cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added systemd configuration properties.

This commit is contained in:
Joey Hess 2015-01-21 22:48:44 -04:00
parent 0a2a553d31
commit 88082c7293
3 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config-joey.hs
View File

@ -145,6 +145,7 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
& Apt.unattendedUpgrades & Apt.unattendedUpgrades
& Systemd.installed & Systemd.installed
& Systemd.persistentJournal & Systemd.persistentJournal
& Systemd.journaldConfigured "SystemMaxUse" "500M"
& Ssh.passwordAuthentication True & Ssh.passwordAuthentication True
-- Since ssh password authentication is allowed: -- Since ssh password authentication is allowed:
& Apt.serviceInstalledRunning "fail2ban" & Apt.serviceInstalledRunning "fail2ban"

1
debian/changelog vendored
View File

@ -5,6 +5,7 @@ propellor (1.4.0) UNRELEASED; urgency=medium
This includes the properties used inside a container. This includes the properties used inside a container.
(API change) (API change)
* Fix info propigation from fallback combinator's second Property. * Fix info propigation from fallback combinator's second Property.
* Added systemd configuration properties.
-- Joey Hess <id@joeyh.name> Thu, 15 Jan 2015 20:14:29 -0400 -- Joey Hess <id@joeyh.name> Thu, 15 Jan 2015 20:14:29 -0400

36
src/Propellor/Property/Systemd.hs
View File

@ -6,7 +6,11 @@ module Propellor.Property.Systemd (
stopped, stopped,
enabled, enabled,
disabled, disabled,
restarted,
persistentJournal, persistentJournal,
Option,
configured,
journaldConfigured,
daemonReloaded, daemonReloaded,
Container, Container,
container, container,
@ -60,6 +64,11 @@ disabled :: ServiceName -> Property
disabled n = trivial $ cmdProperty "systemctl" ["disable", n] disabled n = trivial $ cmdProperty "systemctl" ["disable", n]
`describe` ("service " ++ n ++ " disabled") `describe` ("service " ++ n ++ " disabled")
-- | Restarts a systemd service.
restarted :: ServiceName -> Property
restarted n = trivial $ cmdProperty "systemctl" ["restart", n]
`describe` ("service " ++ n ++ " restarted")
-- | Enables persistent storage of the journal. -- | Enables persistent storage of the journal.
persistentJournal :: Property persistentJournal :: Property
persistentJournal = check (not <$> doesDirectoryExist dir) $ persistentJournal = check (not <$> doesDirectoryExist dir) $
@ -72,6 +81,33 @@ persistentJournal = check (not <$> doesDirectoryExist dir) $
where where
dir = "/var/log/journal" dir = "/var/log/journal"
type Option = String
-- | Ensures that an option is configured in one of systemd's config files.
-- Does not ensure that the relevant daemon notices the change immediately.
--
-- This assumes that there is only one [Header] per file, which is
-- currently the case. And it assumes the file already exists with
-- the right [Header], so new lines can just be appended to the end.
configured :: FilePath -> Option -> String -> Property
configured cfgfile option value = combineProperties desc
[ File.fileProperty desc (mapMaybe removeother) cfgfile
, File.containsLine cfgfile line
]
where
setting = option ++ "="
line = setting ++ value
desc = cfgfile ++ " " ++ line
removeother l
| setting `isPrefixOf` l = Nothing
| otherwise = Just l
-- | Configures journald, restarting it so the changes take effect.
journaldConfigured :: Option -> String -> Property
journaldConfigured option value =
configured "/etc/systemd/journald.conf" option value
`onChange` restarted "systemd-journald"
-- | Causes systemd to reload its configuration files. -- | Causes systemd to reload its configuration files.
daemonReloaded :: Property daemonReloaded :: Property
daemonReloaded = trivial $ cmdProperty "systemctl" ["daemon-reload"] daemonReloaded = trivial $ cmdProperty "systemctl" ["daemon-reload"]