From 353d3e888b437403c32fa6512d1141a6d8e0a2c2 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 14:55:31 -0400 Subject: [PATCH 01/14] merge changes from git-annex --- src/Utility/Data.hs | 2 ++ src/Utility/Directory.hs | 2 ++ src/Utility/Env.hs | 2 ++ src/Utility/Exception.hs | 1 + src/Utility/FileMode.hs | 13 +------------ src/Utility/FileSystemEncoding.hs | 1 + src/Utility/LinuxMkLibs.hs | 15 ++++++++------- src/Utility/Misc.hs | 10 ++++++---- src/Utility/Monad.hs | 2 ++ src/Utility/PartialPrelude.hs | 2 ++ src/Utility/Path.hs | 2 ++ src/Utility/PosixFiles.hs | 1 + src/Utility/Process.hs | 2 ++ src/Utility/QuickCheck.hs | 1 + src/Utility/Scheduled.hs | 3 ++- src/Utility/Tmp.hs | 1 + src/Utility/UserInfo.hs | 6 ++++-- 17 files changed, 40 insertions(+), 26 deletions(-) diff --git a/src/Utility/Data.hs b/src/Utility/Data.hs index 5ecd218..27c0a82 100644 --- a/src/Utility/Data.hs +++ b/src/Utility/Data.hs @@ -5,6 +5,8 @@ - License: BSD-2-clause -} +{-# OPTIONS_GHC -fno-warn-tabs #-} + module Utility.Data where {- First item in the list that is not Nothing. -} diff --git a/src/Utility/Directory.hs b/src/Utility/Directory.hs index 2e037fd..7322cd8 100644 --- a/src/Utility/Directory.hs +++ b/src/Utility/Directory.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Directory where @@ -18,6 +19,7 @@ import Control.Applicative import Control.Concurrent import System.IO.Unsafe (unsafeInterleaveIO) import Data.Maybe +import Prelude #ifdef mingw32_HOST_OS import qualified System.Win32 as Win32 diff --git a/src/Utility/Env.hs b/src/Utility/Env.hs index fdf06d8..c56f4ec 100644 --- a/src/Utility/Env.hs +++ b/src/Utility/Env.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Env where @@ -13,6 +14,7 @@ module Utility.Env where import Utility.Exception import Control.Applicative import Data.Maybe +import Prelude import qualified System.Environment as E import qualified System.SetEnv #else diff --git a/src/Utility/Exception.hs b/src/Utility/Exception.hs index ab47ae9..9d4236c 100644 --- a/src/Utility/Exception.hs +++ b/src/Utility/Exception.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE ScopedTypeVariables #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Exception ( module X, diff --git a/src/Utility/FileMode.hs b/src/Utility/FileMode.hs index 201b845..fdf1b56 100644 --- a/src/Utility/FileMode.hs +++ b/src/Utility/FileMode.hs @@ -22,15 +22,12 @@ import Utility.Exception {- Applies a conversion function to a file's mode. -} modifyFileMode :: FilePath -> (FileMode -> FileMode) -> IO () -modifyFileMode f convert = void $ modifyFileMode' f convert -modifyFileMode' :: FilePath -> (FileMode -> FileMode) -> IO FileMode -modifyFileMode' f convert = do +modifyFileMode f convert = do s <- getFileStatus f let old = fileMode s let new = convert old when (new /= old) $ setFileMode f new - return old {- Adds the specified FileModes to the input mode, leaving the rest - unchanged. -} @@ -41,14 +38,6 @@ addModes ms m = combineModes (m:ms) removeModes :: [FileMode] -> FileMode -> FileMode removeModes ms m = m `intersectFileModes` complement (combineModes ms) -{- Runs an action after changing a file's mode, then restores the old mode. -} -withModifiedFileMode :: FilePath -> (FileMode -> FileMode) -> IO a -> IO a -withModifiedFileMode file convert a = bracket setup cleanup go - where - setup = modifyFileMode' file convert - cleanup oldmode = modifyFileMode file (const oldmode) - go _ = a - writeModes :: [FileMode] writeModes = [ownerWriteMode, groupWriteMode, otherWriteMode] diff --git a/src/Utility/FileSystemEncoding.hs b/src/Utility/FileSystemEncoding.hs index 139b74f..41c5972 100644 --- a/src/Utility/FileSystemEncoding.hs +++ b/src/Utility/FileSystemEncoding.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.FileSystemEncoding ( fileEncoding, diff --git a/src/Utility/LinuxMkLibs.hs b/src/Utility/LinuxMkLibs.hs index db64d12..fdeb779 100644 --- a/src/Utility/LinuxMkLibs.hs +++ b/src/Utility/LinuxMkLibs.hs @@ -7,7 +7,12 @@ module Utility.LinuxMkLibs where -import Control.Applicative +import Utility.PartialPrelude +import Utility.Directory +import Utility.Process +import Utility.Monad +import Utility.Path + import Data.Maybe import System.Directory import System.FilePath @@ -15,12 +20,8 @@ import Data.List.Utils import System.Posix.Files import Data.Char import Control.Monad.IfElse - -import Utility.PartialPrelude -import Utility.Directory -import Utility.Process -import Utility.Monad -import Utility.Path +import Control.Applicative +import Prelude {- Installs a library. If the library is a symlink to another file, - install the file it links to, and update the symlink to be relative. -} diff --git a/src/Utility/Misc.hs b/src/Utility/Misc.hs index e4eccac..45d5a06 100644 --- a/src/Utility/Misc.hs +++ b/src/Utility/Misc.hs @@ -6,23 +6,25 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Misc where +import Utility.FileSystemEncoding +import Utility.Monad + import System.IO import Control.Monad import Foreign import Data.Char import Data.List -import Control.Applicative import System.Exit #ifndef mingw32_HOST_OS import System.Posix.Process (getAnyProcessStatus) import Utility.Exception #endif - -import Utility.FileSystemEncoding -import Utility.Monad +import Control.Applicative +import Prelude {- A version of hgetContents that is not lazy. Ensures file is - all read before it gets closed. -} diff --git a/src/Utility/Monad.hs b/src/Utility/Monad.hs index 878e0da..ac75104 100644 --- a/src/Utility/Monad.hs +++ b/src/Utility/Monad.hs @@ -5,6 +5,8 @@ - License: BSD-2-clause -} +{-# OPTIONS_GHC -fno-warn-tabs #-} + module Utility.Monad where import Data.Maybe diff --git a/src/Utility/PartialPrelude.hs b/src/Utility/PartialPrelude.hs index 6efa093..5579556 100644 --- a/src/Utility/PartialPrelude.hs +++ b/src/Utility/PartialPrelude.hs @@ -5,6 +5,8 @@ - them being accidentially used. -} +{-# OPTIONS_GHC -fno-warn-tabs #-} + module Utility.PartialPrelude where import qualified Data.Maybe diff --git a/src/Utility/Path.hs b/src/Utility/Path.hs index 9f0737f..8e3c2bd 100644 --- a/src/Utility/Path.hs +++ b/src/Utility/Path.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE PackageImports, CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Path where @@ -16,6 +17,7 @@ import Data.List import Data.Maybe import Data.Char import Control.Applicative +import Prelude #ifdef mingw32_HOST_OS import qualified System.FilePath.Posix as Posix diff --git a/src/Utility/PosixFiles.hs b/src/Utility/PosixFiles.hs index 5a94ead..4550beb 100644 --- a/src/Utility/PosixFiles.hs +++ b/src/Utility/PosixFiles.hs @@ -8,6 +8,7 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.PosixFiles ( module X, diff --git a/src/Utility/Process.hs b/src/Utility/Process.hs index cbbe8a8..9f98596 100644 --- a/src/Utility/Process.hs +++ b/src/Utility/Process.hs @@ -7,6 +7,7 @@ -} {-# LANGUAGE CPP, Rank2Types #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Process ( module X, @@ -54,6 +55,7 @@ import qualified System.Posix.IO import Control.Applicative #endif import Data.Maybe +import Prelude import Utility.Misc import Utility.Exception diff --git a/src/Utility/QuickCheck.hs b/src/Utility/QuickCheck.hs index 54200d3..cd408dd 100644 --- a/src/Utility/QuickCheck.hs +++ b/src/Utility/QuickCheck.hs @@ -19,6 +19,7 @@ import System.Posix.Types import qualified Data.Map as M import qualified Data.Set as S import Control.Applicative +import Prelude instance (Arbitrary k, Arbitrary v, Eq k, Ord k) => Arbitrary (M.Map k v) where arbitrary = M.fromList <$> arbitrary diff --git a/src/Utility/Scheduled.hs b/src/Utility/Scheduled.hs index e077a1f..b381332 100644 --- a/src/Utility/Scheduled.hs +++ b/src/Utility/Scheduled.hs @@ -32,7 +32,6 @@ import Utility.QuickCheck import Utility.PartialPrelude import Utility.Misc -import Control.Applicative import Data.List import Data.Time.Clock import Data.Time.LocalTime @@ -41,6 +40,8 @@ import Data.Time.Calendar.WeekDate import Data.Time.Calendar.OrdinalDate import Data.Tuple.Utils import Data.Char +import Control.Applicative +import Prelude {- Some sort of scheduled event. -} data Schedule = Schedule Recurrance ScheduledTime diff --git a/src/Utility/Tmp.hs b/src/Utility/Tmp.hs index dc55981..de970fe 100644 --- a/src/Utility/Tmp.hs +++ b/src/Utility/Tmp.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.Tmp where diff --git a/src/Utility/UserInfo.hs b/src/Utility/UserInfo.hs index 5bf8d5c..7e94caf 100644 --- a/src/Utility/UserInfo.hs +++ b/src/Utility/UserInfo.hs @@ -6,6 +6,7 @@ -} {-# LANGUAGE CPP #-} +{-# OPTIONS_GHC -fno-warn-tabs #-} module Utility.UserInfo ( myHomeDir, @@ -13,12 +14,13 @@ module Utility.UserInfo ( myUserGecos, ) where +import Utility.Env + import System.PosixCompat #ifndef mingw32_HOST_OS import Control.Applicative #endif - -import Utility.Env +import Prelude {- Current user's home directory. - From 3c2349922da39cd913e5cde473ec03dda9fe3fb6 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 18:27:25 -0400 Subject: [PATCH 02/14] propellor spin --- config-joey.hs | 2 +- src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index 8c44d10..e61982e 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -132,7 +132,7 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Systemd.persistentJournal & Docker.configured & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") - & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") + ! Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs index 6108bf1..ee0adca 100644 --- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs +++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs @@ -119,7 +119,7 @@ standardAutoBuilderContainerNspawn arch buildminute timeout = Systemd.container where name = arch ++ "-git-annex-builder" bootstrap = Chroot.debootstrapped myos mempty - myos = System (Debian Unstable) arch + myos = System (Debian Testing) arch androidAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container androidAutoBuilderContainer dockerImage crontimes timeout = From d71cb6a362d842e6c429f144552cdab49ae86196 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 19:12:30 -0400 Subject: [PATCH 03/14] propellor spin --- config-joey.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-joey.hs b/config-joey.hs index e61982e..b528658 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -131,8 +131,8 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Postfix.satellite & Systemd.persistentJournal & Docker.configured + & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") - ! Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") From e53995e8ade1bfaea0ceb7ee9d345445889431c2 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 19:34:39 -0400 Subject: [PATCH 04/14] propellor spin --- config-joey.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index b528658..37ce3b7 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -131,13 +131,13 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Postfix.satellite & Systemd.persistentJournal & Docker.configured + ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") - & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") & Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") - & Docker.garbageCollected `period` Daily + & Docker.garbageCollected -- `period` Daily & Apt.buildDep ["git-annex"] `period` Daily -- This is not a complete description of kite, since it's a From a230b2a837425f7eae14cabdb05c4c1223de4f86 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 19:46:18 -0400 Subject: [PATCH 05/14] propellor spin --- config-joey.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index 37ce3b7..c63aa2d 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -132,12 +132,12 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Systemd.persistentJournal & Docker.configured ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") + ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") + & Docker.garbageCollected -- `period` Daily & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") - & Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") & Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") - & Docker.garbageCollected -- `period` Daily & Apt.buildDep ["git-annex"] `period` Daily -- This is not a complete description of kite, since it's a From 672a783d3a2804ceeb6f179f37042eba5248f4c1 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 19:59:23 -0400 Subject: [PATCH 06/14] propellor spin --- config-joey.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-joey.hs b/config-joey.hs index c63aa2d..013be11 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -133,11 +133,11 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Docker.configured ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") + ! Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") & Docker.garbageCollected -- `period` Daily & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") - & Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") & Apt.buildDep ["git-annex"] `period` Daily -- This is not a complete description of kite, since it's a From 9ce43e55f8db84ac1111ad29f0c134814f805fed Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:11:36 -0400 Subject: [PATCH 07/14] Improve enter-machine scripts for nspawn containers to unset most environment variables. --- config-joey.hs | 4 ++-- debian/changelog | 2 ++ src/Propellor/Property/Systemd.hs | 20 ++++++++++++-------- 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index 013be11..e01af47 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -134,10 +134,10 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") ! Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") + ! Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) + ! Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") & Docker.garbageCollected -- `period` Daily & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") - & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) - & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") & Apt.buildDep ["git-annex"] `period` Daily -- This is not a complete description of kite, since it's a diff --git a/debian/changelog b/debian/changelog index 96a9f74..5d70582 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,8 @@ propellor (2.5.0) UNRELEASED; urgency=medium * Export CommandParam, boolSystem, safeSystem and shellEscape from Propellor.Property.Cmd, so they are available for use in constricting your own Properties when using propellor as a library. + * Improve enter-machine scripts for nspawn containers to unset most + environment variables. -- Joey Hess Thu, 07 May 2015 12:08:34 -0400 diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs index 78a9996..b19c08b 100644 --- a/src/Propellor/Property/Systemd.hs +++ b/src/Propellor/Property/Systemd.hs @@ -215,15 +215,19 @@ enterScript c@(Container name _ _) = setup teardown where setup = combineProperties ("generated " ++ enterScriptFile c) [ scriptfile `File.hasContent` - [ "#!/bin/sh" + [ "#!/usr/bin/perl" , "# Generated by propellor" - , "pid=\"$(machinectl show " ++ shellEscape name ++ " -p Leader | cut -d= -f2)\" || true" - , "if [ -n \"$pid\" ]; then" - , "\tnsenter -p -u -n -i -m -t \"$pid\" \"$@\"" - , "else" - , "\techo container not running >&2" - , "\texit 1" - , "fi" + , "my $pid=`machinectl show " ++ shellEscape name ++ " -p Leader | cut -d= -f2`;" + , "chomp $pid;" + , "if (length $pid) {" + , "\tforeach my $var (keys %ENV) {" + , "\t\tdelete $var unless $var eq 'PATH' || $var eq 'TERM';" + , "\t}" + , "\texec('nsenter', '-p', '-u', '-n', '-i', '-m', '-t', $pid, @ARGV);" + , "} else {" + , "\tdie 'container not running';" + , "}" + , "exit(1);" ] , scriptfile `File.mode` combineModes (readModes ++ executeModes) ] From fba62ba36ad94241f47d89de668ec4bb7f2a774e Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:11:55 -0400 Subject: [PATCH 08/14] propellor spin From 0c86662b2d98f8f708bb5217e1cedf74b2fbfa04 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:15:54 -0400 Subject: [PATCH 09/14] propellor spin --- src/Propellor/Property/Systemd.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Propellor/Property/Systemd.hs b/src/Propellor/Property/Systemd.hs index b19c08b..c698f78 100644 --- a/src/Propellor/Property/Systemd.hs +++ b/src/Propellor/Property/Systemd.hs @@ -221,7 +221,7 @@ enterScript c@(Container name _ _) = setup teardown , "chomp $pid;" , "if (length $pid) {" , "\tforeach my $var (keys %ENV) {" - , "\t\tdelete $var unless $var eq 'PATH' || $var eq 'TERM';" + , "\t\tdelete $ENV{$var} unless $var eq 'PATH' || $var eq 'TERM';" , "\t}" , "\texec('nsenter', '-p', '-u', '-n', '-i', '-m', '-t', $pid, @ARGV);" , "} else {" From 7bf9804517b5e266f8818dfd4258a78108711b34 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:16:29 -0400 Subject: [PATCH 10/14] propellor spin --- config-joey.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index e01af47..61cb373 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -134,8 +134,8 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") ! Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") - ! Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) - ! Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") + & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) + & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") & Docker.garbageCollected -- `period` Daily & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") & Apt.buildDep ["git-annex"] `period` Daily From c56ff88cecb2e8210afc1c3a5a31b678d781df37 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:18:18 -0400 Subject: [PATCH 11/14] propellor spin --- config-joey.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index 61cb373..e01af47 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -134,8 +134,8 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") ! Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") - & Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) - & Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") + ! Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) + ! Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") & Docker.garbageCollected -- `period` Daily & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") & Apt.buildDep ["git-annex"] `period` Daily From ffcc53d730deaec320e609e6ffac382194b3a9ff Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:20:30 -0400 Subject: [PATCH 12/14] clean --- config-joey.hs | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index e01af47..76c06bd 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -130,14 +130,8 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Apt.unattendedUpgrades & Postfix.satellite & Systemd.persistentJournal - & Docker.configured - ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "amd64" 15 "2h") - ! Docker.docked (GitAnnexBuilder.standardAutoBuilderContainer dockerImage "i386" 45 "2h") - ! Docker.docked (GitAnnexBuilder.androidAutoBuilderContainer dockerImage (Cron.Times "1 1 * * *") "3h") - ! Docker.docked (GitAnnexBuilder.armelCompanionContainer dockerImage) - ! Docker.docked (GitAnnexBuilder.armelAutoBuilderContainer dockerImage (Cron.Times "1 3 * * *") "5h") - & Docker.garbageCollected -- `period` Daily & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") + & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "i386" 15 "2h") & Apt.buildDep ["git-annex"] `period` Daily -- This is not a complete description of kite, since it's a From 2c2247fc2338d1543999cbbe182ea93e052c2d91 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 27 May 2015 21:24:50 -0400 Subject: [PATCH 13/14] propellor spin --- config-joey.hs | 14 ++----- .../Property/SiteSpecific/GitAnnexBuilder.hs | 40 ++++++------------- 2 files changed, 15 insertions(+), 39 deletions(-) diff --git a/config-joey.hs b/config-joey.hs index 76c06bd..50e712a 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -75,7 +75,6 @@ darkstar = host "darkstar.kitenet.net" & Apt.buildDep ["git-annex"] `period` Daily & Docker.configured - ! Docker.docked gitAnnexAndroidDev & JoeySites.postfixClientRelay (Context "darkstar.kitenet.net") & JoeySites.dkimMilter @@ -130,9 +129,9 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64" & Apt.unattendedUpgrades & Postfix.satellite & Systemd.persistentJournal - & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "amd64" 15 "2h") - & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainerNspawn "i386" 15 "2h") - & Apt.buildDep ["git-annex"] `period` Daily + & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer "amd64" 15 "2h") + & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer "i386" 15 "2h") + & Systemd.nspawned (GitAnnexBuilder.androidAutoBuilderContainer (Cron.Times "1 1 * * *") "3h") -- This is not a complete description of kite, since it's a -- multiuser system with eg, user passwords that are not deployed @@ -402,13 +401,6 @@ oldusenetShellBox = standardStableContainer "oldusenet-shellbox" & Docker.publish "4200:4200" & JoeySites.oldUseNetShellBox --- for development of git-annex for android, using my git-annex work tree -gitAnnexAndroidDev :: Docker.Container -gitAnnexAndroidDev = GitAnnexBuilder.androidContainer dockerImage "android-git-annex" doNothing gitannexdir - & Docker.volume ("/home/joey/src/git-annex:" ++ gitannexdir) - where - gitannexdir = GitAnnexBuilder.homedir "git-annex" - jerryPlay :: Docker.Container jerryPlay = standardContainer "jerryplay" Unstable "amd64" & alias "jerryplay.kitenet.net" diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs index ee0adca..eb83102 100644 --- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs +++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs @@ -94,22 +94,9 @@ cabalDeps = flagFile go cabalupdated go = userScriptProperty (User builduser) ["cabal update && cabal install git-annex --only-dependencies || true"] cabalupdated = homedir ".cabal" "packages" "hackage.haskell.org" "00-index.cache" -standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Docker.Container -standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.container (arch ++ "-git-annex-builder") - (dockerImage $ System (Debian Testing) arch) - & os (System (Debian Testing) arch) - & Apt.stdSourcesList - & Apt.installed ["systemd"] - & Apt.unattendedUpgrades - & User.accountFor (User builduser) - & tree arch - & buildDepsApt - & autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout - & Docker.tweaked - -standardAutoBuilderContainerNspawn :: Architecture -> Int -> TimeOut -> Systemd.Container -standardAutoBuilderContainerNspawn arch buildminute timeout = Systemd.container name bootstrap - & os myos +standardAutoBuilderContainer :: Architecture -> Int -> TimeOut -> Systemd.Container +standardAutoBuilderContainer arch buildminute timeout = Systemd.container name bootstrap + & os osver & Apt.stdSourcesList & Apt.unattendedUpgrades & User.accountFor (User builduser) @@ -118,29 +105,25 @@ standardAutoBuilderContainerNspawn arch buildminute timeout = Systemd.container & autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout where name = arch ++ "-git-annex-builder" - bootstrap = Chroot.debootstrapped myos mempty - myos = System (Debian Testing) arch + bootstrap = Chroot.debootstrapped osver mempty + osver = System (Debian Testing) arch -androidAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container -androidAutoBuilderContainer dockerImage crontimes timeout = - androidContainer dockerImage "android-git-annex-builder" (tree "android") builddir +androidAutoBuilderContainer :: Times -> TimeOut -> Systemd.Container +androidAutoBuilderContainer crontimes timeout = + androidContainer "android-git-annex-builder" (tree "android") builddir & Apt.unattendedUpgrades & autobuilder "android" crontimes timeout -- Android is cross-built in a Debian i386 container, using the Android NDK. androidContainer :: (IsProp (Property (CInfo NoInfo i)), (Combines (Property NoInfo) (Property i))) - => (System -> Docker.Image) - -> Docker.ContainerName + => Systemd.MachineName -> Property i -> FilePath - -> Docker.Container -androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.container name - (dockerImage osver) + -> Systemd.Container +androidContainer name setupgitannexdir gitannexdir = Systemd.container name bootstrap & os osver & Apt.stdSourcesList - & Apt.installed ["systemd"] - & Docker.tweaked & User.accountFor (User builduser) & File.dirExists gitbuilderdir & File.ownerGroup homedir (User builduser) (Group builduser) @@ -159,6 +142,7 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe [ "cd " ++ gitannexdir ++ " && ./standalone/android/install-haskell-packages" ] osver = System (Debian Testing) "i386" + bootstrap = Chroot.debootstrapped osver mempty -- armel builder has a companion container using amd64 that -- runs the build first to get TH splices. They need From 8d98d4351b33c0df716dbaf269f5b5ac9db4a39a Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 28 May 2015 09:34:47 -0400 Subject: [PATCH 14/14] reorder --- src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs index eb83102..86bf104 100644 --- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs +++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs @@ -127,9 +127,9 @@ androidContainer name setupgitannexdir gitannexdir = Systemd.container name boot & User.accountFor (User builduser) & File.dirExists gitbuilderdir & File.ownerGroup homedir (User builduser) (Group builduser) - & buildDepsApt & flagFile chrootsetup ("/chrootsetup") `requires` setupgitannexdir + & buildDepsApt & flagFile haskellpkgsinstalled ("/haskellpkgsinstalled") where -- Use git-annex's android chroot setup script, which will install