propellor/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs

103 lines
3.5 KiB
Haskell
Raw Normal View History

2014-04-01 20:58:11 +00:00
module Propellor.Property.SiteSpecific.GitAnnexBuilder where
import Propellor
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.User as User
2014-04-01 22:06:02 +00:00
import qualified Propellor.Property.Cron as Cron
2014-05-20 22:49:03 +00:00
import qualified Propellor.Property.File as File
2014-04-01 20:58:11 +00:00
import Propellor.Property.Cron (CronTimes)
builduser :: UserName
builduser = "builder"
2014-04-08 05:42:59 +00:00
homedir :: FilePath
homedir = "/home/builder"
gitbuilderdir :: FilePath
gitbuilderdir = homedir </> "gitbuilder"
2014-04-01 20:58:11 +00:00
builddir :: FilePath
2014-04-08 05:42:59 +00:00
builddir = gitbuilderdir </> "build"
2014-04-01 20:58:11 +00:00
2014-05-19 21:27:21 +00:00
type TimeOut = String -- eg, 5h
builder :: Architecture -> CronTimes -> TimeOut -> Bool -> Property
2014-05-20 22:28:13 +00:00
builder = builder' buildDeps
builder' :: Property -> Architecture -> CronTimes -> TimeOut -> Bool -> Property
builder' buildepsprop buildarch crontimes timeout rsyncupload = combineProperties "gitannexbuilder"
[ tree buildarch
, buildepsprop
2014-04-08 23:31:03 +00:00
, Apt.serviceInstalledRunning "cron"
2014-05-19 21:27:21 +00:00
, Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir $
"git pull ; timeout " ++ timeout ++ " ./autobuild"
2014-04-01 20:58:11 +00:00
-- The builduser account does not have a password set,
-- instead use the password privdata to hold the rsync server
-- password used to upload the built image.
, property "rsync password" $ do
2014-04-08 05:42:59 +00:00
let f = homedir </> "rsyncpassword"
if rsyncupload
then withPrivData (Password builduser) $ \p -> do
oldp <- liftIO $ catchDefaultIO "" $
readFileStrict f
if p /= oldp
then makeChange $ writeFile f p
else noChange
else do
ifM (liftIO $ doesFileExist f)
( noChange
, makeChange $ writeFile f "no password configured"
)
2014-04-01 20:58:11 +00:00
]
2014-05-19 21:27:21 +00:00
2014-05-20 22:28:13 +00:00
tree :: Architecture -> Property
tree buildarch = combineProperties "gitannexbuilder tree"
[ User.accountFor builduser
2014-05-20 22:49:03 +00:00
-- Home directory already exists when docker volume is used.
, File.ownerGroup homedir builduser builduser
2014-05-20 22:28:13 +00:00
, Apt.installed ["git"]
2014-05-19 21:27:21 +00:00
, check (not <$> doesDirectoryExist gitbuilderdir) $ userScriptProperty builduser
[ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
, "cd " ++ gitbuilderdir
, "git checkout " ++ buildarch
]
`describe` "gitbuilder setup"
, check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser
[ "git clone git://git-annex.branchable.com/ " ++ builddir
]
2014-05-20 22:28:13 +00:00
]
buildDeps :: Property
buildDeps = combineProperties "gitannexbuilder build deps"
[ Apt.stdSourcesList Unstable
, Apt.buildDep ["git-annex"]
, buildDepsNoHaskellLibs
2014-05-19 21:27:21 +00:00
, "git-annex source build deps installed" ==> Apt.buildDepIn builddir
]
2014-05-20 22:28:13 +00:00
buildDepsNoHaskellLibs :: Property
buildDepsNoHaskellLibs = Apt.installed ["git", "rsync", "moreutils", "ca-certificates",
"debhelper", "ghc", "curl", "openssh-client", "git-remote-gcrypt",
"liblockfile-simple-perl", "cabal-install", "vim", "less"]
2014-05-19 21:27:21 +00:00
-- Installs current versions of git-annex's deps from cabal, but only
-- does so once.
cabalDeps :: Property
cabalDeps = flagFile go cabalupdated
where
go = userScriptProperty builduser ["cabal update && cabal install git-annex --only-dependencies || true"]
cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
2014-05-20 17:37:03 +00:00
-- Ensure a ssh key is set up, and allow it to be used to ssh in
2014-05-19 21:27:21 +00:00
sshKeyGen :: Property
2014-05-20 17:37:03 +00:00
sshKeyGen = combineProperties "sshkeygen"
[ flagFile gen privkey
, flagFile auth authkeys
]
2014-05-19 21:27:21 +00:00
where
2014-05-20 22:28:13 +00:00
gen = userScriptProperty builduser ["ssh-keygen -t RSA -N '' -f " ++ privkey]
2014-05-20 17:37:03 +00:00
auth = userScriptProperty builduser ["cp " ++ pubkey ++ " " ++ authkeys]
privkey = homedir </> ".ssh" </> "id_rsa"
pubkey = privkey ++ ".pub"
authkeys = homedir </> ".ssh" </> "authorized_keys"