propellor spin

2 files changed, 16 insertions, 26 deletions

diff --git a/config-joey.hs b/config-joey.hs
index f495004e..386e5900 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -94,8 +94,8 @@ hosts =               --                  (o)  `
 		& Docker.configured
 		& Docker.docked hosts "amd64-git-annex-builder"
 		& Docker.docked hosts "i386-git-annex-builder"
-		& Docker.docked hosts "armel-git-annex-builder-companion"
-		& Docker.docked hosts "armel-git-annex-builder"
+		! Docker.docked hosts "armel-git-annex-builder-companion"
+		! Docker.docked hosts "armel-git-annex-builder"
 		& Docker.garbageCollected `period` Daily
 		& Apt.buildDep ["git-annex"] `period` Daily
 	
@@ -199,7 +199,7 @@ hosts =               --                  (o)  `
 		& Apt.stdSourcesList Unstable
 		& Apt.unattendedUpgrades
 		-- This volume is shared with the armel builder.
-		& Docker.volume GitAnnexBuilder.homedir
+		& Docker.volume GitAnnexBuilder.gitbuilderdir
 		-- Install current versions of build deps from cabal.
 		& GitAnnexBuilder.tree "armel"
 		& GitAnnexBuilder.buildDepsNoHaskellLibs
@@ -208,8 +208,7 @@ hosts =               --                  (o)  `
 		-- using $COMPANION_PORT_22_TCP_ADDR as the hostname,
 		& Docker.expose "22"
 		& Apt.serviceInstalledRunning "ssh"
-		-- ssh key is shared via the home directory volume
-		& GitAnnexBuilder.sshKeyGen
+		& Ssh.authorizedKeys GitAnnexBuilder.builduser
 	, Docker.container "armel-git-annex-builder"
 		(image $ System (Debian Unstable) "armel")
 		& Apt.stdSourcesList Unstable
@@ -217,6 +216,7 @@ hosts =               --                  (o)  `
 		& Apt.installed ["openssh-client"]
 		& Docker.link "armel-git-annex-builder-companion" "companion"
 		& Docker.volumes_from "armel-git-annex-builder-companion"
+		& Ssh.keyImported SshRsa GitAnnexBuilder.builduser
 		-- TODO: automate installing haskell libs
 		-- (Currently have to run
 		-- git-annex/standalone/linux/install-haskell-packages
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 428b3d00..acf122af 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -53,15 +53,18 @@ builder' buildepsprop buildarch crontimes timeout rsyncupload = combinePropertie
 tree :: Architecture -> Property
 tree buildarch = combineProperties "gitannexbuilder tree"
 	[ User.accountFor builduser
-	-- Home directory already exists when docker volume is used.
-	, File.ownerGroup homedir builduser builduser
 	, Apt.installed ["git"]
-	, check (not <$> doesDirectoryExist gitbuilderdir) $ userScriptProperty builduser
-		[ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
-		, "cd " ++ gitbuilderdir
-		, "git checkout " ++ buildarch
-		]
-		`describe` "gitbuilder setup"
+	-- gitbuilderdir directory already exists when docker volume is used,
+	-- but with wrong owner.
+	, File.dirExists gitbuilderdir
+	, File.ownerGroup gitbuilderdir builduser builduser
+	, check (not <$> (doesDirectoryExist (gitbuilderdir </> ".git"))) $ 
+		userScriptProperty builduser
+			[ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
+			, "cd " ++ gitbuilderdir
+			, "git checkout " ++ buildarch
+			]
+			`describe` "gitbuilder setup"
 	, check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser
 		[ "git clone git://git-annex.branchable.com/ " ++ builddir
 		]
@@ -90,16 +93,3 @@ cabalDeps = flagFile go cabalupdated
 	where
 		go = userScriptProperty builduser ["cabal update && cabal install git-annex --only-dependencies || true"]
 		cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
-
--- Ensure a ssh key is set up, and allow it to be used to ssh in
-sshKeyGen :: Property
-sshKeyGen = combineProperties "sshkeygen"
-	[ flagFile gen privkey
-	, flagFile auth authkeys
-	]
-  where
-  	gen = userScriptProperty builduser ["ssh-keygen -t RSA -N '' -f " ++ privkey]
-	auth = userScriptProperty builduser ["cp " ++ pubkey ++ " " ++ authkeys]
-	privkey = homedir </> ".ssh" </> "id_rsa"
-	pubkey = privkey ++ ".pub"
-	authkeys = homedir </> ".ssh" </> "authorized_keys"