From 1495db6cd103bf5f9f4635dbbfe807c7c1f39b2e Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 13 Apr 2014 14:01:30 -0400 Subject: propellor spin --- Propellor/Property/SiteSpecific/JoeySites.hs | 92 ++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) (limited to 'Propellor/Property/SiteSpecific') diff --git a/Propellor/Property/SiteSpecific/JoeySites.hs b/Propellor/Property/SiteSpecific/JoeySites.hs index 46373170..81557b32 100644 --- a/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/Propellor/Property/SiteSpecific/JoeySites.hs @@ -5,6 +5,14 @@ module Propellor.Property.SiteSpecific.JoeySites where import Propellor import qualified Propellor.Property.Apt as Apt +import qualified Propellor.Property.File as File +import qualified Propellor.Property.Gpg as Gpg +import qualified Propellor.Property.Ssh as Ssh +import qualified Propellor.Property.Git as Git +import qualified Propellor.Property.Service as Service +import qualified Propellor.Property.User as User +import qualified Propellor.Property.Obnam as Obnam +import qualified Propellor.Property.Apache as Apache oldUseNetShellBox :: Property oldUseNetShellBox = check (not <$> Apt.isInstalled "oldusenet") $ @@ -21,3 +29,87 @@ oldUseNetShellBox = check (not <$> Apt.isInstalled "oldusenet") $ , "rm -rf /root/tmp/oldusenet" ] `describe` "olduse.net built" ] + +-- git.kitenet.net and git.joeyh.name +gitServer :: [Host] -> Property +gitServer hosts = propertyList "git.kitenet.net setup" + [ Obnam.backup "/srv/git" "33 3 * * *" + [ "--repository=sftp://2318@usw-s002.rsync.net/~/git.kitenet.net" + , "--encrypt-with=1B169BE1" + , "--client-name=wren" + ] Obnam.OnlyClient + `requires` Gpg.keyImported "1B169BE1" "root" + `requires` Ssh.keyImported SshRsa "root" + `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root" + `requires` Ssh.authorizedKeys "family" + `requires` User.accountFor "family" + , Apt.installed ["git", "git-annex", "rsync", "kgb-client-git", "gitweb"] + , File.hasPrivContentExposed "/etc/kgb-bot/kgb-client.conf" + , toProp $ Git.daemonRunning "/srv/git" + , "/etc/gitweb.conf" `File.containsLines` + [ "$projectroot = 'srv/git';" + , "@git_base_url_list = ('git://git.kitenet.net', 'http://git.kitenet.net/git', 'ssh://git.kitenet.net/srv/git');" + , "# disable snapshot download; overloads server" + , "$feature{'snapshot'}{'default'} = [];" + ] + `describe` "gitweb configured" + , website "git.kitenet.net" + , website "git.joeyh.name" + -- ssh keys for branchable and github repo hooks + -- TODO: upgrade to newer git-annex-shell for notification + -- gitweb + ] + where + website hn = toProp $ Apache.siteEnabled hn (gitapacheconf hn) + +gitapacheconf :: HostName -> Apache.ConfigFile +gitapacheconf hn = + [ "" + , " ServerAdmin joey@kitenet.net" + , "" + , " ServerName " ++ hn ++ ":80" + , "" + , " DocumentRoot /srv/web/git.kitenet.net/" + , " " + , " Options Indexes ExecCGI FollowSymlinks" + , " AllowOverride None" + , " DirectoryIndex index.cgi" + , " " + , "" + , " ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/" + , " " + , " SetHandler cgi-script" + , " Options ExecCGI" + , " " + , "" + , " ErrorLog /var/log/apache2/error.log" + , " LogLevel warn" + , " CustomLog /var/log/apache2/access.log combined" + , "" + , " # Possible values include: debug, info, notice, warn, error, crit," + , " # alert, emerg." + , " LogLevel warn" + , "" + , " CustomLog /var/log/apache2/access.log combined" + , " ServerSignature On" + , " " + , " " + , " Options Indexes MultiViews" + , " AllowOverride None" + , " Order allow,deny" + , " Allow from all" + , " " + , "" + ] + +-- Note: needs debian unstable for new kgb +kgbServer :: Property +kgbServer = propertyList "kgb.kitenet.net setup" + [ Apt.serviceInstalledRunning "kgb-bot" + , File.hasPrivContent "/etc/kgb-bot/kgb.conf" + `onChange` Service.restarted "kgb-bot" + , "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1" + `describe` "kgb bot enabled" + `onChange` Service.running "kgb-bot" + ] + -- cgit v1.2.3