Properties now form a tree, instead of the flat list used before.
This simplifies propigation of Info from the Properties used inside a
container to the outer host; the Property that docks the container on the
host can just have as child properties all the inner Properties, and their
Info can then be gathered recursively. (Although in practice it still needs
to be filtered, since not all Info should propigate out of a container.)
Note that there is no change to how Properties are actually satisfied.
Just because a Property lists some child properties, this does not mean
they always have their propertySatisfy actions run. It's still up to the
parent property to run those actions.
That's necessary so that a container's properties can be satisfied inside
it, not outside. It also allows property combinators to
add the combined Properties to their childProperties list, even if,
like onChange, they don't always run the child properties at all.
Testing: I tested that the exact same Info is calculated before and after
this change, for every Host in my config file.
* Added CryptPassword to PrivDataField, for password hashes as produced
by crypt(3).
* User.hasPassword and User.hasSomePassword will now use either
a CryptPassword or a Password from privdata, depending on which is set.
This is not a complete fix for the problem that Info doen't propigate
from the called property when code does something like:
do
hostname <- asks hostName
ensureProperty $ foo hostname
Instead, I just eliminated the need to implement hasPassword that way,
by making the PrivData Info use a HostContext which automatically
gets the right hostname passed to it.
All other uses of withPrivData don't have the problem. It's still possible
for the user to run into the problem if they write something like the
above, where foo is a property that uses privdata. However, all properties
that take a Context now also accept a HostContext, so it's at least less
likely the user needs to write that.
Particularly, the Makefile would try to build propellor if there were
updates, but if this build failed because a bad commit was pushed, it would
abort w/o pulling any new fixed commits.
Anyway, it's better to move away from using the makefile when possible as
it's just for bootstrapping, and also I would like to make "make" not
default to running propellor as that can be confusing behavior.
(I can't change that yet; needed for upgrades. Should be fine to change
after several more releases, or maybe a year..)
Note that if it fails to spin a host, it will stop. I think this is better
than continuing to the next, because there might be a reason to spin hosts
in some specific order (ie, update dns first and then use it).
Currently TERM is checked for every message. Could be memoized, but it
would add complexity, and typical propellor output is not going to be more
than a few hundred messages, and likely this will be swamped by the actual
work.
It might be better to do this check on boot to limit the time running the
DO kernel (which is not well security supported), but that has the
possibility of entering a bad reboot loop. Limiting this check to when
propellor runs avoids that, while still fixing the problem pretty fast.
The problem is it fell back to looking for an alias for the bad hostname,
but to get the aliases, it needs to know which hosts are docked where,
so looped.
This was using a lot of disk space. Instead, start the container, and then
use the running container to check if docker is running it with the right
params. In the unlikely case that the params have changed, we still need to
commit the container and restart it. The common case of eg a reboot no
longer commits though.