diff options
| author | Joey Hess <joey@kitenet.net> | 2014-05-15 01:04:03 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-05-15 01:04:03 -0400 |
| commit | 08ecafb418f9902d0f902ab0cf88bcc07b6df8b2 (patch) | |
| tree | 0b4713000bb92d6205259a30bd5f803dc33e615d | |
| parent | 2081a49b659ddb1a9c8b647f2703a052ea38953b (diff) | |
add
| -rw-r--r-- | config-joey.hs | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/config-joey.hs b/config-joey.hs index 769357ce..9278808c 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -252,6 +252,22 @@ image (System (Debian Unstable) arch) = "joeyh/debian-unstable-" ++ arch image (System (Debian Stable) arch) = "joeyh/debian-stable-" ++ arch image _ = "debian-stable-official" -- does not currently exist! +-- Digital Ocean does not provide any way to boot +-- the kernel provided by the distribution, except using kexec. +-- Without this, some old, and perhaps insecure kernel will be used. +-- +-- Note that this only causes the new kernel to be loaded on reboot. +-- If the power is cycled, the old kernel still boots up. +-- TODO: detect this and reboot immediately? +digitalOceanDistroKernel :: Property +digitalOceanDistroKernel = propertyList "digital ocean distro kernel hack" + [ Apt.installed ["grub-pc", "kexec-tools"] + , "/etc/default/kexec" `File.containsLines` + [ "LOAD_KEXEC=true" + , "USE_GRUB_CONFIG=true" + ] + ] + -- Clean up a system as installed by cloudatcost.com cleanCloudAtCost :: Property cleanCloudAtCost = propertyList "cloudatcost cleanup" |