diff --git a/Host/clam.hs b/Host/clam.hs index 4241222..53b349d 100644 --- a/Host/clam.hs +++ b/Host/clam.hs @@ -3,18 +3,21 @@ import qualified Property.Apt as Apt import qualified Property.Ssh as Ssh import qualified Property.User as User import qualified Property.GitHome as GitHome +import qualified Property.Reboot as Reboot main = defaultMain [ Apt.stdSourcesList Apt.Unstable `onChange` Apt.upgrade , Apt.installed ["etckeeper"] , Apt.installed ["ssh"] , Apt.installed ["git", "myrepos"] - , GitHome.installed "root" + , GitHome.installedFor "root" , check (Ssh.hasAuthorizedKeys "root") $ Ssh.passwordAuthentication False , User.nonsystem "joey" + , Apt.installed ["sudo"] , fileHasContent "/etc/sudoers" ["joey ALL=(ALL:ALL) ALL"] - , GitHome.installed "joey" + , GitHome.installedFor "joey" , Apt.removed ["exim4"] `onChange` Apt.autoRemove , Apt.installed ["tor"] + , Apt.installed ["systemd-sysv"] `onChange` Reboot.scheduled "+10" ] diff --git a/Property/GitHome.hs b/Property/GitHome.hs index 6bbae25..f0764db 100644 --- a/Property/GitHome.hs +++ b/Property/GitHome.hs @@ -13,8 +13,8 @@ import Utility.Monad import Utility.Exception {- Clones Joey Hess's git home directory, and runs its fixups script. -} -installed :: UserName -> Property -installed user = check (not <$> hasGitDir user) $ +installedFor :: UserName -> Property +installedFor user = check (not <$> hasGitDir user) $ IOProperty ("githome " ++ user) (go =<< homedir user) where go Nothing = noChange diff --git a/Property/Reboot.hs b/Property/Reboot.hs new file mode 100644 index 0000000..668a7a4 --- /dev/null +++ b/Property/Reboot.hs @@ -0,0 +1,8 @@ +module Property.Reboot where + +import Property +import Utility.SafeCommand + +{- Use eg, "+5" to reboot in 5 minutes. -} +scheduled :: String -> Property +scheduled rebootwhen = cmdProperty "shutdown" [ Param "-r", Param rebootwhen ] diff --git a/TODO b/TODO new file mode 100644 index 0000000..4617c2b --- /dev/null +++ b/TODO @@ -0,0 +1,4 @@ +* Need a way to run an action when a property changes, but only + run it once for the whole. For example, may want to restart apache, + but only once despite many config changes being made to satisfy + properties. onChange is a poor substitute.