2014-04-01 20:58:11 +00:00
|
|
|
module Propellor.Property.SiteSpecific.GitAnnexBuilder where
|
|
|
|
|
|
|
|
import Propellor
|
|
|
|
import qualified Propellor.Property.Apt as Apt
|
|
|
|
import qualified Propellor.Property.User as User
|
2014-04-01 22:06:02 +00:00
|
|
|
import qualified Propellor.Property.Cron as Cron
|
2014-05-20 22:49:03 +00:00
|
|
|
import qualified Propellor.Property.File as File
|
2014-04-01 20:58:11 +00:00
|
|
|
import Propellor.Property.Cron (CronTimes)
|
|
|
|
|
|
|
|
builduser :: UserName
|
|
|
|
builduser = "builder"
|
|
|
|
|
2014-04-08 05:42:59 +00:00
|
|
|
homedir :: FilePath
|
|
|
|
homedir = "/home/builder"
|
|
|
|
|
|
|
|
gitbuilderdir :: FilePath
|
|
|
|
gitbuilderdir = homedir </> "gitbuilder"
|
|
|
|
|
2014-04-01 20:58:11 +00:00
|
|
|
builddir :: FilePath
|
2014-04-08 05:42:59 +00:00
|
|
|
builddir = gitbuilderdir </> "build"
|
2014-04-01 20:58:11 +00:00
|
|
|
|
2014-05-19 21:27:21 +00:00
|
|
|
type TimeOut = String -- eg, 5h
|
|
|
|
|
|
|
|
builder :: Architecture -> CronTimes -> TimeOut -> Bool -> Property
|
2014-05-20 22:28:13 +00:00
|
|
|
builder = builder' buildDeps
|
|
|
|
|
|
|
|
builder' :: Property -> Architecture -> CronTimes -> TimeOut -> Bool -> Property
|
|
|
|
builder' buildepsprop buildarch crontimes timeout rsyncupload = combineProperties "gitannexbuilder"
|
|
|
|
[ tree buildarch
|
|
|
|
, buildepsprop
|
2014-04-08 23:31:03 +00:00
|
|
|
, Apt.serviceInstalledRunning "cron"
|
2014-05-19 21:27:21 +00:00
|
|
|
, Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir $
|
|
|
|
"git pull ; timeout " ++ timeout ++ " ./autobuild"
|
2014-04-01 20:58:11 +00:00
|
|
|
-- The builduser account does not have a password set,
|
|
|
|
-- instead use the password privdata to hold the rsync server
|
|
|
|
-- password used to upload the built image.
|
2014-04-18 07:59:06 +00:00
|
|
|
, property "rsync password" $ do
|
2014-04-08 05:42:59 +00:00
|
|
|
let f = homedir </> "rsyncpassword"
|
2014-04-02 22:36:42 +00:00
|
|
|
if rsyncupload
|
|
|
|
then withPrivData (Password builduser) $ \p -> do
|
2014-04-10 21:22:32 +00:00
|
|
|
oldp <- liftIO $ catchDefaultIO "" $
|
|
|
|
readFileStrict f
|
2014-04-02 22:36:42 +00:00
|
|
|
if p /= oldp
|
|
|
|
then makeChange $ writeFile f p
|
|
|
|
else noChange
|
|
|
|
else do
|
2014-04-10 21:22:32 +00:00
|
|
|
ifM (liftIO $ doesFileExist f)
|
2014-04-02 22:36:42 +00:00
|
|
|
( noChange
|
|
|
|
, makeChange $ writeFile f "no password configured"
|
|
|
|
)
|
2014-04-01 20:58:11 +00:00
|
|
|
]
|
2014-05-19 21:27:21 +00:00
|
|
|
|
2014-05-20 22:28:13 +00:00
|
|
|
tree :: Architecture -> Property
|
|
|
|
tree buildarch = combineProperties "gitannexbuilder tree"
|
|
|
|
[ User.accountFor builduser
|
2014-05-20 22:49:03 +00:00
|
|
|
-- Home directory already exists when docker volume is used.
|
|
|
|
, File.ownerGroup homedir builduser builduser
|
2014-05-20 22:28:13 +00:00
|
|
|
, Apt.installed ["git"]
|
2014-05-19 21:27:21 +00:00
|
|
|
, check (not <$> doesDirectoryExist gitbuilderdir) $ userScriptProperty builduser
|
|
|
|
[ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
|
|
|
|
, "cd " ++ gitbuilderdir
|
|
|
|
, "git checkout " ++ buildarch
|
|
|
|
]
|
|
|
|
`describe` "gitbuilder setup"
|
|
|
|
, check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser
|
|
|
|
[ "git clone git://git-annex.branchable.com/ " ++ builddir
|
|
|
|
]
|
2014-05-20 22:28:13 +00:00
|
|
|
]
|
|
|
|
|
|
|
|
buildDeps :: Property
|
|
|
|
buildDeps = combineProperties "gitannexbuilder build deps"
|
|
|
|
[ Apt.stdSourcesList Unstable
|
|
|
|
, Apt.buildDep ["git-annex"]
|
|
|
|
, buildDepsNoHaskellLibs
|
2014-05-19 21:27:21 +00:00
|
|
|
, "git-annex source build deps installed" ==> Apt.buildDepIn builddir
|
|
|
|
]
|
|
|
|
|
2014-05-20 22:28:13 +00:00
|
|
|
buildDepsNoHaskellLibs :: Property
|
|
|
|
buildDepsNoHaskellLibs = Apt.installed ["git", "rsync", "moreutils", "ca-certificates",
|
|
|
|
"debhelper", "ghc", "curl", "openssh-client", "git-remote-gcrypt",
|
|
|
|
"liblockfile-simple-perl", "cabal-install", "vim", "less"]
|
|
|
|
|
2014-05-19 21:27:21 +00:00
|
|
|
-- Installs current versions of git-annex's deps from cabal, but only
|
|
|
|
-- does so once.
|
|
|
|
cabalDeps :: Property
|
|
|
|
cabalDeps = flagFile go cabalupdated
|
|
|
|
where
|
|
|
|
go = userScriptProperty builduser ["cabal update && cabal install git-annex --only-dependencies || true"]
|
|
|
|
cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
|
|
|
|
|
2014-05-20 17:37:03 +00:00
|
|
|
-- Ensure a ssh key is set up, and allow it to be used to ssh in
|
2014-05-19 21:27:21 +00:00
|
|
|
sshKeyGen :: Property
|
2014-05-20 17:37:03 +00:00
|
|
|
sshKeyGen = combineProperties "sshkeygen"
|
|
|
|
[ flagFile gen privkey
|
|
|
|
, flagFile auth authkeys
|
|
|
|
]
|
2014-05-19 21:27:21 +00:00
|
|
|
where
|
2014-05-20 22:28:13 +00:00
|
|
|
gen = userScriptProperty builduser ["ssh-keygen -t RSA -N '' -f " ++ privkey]
|
2014-05-20 17:37:03 +00:00
|
|
|
auth = userScriptProperty builduser ["cp " ++ pubkey ++ " " ++ authkeys]
|
|
|
|
privkey = homedir </> ".ssh" </> "id_rsa"
|
|
|
|
pubkey = privkey ++ ".pub"
|
|
|
|
authkeys = homedir </> ".ssh" </> "authorized_keys"
|