 build fixesJoey Hess
Tested build with ghc 8.4 now.
2018-04-23semigroup monoid change fallout; drop ghc 7 supportJoey Hess
Fix build with ghc 8.4, which broke due to the Semigroup Monoid change. See https://prime.haskell.org/wiki/Libraries/Proposals/SemigroupMonoid Dropped support for building propellor with ghc 7 (as in debian oldstable), to avoid needing to depend on the semigroups transitional package, but also because it's just too old to be worth supporting. If we indeed drop ghc 7 support entirely, some code to support "jessie" can be removed; concurrent-output can be de-embedded, and the Singletons code can be simplified. This commit was sponsored by Jack Hill on Patreon.
2018-04-22simplify constraints for new ghcJoey Hess
ghc started warning about the IsProp (Property i) constraint; removing it the code builds. This may break building with older ghc.
2018-04-18Merge branch 'joeyconfig'Joey Hess
2018-04-18Apt.stdSourcesList now adds stable-updates suiteSean Whitton
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
2018-04-12I tested the banana pi earlier, forgot to move it to the tested sectionJoey Hess
2018-04-11Merge branch 'joeyconfig'Joey Hess
2018-04-11move 1-wire to different gpio pinJoey Hess
2018-04-08propellor spinJoey Hess
2018-04-08propellor spinJoey Hess
2018-04-08propellor spinJoey Hess
2018-04-03fix comment indentJoey Hess
2018-04-03Merge branch 'joeyconfig'Joey Hess
2018-04-03updateJoey Hess
2018-03-20Move table and target to before the other rule argumentsRussell Sim
Some commands in IPTables are order dependent. In particular, I have seen this with the --to-dest and the --to-source arguments for DNAT and SNAT respectively. Below is an example rule which demonstrates the issue. $ iptables -A PREROUTING -p tcp -i eth0 --dport 4000 \ --to-dest 10.3.0.6:4000 -t nat -j DNAT iptables v1.6.0: unknown option "--to-dest" $ iptables -A PREROUTING -p tcp -i eth0 --dport 4000 \ -j DNAT --to-dest 10.3.0.6:4000 -t nat Signed-off-by: Russell Sim <russell.sim@gmail.com>
2018-03-19Merge branch 'joeyconfig'Joey Hess
2018-03-19updateJoey Hess
2018-03-18Merge branch 'joeyconfig'Joey Hess
2018-03-18updateJoey Hess
2018-03-14propellor spinJoey Hess
2018-03-01Apt.trustsKey: Use apt-key to add key rather than manually driving gpg, ↵Joey Hess
which seems to not work anymore. Thanks, Russell Sim.
2018-02-27Merge branch 'master' into joeyconfigJoey Hess
2018-02-26propellor spinJoey Hess
2018-02-24Openssl: fix typoFélix Sipma