cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'joeyconfig'

This commit is contained in:
Joey Hess 2015-05-29 10:09:22 -04:00
parent 5b0c4d1f1a 8d98d4351b
commit c8f9e11779
21 changed files with 70 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
config-joey.hs
View File

@ -75,7 +75,6 @@ darkstar = host "darkstar.kitenet.net"
& Apt.buildDep ["git-annex"] `period` Daily
& Docker.configured
! Docker.docked gitAnnexAndroidDev
& JoeySites.postfixClientRelay (Context "darkstar.kitenet.net")
& JoeySites.dkimMilter
@ -130,15 +129,9 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64"
& Apt.unattendedUpgrades
& Postfix.satellite
& Systemd.persistentJournal
& Docker.configured
& Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h")
& Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h")
& Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h")
& Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage)
& Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h")
& Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h")
& Docker.garbageCollected `period` Daily
& Apt.buildDep ["git-annex"] `period` Daily
& Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer "amd64" 15 "2h")
& Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer "i386" 15 "2h")
& Systemd.nspawned (GitAnnexBuilder.androidAutoBuilderContainer (Cron.Times "1 1 * * *") "3h")
-- This is not a complete description of kite, since it's a
-- multiuser system with eg, user passwords that are not deployed
@ -408,13 +401,6 @@ oldusenetShellBox = standardStableContainer "oldusenet-shellbox"
& Docker.publish "4200:4200"
& JoeySites.oldUseNetShellBox
-- for development of git-annex for android, using my git-annex work tree
gitAnnexAndroidDev :: Docker.Container
gitAnnexAndroidDev = GitAnnexBuilder.androidContainer dockerImage "android-git-annex" doNothing gitannexdir
& Docker.volume ("/home/joey/src/git-annex:" ++ gitannexdir)
where
gitannexdir = GitAnnexBuilder.homedir </> "git-annex"
jerryPlay :: Docker.Container
jerryPlay = standardContainer "jerryplay" Unstable "amd64"
& alias "jerryplay.kitenet.net"

2
debian/changelog vendored
View File

@ -7,6 +7,8 @@ propellor (2.5.0) UNRELEASED; urgency=medium
* Export CommandParam, boolSystem, safeSystem and shellEscape from
Propellor.Property.Cmd, so they are available for use in constricting
your own Properties when using propellor as a library.
* Improve enter-machine scripts for nspawn containers to unset most
environment variables.
-- Joey Hess <id@joeyh.name> Thu, 07 May 2015 12:08:34 -0400

42
src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
View File

@ -94,22 +94,9 @@ cabalDeps = flagFile go cabalupdated
go = userScriptProperty (User builduser) ["cabal update && cabal install git-annex --only-dependencies || true"]
cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Docker.Container
standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.container (arch ++ "-git-annex-builder")
(dockerImage $ System (Debian Testing) arch)
& os (System (Debian Testing) arch)
& Apt.stdSourcesList
& Apt.installed ["systemd"]
& Apt.unattendedUpgrades
& User.accountFor (User builduser)
& tree arch
& buildDepsApt
& autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout
& Docker.tweaked
standardAutoBuilderContainerNspawn :: Architecture -> Int -> TimeOut -> Systemd.Container
standardAutoBuilderContainerNspawn arch buildminute timeout = Systemd.container name bootstrap
& os myos
standardAutoBuilderContainer :: Architecture -> Int -> TimeOut -> Systemd.Container
standardAutoBuilderContainer arch buildminute timeout = Systemd.container name bootstrap
& os osver
& Apt.stdSourcesList
& Apt.unattendedUpgrades
& User.accountFor (User builduser)
@ -118,35 +105,31 @@ standardAutoBuilderContainerNspawn arch buildminute timeout = Systemd.container
& autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout
where
name = arch ++ "-git-annex-builder"
bootstrap = Chroot.debootstrapped myos mempty
myos = System (Debian Unstable) arch
bootstrap = Chroot.debootstrapped osver mempty
osver = System (Debian Testing) arch
androidAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container
androidAutoBuilderContainer dockerImage crontimes timeout =
androidContainer dockerImage "android-git-annex-builder" (tree "android") builddir
androidAutoBuilderContainer :: Times -> TimeOut -> Systemd.Container
androidAutoBuilderContainer crontimes timeout =
androidContainer "android-git-annex-builder" (tree "android") builddir
& Apt.unattendedUpgrades
& autobuilder "android" crontimes timeout
-- Android is cross-built in a Debian i386 container, using the Android NDK.
androidContainer
:: (IsProp (Property (CInfo NoInfo i)), (Combines (Property NoInfo) (Property i)))
=> (System -> Docker.Image)
-> Docker.ContainerName
=> Systemd.MachineName
-> Property i
-> FilePath
-> Docker.Container
androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.container name
(dockerImage osver)
-> Systemd.Container
androidContainer name setupgitannexdir gitannexdir = Systemd.container name bootstrap
& os osver
& Apt.stdSourcesList
& Apt.installed ["systemd"]
& Docker.tweaked
& User.accountFor (User builduser)
& File.dirExists gitbuilderdir
& File.ownerGroup homedir (User builduser) (Group builduser)
& buildDepsApt
& flagFile chrootsetup ("/chrootsetup")
`requires` setupgitannexdir
& buildDepsApt
& flagFile haskellpkgsinstalled ("/haskellpkgsinstalled")
where
-- Use git-annex's android chroot setup script, which will install
@ -159,6 +142,7 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe
[ "cd " ++ gitannexdir ++ " && ./standalone/android/install-haskell-packages"
]
osver = System (Debian Testing) "i386"
bootstrap = Chroot.debootstrapped osver mempty
-- armel builder has a companion container using amd64 that
-- runs the build first to get TH splices. They need

20
src/Propellor/Property/Systemd.hs
View File

@ -215,15 +215,19 @@ enterScript c@(Container name _ _) = setup <!> teardown
where
setup = combineProperties ("generated " ++ enterScriptFile c)
[ scriptfile `File.hasContent`
[ "#!/bin/sh"
[ "#!/usr/bin/perl"
, "# Generated by propellor"
, "pid=\"$(machinectl show " ++ shellEscape name ++ " -p Leader | cut -d= -f2)\" || true"
, "if [ -n \"$pid\" ]; then"
, "\tnsenter -p -u -n -i -m -t \"$pid\" \"$@\""
, "else"
, "\techo container not running >&2"
, "\texit 1"
, "fi"
, "my $pid=`machinectl show " ++ shellEscape name ++ " -p Leader | cut -d= -f2`;"
, "chomp $pid;"
, "if (length $pid) {"
, "\tforeach my $var (keys %ENV) {"
, "\t\tdelete $ENV{$var} unless $var eq 'PATH' || $var eq 'TERM';"
, "\t}"
, "\texec('nsenter', '-p', '-u', '-n', '-i', '-m', '-t', $pid, @ARGV);"
, "} else {"
, "\tdie 'container not running';"
, "}"
, "exit(1);"
]
, scriptfile `File.mode` combineModes (readModes ++ executeModes)
]

2
src/Utility/Data.hs
View File

@ -5,6 +5,8 @@
- License: BSD-2-clause
-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Data where
{- First item in the list that is not Nothing. -}

2
src/Utility/Directory.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Directory where
@ -18,6 +19,7 @@ import Control.Applicative
import Control.Concurrent
import System.IO.Unsafe (unsafeInterleaveIO)
import Data.Maybe
import Prelude
#ifdef mingw32_HOST_OS
import qualified System.Win32 as Win32

2
src/Utility/Env.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Env where
@ -13,6 +14,7 @@ module Utility.Env where
import Utility.Exception
import Control.Applicative
import Data.Maybe
import Prelude
import qualified System.Environment as E
import qualified System.SetEnv
#else

1
src/Utility/Exception.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE ScopedTypeVariables #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Exception (
module X,

13
src/Utility/FileMode.hs
View File

@ -22,15 +22,12 @@ import Utility.Exception
{- Applies a conversion function to a file's mode. -}
modifyFileMode :: FilePath -> (FileMode -> FileMode) -> IO ()
modifyFileMode f convert = void $ modifyFileMode' f convert
modifyFileMode' :: FilePath -> (FileMode -> FileMode) -> IO FileMode
modifyFileMode' f convert = do
modifyFileMode f convert = do
s <- getFileStatus f
let old = fileMode s
let new = convert old
when (new /= old) $
setFileMode f new
return old
{- Adds the specified FileModes to the input mode, leaving the rest
- unchanged. -}
@ -41,14 +38,6 @@ addModes ms m = combineModes (m:ms)
removeModes :: [FileMode] -> FileMode -> FileMode
removeModes ms m = m `intersectFileModes` complement (combineModes ms)
{- Runs an action after changing a file's mode, then restores the old mode. -}
withModifiedFileMode :: FilePath -> (FileMode -> FileMode) -> IO a -> IO a
withModifiedFileMode file convert a = bracket setup cleanup go
where
setup = modifyFileMode' file convert
cleanup oldmode = modifyFileMode file (const oldmode)
go _ = a
writeModes :: [FileMode]
writeModes = [ownerWriteMode, groupWriteMode, otherWriteMode]

1
src/Utility/FileSystemEncoding.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.FileSystemEncoding (
fileEncoding,

15
src/Utility/LinuxMkLibs.hs
View File

@ -7,7 +7,12 @@
module Utility.LinuxMkLibs where
import Control.Applicative
import Utility.PartialPrelude
import Utility.Directory
import Utility.Process
import Utility.Monad
import Utility.Path
import Data.Maybe
import System.Directory
import System.FilePath
@ -15,12 +20,8 @@ import Data.List.Utils
import System.Posix.Files
import Data.Char
import Control.Monad.IfElse
import Utility.PartialPrelude
import Utility.Directory
import Utility.Process
import Utility.Monad
import Utility.Path
import Control.Applicative
import Prelude
{- Installs a library. If the library is a symlink to another file,
- install the file it links to, and update the symlink to be relative. -}

10
src/Utility/Misc.hs
View File

@ -6,23 +6,25 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Misc where
import Utility.FileSystemEncoding
import Utility.Monad
import System.IO
import Control.Monad
import Foreign
import Data.Char
import Data.List
import Control.Applicative
import System.Exit
#ifndef mingw32_HOST_OS
import System.Posix.Process (getAnyProcessStatus)
import Utility.Exception
#endif
import Utility.FileSystemEncoding
import Utility.Monad
import Control.Applicative
import Prelude
{- A version of hgetContents that is not lazy. Ensures file is
- all read before it gets closed. -}

2
src/Utility/Monad.hs
View File

@ -5,6 +5,8 @@
- License: BSD-2-clause
-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Monad where
import Data.Maybe

2
src/Utility/PartialPrelude.hs
View File

@ -5,6 +5,8 @@
- them being accidentially used.
-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.PartialPrelude where
import qualified Data.Maybe

2
src/Utility/Path.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE PackageImports, CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Path where
@ -16,6 +17,7 @@ import Data.List
import Data.Maybe
import Data.Char
import Control.Applicative
import Prelude
#ifdef mingw32_HOST_OS
import qualified System.FilePath.Posix as Posix

1
src/Utility/PosixFiles.hs
View File

@ -8,6 +8,7 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.PosixFiles (
module X,

2
src/Utility/Process.hs
View File

@ -7,6 +7,7 @@
-}
{-# LANGUAGE CPP, Rank2Types #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Process (
module X,
@ -54,6 +55,7 @@ import qualified System.Posix.IO
import Control.Applicative
#endif
import Data.Maybe
import Prelude
import Utility.Misc
import Utility.Exception

1
src/Utility/QuickCheck.hs
View File

@ -19,6 +19,7 @@ import System.Posix.Types
import qualified Data.Map as M
import qualified Data.Set as S
import Control.Applicative
import Prelude
instance (Arbitrary k, Arbitrary v, Eq k, Ord k) => Arbitrary (M.Map k v) where
arbitrary = M.fromList <$> arbitrary

3
src/Utility/Scheduled.hs
View File

@ -32,7 +32,6 @@ import Utility.QuickCheck
import Utility.PartialPrelude
import Utility.Misc
import Control.Applicative
import Data.List
import Data.Time.Clock
import Data.Time.LocalTime
@ -41,6 +40,8 @@ import Data.Time.Calendar.WeekDate
import Data.Time.Calendar.OrdinalDate
import Data.Tuple.Utils
import Data.Char
import Control.Applicative
import Prelude
{- Some sort of scheduled event. -}
data Schedule = Schedule Recurrance ScheduledTime

1
src/Utility/Tmp.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.Tmp where

6
src/Utility/UserInfo.hs
View File

@ -6,6 +6,7 @@
-}
{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}
module Utility.UserInfo (
myHomeDir,
@ -13,12 +14,13 @@ module Utility.UserInfo (
myUserGecos,
) where
import Utility.Env
import System.PosixCompat
#ifndef mingw32_HOST_OS
import Control.Applicative
#endif
import Utility.Env
import Prelude
{- Current user's home directory.
-