cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,196 Commits 1 Branch 0 Tags 6.6 MiB
Commit Graph

400 Commits

Author SHA1 Message Date
Joey Hess 3c7219874b finished accidentially committed bit 2014-12-08 01:07:31 -04:00
Joey Hess 4e9b01a8a7 propellor spin 
(cherry picked from commit 1d02d589c7)
 2014-12-08 01:07:25 -04:00
Joey Hess 2fe0b28982 more uses for hostContext 2014-12-07 15:21:55 -04:00
Joey Hess 089b7131a6 caution 2014-12-07 15:13:28 -04:00
Joey Hess 9ca332e481 Fixed privdata introspection for User.hasPassword and User.hasSomePassword 
This is not a complete fix for the problem that Info doen't propigate
from the called property when code does something like:

	do
		hostname <- asks hostName
		ensureProperty $ foo hostname

Instead, I just eliminated the need to implement hasPassword that way,
by making the PrivData Info use a HostContext which automatically
gets the right hostname passed to it.

All other uses of withPrivData don't have the problem. It's still possible
for the user to run into the problem if they write something like the
above, where foo is a property that uses privdata. However, all properties
that take a Context now also accept a HostContext, so it's at least less
likely the user needs to write that.
 2014-12-07 15:03:06 -04:00
Joey Hess 8c12047b6b simplify using makeChange 2014-12-07 14:49:12 -04:00
Joey Hess 6a906c8a4c typo 2014-12-07 12:50:40 -04:00
Joey Hess 52a83a8911 enable shadow passwords 
I have seen weird almost boot failures when they're disabled, including a
segfault.
 2014-12-06 15:39:02 -04:00
Joey Hess 7983046cd5 update 2014-12-06 15:28:30 -04:00
Joey Hess bdbf787e2c keep and use Reboot.now 2014-12-06 13:32:53 -04:00
Joey Hess 29442f222e Reboot.atEnd 2014-12-06 13:21:19 -04:00
Joey Hess 62697c7b7f reboot at end of propellor run when clean os has been installed 2014-12-06 06:41:21 -04:00
Joey Hess a7e71faaaa
forgot to add new Mount lib 2014-12-05 17:54:29 -04:00
Joey Hess 5ae6a302df some comments 2014-12-05 17:44:09 -04:00
Joey Hess 00ab240164 fix install of debootstrap from source 2014-12-05 16:48:52 -04:00
Joey Hess 527975dffe hasSomePassword and hasPassword now check to make sure shadow passwords are enabled. 2014-12-05 16:33:23 -04:00
Joey Hess bf9284d05c I have now successfully used propellor to convert a Fedora system into a bootable and fully working Debian system 2014-12-05 16:22:11 -04:00
Joey Hess 97e9433f1b rollback if renameing fails 
This avoids leaving the system in a broken state where some directories
have been renamed away any others not.

Future work: If the rename list contains (foo, bar) and (newfoo,foo),
reorder the list to gather those two actions together to minimize
the amount of time that foo is missing. In case of power loss or something.
 2014-12-05 12:50:01 -04:00
Joey Hess 4be893f0bf more improvements to takeover 2014-12-04 17:34:47 -04:00
Joey Hess f1fd75c9ec more work on OS takeover 2014-12-04 17:11:15 -04:00
Joey Hess f78c2f16d1
update name of libgnutls dev package 2014-12-03 19:05:36 -04:00
Joey Hess c9d09afafa
Run apt-cache policy with LANG=C. 2014-12-01 11:59:27 -04:00
Joey Hess 4c2eac2d3c
remove -i, seems not needed and may be causing problem 2014-11-27 19:10:39 -04:00
Félix Sipma 7d0f79a0c7 Group: preferred style 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-25 13:12:56 -04:00
Joey Hess 40374c10de
cron.runPropellor now runs propellor, rather than using its Makefile. This is more robust. 
Particularly, the Makefile would try to build propellor if there were
updates, but if this build failed because a bad commit was pushed, it would
abort w/o pulling any new fixed commits.

Anyway, it's better to move away from using the makefile when possible as
it's just for bootstrapping, and also I would like to make "make" not
default to running propellor as that can be confusing behavior.

(I can't change that yet; needed for upgrades. Should be fine to change
after several more releases, or maybe a year..)
 2014-11-25 11:33:45 -04:00
Joey Hess 934171e2ea rename 2014-11-24 00:52:46 -04:00
Joey Hess 8d1814a884 move property to ssh module 2014-11-24 00:51:36 -04:00
Joey Hess ccdbf0026d more work; builds now 2014-11-24 00:40:53 -04:00
Joey Hess f85026da7f better property names 2014-11-23 19:49:53 -04:00
Joey Hess baba668033 hasSomePassword and hasPassword now default to using the name of the host as the Context for the password. To specify a different context, use hasSomePassword' and hasPassword' (API change) 2014-11-23 16:40:21 -04:00
Joey Hess d8624e2e5d WIP 2014-11-23 16:12:39 -04:00
Joey Hess 3c952a0de9 comment 2014-11-23 14:40:28 -04:00
Félix Sipma 226981cda4 Git: bareRepo 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-23 14:39:01 -04:00
Félix Sipma 6aa21366d5 Group properties 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-23 14:37:49 -04:00
Joey Hess 69eace8e9a preferred style 2014-11-23 14:37:37 -04:00
Félix Sipma f4e06ae778 User: hasGroup 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-23 14:37:10 -04:00
Joey Hess 5fefb161c3
propellor spin 2014-11-22 22:37:25 -04:00
Joey Hess ca09087caf
propellor spin 2014-11-22 22:24:09 -04:00
Joey Hess 96ecbaad25 pute full path to bin/propellor inside shim 2014-11-22 22:10:53 -04:00
Joey Hess 5360e466d3 reorg 2014-11-22 21:50:49 -04:00
Joey Hess cc8babccc8
propellor spin 2014-11-22 21:37:39 -04:00
Joey Hess 1d5d911aa0
propellor spin 2014-11-22 21:30:50 -04:00
Joey Hess 50b6e37790
propellor spin 2014-11-22 21:10:35 -04:00
Joey Hess 6cdd37d9ff
propellor spin 2014-11-21 20:53:38 -04:00
Joey Hess b373ffb761 allow disabling nspawn params, and default to bind mounting /etc/resolv.conf 2014-11-21 20:32:32 -04:00
Joey Hess 96c4890d89
propellor spin 2014-11-21 20:19:20 -04:00
Joey Hess 6be49197f6 allow configuring systemd-nspawn parameters 2014-11-21 20:09:33 -04:00
Joey Hess 6c92f1034f split out info types 2014-11-21 18:55:33 -04:00
Joey Hess 6e8b28cd3c
propellor spin 2014-11-21 17:11:26 -04:00
Joey Hess 33e9b10c19 typo 2014-11-21 16:02:10 -04:00
Joey Hess f6afeb889f lock down chroot perm 2014-11-21 16:01:51 -04:00
Joey Hess 9e611d87cd add debootstrap parameters 2014-11-21 15:55:27 -04:00
Joey Hess fbce215f33 implement teardown 2014-11-21 14:37:19 -04:00
Joey Hess 36e89cd148 os info propigation 
Also, lost the systemd-nspawn parameters; I'll do that some other way.
 2014-11-21 14:31:13 -04:00
Joey Hess 7d4d3e4451 fix info propigation 
Need to propigate the full container info, not the subset used in chroot
deployment.
 2014-11-21 14:11:02 -04:00
Joey Hess 5e1a47552a
propellor spin 2014-11-21 13:57:58 -04:00
Joey Hess 09e79e6263
propellor spin 2014-11-21 13:55:42 -04:00
Joey Hess 3ba82a1c9c
propellor spin 2014-11-21 13:49:17 -04:00
Joey Hess ae6a5e815c
propellor spin 2014-11-21 12:35:07 -04:00
Joey Hess 976afedea3
propellor spin 2014-11-21 12:18:03 -04:00
Joey Hess 6a5a1bc761 systemd container may be mostly done (untested) 2014-11-21 12:17:03 -04:00
Joey Hess 45349c210d add missing support for reverting chroot 
wow, that was suprisingly trivial!
 2014-11-21 01:09:15 -04:00
Joey Hess a904476333 avoid console output when chaining into chroot and not at console 2014-11-21 01:05:51 -04:00
Joey Hess f9cc7c149e incomplete systemd container support 2014-11-20 17:18:26 -04:00
Joey Hess 3669bd61d0
propellor spin 2014-11-20 16:07:57 -04:00
Joey Hess 2293b46bf7 fix chroot info propigation 2014-11-20 16:04:48 -04:00
Joey Hess a4f04fcb02
propellor spin 2014-11-20 15:15:28 -04:00
Joey Hess b8b746a7f1 starting work on a Chroot module 
factored out info up-propigation code rom Docker
 2014-11-20 14:15:26 -04:00
Joey Hess 5e4c57652c fix docker container provisioning 
Since the containers are no longer on the host list, they were not found
while provisioning, oops.

To fix, had to add to a host's info a map of the containers docked to it.

Unfortunately, that required Propellor.Types.Info be glommed into
Propellor.Types, since it needed to refer to Host.
 2014-11-20 00:21:40 -04:00
Joey Hess d49d251897 separate docker container type 
Docker containers are now a separate data type, cannot be included in the
main host list, and are instead passed to Docker.docked. (API change)
 2014-11-19 23:11:34 -04:00
Joey Hess 3343b220a8
propellor spin 2014-11-19 21:21:20 -04:00
Joey Hess 205d192559 fix param order 2014-11-19 21:16:18 -04:00
Joey Hess 4de7d4295c
propellor spin 2014-11-19 21:03:06 -04:00
Joey Hess c186f9f4a8
propellor spin 2014-11-19 20:41:35 -04:00
Joey Hess caeed5492f allow debootstrapped to be reverted 2014-11-19 20:35:33 -04:00
Joey Hess 4a9bbd1391 Added support for using debootstrap from propellor. 
Most of the hard part was making it be able to install debootstrap from
source, for use on non-debian-derived systems.
 2014-11-19 19:30:56 -04:00
Joey Hess 803e1407a0 improve display 2014-11-19 01:40:56 -04:00
Joey Hess 1872ee1ffc
propellor spin 2014-11-19 01:32:09 -04:00
Joey Hess 4dddbb725d prevent multiple concurrent provisioning inside docker container 
Lock a lock file while provisioning inside, otherwise propellor could be
running to init the container when the system has just booted, or the
container was just started from being stopped, and at the same time,
propellor run outside the container chains into it to provision.

Previously, simplesh prevented this in a different way.
 2014-11-19 01:28:38 -04:00
Joey Hess 05086b3abe
propellor spin 2014-11-19 01:02:13 -04:00
Joey Hess f8b71c0ab4
propellor spin 2014-11-19 00:38:11 -04:00
Joey Hess 325fe4037b
propellor spin 2014-11-19 00:30:06 -04:00
Joey Hess 111e08e156 typo 2014-11-18 23:54:49 -04:00
Joey Hess 6dc7176e7a fix haddock filename display 2014-11-18 23:51:37 -04:00
Joey Hess 2bbb2aa6e2 remove --docker; use Continue 
And --chain was already not used.
 2014-11-18 18:52:00 -04:00
Joey Hess 4a0cac113c fix color display when running propellor inside docker 2014-11-18 17:53:42 -04:00
Félix Sipma fbd8ea3b3d Git: rename isRepo to isGitDir 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-17 17:02:31 -04:00
Félix Sipma f3beea212c Git: isRepo 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-17 17:02:31 -04:00
Joey Hess 46cd2ad0e0 DigitalOcean.distroKernel property now reboots into the distribution kernel when necessary. 
It might be better to do this check on boot to limit the time running the
DO kernel (which is not well security supported), but that has the
possibility of entering a bad reboot loop. Limiting this check to when
propellor runs avoids that, while still fixing the problem pretty fast.
 2014-11-17 16:42:15 -04:00
Joey Hess 8d91b5de6b Convert GpgKeyId to newtype 2014-11-15 17:02:30 -04:00
Joey Hess d65337d3e7
add Obnam backupEncrypted 
This after I typoed an obnam setup and accidentially had a repo that was
backing up non-encrypted.
 2014-11-15 13:42:04 -04:00
Félix Sipma cd1a911314 Tor: change unlines to unwords in hiddenService 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-13 13:03:30 -04:00
Félix Sipma 3679a49353 Tor: change unlines to unwords in description messages 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-12 18:09:21 -04:00
Félix Sipma e7d2c38a59 Tor: hiddenServiceData 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-11 20:02:23 -04:00
Félix Sipma 9d6a79bc23 Apt: stable-updates suite 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-11 19:57:39 -04:00
Félix Sipma bd856f7a04 Tor: varRun 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-11 11:57:42 -04:00
Félix Sipma 2368b0d5af Tor: rename 'varPath' to 'varLib' 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-11 11:57:39 -04:00
Félix Sipma 1f328755f5 Tor: mainConfig, varPath, hidden service by hostname 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-11 11:57:38 -04:00
Joey Hess d8ca671086 didn't need quite so much indentation 2014-11-10 16:27:36 -04:00
Félix Sipma 053183d44b Tor: hidden service 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-10 16:16:43 -04:00
Félix Sipma 3541260436 basic prosody support 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-10 11:14:48 -04:00
Joey Hess 9755b761bb Docker: Stop using docker.io; that was a compat symlink in the Debian package which has been removed in docker.io 1.3.1~dfsg1-2. 2014-11-08 15:55:58 -04:00
Joey Hess ef9abb9b67 Apache: Fix daemon reload when enabling a new module or site. 2014-10-31 17:47:52 -04:00
Félix Sipma 784210a573 Propellor.Property.Nginx: use System.Posix.Files 
Bug: the "onChange reloaded" in siteEnabled does not seem to be fired...
Does it works in Propellor.Property.Apache.siteEnabled?

Signed-off-by: Félix Sipma <gueux@gueux.org>
 2014-10-31 17:36:33 -04:00
Joey Hess 2766558d61 remove hardcoded path 
propellor runs as root, and /sbin should always be in root's path
 2014-10-31 10:20:56 -04:00
Joey Hess 3a1f058c64 changed indentation for consistency with the rest of propellor 2014-10-31 10:20:34 -04:00
Arnaud Bailly 63560cde90 added licensing header 2014-10-31 10:15:18 -04:00
Arnaud Bailly 4ce5e26ec8 missing export 2014-10-31 10:15:14 -04:00
Arnaud Bailly 63c92aa7fb smarter constructor for rule 2014-10-31 10:15:10 -04:00
Arnaud Bailly 90bec1e959 added firewall properties 2014-10-31 10:15:07 -04:00
Félix Sipma a6e712a645 basic nginx support 2014-10-30 16:34:01 -04:00
Joey Hess 2b320d2bd9
propellor spin 2014-10-23 13:26:51 -04:00
Joey Hess f5b5159f76 don't need RestartPolicy data type; simplify 2014-10-23 12:28:33 -04:00
Joey Hess 73a75cbefc Fix loop when a docker host that does not exist was docked. 
The problem is it fell back to looking for an alias for the bad hostname,
but to get the aliases, it needs to know which hosts are docked where,
so looped.
 2014-10-23 12:11:43 -04:00
Joey Hess e6924a894d Revert "Revert "Revert "propellor spin""" 
This reverts commit 26bef2486d.
 2014-10-23 11:46:15 -04:00
Joey Hess 26bef2486d Revert "Revert "propellor spin"" 
This reverts commit 8d353813bf.
 2014-10-23 11:42:34 -04:00
Joey Hess 8d353813bf Revert "propellor spin" 
This reverts commit ac7b182b5a.
 2014-10-23 11:39:29 -04:00
Joey Hess ac7b182b5a
propellor spin 2014-10-23 11:36:06 -04:00
Joey Hess bdf3e37066 Revert "propellor spin" 
This reverts commit 80f5b53f1b.
 2014-10-23 11:33:00 -04:00
Joey Hess bbec7021f8 Revert "propellor spin" 
This reverts commit 45ce3a5e8c.
 2014-10-23 11:31:00 -04:00
Joey Hess 45ce3a5e8c
propellor spin 2014-10-23 11:28:10 -04:00
Joey Hess 80f5b53f1b
propellor spin 2014-10-23 11:26:05 -04:00
Joey Hess 5bfeb3f9aa Revert "propellor spin" 
This reverts commit 7637ea0af9.
 2014-10-23 11:25:07 -04:00
Joey Hess 7637ea0af9
propellor spin 2014-10-23 11:23:25 -04:00
Joey Hess 856a4c673c
propellor spin 2014-10-23 03:27:40 -04:00
Joey Hess 93099b8627 bugfix 2014-10-23 03:18:52 -04:00
Joey Hess a0e4c872b6
propellor spin 2014-10-23 02:50:50 -04:00
Joey Hess 9e3485a13b
propellor spin 2014-10-23 02:41:47 -04:00
Joey Hess 9d7a442182
propellor spin 2014-10-23 02:36:08 -04:00
Joey Hess fbba9639d6
propellor spin 2014-10-23 02:34:42 -04:00
Joey Hess 0f1fcc24f8
propellor spin 2014-10-16 17:02:16 -04:00
Joey Hess 8a6da9ff73
full auto baybee! 2014-10-16 12:13:55 -04:00
Joey Hess bf238a34ee
propellor spin 2014-10-15 00:49:39 -04:00
Joey Hess 158cbd0fbf
android chroot switched to jessie 2014-10-14 19:22:01 -04:00
Joey Hess 6673b6014f
propellor spin 2014-10-13 15:05:18 -04:00
Joey Hess 2be1255b89
propellor spin 2014-10-10 13:51:52 -04:00
Joey Hess df0c0e56cb Docker: Avoid committing container every time it's started up. 
This was using a lot of disk space. Instead, start the container, and then
use the running container to check if docker is running it with the right
params. In the unlikely case that the params have changed, we still need to
commit the container and restart it. The common case of eg a reboot no
longer commits though.
 2014-10-10 13:47:41 -04:00
Joey Hess c120355272
propellor spin 2014-10-10 13:25:30 -04:00
Joey Hess ff9647cf9d
propellor spin 2014-10-10 13:21:42 -04:00
Joey Hess 7f17765de3 debCdn switched from cdn.debian.net to http.debian.net, which seems to be better managed now. 
Conflicts:
	debian/changelog
 2014-10-10 11:37:22 -04:00
Joey Hess 79ee61d958 stable suite changes 
* Avoid encoding the current stable suite in propellor's code,
  since that poses a difficult transition around the release,
  and can easily be wrong if an older version of propellor is used.
  Instead, the os property for a stable system includes the suite name
  to use, eg Stable "wheezy".
* stdSourcesList uses the stable suite name, to avoid unwanted
  immediate upgrades to the next stable release.
 2014-10-10 11:27:54 -04:00
Joey Hess 1e22e178b4 a few other whitespace fixups 2014-10-08 13:19:53 -04:00
Joey Hess 6a674c79d7 fix some accidental uses of spaces, rather than tabs, for indentation 2014-10-08 13:14:21 -04:00
Joey Hess 21117d5e21
propellor spin 2014-10-06 19:44:19 -04:00
Joey Hess e5dd1f6414
propellor spin 2014-09-24 14:03:23 -04:00
Joey Hess 960dd0d1f8
propellor spin 2014-09-24 11:29:08 -04:00
Joey Hess c96ba00822
propellor spin 2014-09-24 11:27:45 -04:00
Joey Hess d1292a5786
propellor spin 2014-09-24 11:22:55 -04:00
Joey Hess 3fe6e0f8bd
propellor spin 2014-09-24 11:21:12 -04:00
Joey Hess ffe36b68b4
propellor spin 2014-09-24 11:18:12 -04:00