cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,212 Commits 1 Branch 0 Tags 6.6 MiB
Commit Graph

408 Commits

Author SHA1 Message Date
Joey Hess 1ae21965aa rename HostLike to PropAccum 
This is more general; it doesn't need to contain a Host.
It would, for example, be possible to make Property itself be an instance
of PropAccum.
 2015-01-19 14:15:49 -04:00
Joey Hess afee550e70 Property tree 
Properties now form a tree, instead of the flat list used before.

This simplifies propigation of Info from the Properties used inside a
container to the outer host; the Property that docks the container on the
host can just have as child properties all the inner Properties, and their
Info can then be gathered recursively. (Although in practice it still needs
to be filtered, since not all Info should propigate out of a container.)

Note that there is no change to how Properties are actually satisfied.
Just because a Property lists some child properties, this does not mean
they always have their propertySatisfy actions run. It's still up to the
parent property to run those actions.

That's necessary so that a container's properties can be satisfied inside
it, not outside. It also allows property combinators to
add the combined Properties to their childProperties list, even if,
like onChange, they don't always run the child properties at all.

Testing: I tested that the exact same Info is calculated before and after
this change, for every Host in my config file.
 2015-01-18 18:46:38 -04:00
Joey Hess 042b3bee01
propellor spin 2015-01-09 21:21:06 -04:00
Joey Hess 2e2f8b4fdd
propellor spin 2015-01-08 23:08:16 -04:00
Joey Hess 5585778e54
propellor spin 2015-01-08 23:02:06 -04:00
Joey Hess 8e6e40abc4
propellor spin 2015-01-08 22:44:36 -04:00
Joey Hess ad8e318c34
propellor spin 2015-01-08 22:01:12 -04:00
Joey Hess 660b5d7f93
propellor spin 2015-01-08 21:41:55 -04:00
Joey Hess dd022c917b
propellor spin 2015-01-08 21:17:06 -04:00
Joey Hess 16a5f561f5 Merge Utiity modules from git-annex. 
Except for a few that are using the other exception handling library,
that propellor has not switched to yet.
 2015-01-06 19:07:40 -04:00
Joey Hess f4a57ca27d refactor dns settings! 2015-01-06 01:20:56 -04:00
Joey Hess ff7f70d280 add update-server-info, so the repo has all current branches published over http 2015-01-06 01:00:48 -04:00
Joey Hess 4c2c2785c8 SSHFP records are also generated for CNAMES of hosts. 2015-01-04 21:31:44 -04:00
Joey Hess 66e42a2a5b prep 2015-01-04 19:51:42 -04:00
Joey Hess 09e9b793dd
propellor spin 2015-01-04 19:43:06 -04:00
Joey Hess 570bcde9ed
propellor spin 2015-01-04 19:32:15 -04:00
Joey Hess 8e442f0656 DNS records for hosts with known ssh public keys now automatically include SSHFP records. 2015-01-04 19:24:18 -04:00
Joey Hess ef2f3d33de Fix bug that prevented deploying ssh host keys when the file for the key didn't already exist. 
This is not a new bug.
 2015-01-04 18:20:02 -04:00
Joey Hess 93e89c7200 cleanup 2015-01-04 18:12:19 -04:00
Joey Hess ab8ff9a00e randomHostKeys is removed from CloudAtCost.deCruft. 2015-01-04 17:15:59 -04:00
Joey Hess fd1e01c853 avoid ever removing all host keys 2015-01-04 17:14:07 -04:00
Joey Hess f0b6ce9702
propellor spin 2015-01-04 17:04:26 -04:00
Joey Hess 08b45ad6f6
propellor spin 2015-01-04 17:00:08 -04:00
Joey Hess 0af7629c98
propellor spin 2015-01-04 16:54:43 -04:00
Joey Hess a2bb647827 Ssh.hostKey and Ssh.hostKeys no longer install public keys from the privdata. 
Instead, the public keys of a host should be set using Ssh.pubKey.
 2015-01-04 16:10:36 -04:00
Joey Hess 84685f24c9 Ssh.hostKeys now also installs any available SshEd25519 keys. 2015-01-04 15:59:54 -04:00
Joey Hess f1a1d0001a sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType parameter. 2015-01-04 15:57:27 -04:00
Joey Hess 52664e6220 sshPubKey is renamed to Ssh.pubKey 2015-01-04 15:36:53 -04:00
Joey Hess 0f41071cb5 transition docs 2015-01-04 15:22:22 -04:00
Joey Hess ad984e74e4
propellor spin 2015-01-04 15:00:40 -04:00
Joey Hess bb7b8e7891 add $INCLUDE of pubkeys before zone file is written, to avoid pogoing 2015-01-04 14:22:44 -04:00
Joey Hess 43e15c8add fix serial incrementing 2015-01-04 14:17:33 -04:00
Joey Hess f36443755e
propellor spin 2015-01-04 14:05:42 -04:00
Joey Hess 8c1006c654
propellor spin 2015-01-04 13:56:55 -04:00
Joey Hess ce7f14b9b3
propellor spin 2015-01-04 13:52:59 -04:00
Joey Hess bf34d6f423 propellor spin 2015-01-04 13:42:01 -04:00
Joey Hess e67901a77b use separate directory for dnssec files 2015-01-04 13:22:23 -04:00
Joey Hess d6c8ddb955 resign zone if keys change 2015-01-04 13:13:06 -04:00
Joey Hess 8172f243d7 DNS WIP 2015-01-04 12:44:05 -04:00
Joey Hess a1f61e09b8 stub signedPrimary 2015-01-03 19:10:28 -04:00
Joey Hess 4dd6596919 add DnsSec module 2015-01-03 19:10:17 -04:00
Joey Hess 932cb7c5d6 add hasPrivContentFrom 2015-01-03 19:07:59 -04:00
Joey Hess d5cfadd899 Detect #774376 and refuse to use docker if the system is so broken that docker exec doesn't enter a chroot. 2015-01-01 15:41:31 -04:00
Joey Hess 858ded043b more cruft from new image 2015-01-01 15:15:44 -04:00
Joey Hess c7aac0b35e remove screen workaround 
Turns out elephant's oldusenet shellbox docker instance somehow had a
non-setguid screen binary. Dunno how; reinstall fixed it.
 2014-12-23 15:45:35 -04:00
Joey Hess 35ccb0fac6
fix screen dir mode 2014-12-23 15:29:23 -04:00
Joey Hess a48f5916e1
propellor spin 2014-12-23 14:22:50 -04:00
Joey Hess b8be8c244e
propellor spin 2014-12-22 17:16:52 -04:00
Joey Hess 26a4c164e4 gitriddance 2014-12-22 15:05:05 -04:00
Joey Hess dc36a98fc1 Revert ensureProperty warning message, too many false positives in places where Info is correctly propigated. Better approach needed. 2014-12-21 21:33:03 -04:00
Joey Hess d194765e10
propellor spin 2014-12-21 21:14:11 -04:00
Joey Hess 23399416f1 broke up big function to describe PrivDataField 2014-12-14 16:14:05 -04:00
Joey Hess 71723ca09f support for crypted passwords in privdata 
* Added CryptPassword to PrivDataField, for password hashes as produced
  by crypt(3).
* User.hasPassword and User.hasSomePassword will now use either
  a CryptPassword or a Password from privdata, depending on which is set.
 2014-12-14 15:24:10 -04:00
Joey Hess 2e2438ae66 improve haddock formating of filenames 2014-12-09 14:22:37 -04:00
Joey Hess b22201e36b Fix Apache.siteEnabled to update the config file and reload apache when configuration has changed. 2014-12-09 00:34:24 -04:00
Joey Hess f8943c2036 fix a case where fileProperty reported a change despite not making one 
The problem occurred because two lists of lines of the file can be
different, while representing the same file content. For example:
["foo", "bar"]
["foo\nbar"]
 2014-12-09 00:30:04 -04:00
Joey Hess 834a05e25a refactor 2014-12-08 01:22:29 -04:00
Joey Hess 06975ec5e1 another place to use toResult 2014-12-08 01:12:55 -04:00
Joey Hess 3c7219874b finished accidentially committed bit 2014-12-08 01:07:31 -04:00
Joey Hess 4e9b01a8a7 propellor spin 
(cherry picked from commit 1d02d589c7)
 2014-12-08 01:07:25 -04:00
Joey Hess 2fe0b28982 more uses for hostContext 2014-12-07 15:21:55 -04:00
Joey Hess 089b7131a6 caution 2014-12-07 15:13:28 -04:00
Joey Hess 9ca332e481 Fixed privdata introspection for User.hasPassword and User.hasSomePassword 
This is not a complete fix for the problem that Info doen't propigate
from the called property when code does something like:

	do
		hostname <- asks hostName
		ensureProperty $ foo hostname

Instead, I just eliminated the need to implement hasPassword that way,
by making the PrivData Info use a HostContext which automatically
gets the right hostname passed to it.

All other uses of withPrivData don't have the problem. It's still possible
for the user to run into the problem if they write something like the
above, where foo is a property that uses privdata. However, all properties
that take a Context now also accept a HostContext, so it's at least less
likely the user needs to write that.
 2014-12-07 15:03:06 -04:00
Joey Hess 8c12047b6b simplify using makeChange 2014-12-07 14:49:12 -04:00
Joey Hess 6a906c8a4c typo 2014-12-07 12:50:40 -04:00
Joey Hess 52a83a8911 enable shadow passwords 
I have seen weird almost boot failures when they're disabled, including a
segfault.
 2014-12-06 15:39:02 -04:00
Joey Hess 7983046cd5 update 2014-12-06 15:28:30 -04:00
Joey Hess bdbf787e2c keep and use Reboot.now 2014-12-06 13:32:53 -04:00
Joey Hess 29442f222e Reboot.atEnd 2014-12-06 13:21:19 -04:00
Joey Hess 62697c7b7f reboot at end of propellor run when clean os has been installed 2014-12-06 06:41:21 -04:00
Joey Hess a7e71faaaa
forgot to add new Mount lib 2014-12-05 17:54:29 -04:00
Joey Hess 5ae6a302df some comments 2014-12-05 17:44:09 -04:00
Joey Hess 00ab240164 fix install of debootstrap from source 2014-12-05 16:48:52 -04:00
Joey Hess 527975dffe hasSomePassword and hasPassword now check to make sure shadow passwords are enabled. 2014-12-05 16:33:23 -04:00
Joey Hess bf9284d05c I have now successfully used propellor to convert a Fedora system into a bootable and fully working Debian system 2014-12-05 16:22:11 -04:00
Joey Hess 97e9433f1b rollback if renameing fails 
This avoids leaving the system in a broken state where some directories
have been renamed away any others not.

Future work: If the rename list contains (foo, bar) and (newfoo,foo),
reorder the list to gather those two actions together to minimize
the amount of time that foo is missing. In case of power loss or something.
 2014-12-05 12:50:01 -04:00
Joey Hess 4be893f0bf more improvements to takeover 2014-12-04 17:34:47 -04:00
Joey Hess f1fd75c9ec more work on OS takeover 2014-12-04 17:11:15 -04:00
Joey Hess f78c2f16d1
update name of libgnutls dev package 2014-12-03 19:05:36 -04:00
Joey Hess c9d09afafa
Run apt-cache policy with LANG=C. 2014-12-01 11:59:27 -04:00
Joey Hess 4c2eac2d3c
remove -i, seems not needed and may be causing problem 2014-11-27 19:10:39 -04:00
Félix Sipma 7d0f79a0c7 Group: preferred style 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-25 13:12:56 -04:00
Joey Hess 40374c10de
cron.runPropellor now runs propellor, rather than using its Makefile. This is more robust. 
Particularly, the Makefile would try to build propellor if there were
updates, but if this build failed because a bad commit was pushed, it would
abort w/o pulling any new fixed commits.

Anyway, it's better to move away from using the makefile when possible as
it's just for bootstrapping, and also I would like to make "make" not
default to running propellor as that can be confusing behavior.

(I can't change that yet; needed for upgrades. Should be fine to change
after several more releases, or maybe a year..)
 2014-11-25 11:33:45 -04:00
Joey Hess 934171e2ea rename 2014-11-24 00:52:46 -04:00
Joey Hess 8d1814a884 move property to ssh module 2014-11-24 00:51:36 -04:00
Joey Hess ccdbf0026d more work; builds now 2014-11-24 00:40:53 -04:00
Joey Hess f85026da7f better property names 2014-11-23 19:49:53 -04:00
Joey Hess baba668033 hasSomePassword and hasPassword now default to using the name of the host as the Context for the password. To specify a different context, use hasSomePassword' and hasPassword' (API change) 2014-11-23 16:40:21 -04:00
Joey Hess d8624e2e5d WIP 2014-11-23 16:12:39 -04:00
Joey Hess 3c952a0de9 comment 2014-11-23 14:40:28 -04:00
Félix Sipma 226981cda4 Git: bareRepo 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-23 14:39:01 -04:00
Félix Sipma 6aa21366d5 Group properties 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-23 14:37:49 -04:00
Joey Hess 69eace8e9a preferred style 2014-11-23 14:37:37 -04:00
Félix Sipma f4e06ae778 User: hasGroup 
Signed-off-by: Félix Sipma <felix.sipma@no-log.org>
 2014-11-23 14:37:10 -04:00
Joey Hess 5fefb161c3
propellor spin 2014-11-22 22:37:25 -04:00
Joey Hess ca09087caf
propellor spin 2014-11-22 22:24:09 -04:00
Joey Hess 96ecbaad25 pute full path to bin/propellor inside shim 2014-11-22 22:10:53 -04:00
Joey Hess 5360e466d3 reorg 2014-11-22 21:50:49 -04:00
Joey Hess cc8babccc8
propellor spin 2014-11-22 21:37:39 -04:00
Joey Hess 1d5d911aa0
propellor spin 2014-11-22 21:30:50 -04:00