diff options
| author | Félix Sipma <felix.sipma@no-log.org> | 2018-02-23 14:11:15 +0100 |
|---|---|---|
| committer | Félix Sipma <felix.sipma@no-log.org> | 2018-02-23 14:11:15 +0100 |
| commit | 6749014553b13ad148cde450baefb241a98ed771 (patch) | |
| tree | b54c2652118d3a8732f471b6d445127b25159510 | |
| parent | 530d9ff6bea5570d051d07546a128d456b3c5c3b (diff) | |
add Propellor.Property.Dhparams
| -rw-r--r-- | propellor.cabal | 1 | ||||
| -rw-r--r-- | src/Propellor/Property/Dhparams.hs | 26 |
2 files changed, 27 insertions, 0 deletions
diff --git a/propellor.cabal b/propellor.cabal index d9157eb1..b2ecb3d8 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -103,6 +103,7 @@ Library Propellor.Property.Cron Propellor.Property.DebianMirror Propellor.Property.Debootstrap + Propellor.Property.Dhparams Propellor.Property.DiskImage Propellor.Property.DiskImage.PartSpec Propellor.Property.Dns diff --git a/src/Propellor/Property/Dhparams.hs b/src/Propellor/Property/Dhparams.hs new file mode 100644 index 00000000..2c30cb87 --- /dev/null +++ b/src/Propellor/Property/Dhparams.hs @@ -0,0 +1,26 @@ +-- | Maintainer: Félix Sipma <felix+propellor@gueux.org> + +module Propellor.Property.Dhparams where + +import Propellor.Base +import qualified Propellor.Property.Apt as Apt +import qualified Propellor.Property.File as File +import Utility.FileMode +import Utility.SafeCommand + + +length' :: Int +length' = 2048 + +file :: FilePath +file = "/etc/ssl/private/dhparams.pem" + +safeDhparams :: Property DebianLike +safeDhparams = propertyList "safe dhparams" $ props + & File.dirExists (takeDirectory file) + & Apt.installed ["openssl"] + & check (not <$> doesFileExist file) (createDhparams file length') + +createDhparams :: FilePath -> Int -> Property UnixLike +createDhparams f l = property ("generate new dhparams: " ++ f) $ liftIO $ withUmask 0o0177 $ withFile f WriteMode $ \h -> + cmdResult <$> boolSystem' "openssl" [Param "dhparam", Param (show l)] (\p -> p { std_out = UseHandle h }) |