From a781e43b227afcf094387057ade072d442b4ff6a Mon Sep 17 00:00:00 2001 From: Antoine Eiche Date: Sat, 16 May 2015 00:00:00 +0200 Subject: Add HasImage type class which provides getImageName method to extract an image name. Image related functions now require a HasImage instance. --- src/Propellor/Property/Docker.hs | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Docker.hs b/src/Propellor/Property/Docker.hs index 745b5622..8e60c2a0 100644 --- a/src/Propellor/Property/Docker.hs +++ b/src/Propellor/Property/Docker.hs @@ -18,7 +18,8 @@ module Propellor.Property.Docker ( tweaked, Image, ContainerName, - Container(..), + Container, + HasImage(..), -- * Container configuration dns, hostname, @@ -79,10 +80,13 @@ configured = prop `requires` installed type ContainerName = String -- | A docker container. -data Container = Container - { containerImage :: Image - , containerHost :: Host - } +data Container = Container Image Host + +class HasImage a where + getImageName :: a -> Image + +instance HasImage Container where + getImageName (Container i _) = i instance PropAccum Container where (Container i h) & p = Container i (h & p) @@ -142,19 +146,21 @@ docked ctr@(Container _ h) = ] -- | Build the image from a directory containing a Dockerfile. -imageBuilt :: FilePath -> Image -> Property NoInfo -imageBuilt directory image = describe built msg +imageBuilt :: HasImage c => FilePath -> c -> Property NoInfo +imageBuilt directory ctr = describe built msg where msg = "docker image " ++ image ++ " built from " ++ directory built = Cmd.cmdProperty' dockercmd ["build", "--tag", image, "./"] workDir workDir p = p { cwd = Just directory } + image = getImageName ctr -- | Pull the image from the standard Docker Hub registry. -imagePulled :: Image -> Property NoInfo -imagePulled image = describe pulled msg +imagePulled :: HasImage c => c -> Property NoInfo +imagePulled ctr = describe pulled msg where msg = "docker image " ++ image ++ " pulled" pulled = Cmd.cmdProperty dockercmd ["pull", image] + image = getImageName ctr propigateContainerInfo :: (IsProp (Property i)) => Container -> Property i -> Property HasInfo propigateContainerInfo ctr@(Container _ h) p = propigateContainer ctr p' -- cgit v1.2.3 From ed9203928be26bb6289f4465ec7638a75089dcea Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 16 May 2015 13:28:19 -0400 Subject: add trivial HasImage instance for Image --- src/Propellor/Property/Docker.hs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Docker.hs b/src/Propellor/Property/Docker.hs index 8e60c2a0..fdc312ce 100644 --- a/src/Propellor/Property/Docker.hs +++ b/src/Propellor/Property/Docker.hs @@ -1,4 +1,4 @@ -{-# LANGUAGE FlexibleContexts #-} +{-# LANGUAGE FlexibleContexts, TypeSynonymInstances, FlexibleInstances #-} -- | Docker support for propellor -- @@ -85,6 +85,9 @@ data Container = Container Image Host class HasImage a where getImageName :: a -> Image +instance HasImage Image where + getImageName = id + instance HasImage Container where getImageName (Container i _) = i -- cgit v1.2.3 From dd7cfffcacccca98c4360a6a4c6b0e6e65a111bf Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 16 May 2015 13:30:58 -0400 Subject: comment typo --- src/Propellor/Property/HostingProvider/Linode.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/HostingProvider/Linode.hs b/src/Propellor/Property/HostingProvider/Linode.hs index 4dd66129..40be4c2e 100644 --- a/src/Propellor/Property/HostingProvider/Linode.hs +++ b/src/Propellor/Property/HostingProvider/Linode.hs @@ -6,7 +6,7 @@ import qualified Propellor.Property.File as File import Utility.FileMode -- | Linode's pv-grub-x86_64 does not currently support booting recent --- Debian kernels compressed with xz. This sets up pv-grub chaing to enable +-- Debian kernels compressed with xz. This sets up pv-grub chaining to enable -- it. chainPVGrub :: Grub.TimeoutSecs -> Property NoInfo chainPVGrub = Grub.chainPVGrub "hd0" "xen/xvda" -- cgit v1.2.3 From 4f925f982a2740f4751fce4f138bde485077e22e Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 18 May 2015 00:20:05 -0400 Subject: refactor --- config-joey.hs | 56 +------------------ propellor.cabal | 2 + src/Propellor/Property/SiteSpecific/Branchable.hs | 66 +++++++++++++++++++++++ 3 files changed, 70 insertions(+), 54 deletions(-) create mode 100644 src/Propellor/Property/SiteSpecific/Branchable.hs (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index 4f74873e..cf07dd9f 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -31,6 +31,7 @@ import qualified Propellor.Property.HostingProvider.Linode as Linode import qualified Propellor.Property.SiteSpecific.GitHome as GitHome import qualified Propellor.Property.SiteSpecific.GitAnnexBuilder as GitAnnexBuilder import qualified Propellor.Property.SiteSpecific.IABak as IABak +import qualified Propellor.Property.SiteSpecific.Branchable as Branchable import qualified Propellor.Property.SiteSpecific.JoeySites as JoeySites @@ -334,60 +335,7 @@ pell = host "pell.branchable.com" & Apt.installed ["linux-image-amd64"] & Linode.chainPVGrub 5 & Apt.unattendedUpgrades - - & "/etc/timezone" `File.hasContent` ["Etc/UTC"] - & "/etc/locale.gen" `File.containsLines` - [ "en_GB.UTF-8 UTF-8" - , "en_US.UTF-8 UTF-8" - , "fi_FI.UTF-8 UTF-8" - ] - `onChange` cmdProperty "locale-gen" [] - - & Apt.installed ["etckeeper", "ssh", "popularity-contest"] - & Apt.serviceInstalledRunning "apache2" - & Apt.serviceInstalledRunning "ntp" - - & Apt.serviceInstalledRunning "openssh-server" - & Ssh.passwordAuthentication False - & Ssh.hostKeys (Context "branchable.com") - [ (SshDsa, "ssh-dss AAAAB3NzaC1kc3MAAACBAK9HnfpyIm8aEhKuF5oz6KyaLwFs2oWeToVkqVuykyy5Y8jWDZPtkpv+1TeOnjcOvJSZ1cCqB8iXlsP9Dr5z98w5MfzsRQM2wIw0n+wvmpPmUhjVdGh+wTpfP9bcyFHhj/f1Ymdq9hEWB26bnf4pbTbJW2ip8ULshMvn5CQ/ugV3AAAAFQCAjpRd1fquRiIuLJMwej0VcyoZKQAAAIBe91Grvz/icL3nlqXYrifXyr9dsw8bPN+BMu+hQtFsQXNJBylxwf8FtbRlmvZXmRjdVYqFVyxSsrL2pMsWlds51iXOr9pdsPG5a4OgJyRHsveBz3tz6HgYYPcr3Oxp7C6G6wrzwsaGK862SgRp/bbD226k9dODRBy3ogMhk/MvAgAAAIEApfknql3vZbDVa88ZnwbNKDOv8L1hb6blbKAMt2vJbqJMvu3EP9CsP9hGyEQh5YCAl2F9KEU3bJXN1BG76b7CiYtWK95lpL1XmCCWnJBCcdEhw998GfJS424frPw7qGmXLxJKYxEyioB90/IDp2dC+WaLcLOYHM9SroCQTIK5A1g= root@pell") - , (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1M0aNLgcgcgf0tkmt/8vCDZLok8Xixz7Nun9wB6NqVXxfzAR4te+zyO7FucVwyTY5QHmiwwpmyNfaC21AAILhXGm12SUKSAirF9BkQk7bhQuz4T/dPlEt3d3SxQ3OZlXtPp4LzXWOyS0OXSzIb+HeaDA+hFXlQnp/gE7RyAzR1+xhWPO7Mz1q5O/+4dXANnW32t6P7Puob6NsglVDpLrMRYjkO+0RgCVbYMzB5+UnkthkZsIINaYwsNhW2GKMKbRZeyp5en5t1NJprGXdw0BqdBqd/rcBpOxmhHE1U7rw+GS1uZwCFWWv0aZbaXEJ6wY7mETFkqs0QXi5jtoKn95Gw== root@pell") - ] - - & Apt.installed ["procmail", "bsd-mailx"] - & "/etc/aliases" `File.hasPrivContentExposed` (Context "branchable.com") - `onChange` Postfix.newaliases - & "/etc/mailname" `File.hasContent` ["branchable.com"] - & Postfix.installed - & Postfix.mainCf ("mailbox_command", "procmail -a \"$EXTENSION\"") - - -- Obnam is run by a cron job in ikiwiki-hosting. - & "/etc/obnam.conf" `File.hasContent` - [ "[config]" - , "repository = sftp://joey@eubackup.kitenet.net/home/joey/lib/backup/pell.obnam" - , "log = /var/log/obnam.log" - , "encrypt-with = " ++ obnamkey - , "log-level = info" - , "log-max = 1048576" - , "keep = 7d,5w,12m" - , "upload-queue-size = 128" - , "lru-size = 128" - ] - & Gpg.keyImported (Gpg.GpgKeyId obnamkey) (User "root") - & Ssh.keyImported SshRsa (User "root") (Context "branchable.com") - & Ssh.knownHost hosts "eubackup.kitenet.net" (User "root") - & Ssh.knownHost hosts "usw-s002.rsync.net" (User "root") - - & adminuser "joey" - & adminuser "liw" - where - obnamkey = "41E1A9B9" - adminuser u = propertyList ("admin user " ++ u) $ props - & User.accountFor (User u) - & User.hasSomePassword (User u) - & Sudo.enabledFor (User u) - & User.hasGroup (User u) (Group "adm") - & User.hasGroup (User u) (Group "systemd-journal") + & Branchable.server hosts iabak :: Host iabak = host "iabak.archiveteam.org" diff --git a/propellor.cabal b/propellor.cabal index c84dccda..16dffe31 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -110,6 +110,8 @@ Library Propellor.Property.SiteSpecific.GitHome Propellor.Property.SiteSpecific.JoeySites Propellor.Property.SiteSpecific.GitAnnexBuilder + Propellor.Property.SiteSpecific.Branchable + Propellor.Property.SiteSpecific.IABak Propellor.PropAccum Propellor.CmdLine Propellor.Info diff --git a/src/Propellor/Property/SiteSpecific/Branchable.hs b/src/Propellor/Property/SiteSpecific/Branchable.hs new file mode 100644 index 00000000..f5950e52 --- /dev/null +++ b/src/Propellor/Property/SiteSpecific/Branchable.hs @@ -0,0 +1,66 @@ +module Propellor.Property.SiteSpecific.Branchable where + +import Propellor +import qualified Propellor.Property.Apt as Apt +import qualified Propellor.Property.File as File +import qualified Propellor.Property.User as User +import qualified Propellor.Property.Ssh as Ssh +import qualified Propellor.Property.Postfix as Postfix +import qualified Propellor.Property.Gpg as Gpg +import qualified Propellor.Property.Sudo as Sudo + +server :: [Host] -> Property HasInfo +server hosts = propertyList "branchable server" $ props + & "/etc/timezone" `File.hasContent` ["Etc/UTC"] + & "/etc/locale.gen" `File.containsLines` + [ "en_GB.UTF-8 UTF-8" + , "en_US.UTF-8 UTF-8" + , "fi_FI.UTF-8 UTF-8" + ] + `onChange` cmdProperty "locale-gen" [] + + & Apt.installed ["etckeeper", "ssh", "popularity-contest"] + & Apt.serviceInstalledRunning "apache2" + & Apt.serviceInstalledRunning "ntp" + + & Apt.serviceInstalledRunning "openssh-server" + & Ssh.passwordAuthentication False + & Ssh.hostKeys (Context "branchable.com") + [ (SshDsa, "ssh-dss AAAAB3NzaC1kc3MAAACBAK9HnfpyIm8aEhKuF5oz6KyaLwFs2oWeToVkqVuykyy5Y8jWDZPtkpv+1TeOnjcOvJSZ1cCqB8iXlsP9Dr5z98w5MfzsRQM2wIw0n+wvmpPmUhjVdGh+wTpfP9bcyFHhj/f1Ymdq9hEWB26bnf4pbTbJW2ip8ULshMvn5CQ/ugV3AAAAFQCAjpRd1fquRiIuLJMwej0VcyoZKQAAAIBe91Grvz/icL3nlqXYrifXyr9dsw8bPN+BMu+hQtFsQXNJBylxwf8FtbRlmvZXmRjdVYqFVyxSsrL2pMsWlds51iXOr9pdsPG5a4OgJyRHsveBz3tz6HgYYPcr3Oxp7C6G6wrzwsaGK862SgRp/bbD226k9dODRBy3ogMhk/MvAgAAAIEApfknql3vZbDVa88ZnwbNKDOv8L1hb6blbKAMt2vJbqJMvu3EP9CsP9hGyEQh5YCAl2F9KEU3bJXN1BG76b7CiYtWK95lpL1XmCCWnJBCcdEhw998GfJS424frPw7qGmXLxJKYxEyioB90/IDp2dC+WaLcLOYHM9SroCQTIK5A1g= root@pell") + , (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1M0aNLgcgcgf0tkmt/8vCDZLok8Xixz7Nun9wB6NqVXxfzAR4te+zyO7FucVwyTY5QHmiwwpmyNfaC21AAILhXGm12SUKSAirF9BkQk7bhQuz4T/dPlEt3d3SxQ3OZlXtPp4LzXWOyS0OXSzIb+HeaDA+hFXlQnp/gE7RyAzR1+xhWPO7Mz1q5O/+4dXANnW32t6P7Puob6NsglVDpLrMRYjkO+0RgCVbYMzB5+UnkthkZsIINaYwsNhW2GKMKbRZeyp5en5t1NJprGXdw0BqdBqd/rcBpOxmhHE1U7rw+GS1uZwCFWWv0aZbaXEJ6wY7mETFkqs0QXi5jtoKn95Gw== root@pell") + ] + + & Apt.installed ["procmail", "bsd-mailx"] + & "/etc/aliases" `File.hasPrivContentExposed` (Context "branchable.com") + `onChange` Postfix.newaliases + & "/etc/mailname" `File.hasContent` ["branchable.com"] + & Postfix.installed + & Postfix.mainCf ("mailbox_command", "procmail -a \"$EXTENSION\"") + + -- Obnam is run by a cron job in ikiwiki-hosting. + & "/etc/obnam.conf" `File.hasContent` + [ "[config]" + , "repository = sftp://joey@eubackup.kitenet.net/home/joey/lib/backup/pell.obnam" + , "log = /var/log/obnam.log" + , "encrypt-with = " ++ obnamkey + , "log-level = info" + , "log-max = 1048576" + , "keep = 7d,5w,12m" + , "upload-queue-size = 128" + , "lru-size = 128" + ] + & Gpg.keyImported (Gpg.GpgKeyId obnamkey) (User "root") + & Ssh.keyImported SshRsa (User "root") (Context "branchable.com") + & Ssh.knownHost hosts "eubackup.kitenet.net" (User "root") + & Ssh.knownHost hosts "usw-s002.rsync.net" (User "root") + + & adminuser "joey" + & adminuser "liw" + where + obnamkey = "41E1A9B9" + adminuser u = propertyList ("admin user " ++ u) $ props + & User.accountFor (User u) + & User.hasSomePassword (User u) + & Sudo.enabledFor (User u) + & User.hasGroup (User u) (Group "adm") + & User.hasGroup (User u) (Group "systemd-journal") -- cgit v1.2.3 From bdba36ea26d7f521553b0c1e833b5ccf5d25ee96 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 18 May 2015 00:37:50 -0400 Subject: show docs in haddock --- src/Propellor/Property/HostingProvider/DigitalOcean.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/HostingProvider/DigitalOcean.hs b/src/Propellor/Property/HostingProvider/DigitalOcean.hs index be62ccdc..a5de9818 100644 --- a/src/Propellor/Property/HostingProvider/DigitalOcean.hs +++ b/src/Propellor/Property/HostingProvider/DigitalOcean.hs @@ -9,7 +9,7 @@ import qualified Propellor.Property.Reboot as Reboot import Data.List --- Digital Ocean does not provide any way to boot +-- | Digital Ocean does not provide any way to boot -- the kernel provided by the distribution, except using kexec. -- Without this, some old, and perhaps insecure kernel will be used. -- @@ -40,7 +40,7 @@ runningInstalledKernel = do findVersion kernelver <$> readProcess "file" ("-L" : kernelimages) --- File output looks something like this, we want to unambiguously +-- | File output looks something like this, we want to unambiguously -- match the running kernel version: -- Linux kernel x86 boot executable bzImage, version 3.16-3-amd64 (debian-kernel@lists.debian.org) #1 SMP Debian 3.1, RO-rootFS, swap_dev 0x2, Normal VGA findVersion :: String -> String -> Bool -- cgit v1.2.3 From ad3cc3e00d33fc3a46d1b345316bfc9f7879fe95 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 18 May 2015 09:44:40 -0400 Subject: propellor spin --- src/Propellor/Property/SiteSpecific/JoeySites.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs index 12629e2c..36808919 100644 --- a/src/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs @@ -470,7 +470,7 @@ backupsBackedupFrom hosts srchost destdir = Cron.niceJob desc `requires` Ssh.knownHost hosts srchost (User "joey") where desc = "backups copied from " ++ srchost ++ " on boot" - cmd = "rsync -az --bwlimit=300K --partial --delete " ++ srchost ++ ":lib/backup/ " ++ destdir srchost + cmd = "sleep 30m && rsync -az --bwlimit=300K --partial --delete " ++ srchost ++ ":lib/backup/ " ++ destdir srchost obnamRepos :: [String] -> Property NoInfo obnamRepos rs = propertyList ("obnam repos for " ++ unwords rs) -- cgit v1.2.3 From de07d0f7209372c3d339e34ba86986877f6c80ab Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 22 May 2015 11:03:17 -0400 Subject: propellor spin --- config-joey.hs | 1 + src/Propellor/Property/SiteSpecific/IABak.hs | 7 +++++++ 2 files changed, 8 insertions(+) (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index cf07dd9f..2a173776 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -364,6 +364,7 @@ iabak = host "iabak.archiveteam.org" & IABak.gitServer monsters & IABak.registrationServer monsters & IABak.graphiteServer + & IABak.publicFace where admins = map User ["joey", "db48x"] diff --git a/src/Propellor/Property/SiteSpecific/IABak.hs b/src/Propellor/Property/SiteSpecific/IABak.hs index 650014f4..fc56de85 100644 --- a/src/Propellor/Property/SiteSpecific/IABak.hs +++ b/src/Propellor/Property/SiteSpecific/IABak.hs @@ -15,6 +15,13 @@ repo = "https://github.com/ArchiveTeam/IA.BAK/" userrepo :: String userrepo = "git@gitlab.com:archiveteam/IA.bak.users.git" +publicFace :: Property HasInfo +publicFace = propertyList "iabak public face" $ props + & Git.cloned (User "root") repo "/usr/local/IA.BAK" (Just "server") + & Apt.serviceInstalledRunning "apache2" + & Cron.niceJob "graph-gen" (Cron.Times "*/10 * * * *") (User "root") "/" + "/usr/local/IA.BAK/web/graph-gen.sh" + gitServer :: [Host] -> Property HasInfo gitServer knownhosts = propertyList "iabak git server" $ props & Git.cloned (User "root") repo "/usr/local/IA.BAK" (Just "server") -- cgit v1.2.3 From e661aad6c493e31b6bd8109ca3d5c90bec28626a Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 22 May 2015 13:34:20 -0400 Subject: merge --- src/Propellor/Property/SiteSpecific/IABak.hs | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/SiteSpecific/IABak.hs b/src/Propellor/Property/SiteSpecific/IABak.hs index fc56de85..fe2de7c8 100644 --- a/src/Propellor/Property/SiteSpecific/IABak.hs +++ b/src/Propellor/Property/SiteSpecific/IABak.hs @@ -63,12 +63,14 @@ graphiteServer = propertyList "iabak graphite server" $ props [ "[carbon]" , "pattern = ^carbon\\." , "retentions = 60:90d" - , "[iabak]" + , "[iabak-connections]" + , "pattern = ^iabak\\.shardstats\\.connections" + , "retentions = 1h:1y,3h:10y" + , "[iabak-default]" , "pattern = ^iabak\\." - , "retentions = 10m:30d,1h:1y,3h,10y" + , "retentions = 10m:30d,1h:1y,3h:10y" , "[default_1min_for_1day]" , "pattern = .*" - , "retentions = 60s:1d" ] & graphiteCSRF & cmdProperty "graphite-manage" ["syncdb", "--noinput"] `flagFile` "/etc/flagFiles/graphite-syncdb" -- cgit v1.2.3