From 3822c9a2d764a2ea451d4dce8862eef7dc697c12 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Thu, 21 Aug 2014 14:04:26 -0400
Subject: [PATCH] propellor spin

---
 config-joey.hs                | 11 +++++++----
 src/Propellor/Property/Ssh.hs | 18 +++++++++++++++++-
 2 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/config-joey.hs b/config-joey.hs
index 57a431c..486863e 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -13,7 +13,6 @@ import qualified Propellor.Property.Cron as Cron
 import qualified Propellor.Property.Sudo as Sudo
 import qualified Propellor.Property.User as User
 import qualified Propellor.Property.Hostname as Hostname
---import qualified Propellor.Property.Reboot as Reboot
 import qualified Propellor.Property.Tor as Tor
 import qualified Propellor.Property.Dns as Dns
 import qualified Propellor.Property.OpenId as OpenId
@@ -21,7 +20,6 @@ import qualified Propellor.Property.Docker as Docker
 import qualified Propellor.Property.Git as Git
 import qualified Propellor.Property.Apache as Apache
 import qualified Propellor.Property.Postfix as Postfix
-import qualified Propellor.Property.Service as Service
 import qualified Propellor.Property.Grub as Grub
 import qualified Propellor.Property.Obnam as Obnam
 import qualified Propellor.Property.HostingProvider.DigitalOcean as DigitalOcean
@@ -57,6 +55,12 @@ hosts =                 --                  (o)  `
 
 		& Docker.configured
 		& Docker.garbageCollected `period` Daily
+		
+		-- ssh on some extra ports to deal with horrible networks
+		-- while travelling
+		& alias "travelling.kitenet.net"
+		& Ssh.listenPort 80
+		& Ssh.listenPort 443
 	
 	-- Orca is the main git-annex build box.
 	, standardSystem "orca.kitenet.net" Unstable "amd64"
@@ -233,8 +237,7 @@ hosts =                 --                  (o)  `
 		-- Nothing is using http port 80, so listen on
 		-- that port for ssh, for traveling on bad networks that
 		-- block 22.
-		& "/etc/ssh/sshd_config" `File.containsLine` "Port 80"
-			`onChange` Service.restarted "ssh"
+		& Ssh.listenPort 80
 		
 		-- temp
 		! Docker.docked hosts "amd64-git-annex-builder"
diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs
index 5a26047..41b9308 100644
--- a/src/Propellor/Property/Ssh.hs
+++ b/src/Propellor/Property/Ssh.hs
@@ -9,7 +9,8 @@ module Propellor.Property.Ssh (
 	hostKey,
 	keyImported,
 	knownHost,
-	authorizedKeys
+	authorizedKeys,
+	listenPort
 ) where
 
 import Propellor
@@ -164,3 +165,18 @@ authorizedKeys user context = withPrivData (SshAuthorizedKeys user) context $ \g
 			[ File.ownerGroup f user user
 			, File.ownerGroup (takeDirectory f) user user
 			] 
+
+-- | Makes the ssh server listen on a given port, in addition to any other
+-- ports it is configured to listen on.
+--
+-- Revert to prevent it listening on a particular port.
+listenPort :: Int -> RevertableProperty
+listenPort port = RevertableProperty enable disable
+  where
+	portline = "Port " ++ show port
+	enable = sshdConfig `File.containsLine` portline
+		`describe` ("ssh listening on " ++ portline)
+		`onChange` restartSshd
+	disable = sshdConfig `File.lacksLine` portline
+		`describe` ("ssh not listening on " ++ portline)
+		`onChange` restartSshd