From 622a3d8a931979deec838f06f7fb0311adf40df6 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 13 Apr 2014 03:49:24 -0400 Subject: propellor spin --- Propellor/Property/Ssh.hs | 7 +++++-- config-joey.hs | 5 +++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/Propellor/Property/Ssh.hs b/Propellor/Property/Ssh.hs index ba23253d..2fc3c560 100644 --- a/Propellor/Property/Ssh.hs +++ b/Propellor/Property/Ssh.hs @@ -84,12 +84,15 @@ hostKey keytype = propertyList desc [ Property desc (install writeFile (SshPubKey keytype "") ".pub") , Property desc (install writeFileProtected (SshPrivKey keytype "") "") ] + `onChange` restartSshd where desc = "known ssh host key (" ++ fromKeyType keytype ++ ")" install writer p ext = withPrivData p $ \key -> do let f = "/etc/ssh/ssh_host_" ++ fromKeyType keytype ++ "_key" ++ ext - void $ liftIO $ writer f key - noChange + s <- liftIO $ readFileStrict f + if s == key + then noChange + else makeChange $ writer f key -- | Sets up a user with a ssh private key and public key pair -- from the site's PrivData. diff --git a/config-joey.hs b/config-joey.hs index dd454040..394881b4 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -74,7 +74,7 @@ hosts = & Ssh.hostKey SshDsa & Ssh.hostKey SshRsa & Obnam.backup "/srv/git" "33 3 * * *" - [ "--repository=sftp://2318@usw-s002.rsync.net/~/git.kitenet.net.obnam" + [ "--repository=sftp://2318@usw-s002.rsync.net/~/git.kitenet.net" , "--encrypt-with=1B169BE1" , "--client-name=wren" ] Obnam.OnlyClient @@ -93,7 +93,8 @@ hosts = -- downloads.kitenet.net setup (including ssh key to turtle) & Apt.buildDep ["git-annex"] `period` Daily - -- I don't run this system, but tell propellor its public key. + -- I don't run this system, so only relevant property is its + -- public key. , host "usw-s002.rsync.net" & sshPubKey "ssh-dss AAAAB3NzaC1kc3MAAAEBAI6ZsoW8a+Zl6NqUf9a4xXSMcV1akJHDEKKBzlI2YZo9gb9YoCf5p9oby8THUSgfh4kse7LJeY7Nb64NR6Y/X7I2/QzbE1HGGl5mMwB6LeUcJ74T3TQAlNEZkGt/MOIVLolJHk049hC09zLpkUDtX8K0t1yaCirC9SxDGLTCLEhvU9+vVdVrdQlKZ9wpLUNbdAzvbra+O/IVvExxDZ9WCHrnfNA8ddVZIGEWMqsoNgiuCxiXpi8qL+noghsSQNFTXwo7W2Vp9zj1JkCt3GtSz5IzEpARQaXEAWNEM0n1nJ686YUOhou64iRM8bPC1lp3QXvvZNgj3m+QHhIempx+de8AAAAVAKB5vUDaZOg14gRn7Bp81ja/ik+RAAABACPH/bPbW912x1NxNiikzGR6clLh+bLpIp8Qie3J7DwOr8oC1QOKjNDK+UgQ7mDQEgr4nGjNKSvpDi4c1QCw4sbLqQgx1y2VhT0SmUPHf5NQFldRQyR/jcevSSwOBxszz3aq9AwHiv9OWaO3XY18suXPouiuPTpIcZwc2BLDNHFnDURQeGEtmgqj6gZLIkTY0iw7q9Tj5FOyl4AkvEJC5B4CSzaWgey93Wqn1Imt7KI8+H9lApMKziVL1q+K7xAuNkGmx5YOSNlE6rKAPtsIPHZGxR7dch0GURv2jhh0NQYvBRn3ukCjuIO5gx56HLgilq59/o50zZ4NcT7iASF76TcAAAEAC6YxX7rrs8pp13W4YGiJHwFvIO1yXLGOdqu66JM0plO4J1ItV1AQcazOXLiliny3p2/W+wXZZKd5HIRt52YafCA8YNyMk/sF7JcTR4d4z9CfKaAxh0UpzKiAk+0j/Wu3iPoTOsyt7N0j1+dIyrFodY2sKKuBMT4TQ0yqQpbC+IDQv2i1IlZAPneYGfd5MIGygs2QMfaMQ1jWAKJvEO0vstZ7GB6nDAcg4in3ZiBHtomx3PL5w+zg48S4Ed69BiFXLZ1f6MnjpUOP75pD4MP6toS0rgK9b93xCrEQLgm4oD/7TCHHBo2xR7wwcsN2OddtwWsEM2QgOkt/jdCAoVCqwQ==" -- cgit v1.2.3