From feeec9d3819d39cbb0c0ece3b5c6628881f2d5a1 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 13 Apr 2014 16:38:58 -0400 Subject: propellor spin --- Propellor/Property/SiteSpecific/JoeySites.hs | 94 +++++++++++++++++++++++----- 1 file changed, 79 insertions(+), 15 deletions(-) (limited to 'Propellor/Property') diff --git a/Propellor/Property/SiteSpecific/JoeySites.hs b/Propellor/Property/SiteSpecific/JoeySites.hs index 635d99ba..e1119469 100644 --- a/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/Propellor/Property/SiteSpecific/JoeySites.hs @@ -13,6 +13,7 @@ import qualified Propellor.Property.Service as Service import qualified Propellor.Property.User as User import qualified Propellor.Property.Obnam as Obnam import qualified Propellor.Property.Apache as Apache +import Utility.SafeCommand oldUseNetShellBox :: Property oldUseNetShellBox = check (not <$> Apt.isInstalled "oldusenet") $ @@ -30,6 +31,21 @@ oldUseNetShellBox = check (not <$> Apt.isInstalled "oldusenet") $ ] `describe` "olduse.net built" ] +kgbServer :: Property +kgbServer = withOS desc $ \o -> case o of + (Just (System (Debian Unstable) _)) -> + ensureProperty $ propertyList desc + [ Apt.serviceInstalledRunning "kgb-bot" + , File.hasPrivContent "/etc/kgb-bot/kgb.conf" + `onChange` Service.restarted "kgb-bot" + , "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1" + `describe` "kgb bot enabled" + `onChange` Service.running "kgb-bot" + ] + _ -> error "kgb server needs Debian unstable (for kgb-bot 1.31+)" + where + desc = "kgb.kitenet.net setup" + -- git.kitenet.net and git.joeyh.name gitServer :: [Host] -> Property gitServer hosts = propertyList "git.kitenet.net setup" @@ -63,6 +79,69 @@ gitServer hosts = propertyList "git.kitenet.net setup" where website hn = toProp $ Apache.siteEnabled hn (gitapacheconf hn) +type AnnexUUID = String + +-- | A website, with files coming from a git-annex repository. +annexWebSite :: Git.RepoUrl -> HostName -> AnnexUUID -> [(String, Git.RepoUrl)] -> Property +annexWebSite origin hn uuid remotes = Git.cloned "joey" origin dir Nothing + `onChange` setup + `onChange` toProp (Apache.siteEnabled hn $ annexwebsiteconf hn) + where + dir = "/srv/web/" ++ hn + setup = userScriptProperty "joey" $ + [ "cd " ++ shellEscape dir + , "git config annex.uuid " ++ shellEscape uuid + ] ++ map addremote remotes ++ + [ "git annex get" + ] + addremote (name, url) = "git remote add " ++ shellEscape name ++ " " ++ shellEscape url + +annexwebsiteconf :: HostName -> Apache.ConfigFile +annexwebsiteconf hn = stanza 80 False ++ stanza 443 True + where + stanza :: Int -> Bool -> Apache.ConfigFile + stanza port withssl = catMaybes + [ Just $ "" + , Just $ " ServerAdmin joey@kitenet.net" + , Just $ "" + , Just $ " ServerName "++hn++":"++show port + , Just $ " ServerAlias www."++hn + , Just $ "" + , ssl $ " SSLEngine on" + , ssl $ " SSLCertificateFile /etc/ssl/certs/web.pem" + , ssl $ " SSLCertificateKeyFile /etc/ssl/private/web.pem" + , ssl $ " SSLCertificateChainFile /etc/ssl/certs/startssl.pem" + , Just $ "" + , Just $ " DocumentRoot /srv/web/"++hn + , Just $ " " + , Just $ " Options FollowSymLinks" + , Just $ " AllowOverride None" + , Just $ " " + , Just $ " " + , Just $ " Options Indexes FollowSymLinks ExecCGI" + , Just $ " AllowOverride None" + , Just $ " Order allow,deny" + , Just $ " allow from all" + , Just $ " " + , Just $ "" + , Just $ " ErrorLog /var/log/apache2/error.log" + , Just $ " LogLevel warn" + , Just $ " CustomLog /var/log/apache2/access.log combined" + , Just $ " ServerSignature On" + , Just $ " " + , Just $ " " + , Just $ " Options Indexes MultiViews" + , Just $ " AllowOverride None" + , Just $ " Order allow,deny" + , Just $ " Allow from all" + , Just $ " " + , Just $ "" + ] + where + ssl l + | withssl = Just l + | otherwise = Nothing + gitapacheconf :: HostName -> Apache.ConfigFile gitapacheconf hn = [ "" @@ -103,18 +182,3 @@ gitapacheconf hn = , " " , "" ] - -kgbServer :: Property -kgbServer = withOS desc $ \o -> case o of - (Just (System (Debian Unstable) _)) -> - ensureProperty $ propertyList desc - [ Apt.serviceInstalledRunning "kgb-bot" - , File.hasPrivContent "/etc/kgb-bot/kgb.conf" - `onChange` Service.restarted "kgb-bot" - , "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1" - `describe` "kgb bot enabled" - `onChange` Service.running "kgb-bot" - ] - _ -> error "kgb server needs Debian unstable (for kgb-bot 1.31+)" - where - desc = "kgb.kitenet.net setup" -- cgit v1.2.3