better descriptions for properties
This commit is contained in:
parent
90efcd3203
commit
a2a3d3f3a2
|
@ -45,10 +45,11 @@ standardSystem suite = propertyList "standard system"
|
||||||
, check (Ssh.hasAuthorizedKeys "root") $
|
, check (Ssh.hasAuthorizedKeys "root") $
|
||||||
User.lockedPassword "root"
|
User.lockedPassword "root"
|
||||||
, Apt.installed ["vim"]
|
, Apt.installed ["vim"]
|
||||||
, User.nonsystem "joey"
|
, User.sshAccountFor "joey"
|
||||||
, Apt.installed ["sudo"]
|
, Apt.installed ["sudo"]
|
||||||
-- nopasswd because no password is set up for joey.
|
-- nopasswd because no password is set up for joey.
|
||||||
, "/etc/sudoers" `File.containsLine` "joey ALL=(ALL:ALL) NOPASSWD:ALL"
|
, "/etc/sudoers" `File.containsLine` "joey ALL=(ALL:ALL) NOPASSWD:ALL"
|
||||||
|
`describe` "sudoer joey"
|
||||||
, GitHome.installedFor "joey"
|
, GitHome.installedFor "joey"
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@ -59,10 +60,10 @@ cleanCloudAtCost hostname = propertyList "cloudatcost cleanup"
|
||||||
, Apt.removed ["exim4"] `onChange` Apt.autoRemove
|
, Apt.removed ["exim4"] `onChange` Apt.autoRemove
|
||||||
, Hostname.set hostname
|
, Hostname.set hostname
|
||||||
, Ssh.uniqueHostKeys
|
, Ssh.uniqueHostKeys
|
||||||
-- Work around for #612402
|
|
||||||
, "/etc/default/grub" `File.containsLine` "GRUB_DISABLE_LINUX_UUID=true"
|
, "/etc/default/grub" `File.containsLine` "GRUB_DISABLE_LINUX_UUID=true"
|
||||||
`onChange` cmdProperty "update-grub" []
|
`onChange` cmdProperty "update-grub" []
|
||||||
`onChange` cmdProperty "update-initramfs" [Param "-u"]
|
`onChange` cmdProperty "update-initramfs" [Param "-u"]
|
||||||
|
`describe` "work around grub/lvm boot bug #743126"
|
||||||
-- Cruft
|
-- Cruft
|
||||||
, File.notPresent "/etc/rc.local"
|
, File.notPresent "/etc/rc.local"
|
||||||
, File.notPresent "/etc/init.d/S97-setup.sh"
|
, File.notPresent "/etc/init.d/S97-setup.sh"
|
||||||
|
|
|
@ -83,6 +83,9 @@ property `onChange` hook = Property (propertyDesc property) $ do
|
||||||
requires :: Property -> Property -> Property
|
requires :: Property -> Property -> Property
|
||||||
x `requires` y = combineProperties (propertyDesc x) [y, x]
|
x `requires` y = combineProperties (propertyDesc x) [y, x]
|
||||||
|
|
||||||
|
describe :: Property -> Desc -> Property
|
||||||
|
describe p d = p { propertyDesc = d }
|
||||||
|
|
||||||
{- Makes a Property only be performed when a test succeeds. -}
|
{- Makes a Property only be performed when a test succeeds. -}
|
||||||
check :: IO Bool -> Property -> Property
|
check :: IO Bool -> Property -> Property
|
||||||
check c property = Property (propertyDesc property) $ ifM c
|
check c property = Property (propertyDesc property) $ ifM c
|
||||||
|
|
|
@ -59,19 +59,23 @@ runApt ps = cmdProperty' "apt-get" ps env
|
||||||
|
|
||||||
update :: Property
|
update :: Property
|
||||||
update = runApt [Param "update"]
|
update = runApt [Param "update"]
|
||||||
|
`describe` "apt update"
|
||||||
|
|
||||||
upgrade :: Property
|
upgrade :: Property
|
||||||
upgrade = runApt [Params "-y dist-upgrade"]
|
upgrade = runApt [Params "-y dist-upgrade"]
|
||||||
|
`describe` "apt dist-upgrade"
|
||||||
|
|
||||||
type Package = String
|
type Package = String
|
||||||
|
|
||||||
installed :: [Package] -> Property
|
installed :: [Package] -> Property
|
||||||
installed ps = check (isInstallable ps) go
|
installed ps = check (isInstallable ps) go
|
||||||
|
`describe` (unwords $ "apt installed":ps)
|
||||||
where
|
where
|
||||||
go = runApt $ [Param "-y", Param "install"] ++ map Param ps
|
go = runApt $ [Param "-y", Param "install"] ++ map Param ps
|
||||||
|
|
||||||
removed :: [Package] -> Property
|
removed :: [Package] -> Property
|
||||||
removed ps = check (or <$> isInstalled ps) go
|
removed ps = check (or <$> isInstalled ps) go
|
||||||
|
`describe` (unwords $ "apt removed":ps)
|
||||||
where
|
where
|
||||||
go = runApt $ [Param "-y", Param "remove"] ++ map Param ps
|
go = runApt $ [Param "-y", Param "remove"] ++ map Param ps
|
||||||
|
|
||||||
|
@ -95,18 +99,24 @@ isInstalled ps = catMaybes . map parse . lines
|
||||||
|
|
||||||
autoRemove :: Property
|
autoRemove :: Property
|
||||||
autoRemove = runApt [Param "-y", Param "autoremove"]
|
autoRemove = runApt [Param "-y", Param "autoremove"]
|
||||||
|
`describe` "apt autoremove"
|
||||||
|
|
||||||
unattendedUpgrades :: Bool -> Property
|
unattendedUpgrades :: Bool -> Property
|
||||||
unattendedUpgrades enabled = installed ["unattended-upgrades"]
|
unattendedUpgrades enabled =
|
||||||
|
(if enabled then installed else removed) ["unattended-upgrades"]
|
||||||
`onChange` reConfigure "unattended-upgrades"
|
`onChange` reConfigure "unattended-upgrades"
|
||||||
[("unattended-upgrades/enable_auto_updates"
|
[("unattended-upgrades/enable_auto_updates" , "boolean", v)]
|
||||||
, "boolean"
|
`describe` ("unattended upgrades " ++ v)
|
||||||
, if enabled then "true" else "false")]
|
where
|
||||||
|
v
|
||||||
|
| enabled = "true"
|
||||||
|
| otherwise = "false"
|
||||||
|
|
||||||
{- Preseeds debconf values and reconfigures the package so it takes
|
{- Preseeds debconf values and reconfigures the package so it takes
|
||||||
- effect. -}
|
- effect. -}
|
||||||
reConfigure :: Package -> [(String, String, String)] -> Property
|
reConfigure :: Package -> [(String, String, String)] -> Property
|
||||||
reConfigure package vals = reconfigure `requires` setselections
|
reConfigure package vals = reconfigure `requires` setselections
|
||||||
|
`describe` ("reconfigure " ++ package)
|
||||||
where
|
where
|
||||||
setselections = Property "preseed" $ makeChange $
|
setselections = Property "preseed" $ makeChange $
|
||||||
withHandle StdinHandle createProcessSuccess
|
withHandle StdinHandle createProcessSuccess
|
||||||
|
|
|
@ -4,3 +4,4 @@ import Common
|
||||||
|
|
||||||
now :: Property
|
now :: Property
|
||||||
now = cmdProperty "reboot" []
|
now = cmdProperty "reboot" []
|
||||||
|
`describe` "reboot now"
|
||||||
|
|
|
@ -6,6 +6,7 @@ import qualified Property.Apt as Apt
|
||||||
|
|
||||||
isBridge :: Property
|
isBridge :: Property
|
||||||
isBridge = setup `requires` Apt.installed ["tor"]
|
isBridge = setup `requires` Apt.installed ["tor"]
|
||||||
|
`describe` "tor bridge"
|
||||||
where
|
where
|
||||||
setup = "/etc/tor/torrc" `File.hasContent`
|
setup = "/etc/tor/torrc" `File.hasContent`
|
||||||
[ "SocksPort 0"
|
[ "SocksPort 0"
|
||||||
|
|
|
@ -6,12 +6,13 @@ import Common
|
||||||
|
|
||||||
type UserName = String
|
type UserName = String
|
||||||
|
|
||||||
nonsystem :: UserName -> Property
|
sshAccountFor :: UserName -> Property
|
||||||
nonsystem user = check (isNothing <$> homedir user) $ cmdProperty "adduser"
|
sshAccountFor user = check (isNothing <$> homedir user) $ cmdProperty "adduser"
|
||||||
[ Param "--disabled-password"
|
[ Param "--disabled-password"
|
||||||
, Param "--gecos", Param ""
|
, Param "--gecos", Param ""
|
||||||
, Param user
|
, Param user
|
||||||
]
|
]
|
||||||
|
`describe` ("ssh account " ++ user)
|
||||||
|
|
||||||
{- Removes user home directory!! Use with caution. -}
|
{- Removes user home directory!! Use with caution. -}
|
||||||
nuked :: UserName -> Property
|
nuked :: UserName -> Property
|
||||||
|
@ -19,12 +20,14 @@ nuked user = check (isJust <$> homedir user) $ cmdProperty "userdel"
|
||||||
[ Param "-r"
|
[ Param "-r"
|
||||||
, Param user
|
, Param user
|
||||||
]
|
]
|
||||||
|
`describe` ("nuked user " ++ user)
|
||||||
|
|
||||||
lockedPassword :: UserName -> Property
|
lockedPassword :: UserName -> Property
|
||||||
lockedPassword user = check (not <$> isLockedPassword user) $ cmdProperty "passwd"
|
lockedPassword user = check (not <$> isLockedPassword user) $ cmdProperty "passwd"
|
||||||
[ Param "--lock"
|
[ Param "--lock"
|
||||||
, Param user
|
, Param user
|
||||||
]
|
]
|
||||||
|
`describe` ("locked " ++ user ++ " password")
|
||||||
|
|
||||||
isLockedPassword :: UserName -> IO Bool
|
isLockedPassword :: UserName -> IO Bool
|
||||||
isLockedPassword user = parse . words <$> readProcess "passwd" ["-S", user]
|
isLockedPassword user = parse . words <$> readProcess "passwd" ["-S", user]
|
||||||
|
|
Loading…
Reference in New Issue