propellor spin

This commit is contained in:
Joey Hess 2014-04-13 12:21:43 -04:00
parent ebfba3828c
commit 479045277b
Failed to extract signature
3 changed files with 23 additions and 15 deletions

View File

@ -24,6 +24,11 @@ hasPrivContent f = Property desc $ withPrivData (PrivFile f) $ \privcontent ->
where
desc = "privcontent " ++ f
-- | Leaves the file world-readable.
hasPrivContentExposed :: FilePath -> Property
hasPrivContentExposed f = hasPrivContent f `onChange`
mode f (combineModes (ownerWriteMode:readModes))
-- | Ensures that a line is present in a file, adding it to the end if not.
containsLine :: FilePath -> Line -> Property
f `containsLine` l = fileProperty (f ++ " contains:" ++ l) go f

View File

@ -4,7 +4,6 @@ import Propellor
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.Service as Service
import Utility.FileMode
import Data.List
import System.Posix.Files
@ -25,11 +24,7 @@ providerFor users baseurl = propertyList desc $
"define('SIMPLEID_BASE_URL', '"++url++"');"
| otherwise = l
identfile u = combineProperties desc
[ File.hasPrivContent f
-- the identitites directory controls access, so open up
-- file mode
, File.mode f (combineModes (ownerWriteMode:readModes))
]
where
f = concat $ [ "/var/lib/simpleid/identities/", u, ".identity" ]
-- the identitites directory controls access, so open up
-- file mode
identfile u = File.hasPrivContentExposed $
concat $ [ "/var/lib/simpleid/identities/", u, ".identity" ]

View File

@ -85,18 +85,15 @@ hosts =
`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
`requires` Ssh.authorizedKeys "family"
`requires` User.accountFor "family"
& Apt.installed ["git", "git-annex", "rsync", "kgb-client"]
& Apt.installed ["git", "git-annex", "rsync", "kgb-client-git"]
& Git.daemonRunning "/srv/git"
-- ssh keys for branchable and github repo hooks
-- TODO: upgrade to newer git-annex-shell for notification
-- gitweb
& cname "kgb.kitenet.net"
& Apt.serviceInstalledRunning "kgb-bot"
& File.hasPrivContent "/etc/kgb-bot/kgb.conf"
& File.hasPrivContent "/etc/kgb-bot/kgb-client.conf"
& "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1"
`onChange` Service.running "kgb-bot"
& Docker.docked hosts "kgb-server"
& File.hasPrivContentExposed "/etc/kgb-bot/kgb-client.conf"
& cname "downloads.kitenet.net"
& Apt.buildDep ["git-annex"] `period` Daily
@ -127,7 +124,18 @@ hosts =
& Docker.publish "8081:80"
& OpenId.providerFor ["joey", "liw"]
"openid.kitenet.net:8081"
-- The kgb irc bot, in a container for security and because I need
-- features not in the stable version.
, standardContainer "kgb-server" Unstable "amd64"
& Docker.publish "9999:9999"
& Apt.serviceInstalledRunning "kgb-bot"
& File.hasPrivContent "/etc/kgb-bot/kgb.conf"
& "/etc/default/kgb-bot" `File.containsLine` "BOT_ENABLED=1"
`describe` "kgb bot enabled"
`onChange` Service.running "kgb-bot"
-- Exhibit: kite's 90's website.
, standardContainer "ancient-kitenet" Stable "amd64"
& Docker.publish "1994:80"
& Apt.serviceInstalledRunning "apache2"