improvements
This commit is contained in:
parent
c1ad516a6c
commit
3368bdd0a1
18
HostProp.hs
18
HostProp.hs
|
@ -15,24 +15,30 @@ main = ensureProperties . getProperties =<< getHostName
|
||||||
- Properties for that system. -}
|
- Properties for that system. -}
|
||||||
getProperties :: HostName -> [Property]
|
getProperties :: HostName -> [Property]
|
||||||
getProperties "clam" =
|
getProperties "clam" =
|
||||||
[ Apt.stdSourcesList Apt.Unstable `onChange` Apt.upgrade
|
-- Clean up the system as installed by cloudatcost.com
|
||||||
, Apt.installed ["etckeeper"]
|
[ User.nuked "user"
|
||||||
|
, Apt.removed ["exim4"] `onChange` Apt.autoRemove
|
||||||
, Hostname.set "clam.kitenet.net"
|
, Hostname.set "clam.kitenet.net"
|
||||||
, Apt.installed ["ssh"]
|
|
||||||
, Ssh.uniqueHostKeys
|
, Ssh.uniqueHostKeys
|
||||||
|
-- This is my standard system setup
|
||||||
|
, Apt.stdSourcesList Apt.Unstable `onChange` Apt.upgrade
|
||||||
|
, Apt.installed ["etckeeper"]
|
||||||
|
, Apt.installed ["ssh"]
|
||||||
, Apt.installed ["git", "myrepos"]
|
, Apt.installed ["git", "myrepos"]
|
||||||
, GitHome.installedFor "root"
|
, GitHome.installedFor "root"
|
||||||
|
-- Harden the system, but only once root's authorized_keys
|
||||||
|
-- is safely in place.
|
||||||
, check (Ssh.hasAuthorizedKeys "root") $
|
, check (Ssh.hasAuthorizedKeys "root") $
|
||||||
Ssh.passwordAuthentication False
|
Ssh.passwordAuthentication False
|
||||||
, check (Ssh.hasAuthorizedKeys "root") $
|
, check (Ssh.hasAuthorizedKeys "root") $
|
||||||
User.lockedPassword "root"
|
User.lockedPassword "root"
|
||||||
, User.nonsystem "joey"
|
, User.nonsystem "joey"
|
||||||
, User.nuked "user"
|
|
||||||
, Apt.installed ["sudo"]
|
, Apt.installed ["sudo"]
|
||||||
, lineInfFile "/etc/sudoers" "joey ALL=(ALL:ALL) ALL"
|
, lineInFile "/etc/sudoers" "joey ALL=(ALL:ALL) ALL"
|
||||||
, GitHome.installedFor "joey"
|
, GitHome.installedFor "joey"
|
||||||
, Apt.removed ["exim4"] `onChange` Apt.autoRemove
|
-- Clam is a tor bridge.
|
||||||
, Apt.installed ["tor"]
|
, Apt.installed ["tor"]
|
||||||
|
-- Should come last as it reboots.
|
||||||
, Apt.installed ["systemd-sysv"] `onChange` Reboot.scheduled "+10"
|
, Apt.installed ["systemd-sysv"] `onChange` Reboot.scheduled "+10"
|
||||||
]
|
]
|
||||||
-- add more hosts here...
|
-- add more hosts here...
|
||||||
|
|
|
@ -5,7 +5,6 @@ import Control.Applicative
|
||||||
import Control.Monad
|
import Control.Monad
|
||||||
import System.Console.ANSI
|
import System.Console.ANSI
|
||||||
import System.Exit
|
import System.Exit
|
||||||
import System.IO
|
|
||||||
|
|
||||||
import Utility.Tmp
|
import Utility.Tmp
|
||||||
import Utility.Exception
|
import Utility.Exception
|
||||||
|
@ -75,9 +74,8 @@ ensureProperties ps = do
|
||||||
where
|
where
|
||||||
ensure [] rs = return rs
|
ensure [] rs = return rs
|
||||||
ensure (l:ls) rs = do
|
ensure (l:ls) rs = do
|
||||||
putStr $ propertyDesc l ++ "... "
|
|
||||||
hFlush stdout
|
|
||||||
r <- ensureProperty l
|
r <- ensureProperty l
|
||||||
|
putStr $ propertyDesc l ++ "... "
|
||||||
case r of
|
case r of
|
||||||
FailedChange -> do
|
FailedChange -> do
|
||||||
setSGR [SetColor Foreground Vivid Red]
|
setSGR [SetColor Foreground Vivid Red]
|
||||||
|
|
|
@ -1,8 +1,12 @@
|
||||||
module Property.Hostname where
|
module Property.Hostname where
|
||||||
|
|
||||||
import Property
|
import Property
|
||||||
|
import Utility.SafeCommand
|
||||||
|
|
||||||
type HostName = String
|
type HostName = String
|
||||||
|
|
||||||
set :: HostName -> Property
|
set :: HostName -> Property
|
||||||
set hostname = fileHasContent "/etc/hostname" [hostname]
|
set hostname = combineProperties ("hostname " ++ hostname)
|
||||||
|
[ fileHasContent "/etc/hostname" [hostname]
|
||||||
|
, cmdProperty "hostname" [Param hostname]
|
||||||
|
]
|
||||||
|
|
Loading…
Reference in New Issue