2014-11-23 19:42:22 +00:00
|
|
|
module Propellor.Property.OS (
|
|
|
|
|
cleanInstallOnce,
|
2014-12-04 20:14:01 +00:00
|
|
|
Confirmation(..),
|
2014-11-24 04:52:46 +00:00
|
|
|
preserveNetworkInterfaces,
|
|
|
|
|
preserveRootSshAuthorized,
|
2014-11-23 23:49:53 +00:00
|
|
|
grubBoots,
|
2014-11-24 04:40:53 +00:00
|
|
|
GrubDev(..),
|
2014-12-04 20:14:01 +00:00
|
|
|
oldOSKernelPreserved,
|
2014-11-23 23:49:53 +00:00
|
|
|
kernelInstalled,
|
2014-11-23 19:42:22 +00:00
|
|
|
oldOSRemoved,
|
|
|
|
|
) where
|
|
|
|
|
|
|
|
|
|
import Propellor
|
|
|
|
|
import qualified Propellor.Property.Debootstrap as Debootstrap
|
2014-11-24 04:51:36 +00:00
|
|
|
import qualified Propellor.Property.Ssh as Ssh
|
2014-12-04 20:14:01 +00:00
|
|
|
import qualified Propellor.Property.User as User
|
2014-11-24 04:40:53 +00:00
|
|
|
|
2014-11-23 19:42:22 +00:00
|
|
|
-- | Replaces whatever OS was installed before with a clean installation
|
|
|
|
|
-- of the OS that the Host is configured to have.
|
|
|
|
|
--
|
|
|
|
|
-- This can replace one Linux distribution with different one.
|
|
|
|
|
-- But, it can also fail and leave the system in an unbootable state.
|
|
|
|
|
--
|
2014-12-04 20:14:01 +00:00
|
|
|
-- The files from the old os will be left in /old-os
|
|
|
|
|
--
|
2014-11-23 20:39:49 +00:00
|
|
|
-- To avoid this property being accidentially used, you have to provide
|
2014-12-04 20:14:01 +00:00
|
|
|
-- a Confirmation containing the name of the host that you intend to apply the
|
2014-11-23 20:39:49 +00:00
|
|
|
-- property to.
|
|
|
|
|
--
|
2014-11-23 19:42:22 +00:00
|
|
|
-- This property only runs once. The cleanly installed system will have
|
|
|
|
|
-- a file /etc/propellor-cleaninstall, which indicates it was cleanly
|
|
|
|
|
-- installed.
|
|
|
|
|
--
|
|
|
|
|
-- You will typically want to run some more properties after the clean
|
|
|
|
|
-- install, to bootstrap from the cleanly installed system to a fully
|
|
|
|
|
-- working system. For example:
|
|
|
|
|
--
|
|
|
|
|
-- > & os (System (Debian Unstable) "amd64")
|
2014-12-04 20:14:01 +00:00
|
|
|
-- > & cleanInstall (Confirmed "foo.example.com")
|
2014-11-23 19:42:22 +00:00
|
|
|
-- > `onChange` propertyList "fixing up after clean install"
|
2014-11-24 04:52:46 +00:00
|
|
|
-- > [ preserveNetworkInterfaces
|
|
|
|
|
-- > , preserverRootSshAuthorized
|
2014-12-04 20:14:01 +00:00
|
|
|
-- > , oldOSKernelPreserved
|
2014-11-23 23:49:53 +00:00
|
|
|
-- > -- , kernelInstalled
|
|
|
|
|
-- > -- , grubBoots "hd0"
|
2014-12-04 20:14:01 +00:00
|
|
|
-- > -- , oldOsRemoved
|
2014-11-23 19:42:22 +00:00
|
|
|
-- > ]
|
|
|
|
|
-- > & Apt.installed ["ssh"]
|
2014-11-23 20:39:49 +00:00
|
|
|
-- > & User.hasSomePassword "root"
|
|
|
|
|
-- > & User.accountFor "joey"
|
|
|
|
|
-- > & User.hasSomePassword "joey"
|
2014-11-23 19:42:22 +00:00
|
|
|
-- > -- rest of system properties here
|
2014-12-04 20:14:01 +00:00
|
|
|
cleanInstallOnce :: Confirmation -> Property
|
|
|
|
|
cleanInstallOnce confirmation = check (not <$> doesFileExist flagfile) $
|
|
|
|
|
confirmed
|
|
|
|
|
`before`
|
|
|
|
|
osbootstrapped
|
|
|
|
|
`before`
|
|
|
|
|
transitioned
|
|
|
|
|
`before`
|
|
|
|
|
User.shadowConfig True
|
|
|
|
|
`before`
|
|
|
|
|
propellorbootstrapped
|
|
|
|
|
`before`
|
|
|
|
|
finalized
|
|
|
|
|
where
|
|
|
|
|
confirmed = property "clean install confirmed" $ do
|
|
|
|
|
checkConfirmed confirmation
|
|
|
|
|
return NoChange
|
|
|
|
|
|
|
|
|
|
osbootstrapped = withOS "/new-os bootstrapped" $ \o -> case o of
|
|
|
|
|
(Just d@(System (Debian _) _)) -> debootstrap d
|
|
|
|
|
(Just u@(System (Ubuntu _) _)) -> debootstrap u
|
|
|
|
|
_ -> error "os is not declared to be Debian or Ubuntu"
|
|
|
|
|
debootstrap targetos = ensureProperty $ toProp $
|
|
|
|
|
Debootstrap.built "/new-os" targetos Debootstrap.DefaultConfig
|
|
|
|
|
|
|
|
|
|
transitioned = property "/new-os moved into place" $
|
2014-11-23 19:42:22 +00:00
|
|
|
error "TODO"
|
|
|
|
|
-- unmount all mounts
|
|
|
|
|
-- move all directories to /old-os,
|
|
|
|
|
-- move /new-os to /
|
2014-11-23 20:39:49 +00:00
|
|
|
-- touch flagfile
|
2014-12-04 20:14:01 +00:00
|
|
|
|
|
|
|
|
propellorbootstrapped = property "propellor re-debootstrapped in new os" $
|
|
|
|
|
error "TODO"
|
2014-11-23 19:42:22 +00:00
|
|
|
-- re-bootstrap propellor in /usr/local/propellor,
|
|
|
|
|
-- (using git repo bundle, privdata file, and possibly
|
|
|
|
|
-- git repo url, which all need to be arranged to
|
|
|
|
|
-- be present in /old-os's /usr/local/propellor)
|
2014-12-04 20:14:01 +00:00
|
|
|
|
|
|
|
|
finalized = property "clean install finalized" $ do
|
|
|
|
|
liftIO $ writeFile flagfile ""
|
|
|
|
|
return MadeChange
|
|
|
|
|
|
2014-11-23 19:42:22 +00:00
|
|
|
flagfile = "/etc/propellor-cleaninstall"
|
|
|
|
|
|
2014-12-04 20:14:01 +00:00
|
|
|
data Confirmation = Confirmed HostName
|
2014-11-24 04:40:53 +00:00
|
|
|
|
2014-12-04 20:14:01 +00:00
|
|
|
checkConfirmed :: Confirmation -> Propellor ()
|
2014-11-24 04:40:53 +00:00
|
|
|
checkConfirmed (Confirmed c) = do
|
|
|
|
|
hostname <- asks hostName
|
|
|
|
|
when (hostname /= c) $
|
|
|
|
|
errorMessage "Run with a bad confirmation, not matching hostname."
|
|
|
|
|
|
2014-11-23 19:42:22 +00:00
|
|
|
-- /etc/network/interfaces is configured to bring up all interfaces that
|
|
|
|
|
-- are currently up, using the same IP addresses.
|
2014-11-24 04:52:46 +00:00
|
|
|
preserveNetworkInterfaces :: Property
|
|
|
|
|
preserveNetworkInterfaces = undefined
|
2014-11-23 19:42:22 +00:00
|
|
|
|
2014-11-24 04:40:53 +00:00
|
|
|
-- Root's .ssh/authorized_keys has added to it any ssh keys that
|
|
|
|
|
-- were authorized in the old OS. Any other contents of the file are
|
|
|
|
|
-- retained.
|
2014-11-24 04:52:46 +00:00
|
|
|
preserveRootSshAuthorized :: Property
|
|
|
|
|
preserveRootSshAuthorized = check (doesDirectoryExist oldloc) $
|
2014-11-24 04:40:53 +00:00
|
|
|
property (newloc ++ " copied from old OS") $ do
|
|
|
|
|
ks <- liftIO $ lines <$> readFile oldloc
|
2014-11-24 04:51:36 +00:00
|
|
|
ensureProperties (map (Ssh.authorizedKey "root") ks)
|
2014-11-24 04:40:53 +00:00
|
|
|
where
|
|
|
|
|
newloc = "/root/.ssh/authorized_keys"
|
|
|
|
|
oldloc = oldOsDir ++ newloc
|
2014-11-23 19:42:22 +00:00
|
|
|
|
2014-11-24 04:40:53 +00:00
|
|
|
-- Installs an appropriate kernel from the OS distribution.
|
2014-11-23 23:49:53 +00:00
|
|
|
kernelInstalled :: Property
|
|
|
|
|
kernelInstalled = undefined
|
2014-11-23 19:42:22 +00:00
|
|
|
|
2014-12-04 20:14:01 +00:00
|
|
|
-- Copies kernel images, initrds, and modules from /old-os
|
|
|
|
|
-- into the new system.
|
|
|
|
|
--
|
|
|
|
|
-- TODO: grub config?
|
|
|
|
|
oldOSKernelPreserved :: Property
|
|
|
|
|
oldOSKernelPreserved = undefined
|
|
|
|
|
|
2014-11-24 04:40:53 +00:00
|
|
|
-- Installs grub onto a device to boot the system.
|
|
|
|
|
--
|
|
|
|
|
-- You may want to install grub to multiple devices; eg for a system
|
|
|
|
|
-- that uses software RAID.
|
2014-11-23 23:49:53 +00:00
|
|
|
grubBoots :: GrubDev -> Property
|
|
|
|
|
grubBoots = undefined
|
2014-11-23 19:42:22 +00:00
|
|
|
|
2014-11-24 04:40:53 +00:00
|
|
|
type GrubDev = String
|
|
|
|
|
|
2014-11-23 19:42:22 +00:00
|
|
|
-- Removes the old OS's backup from /old-os
|
2014-12-04 20:14:01 +00:00
|
|
|
oldOSRemoved :: Confirmation -> Property
|
2014-11-24 04:40:53 +00:00
|
|
|
oldOSRemoved confirmed = check (doesDirectoryExist oldOsDir) $
|
|
|
|
|
property "old OS backup removed" $ do
|
|
|
|
|
checkConfirmed confirmed
|
|
|
|
|
liftIO $ removeDirectoryRecursive oldOsDir
|
2014-11-23 19:42:22 +00:00
|
|
|
return MadeChange
|
|
|
|
|
|
|
|
|
|
oldOsDir :: FilePath
|
|
|
|
|
oldOsDir = "/old-os"
|
