cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'joeyconfig' 

Conflicts:
	privdata.joey/privdata.gpg
This commit is contained in:
Joey Hess 2015-03-12 20:09:31 -04:00
parent 4f101f8560 9292cee1aa
commit bc60edb50a
8 changed files with 94 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
config-joey.hs
View File

@ -96,6 +96,10 @@ clam = standardSystem "clam.kitenet.net" Unstable "amd64"
& "/var/www/index.html" `File.hasContent` ["hello, world"] & "/var/www/index.html" `File.hasContent` ["hello, world"]
& alias "helloworld.kitenet.net" & alias "helloworld.kitenet.net"
& Docker.docked oldusenetShellBox & Docker.docked oldusenetShellBox
& JoeySites.scrollBox
& alias "scroll.joeyh.name"
& alias "us.scroll.joeyh.name"
-- ssh on some extra ports to deal with horrible networks -- ssh on some extra ports to deal with horrible networks
-- while travelling -- while travelling
@ -272,10 +276,14 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
& Docker.docked jerryPlay & Docker.docked jerryPlay
& Docker.garbageCollected `period` (Weekly (Just 1)) & Docker.garbageCollected `period` (Weekly (Just 1))
& JoeySites.scrollBox
& alias "scroll.joeyh.name"
& alias "eu.scroll.joeyh.name"
-- For https port 443, shellinabox with ssh login to -- For https port 443, shellinabox with ssh login to
-- kitenet.net -- kitenet.net
& alias "shell.kitenet.net" & alias "shell.kitenet.net"
& JoeySites.kiteShellBox & Docker.docked kiteShellBox
-- Nothing is using http port 80, so listen on -- Nothing is using http port 80, so listen on
-- that port for ssh, for traveling on bad networks that -- that port for ssh, for traveling on bad networks that
-- block 22. -- block 22.
@ -348,6 +356,11 @@ jerryPlay = standardContainer "jerryplay" Unstable "amd64"
& Apt.installed ["ssh"] & Apt.installed ["ssh"]
& User.hasSomePassword "root" & User.hasSomePassword "root"
& Ssh.permitRootLogin True & Ssh.permitRootLogin True
kiteShellBox :: Docker.Container
kiteShellBox = standardStableContainer "kiteshellbox"
& JoeySites.kiteShellBox
& Docker.publish "443:443"
type Motd = [String] type Motd = [String]

9
debian/changelog vendored
View File

@ -1,3 +1,12 @@
propellor (2.2.1) unstable; urgency=medium
* userScriptProperty now passes --shell /bin/sh, so it can be used
even for users with nonstandard shells.
* Fix bug in docker propellor shim setup introduced in last release,
which broke provisioning of new docker containers.
-- Joey Hess <id@joeyh.name> Thu, 12 Mar 2015 20:08:34 -0400
propellor (2.2.0) unstable; urgency=medium propellor (2.2.0) unstable; urgency=medium
* When running shimmed (eg in a docker container), * When running shimmed (eg in a docker container),

2
propellor.cabal
View File

@ -1,5 +1,5 @@
Name: propellor Name: propellor
Version: 2.2.0 Version: 2.2.1
Cabal-Version: >= 1.6 Cabal-Version: >= 1.6
License: BSD3 License: BSD3
Maintainer: Joey Hess <id@joeyh.name> Maintainer: Joey Hess <id@joeyh.name>

2
src/Propellor/Property/Cmd.hs
View File

@ -40,6 +40,6 @@ scriptProperty script = cmdProperty "sh" ["-c", shellcmd]
-- | A property that can satisfied by running a series of shell commands, -- | A property that can satisfied by running a series of shell commands,
-- as user (cd'd to their home directory). -- as user (cd'd to their home directory).
userScriptProperty :: UserName -> [String] -> Property NoInfo userScriptProperty :: UserName -> [String] -> Property NoInfo
userScriptProperty user script = cmdProperty "su" ["-c", shellcmd, user] userScriptProperty user script = cmdProperty "su" ["--shell", "/bin/sh", "-c", shellcmd, user]
where where
shellcmd = intercalate " ; " ("set -e" : "cd" : script) shellcmd = intercalate " ; " ("set -e" : "cd" : script)

2
src/Propellor/Property/Postfix.hs
View File

@ -38,7 +38,7 @@ satellite = check (not <$> mainCfIsSet "relayhost") setup
[ Apt.reConfigure "postfix" [ Apt.reConfigure "postfix"
[ ("postfix/main_mailer_type", "select", "Satellite system") [ ("postfix/main_mailer_type", "select", "Satellite system")
, ("postfix/root_address", "string", "root") , ("postfix/root_address", "string", "root")
, ("postfix/destinations", "string", " ") , ("postfix/destinations", "string", "localhost")
, ("postfix/mailname", "string", hn) , ("postfix/mailname", "string", hn)
] ]
, mainCf ("relayhost", domain) , mainCf ("relayhost", domain)

66
src/Propellor/Property/SiteSpecific/JoeySites.hs
View File

@ -22,6 +22,72 @@ import Data.List
import System.Posix.Files import System.Posix.Files
import Data.String.Utils import Data.String.Utils
scrollBox :: Property HasInfo
scrollBox = propertyList "scroll server" $ props
& User.accountFor "scroll"
& Git.cloned "scroll" "git://git.kitenet.net/scroll" (d </> "scroll") Nothing
& Apt.installed ["ghc", "make", "cabal-install", "libghc-vector-dev",
"libghc-bytestring-dev", "libghc-mtl-dev", "libghc-ncurses-dev",
"libghc-random-dev", "libghc-monad-loops-dev",
"libghc-ifelse-dev", "libghc-case-insensitive-dev",
"libghc-data-default-dev"]
& userScriptProperty "scroll"
[ "cd " ++ d </> "scroll"
, "git pull"
, "cabal configure"
, "make"
]
& s `File.hasContent`
[ "#!/bin/sh"
, "set -e"
, "echo Preparing to run scroll!"
, "cd " ++ d
, "mkdir -p tmp"
, "TMPDIR= t=$(tempfile -d tmp)"
, "export t"
, "rm -f \"$t\""
, "mkdir \"$t\""
, "cd \"$t\""
, "echo"
, "echo Press Enter to start the game."
, "read me"
, "SHELL=/bin/sh script --timing=timing -c " ++ g
] `onChange` (s `File.mode` (combineModes (ownerWriteMode:readModes ++ executeModes)))
& g `File.hasContent`
[ "#!/bin/sh"
, "if ! ../../scroll/scroll; then"
, "echo Scroll seems to have ended unexpectedly. Possibly a bug.."
, "else"
, "echo Thanks for playing scroll! https://joeyh.name/code/scroll/"
, "fi"
, "echo Your game was recorded, as ID:$(basename \"$t\")"
, "echo if you would like to talk about how it went, email scroll@joeyh.name"
, "echo 'or, type comments below (finish with a dot on its own line)'"
, "echo"
, "echo Your comments:"
, "mail -s \"scroll test $t\" joey@kitenet.net"
] `onChange` (g `File.mode` (combineModes (ownerWriteMode:readModes ++ executeModes)))
& Apt.installed ["bsd-mailx"]
-- prevent port forwarding etc by not letting scroll log in via ssh
& Ssh.sshdConfig `File.containsLine` ("DenyUsers scroll")
`onChange` Ssh.restarted
& cmdProperty "chsh" ["scroll", "-s", s]
& User.hasPassword "scroll"
& Apt.serviceInstalledRunning "telnetd"
& Apt.installed ["shellinabox"]
& File.hasContent "/etc/default/shellinabox"
[ "# Deployed by propellor"
, "SHELLINABOX_DAEMON_START=1"
, "SHELLINABOX_PORT=4242"
, "SHELLINABOX_ARGS=\"--disable-ssl --no-beep --service=:scroll:scroll:" ++ d ++ ":" ++ s ++ "\""
]
`onChange` Service.restarted "shellinabox"
& Service.running "shellinabox"
where
d = "/home/scroll"
s = d </> "login.sh"
g = d </> "game.sh"
oldUseNetServer :: [Host] -> Property HasInfo oldUseNetServer :: [Host] -> Property HasInfo
oldUseNetServer hosts = propertyList "olduse.net server" $ props oldUseNetServer hosts = propertyList "olduse.net server" $ props
& Apt.installed ["leafnode"] & Apt.installed ["leafnode"]

1
src/Propellor/Property/Ssh.hs
View File

@ -1,5 +1,6 @@
module Propellor.Property.Ssh ( module Propellor.Property.Ssh (
PubKeyText, PubKeyText,
sshdConfig,
setSshdConfig, setSshdConfig,
permitRootLogin, permitRootLogin,
passwordAuthentication, passwordAuthentication,

2
src/Propellor/Shim.hs
View File

@ -34,7 +34,7 @@ setup propellorbin propellorbinpath dest = checkAlreadyShimmed propellorbin $ do
fromMaybe (error "cannot find ld-linux linker") $ fromMaybe (error "cannot find ld-linux linker") $
headMaybe $ filter ("ld-linux" `isInfixOf`) libs' headMaybe $ filter ("ld-linux" `isInfixOf`) libs'
let linkersym = takeDirectory linker </> takeFileName propellorbin let linkersym = takeDirectory linker </> takeFileName propellorbin
createSymbolicLink linkersym (takeFileName linker) createSymbolicLink (takeFileName linker) linkersym
let gconvdir = (dest ++) $ takeDirectory $ let gconvdir = (dest ++) $ takeDirectory $
fromMaybe (error "cannot find gconv directory") $ fromMaybe (error "cannot find gconv directory") $