From f35ef9d6975710f2d77c2ea708c66500861d92d1 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 22 Apr 2015 13:04:39 -0400 Subject: API change: Added User and Group newtypes, and Properties that used to use the type UserName = String were changed to use them. Note that UserName is kept and PrivData still uses it in its sum type. This is to avoid breaking PrivData serialization. --- .../Property/SiteSpecific/GitAnnexBuilder.hs | 26 +++---- src/Propellor/Property/SiteSpecific/GitHome.hs | 8 +-- src/Propellor/Property/SiteSpecific/IABak.hs | 26 +++---- src/Propellor/Property/SiteSpecific/JoeySites.hs | 80 +++++++++++----------- 4 files changed, 70 insertions(+), 70 deletions(-) (limited to 'src/Propellor/Property/SiteSpecific') diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs index 102e6a1d..384b2724 100644 --- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs +++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs @@ -28,7 +28,7 @@ type TimeOut = String -- eg, 5h autobuilder :: Architecture -> Times -> TimeOut -> Property HasInfo autobuilder arch crontimes timeout = combineProperties "gitannexbuilder" $ props & Apt.serviceInstalledRunning "cron" - & Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir + & Cron.niceJob "gitannexbuilder" crontimes (User builduser) gitbuilderdir ("git pull ; timeout " ++ timeout ++ " ./autobuild") & rsyncpassword where @@ -51,18 +51,18 @@ tree buildarch = combineProperties "gitannexbuilder tree" $ props -- gitbuilderdir directory already exists when docker volume is used, -- but with wrong owner. & File.dirExists gitbuilderdir - & File.ownerGroup gitbuilderdir builduser builduser + & File.ownerGroup gitbuilderdir (User builduser) (Group builduser) & gitannexbuildercloned & builddircloned where gitannexbuildercloned = check (not <$> (doesDirectoryExist (gitbuilderdir ".git"))) $ - userScriptProperty builduser + userScriptProperty (User builduser) [ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir , "cd " ++ gitbuilderdir , "git checkout " ++ buildarch ] `describe` "gitbuilder setup" - builddircloned = check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser + builddircloned = check (not <$> doesDirectoryExist builddir) $ userScriptProperty (User builduser) [ "git clone git://git-annex.branchable.com/ " ++ builddir ] @@ -89,7 +89,7 @@ buildDepsNoHaskellLibs = Apt.installed cabalDeps :: Property NoInfo cabalDeps = flagFile go cabalupdated where - go = userScriptProperty builduser ["cabal update && cabal install git-annex --only-dependencies || true"] + go = userScriptProperty (User builduser) ["cabal update && cabal install git-annex --only-dependencies || true"] cabalupdated = homedir ".cabal" "packages" "hackage.haskell.org" "00-index.cache" standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Docker.Container @@ -99,7 +99,7 @@ standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.conta & Apt.stdSourcesList & Apt.installed ["systemd"] & Apt.unattendedUpgrades - & User.accountFor builduser + & User.accountFor (User builduser) & tree arch & buildDepsApt & autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout @@ -125,9 +125,9 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe & Apt.stdSourcesList & Apt.installed ["systemd"] & Docker.tweaked - & User.accountFor builduser + & User.accountFor (User builduser) & File.dirExists gitbuilderdir - & File.ownerGroup homedir builduser builduser + & File.ownerGroup homedir (User builduser) (Group builduser) & buildDepsApt & flagFile chrootsetup ("/chrootsetup") `requires` setupgitannexdir @@ -139,7 +139,7 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe chrootsetup = scriptProperty [ "cd " ++ gitannexdir ++ " && ./standalone/android/buildchroot-inchroot" ] - haskellpkgsinstalled = userScriptProperty "builder" + haskellpkgsinstalled = userScriptProperty (User builduser) [ "cd " ++ gitannexdir ++ " && ./standalone/android/install-haskell-packages" ] osver = System (Debian Testing) "i386" -- once jessie is released, use: (Stable "jessie") @@ -155,7 +155,7 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder- & Apt.installed ["systemd"] -- This volume is shared with the armel builder. & Docker.volume gitbuilderdir - & User.accountFor builduser + & User.accountFor (User builduser) -- Install current versions of build deps from cabal. & tree "armel" & buildDepsNoHaskellLibs @@ -163,7 +163,7 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder- -- The armel builder can ssh to this companion. & Docker.expose "22" & Apt.serviceInstalledRunning "ssh" - & Ssh.authorizedKeys builduser (Context "armel-git-annex-builder") + & Ssh.authorizedKeys (User builduser) (Context "armel-git-annex-builder") & Docker.tweaked armelAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container @@ -175,7 +175,7 @@ armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "arme & Apt.installed ["openssh-client"] & Docker.link "armel-git-annex-builder-companion" "companion" & Docker.volumes_from "armel-git-annex-builder-companion" - & User.accountFor builduser + & User.accountFor (User builduser) -- TODO: automate installing haskell libs -- (Currently have to run -- git-annex/standalone/linux/install-haskell-packages @@ -183,7 +183,7 @@ armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "arme & buildDepsNoHaskellLibs & autobuilder "armel" crontimes timeout `requires` tree "armel" - & Ssh.keyImported SshRsa builduser (Context "armel-git-annex-builder") + & Ssh.keyImported SshRsa (User builduser) (Context "armel-git-annex-builder") & trivial writecompanionaddress & Docker.tweaked where diff --git a/src/Propellor/Property/SiteSpecific/GitHome.hs b/src/Propellor/Property/SiteSpecific/GitHome.hs index 59e62d80..d6dce7c0 100644 --- a/src/Propellor/Property/SiteSpecific/GitHome.hs +++ b/src/Propellor/Property/SiteSpecific/GitHome.hs @@ -6,9 +6,9 @@ import Propellor.Property.User import Utility.SafeCommand -- | Clones Joey Hess's git home directory, and runs its fixups script. -installedFor :: UserName -> Property NoInfo -installedFor user = check (not <$> hasGitDir user) $ - property ("githome " ++ user) (go =<< liftIO (homedir user)) +installedFor :: User -> Property NoInfo +installedFor user@(User u) = check (not <$> hasGitDir user) $ + property ("githome " ++ u) (go =<< liftIO (homedir user)) `requires` Apt.installed ["git"] where go home = do @@ -28,7 +28,7 @@ installedFor user = check (not <$> hasGitDir user) $ url :: String url = "git://git.kitenet.net/joey/home" -hasGitDir :: UserName -> IO Bool +hasGitDir :: User -> IO Bool hasGitDir user = go =<< homedir user where go home = doesDirectoryExist (home ".git") diff --git a/src/Propellor/Property/SiteSpecific/IABak.hs b/src/Propellor/Property/SiteSpecific/IABak.hs index d89e85fb..f50482ff 100644 --- a/src/Propellor/Property/SiteSpecific/IABak.hs +++ b/src/Propellor/Property/SiteSpecific/IABak.hs @@ -17,26 +17,26 @@ userrepo = "git@gitlab.com:archiveteam/IA.bak.users.git" gitServer :: [Host] -> Property HasInfo gitServer knownhosts = propertyList "iabak git server" $ props - & Git.cloned "root" repo "/usr/local/IA.BAK" (Just "server") - & Git.cloned "root" repo "/usr/local/IA.BAK/client" (Just "master") - & Ssh.keyImported SshRsa "root" (Context "IA.bak.users.git") - & Ssh.knownHost knownhosts "gitlab.com" "root" - & Git.cloned "root" userrepo "/usr/local/IA.BAK/pubkeys" (Just "master") + & Git.cloned (User "root") repo "/usr/local/IA.BAK" (Just "server") + & Git.cloned (User "root") repo "/usr/local/IA.BAK/client" (Just "master") + & Ssh.keyImported SshRsa (User "root") (Context "IA.bak.users.git") + & Ssh.knownHost knownhosts "gitlab.com" (User "root") + & Git.cloned (User "root") userrepo "/usr/local/IA.BAK/pubkeys" (Just "master") & Apt.serviceInstalledRunning "apache2" & cmdProperty "ln" ["-sf", "/usr/local/IA.BAK/pushme.cgi", "/usr/lib/cgi-bin/pushme.cgi"] & File.containsLine "/etc/sudoers" "www-data ALL=NOPASSWD:/usr/local/IA.BAK/pushed.sh" - & Cron.niceJob "shardstats" (Cron.Times "*/30 * * * *") "root" "/" + & Cron.niceJob "shardstats" (Cron.Times "*/30 * * * *") (User "root") "/" "/usr/local/IA.BAK/shardstats-all" - & Cron.niceJob "shardmaint" Cron.Daily "root" "/" + & Cron.niceJob "shardmaint" Cron.Daily (User "root") "/" "/usr/local/IA.BAK/shardmaint" registrationServer :: [Host] -> Property HasInfo registrationServer knownhosts = propertyList "iabak registration server" $ props - & User.accountFor "registrar" - & Ssh.keyImported SshRsa "registrar" (Context "IA.bak.users.git") - & Ssh.knownHost knownhosts "gitlab.com" "registrar" - & Git.cloned "registrar" repo "/home/registrar/IA.BAK" (Just "server") - & Git.cloned "registrar" userrepo "/home/registrar/users" (Just "master") + & User.accountFor (User "registrar") + & Ssh.keyImported SshRsa (User "registrar") (Context "IA.bak.users.git") + & Ssh.knownHost knownhosts "gitlab.com" (User "registrar") + & Git.cloned (User "registrar") repo "/home/registrar/IA.BAK" (Just "server") + & Git.cloned (User "registrar") userrepo "/home/registrar/users" (Just "master") & Apt.serviceInstalledRunning "apache2" & Apt.installed ["perl", "perl-modules"] & cmdProperty "ln" ["-sf", "/home/registrar/IA.BAK/registrar/register.cgi", link] @@ -67,7 +67,7 @@ graphiteServer = propertyList "iabak graphite server" $ props & cmdProperty "graphite-manage" ["createsuperuser", "--noinput", "--username=db48x", "--email=db48x@localhost"] `flagFile` "/etc/flagFiles/graphite-user-db48x" `flagFile` "/etc/graphite-superuser-db48x" -- TODO: deal with passwords somehow - & File.ownerGroup "/var/lib/graphite/graphite.db" "_graphite" "_graphite" + & File.ownerGroup "/var/lib/graphite/graphite.db" (User "_graphite") (Group "_graphite") & "/etc/apache2/ports.conf" `File.containsLine` "Listen 8080" `onChange` Apache.restarted & Apache.siteEnabled "iabak-graphite-web" diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs index 1a3099f4..e317c3d1 100644 --- a/src/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs @@ -24,15 +24,15 @@ import Data.String.Utils scrollBox :: Property HasInfo scrollBox = propertyList "scroll server" $ props - & User.accountFor "scroll" - & Git.cloned "scroll" "git://git.kitenet.net/scroll" (d "scroll") Nothing + & User.accountFor (User "scroll") + & Git.cloned (User "scroll") "git://git.kitenet.net/scroll" (d "scroll") Nothing & Apt.installed ["ghc", "make", "cabal-install", "libghc-vector-dev", "libghc-bytestring-dev", "libghc-mtl-dev", "libghc-ncurses-dev", "libghc-random-dev", "libghc-monad-loops-dev", "libghc-text-dev", "libghc-ifelse-dev", "libghc-case-insensitive-dev", "libghc-transformers-dev", "libghc-data-default-dev", "libghc-optparse-applicative-dev"] - & userScriptProperty "scroll" + & userScriptProperty (User "scroll") [ "cd " ++ d "scroll" , "git pull" , "cabal configure" @@ -76,7 +76,7 @@ scrollBox = propertyList "scroll server" $ props & Ssh.sshdConfig `File.containsLine` ("DenyUsers scroll") `onChange` Ssh.restarted & cmdProperty "chsh" ["scroll", "-s", s] - & User.hasPassword "scroll" + & User.hasPassword (User "scroll") & Apt.serviceInstalledRunning "telnetd" & Apt.installed ["shellinabox"] & File.hasContent "/etc/default/shellinabox" @@ -115,8 +115,8 @@ oldUseNetServer hosts = propertyList "olduse.net server" $ props & Apt.serviceInstalledRunning "openbsd-inetd" & File.notPresent "/etc/cron.daily/leafnode" & File.notPresent "/etc/cron.d/leafnode" - & Cron.niceJob "oldusenet-expire" (Cron.Times "11 1 * * *") "news" newsspool expirecommand - & Cron.niceJob "oldusenet-uucp" (Cron.Times "*/5 * * * *") "news" "/" uucpcommand + & Cron.niceJob "oldusenet-expire" (Cron.Times "11 1 * * *") (User "news") newsspool expirecommand + & Cron.niceJob "oldusenet-uucp" (Cron.Times "*/5 * * * *") (User "news") "/" uucpcommand & Apache.siteEnabled "nntp.olduse.net" nntpcfg where newsspool = "/var/spool/news" @@ -140,8 +140,8 @@ oldUseNetServer hosts = propertyList "olduse.net server" $ props , "--client-name=spool" , "--ssh-key=" ++ keyfile ] Obnam.OnlyClient - `requires` Ssh.keyImported' (Just keyfile) SshRsa "root" (Context "olduse.net") - `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root" + `requires` Ssh.keyImported' (Just keyfile) SshRsa (User "root") (Context "olduse.net") + `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root") keyfile = "/root/.ssh/olduse.net.key" oldUseNetShellBox :: Property HasInfo @@ -189,8 +189,8 @@ mumbleServer hosts = combineProperties hn $ props [ "--repository=sftp://2318@usw-s002.rsync.net/~/" ++ hn ++ ".obnam" , "--client-name=mumble" ] Obnam.OnlyClient - `requires` Ssh.keyImported SshRsa "root" (Context hn) - `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root" + `requires` Ssh.keyImported SshRsa (User "root") (Context hn) + `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root") & trivial (cmdProperty "chown" ["-R", "mumble-server:mumble-server", "/var/lib/mumble-server"]) where hn = "mumble.debian.net" @@ -204,10 +204,10 @@ gitServer hosts = propertyList "git.kitenet.net setup" $ props , "--ssh-key=" ++ sshkey , "--client-name=wren" -- historical ] Obnam.OnlyClient (Gpg.GpgKeyId "1B169BE1") - `requires` Ssh.keyImported' (Just sshkey) SshRsa "root" (Context "git.kitenet.net") - `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root" - `requires` Ssh.authorizedKeys "family" (Context "git.kitenet.net") - `requires` User.accountFor "family" + `requires` Ssh.keyImported' (Just sshkey) SshRsa (User "root") (Context "git.kitenet.net") + `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root") + `requires` Ssh.authorizedKeys (User "family") (Context "git.kitenet.net") + `requires` User.accountFor (User "family") & Apt.installed ["git", "rsync", "gitweb"] & Apt.installed ["git-annex"] & Apt.installed ["kgb-client"] @@ -222,9 +222,9 @@ gitServer hosts = propertyList "git.kitenet.net setup" $ props ] `describe` "gitweb configured" -- Repos push on to github. - & Ssh.knownHost hosts "github.com" "joey" + & Ssh.knownHost hosts "github.com" (User "joey") -- I keep the website used for gitweb checked into git.. - & Git.cloned "root" "/srv/git/joey/git.kitenet.net.git" "/srv/web/git.kitenet.net" Nothing + & Git.cloned (User "root") "/srv/git/joey/git.kitenet.net.git" "/srv/web/git.kitenet.net" Nothing & website "git.kitenet.net" & website "git.joeyh.name" & Apache.modEnabled "cgi" @@ -252,7 +252,7 @@ type AnnexUUID = String -- | A website, with files coming from a git-annex repository. annexWebSite :: Git.RepoUrl -> HostName -> AnnexUUID -> [(String, Git.RepoUrl)] -> Property HasInfo annexWebSite origin hn uuid remotes = propertyList (hn ++" website using git-annex") $ props - & Git.cloned "joey" origin dir Nothing + & Git.cloned (User "joey") origin dir Nothing `onChange` setup & alias hn & postupdatehook `File.hasContent` @@ -264,7 +264,7 @@ annexWebSite origin hn uuid remotes = propertyList (hn ++" website using git-ann where dir = "/srv/web/" ++ hn postupdatehook = dir ".git/hooks/post-update" - setup = userScriptProperty "joey" setupscript + setup = userScriptProperty (User "joey") setupscript setupscript = [ "cd " ++ shellEscape dir , "git annex reinit " ++ shellEscape uuid @@ -344,11 +344,11 @@ gitAnnexDistributor = combineProperties "git-annex distributor, including rsync & endpoint "/srv/web/downloads.kitenet.net/git-annex/autobuild/x86_64-apple-yosemite" & endpoint "/srv/web/downloads.kitenet.net/git-annex/autobuild/windows" -- git-annex distribution signing key - & Gpg.keyImported (Gpg.GpgKeyId "89C809CB") "joey" + & Gpg.keyImported (Gpg.GpgKeyId "89C809CB") (User "joey") where endpoint d = combineProperties ("endpoint " ++ d) [ File.dirExists d - , File.ownerGroup d "joey" "joey" + , File.ownerGroup d (User "joey") (Group "joey") ] downloads :: [Host] -> Property HasInfo @@ -356,7 +356,7 @@ downloads hosts = annexWebSite "/srv/git/downloads.git" "downloads.kitenet.net" "840760dc-08f0-11e2-8c61-576b7e66acfd" [("eubackup", "ssh://eubackup.kitenet.net/~/lib/downloads/")] - `requires` Ssh.knownHost hosts "eubackup.kitenet.net" "joey" + `requires` Ssh.knownHost hosts "eubackup.kitenet.net" (User "joey") tmp :: Property HasInfo tmp = propertyList "tmp.kitenet.net" $ props @@ -370,16 +370,16 @@ tmp = propertyList "tmp.kitenet.net" $ props -- Twitter, you kill us. twitRss :: Property HasInfo twitRss = combineProperties "twitter rss" $ props - & Git.cloned "joey" "git://git.kitenet.net/twitrss.git" dir Nothing + & Git.cloned (User "joey") "git://git.kitenet.net/twitrss.git" dir Nothing & check (not <$> doesFileExist (dir "twitRss")) compiled & feed "http://twitter.com/search/realtime?q=git-annex" "git-annex-twitter" & feed "http://twitter.com/search/realtime?q=olduse+OR+git-annex+OR+debhelper+OR+etckeeper+OR+ikiwiki+-ashley_ikiwiki" "twittergrep" where dir = "/srv/web/tmp.kitenet.net/twitrss" crontime = Cron.Times "15 * * * *" - feed url desc = Cron.job desc crontime "joey" dir $ + feed url desc = Cron.job desc crontime (User "joey") dir $ "./twitRss " ++ shellEscape url ++ " > " ++ shellEscape ("../" ++ desc ++ ".rss") - compiled = userScriptProperty "joey" + compiled = userScriptProperty (User "joey") [ "cd " ++ dir , "ghc --make twitRss" ] @@ -391,19 +391,19 @@ twitRss = combineProperties "twitter rss" $ props -- Work around for expired ssl cert. pumpRss :: Property NoInfo -pumpRss = Cron.job "pump rss" (Cron.Times "15 * * * *") "joey" "/srv/web/tmp.kitenet.net/" +pumpRss = Cron.job "pump rss" (Cron.Times "15 * * * *") (User "joey") "/srv/web/tmp.kitenet.net/" "wget https://pump2rss.com/feed/joeyh@identi.ca.atom -O pump.atom.new --no-check-certificate 2>/dev/null; sed 's/ & / /g' pump.atom.new > pump.atom" ircBouncer :: Property HasInfo ircBouncer = propertyList "IRC bouncer" $ props & Apt.installed ["znc"] - & User.accountFor "znc" + & User.accountFor (User "znc") & File.dirExists (takeDirectory conf) & File.hasPrivContent conf anyContext - & File.ownerGroup conf "znc" "znc" - & Cron.job "znconboot" (Cron.Times "@reboot") "znc" "~" "znc" + & File.ownerGroup conf (User "znc") (Group "znc") + & Cron.job "znconboot" (Cron.Times "@reboot") (User "znc") "~" "znc" -- ensure running if it was not already - & trivial (userScriptProperty "znc" ["znc || true"]) + & trivial (userScriptProperty (User "znc") ["znc || true"]) `describe` "znc running" where conf = "/home/znc/.znc/configs/znc.conf" @@ -425,9 +425,9 @@ githubBackup :: Property HasInfo githubBackup = propertyList "github-backup box" $ props & Apt.installed ["github-backup", "moreutils"] & githubKeys - & Cron.niceJob "github-backup run" (Cron.Times "30 4 * * *") "joey" + & Cron.niceJob "github-backup run" (Cron.Times "30 4 * * *") (User "joey") "/home/joey/lib/backup" backupcmd - & Cron.niceJob "gitriddance" (Cron.Times "30 4 * * *") "joey" + & Cron.niceJob "gitriddance" (Cron.Times "30 4 * * *") (User "joey") "/home/joey/lib/backup" gitriddancecmd where backupcmd = intercalate "&&" $ @@ -446,7 +446,7 @@ githubKeys :: Property HasInfo githubKeys = let f = "/home/joey/.github-keys" in File.hasPrivContent f anyContext - `onChange` File.ownerGroup f "joey" "joey" + `onChange` File.ownerGroup f (User "joey") (Group "joey") -- these repos are only mirrored on github, I don't want @@ -464,13 +464,13 @@ githubMirrors = rsyncNetBackup :: [Host] -> Property NoInfo rsyncNetBackup hosts = Cron.niceJob "rsync.net copied in daily" (Cron.Times "30 5 * * *") - "joey" "/home/joey/lib/backup" "mkdir -p rsync.net && rsync --delete -az 2318@usw-s002.rsync.net: rsync.net" - `requires` Ssh.knownHost hosts "usw-s002.rsync.net" "joey" + (User "joey") "/home/joey/lib/backup" "mkdir -p rsync.net && rsync --delete -az 2318@usw-s002.rsync.net: rsync.net" + `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "joey") backupsBackedupFrom :: [Host] -> HostName -> FilePath -> Property NoInfo backupsBackedupFrom hosts srchost destdir = Cron.niceJob desc - (Cron.Times "@reboot") "joey" "/" cmd - `requires` Ssh.knownHost hosts srchost "joey" + (Cron.Times "@reboot") (User "joey") "/" cmd + `requires` Ssh.knownHost hosts srchost (User "joey") where desc = "backups copied from " ++ srchost ++ " on boot" cmd = "rsync -az --bwlimit=300K --partial --delete " ++ srchost ++ ":lib/backup/ " ++ destdir srchost @@ -483,11 +483,11 @@ obnamRepos rs = propertyList ("obnam repos for " ++ unwords rs) `requires` mkdir "/home/joey/lib" mkrepo r = mkdir ("/home/joey/lib/backup/" ++ r ++ ".obnam") mkdir d = File.dirExists d - `before` File.ownerGroup d "joey" "joey" + `before` File.ownerGroup d (User "joey") (Group "joey") podcatcher :: Property NoInfo podcatcher = Cron.niceJob "podcatcher run hourly" (Cron.Times "55 * * * *") - "joey" "/home/joey/lib/sound/podcasts" + (User "joey") "/home/joey/lib/sound/podcasts" "xargs git-annex importfeed -c annex.genmetadata=true < feeds; mr --quiet update" `requires` Apt.installed ["git-annex", "myrepos"] @@ -645,7 +645,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props & File.hasPrivContent dovecotusers ctx `onChange` (dovecotusers `File.mode` combineModes [ownerReadMode, groupReadMode]) - & File.ownerGroup dovecotusers "root" "dovecot" + & File.ownerGroup dovecotusers (User "root") (Group "dovecot") & Apt.installed ["mutt", "bsd-mailx", "alpine"] @@ -713,7 +713,7 @@ dkimInstalled = go `onChange` Service.restarted "opendkim" & Apt.serviceInstalledRunning "opendkim" & File.dirExists "/etc/mail" & File.hasPrivContent "/etc/mail/dkim.key" (Context "kitenet.net") - & File.ownerGroup "/etc/mail/dkim.key" "opendkim" "opendkim" + & File.ownerGroup "/etc/mail/dkim.key" (User "opendkim") (Group "opendkim") & "/etc/default/opendkim" `File.containsLine` "SOCKET=\"inet:8891@localhost\"" & "/etc/opendkim.conf" `File.containsLines` -- cgit v1.2.3