From 88082c729344a48dd060826c1f74c486c1d91ac8 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 21 Jan 2015 22:48:44 -0400 Subject: Added systemd configuration properties. --- config-joey.hs | 1 + debian/changelog | 1 + src/Propellor/Property/Systemd.hs | 36 ++++++++++++++++++++++++++++++++++++ 3 files changed, 38 insertions(+) diff --git a/config-joey.hs b/config-joey.hs index 83839489..89e94192 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -145,6 +145,7 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64" & Apt.unattendedUpgrades & Systemd.installed & Systemd.persistentJournal + & Systemd.journaldConfigured "SystemMaxUse" "500M" & Ssh.passwordAuthentication True -- Since ssh password authentication is allowed: & Apt.serviceInstalledRunning "fail2ban" diff --git a/debian/changelog b/debian/changelog index b9d1373e..f60a4a2b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,7 @@ propellor (1.4.0) UNRELEASED; urgency=medium This includes the properties used inside a container. (API change) * Fix info propigation from fallback combinator's second Property. + * Added systemd configuration properties. -- Joey Hess Thu, 15 Jan 2015 20:14:29 -0400 diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs index 613ed01c..259bb222 100644 --- a/src/Propellor/Property/Systemd.hs +++ b/src/Propellor/Property/Systemd.hs @@ -6,7 +6,11 @@ module Propellor.Property.Systemd ( stopped, enabled, disabled, + restarted, persistentJournal, + Option, + configured, + journaldConfigured, daemonReloaded, Container, container, @@ -60,6 +64,11 @@ disabled :: ServiceName -> Property disabled n = trivial $ cmdProperty "systemctl" ["disable", n] `describe` ("service " ++ n ++ " disabled") +-- | Restarts a systemd service. +restarted :: ServiceName -> Property +restarted n = trivial $ cmdProperty "systemctl" ["restart", n] + `describe` ("service " ++ n ++ " restarted") + -- | Enables persistent storage of the journal. persistentJournal :: Property persistentJournal = check (not <$> doesDirectoryExist dir) $ @@ -72,6 +81,33 @@ persistentJournal = check (not <$> doesDirectoryExist dir) $ where dir = "/var/log/journal" +type Option = String + +-- | Ensures that an option is configured in one of systemd's config files. +-- Does not ensure that the relevant daemon notices the change immediately. +-- +-- This assumes that there is only one [Header] per file, which is +-- currently the case. And it assumes the file already exists with +-- the right [Header], so new lines can just be appended to the end. +configured :: FilePath -> Option -> String -> Property +configured cfgfile option value = combineProperties desc + [ File.fileProperty desc (mapMaybe removeother) cfgfile + , File.containsLine cfgfile line + ] + where + setting = option ++ "=" + line = setting ++ value + desc = cfgfile ++ " " ++ line + removeother l + | setting `isPrefixOf` l = Nothing + | otherwise = Just l + +-- | Configures journald, restarting it so the changes take effect. +journaldConfigured :: Option -> String -> Property +journaldConfigured option value = + configured "/etc/systemd/journald.conf" option value + `onChange` restarted "systemd-journald" + -- | Causes systemd to reload its configuration files. daemonReloaded :: Property daemonReloaded = trivial $ cmdProperty "systemctl" ["daemon-reload"] -- cgit v1.2.3