cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

propellor spin

This commit is contained in:
Joey Hess 2015-06-01 14:51:56 -04:00
parent bfcb26dd4c
commit a7045f737e
Failed to extract signature
2 changed files with 34 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
config-joey.hs
View File

@ -76,7 +76,6 @@ darkstar = host "darkstar.kitenet.net"
& ipv6 "2001:4830:1600:187::2" -- sixxs tunnel
& Apt.buildDep ["git-annex"] `period` Daily
& Docker.configured
& JoeySites.postfixClientRelay (Context "darkstar.kitenet.net")
& JoeySites.dkimMilter
@ -84,7 +83,6 @@ darkstar = host "darkstar.kitenet.net"
gnu :: Host
gnu = host "gnu.kitenet.net"
& Apt.buildDep ["git-annex"] `period` Daily
& Docker.configured
& JoeySites.postfixClientRelay (Context "gnu.kitenet.net")
& JoeySites.dkimMilter
@ -256,9 +254,6 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
, "zsh"
]
& Docker.configured
& Docker.garbageCollected `period` Daily
& alias "nntp.olduse.net"
& JoeySites.oldUseNetServer hosts
@ -414,8 +409,8 @@ iabak = host "iabak.archiveteam.org"
-- Simple web server, publishing the outside host's /var/www
webserver :: Systemd.Container
webserver = standardStableContainer "webserver"
& Docker.publish "80:80"
& Docker.volume "/var/www:/var/www"
& Systemd.publish 80
& Systemd.bind "/var/www"
& Apt.serviceInstalledRunning "apache2"
webserver' :: Docker.Container
@ -449,7 +444,7 @@ oldusenetShellBox = standardStableDockerContainer "oldusenet-shellbox"
& JoeySites.oldUseNetShellBox
jerryPlay :: Docker.Container
jerryPlay = standardContainer "jerryplay" Unstable "amd64"
jerryPlay = standardDockerContainer "jerryplay" Unstable "amd64"
& alias "jerryplay.kitenet.net"
& Docker.publish "2202:22"
& Docker.publish "8001:80"
@ -491,16 +486,25 @@ standardSystemUnhardened hn suite arch motd = host hn
& Apt.removed ["exim4", "exim4-daemon-light", "exim4-config", "exim4-base"]
`onChange` Apt.autoRemove
-- This is my standard container setup, Featuring automatic upgrades.
standardContainer :: Systemd.MachineName -> DebianSuite -> Architecture -> Systemd.Container
standardContainer name suite arch = Systemd.container name chroot
& os system
& Apt.stdSourcesList `onChange` Apt.upgrade
& Apt.unattendedUpgrades
& Apt.cacheCleaned
where
system = System (Debian suite) arch
chroot = Chroot.debootstrapped system mempty
standardStableContainer :: Systemd.MachineName -> Systemd.Container
standardStableContainer name = Systemd.container name $
Chroot.debootstrapped (System (Debian (Stable "jessie")) "amd64") mempty
standardStableContainer name = standardContainer name (Stable "jessie") "amd64"
standardStableDockerContainer :: Docker.ContainerName -> Docker.Container
standardStableDockerContainer name = standardContainer name (Stable "jessie") "amd64"
standardStableDockerContainer name = standardDockerContainer name (Stable "jessie") "amd64"
-- This is my standard container setup, Featuring automatic upgrades.
standardContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Docker.Container
standardContainer name suite arch = Docker.container name (dockerImage system)
standardDockerContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Docker.Container
standardDockerContainer name suite arch = Docker.container name (dockerImage system)
& os system
& Apt.stdSourcesList `onChange` Apt.upgrade
& Apt.unattendedUpgrades

17
src/Propellor/Property/Systemd.hs
View File

@ -24,7 +24,9 @@ module Propellor.Property.Systemd (
resolvConfed,
publish,
Proto(..),
publish'
publish',
bind,
bindRo,
) where
import Propellor
@ -274,6 +276,8 @@ containerCfg p = RevertableProperty (mk True) (mk False)
('-':_) -> p
_ -> "--" ++ p
-- | Bind mounts </etc/resolv.conf> from the host into the container.
--
-- This property is enabled by default. Revert it to disable it.
@ -310,3 +314,14 @@ publish' proto hostport containerport = containerCfg $ "--port=" ++
where
sproto TCP = "tcp"
sproto UDP = "udp"
-- | Bind mount a file or directory from the host into the container.
--
-- The parameter can be a FilePath, or a colon-separated pair of
-- hostpath:containerpath.
bind :: FilePath -> RevertableProperty
bind f = containerCfg $ "--bind=" ++ f
-- | Read-only mind mount.
bindRo :: FilePath -> RevertableProperty
bindRo f = containerCfg $ "--bind-ro=" ++ f