From 8137c29bb82ca5feaf8c320c815c6bd2021f1a41 Mon Sep 17 00:00:00 2001 From: thomas+propellor@2495a5c73b672e9d4f472368ed4723143b13dea9 Date: Sat, 3 Feb 2018 20:21:55 +0000 Subject: --- ...quickstart_without_git__44___SSH__44___GPG.mdwn | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG.mdwn diff --git a/doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG.mdwn b/doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG.mdwn new file mode 100644 index 00000000..d0920424 --- /dev/null +++ b/doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG.mdwn @@ -0,0 +1,35 @@ +I wanted to start using propellor in the most simple way and the requirement to have a GPG key, signed commits, propellor updating itself, and so on was way too much to start with. + +So I wrote this Haskell file: + + + module Main where + + import Propellor + import Propellor.Engine + import qualified Propellor.Property.Apt as Apt + + main :: IO () + main = mainProperties myHost + + myHost :: Host + myHost = host "local" $ props + & Apt.installed [ + "etckeeper" + , "git" + , "rsync" + , "tmux" + , "tree" + , "unattended-upgrades" + , "zsh" + ] + +And then used the Debian package *entr* to scp the executable to a test server and have it executed there: + + echo mytest-exe | entr scp /_ mytesthost: + +and on the test host: + + echo mytest-exe | entr sudo ./mytest-exe + +Maybe somebody finds this useful as a starting point to learn propellor. -- cgit v1.2.3 From 7fc023b580f89e28320a8d7c08547f29a2a4c5d0 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Feb 2018 11:59:35 -0400 Subject: clean up after merge --- config.hs | 2 +- privdata/relocate | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) delete mode 100644 privdata/relocate diff --git a/config.hs b/config.hs index 97d90636..ec313725 120000 --- a/config.hs +++ b/config.hs @@ -1 +1 @@ -joeyconfig.hs \ No newline at end of file +config-simple.hs \ No newline at end of file diff --git a/privdata/relocate b/privdata/relocate deleted file mode 100644 index 271692d8..00000000 --- a/privdata/relocate +++ /dev/null @@ -1 +0,0 @@ -.joeyconfig -- cgit v1.2.3 From e1fd45067b037876a69a3ef741970105f14afbc8 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Feb 2018 12:05:14 -0400 Subject: releasing package propellor version 5.3.1 --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index a0471182..5d032b4c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,10 @@ -propellor (5.3.1) UNRELEASED; urgency=medium +propellor (5.3.1) unstable; urgency=medium * Last release mistakenly contained my personal branch not master. * contrib/post-merge-hook documentation updated to recommend also using it as a post-checkout hook, to avoid such problems. - -- Joey Hess Sun, 04 Feb 2018 11:54:28 -0400 + -- Joey Hess Sun, 04 Feb 2018 12:00:03 -0400 propellor (5.3.0) unstable; urgency=medium -- cgit v1.2.3 From 69e165abce63df73468d552b79288b690df37c1e Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Feb 2018 12:05:37 -0400 Subject: add news item for propellor 5.3.1 --- doc/news/version_5.3.0.mdwn | 16 ---------------- doc/news/version_5.3.1.mdwn | 5 +++++ 2 files changed, 5 insertions(+), 16 deletions(-) delete mode 100644 doc/news/version_5.3.0.mdwn create mode 100644 doc/news/version_5.3.1.mdwn diff --git a/doc/news/version_5.3.0.mdwn b/doc/news/version_5.3.0.mdwn deleted file mode 100644 index 07900e0b..00000000 --- a/doc/news/version_5.3.0.mdwn +++ /dev/null @@ -1,16 +0,0 @@ -propellor 5.3.0 released with [[!toggle text="these changes"]] -[[!toggleable text=""" - * Avoid bogus warning about new upstream version when /usr/bin/propellor - is run on a Debian system, but ~/.propellor was not cloned from the - Debian git bundle. - * Parted: Allow partitions to have no filesystem, for eg, GPT BIOS boot - partitions. (API change) - * Added rawPartition to PartSpec, for specifying partitions with no - filesystem. - * Added BiosGrubFlag to PartFlag. - * Add HasCallStack constraint to pickOS and unsupportedOS, so the - call stack includes the caller. - * Run su with --login, to avoid inheriting some problematic environment - variables, such as TMP, from the caller. - * Grub: Added properties to configure /etc/default/grub. - * Laptop: New module, starting with powertopAutoTuneOnBoot."""]] \ No newline at end of file diff --git a/doc/news/version_5.3.1.mdwn b/doc/news/version_5.3.1.mdwn new file mode 100644 index 00000000..4f660270 --- /dev/null +++ b/doc/news/version_5.3.1.mdwn @@ -0,0 +1,5 @@ +propellor 5.3.1 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Last release mistakenly contained my personal branch not master. + * contrib/post-merge-hook documentation updated to recommend also using + it as a post-checkout hook, to avoid such problems."""]] \ No newline at end of file -- cgit v1.2.3 From f835499cf07459c551795b39cdfb8fb345aa0fe5 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Feb 2018 12:19:53 -0400 Subject: link to simple quickstart --- doc/README.mdwn | 3 +++ ...ent_1_031851f4a01a8a4d9fb4bd1f9ac077c8._comment | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG/comment_1_031851f4a01a8a4d9fb4bd1f9ac077c8._comment diff --git a/doc/README.mdwn b/doc/README.mdwn index a4a38c5f..6d7e6508 100644 --- a/doc/README.mdwn +++ b/doc/README.mdwn @@ -56,3 +56,6 @@ see [configuration for the Haskell newbie](https://propellor.branchable.com/hask each host becomes tiresome, you can [automate that](http://propellor.branchable.com/automated_spins/). 7. Write some neat new properties and send patches! + +(Want to get your feet wet with propellor before plunging in? +[[try this|forum/Simple_quickstart_without_git__44___SSH__44___GPG]]) diff --git a/doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG/comment_1_031851f4a01a8a4d9fb4bd1f9ac077c8._comment b/doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG/comment_1_031851f4a01a8a4d9fb4bd1f9ac077c8._comment new file mode 100644 index 00000000..a99e83e2 --- /dev/null +++ b/doc/forum/Simple_quickstart_without_git__44___SSH__44___GPG/comment_1_031851f4a01a8a4d9fb4bd1f9ac077c8._comment @@ -0,0 +1,22 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2018-02-04T16:09:17Z" + content=""" +Thank you for this excellent idea and post! I've added a link to it under +the quick start on the front page. + +Propellor's deployment system +is just what happened to meet my needs, but certianly not ideal for anyone, +and what I really like about this is it shows how the core of propellor is +not locked into that one system. + +I see that `entr` automatically re-transfers the file when it has changed, +so am I right that you could use this in combination with eg +`stack build --file-watch` to immediately test each change to config.hs? + +Do note that your method doesn't transfer over any private data that +propellor might use on the host. And, some container properties need +the propellor binary in /usr/local/propellor/ in order to work. +But until you need such properties, it's a nice way to get your feet wet. +"""]] -- cgit v1.2.3 From 9f9726767befcbea24b8020fb065fd3ece39e24e Mon Sep 17 00:00:00 2001 From: pmenzel Date: Mon, 5 Feb 2018 14:35:08 +0000 Subject: Ask about dm-crypt/LUKS --- doc/forum/dm-crypt__47__LUKS_encryption_and_key_management.mdwn | 1 + 1 file changed, 1 insertion(+) create mode 100644 doc/forum/dm-crypt__47__LUKS_encryption_and_key_management.mdwn diff --git a/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management.mdwn b/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management.mdwn new file mode 100644 index 00000000..12a2bea5 --- /dev/null +++ b/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management.mdwn @@ -0,0 +1 @@ +Hi. Searching for *luks* in the git repository and the forum doesn’t bring up any hits. Am I right to assume, that encrypting the disk with dm-crypt/LUKS and managing keys/passwords is currently not easily doable? -- cgit v1.2.3 From 2cfee67820612878a7c1a2c8d3fdf912cb8e1075 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 6 Feb 2018 11:41:59 -0400 Subject: comment --- .../comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment diff --git a/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment b/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment new file mode 100644 index 00000000..0962459f --- /dev/null +++ b/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2018-02-06T15:37:45Z" + content=""" +Not aware of anyone using propellor for that yet. + +Propellor's LVM module would probably be a decent starting point for +implementing dm-crypt support. + +Key/passwords could certianly be managed with propellor's privdata +interface. Whether it makes sense to do so for security is probably up to +the individual user, since privdata can be decrypted with your gpg private +key, which you might not want to equate to access to your encrypted volume. +Also, privdata is stored on the host that uses it in unencrypted form +protected only by file permissions. +"""]] -- cgit v1.2.3