From 23399416f1ba89894f65f61b436c2b0f8378e6c5 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 14 Dec 2014 16:14:05 -0400 Subject: broke up big function to describe PrivDataField --- src/Propellor/Property/Docker.hs | 4 +++- src/Propellor/Property/File.hs | 2 +- src/Propellor/Property/Gpg.hs | 3 ++- src/Propellor/Property/Ssh.hs | 6 ++++-- src/Propellor/Property/User.hs | 7 ++++++- 5 files changed, 16 insertions(+), 6 deletions(-) (limited to 'src/Propellor/Property') diff --git a/src/Propellor/Property/Docker.hs b/src/Propellor/Property/Docker.hs index 2c8af413..b48afbbb 100644 --- a/src/Propellor/Property/Docker.hs +++ b/src/Propellor/Property/Docker.hs @@ -63,9 +63,11 @@ installed = Apt.installed ["docker.io"] configured :: Property configured = prop `requires` installed where - prop = withPrivData DockerAuthentication anyContext $ \getcfg -> + prop = withPrivData src anyContext $ \getcfg -> property "docker configured" $ getcfg $ \cfg -> ensureProperty $ "/root/.dockercfg" `File.hasContent` (lines cfg) + src = PrivDataSourceFileFromCommand DockerAuthentication + "/root/.dockercfg" "docker login" -- | A short descriptive name for a container. -- Should not contain whitespace or other unusual characters, diff --git a/src/Propellor/Property/File.hs b/src/Propellor/Property/File.hs index a1a86763..76de68c0 100644 --- a/src/Propellor/Property/File.hs +++ b/src/Propellor/Property/File.hs @@ -29,7 +29,7 @@ hasPrivContentExposed = hasPrivContent' writeFile hasPrivContent' :: IsContext c => (String -> FilePath -> IO ()) -> FilePath -> c -> Property hasPrivContent' writer f context = - withPrivData (PrivFile f) context $ \getcontent -> + withPrivData (PrivDataSourceFile (PrivFile f) f) context $ \getcontent -> property desc $ getcontent $ \privcontent -> ensureProperty $ fileProperty' writer desc (\_oldcontent -> lines privcontent) f diff --git a/src/Propellor/Property/Gpg.hs b/src/Propellor/Property/Gpg.hs index 5819ea7b..4a3e1872 100644 --- a/src/Propellor/Property/Gpg.hs +++ b/src/Propellor/Property/Gpg.hs @@ -28,13 +28,14 @@ keyImported (GpgKeyId keyid) user = flagFile' prop genflag genflag = do d <- dotDir user return $ d ".propellor-imported-keyid-" ++ keyid - prop = withPrivData GpgKey (Context keyid) $ \getkey -> + prop = withPrivData src (Context keyid) $ \getkey -> property desc $ getkey $ \key -> makeChange $ withHandle StdinHandle createProcessSuccess (proc "su" ["-c", "gpg --import", user]) $ \h -> do fileEncoding h hPutStr h key hClose h + src = PrivDataSource GpgKey "Either a gpg public key, exported with gpg --export -a, or a gpg private key, exported with gpg --export-secret-key -a" dotDir :: UserName -> IO FilePath dotDir user = do diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index fcae6498..695b67cb 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -90,8 +90,8 @@ hostKeys ctx = propertyList "known ssh host keys" -- | Sets a single ssh host key from the privdata. hostKey :: IsContext c => SshKeyType -> c -> Property hostKey keytype context = combineProperties desc - [ installkey (SshPubKey keytype "") (install writeFile ".pub") - , installkey (SshPrivKey keytype "") (install writeFileProtected "") + [ installkey (keysrc ".pub" (SshPubKey keytype "")) (install writeFile ".pub") + , installkey (keysrc "" (SshPrivKey keytype "")) (install writeFileProtected "") ] `onChange` restarted where @@ -104,6 +104,8 @@ hostKey keytype context = combineProperties desc if s == key then noChange else makeChange $ writer f key + keysrc ext field = PrivDataSourceFileFromCommand field ("sshkey"++ext) + ("ssh-keygen -t " ++ sshKeyTypeParam keytype ++ " -f sshkey") -- | Sets up a user with a ssh private key and public key pair from the -- PrivData. diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs index 549aa07f..f79ede63 100644 --- a/src/Propellor/Property/User.hs +++ b/src/Propellor/Property/User.hs @@ -46,8 +46,13 @@ hasPassword user = hasPassword' user hostContext hasPassword' :: IsContext c => UserName -> c -> Property hasPassword' user context = go `requires` shadowConfig True where - go = withSomePrivData [CryptPassword user, Password user] context $ + go = withSomePrivData srcs context $ property (user ++ " has password") . setPassword + srcs = + [ PrivDataSource (CryptPassword user) + "a crypt(3)ed password, which can be generated by, for example: perl -e 'print crypt(shift, q{$6$}.shift)' 'somepassword' 'somesalt'" + , PrivDataSource (Password user) ("a password for " ++ user) + ] setPassword :: (((PrivDataField, PrivData) -> Propellor Result) -> Propellor Result) -> Propellor Result setPassword getpassword = getpassword $ go -- cgit v1.2.3