Merge branch 'joeyconfig'

10 files changed, 63 insertions, 30 deletions

diff --git a/config-joey.hs b/config-joey.hs
index 5c3d376b..e84eb360 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -261,23 +261,32 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
 	& Ssh.passwordAuthentication True
 	-- Since ssh password authentication is allowed:
 	& Fail2Ban.installed
+	& Apt.serviceInstalledRunning "ntp"
+	& "/etc/timezone" `File.hasContent` ["US/Eastern"]
+
 	& Obnam.backupEncrypted "/" (Cron.Times "33 1 * * *")
-		[ "--repository=sftp://2318@usw-s002.rsync.net/~/kite.obnam"
+		[ "--repository=sftp://2318@usw-s002.rsync.net/~/kite-root.obnam"
 		, "--client-name=kitenet.net"
+		, "--exclude=/home"
 		, "--exclude=/var/cache"
 		, "--exclude=/var/tmp"
-		, "--exclude=/home/joey/lib"
+		, "--exclude=/srv/git"
+		, "--exclude=/var/spool/oldusenet"
 		, "--exclude=.*/tmp/"
 		, "--one-file-system"
 		, Obnam.keepParam [Obnam.KeepDays 7, Obnam.KeepWeeks 4, Obnam.KeepMonths 6]
 		] Obnam.OnlyClient (Gpg.GpgKeyId "98147487")
-		`requires` Ssh.userKeys (User "root")
-			(Context "kite.kitenet.net")
-			[ (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5Gza2sNqSKfNtUN4dN/Z3rlqw18nijmXFx6df2GtBoZbkIak73uQfDuZLP+AXlyfHocwdkdHEf/zrxgXS4EokQMGLZhJ37Pr3edrEn/NEnqroiffw7kyd7EqaziA6UOezcLTjWGv+Zqg9JhitYs4WWTpNzrPH3yQf1V9FunZnkzb4gJGndts13wGmPEwSuf+QHbgQvjMOMCJwWSNcJGdhDR66hFlxfG26xx50uIczXYAbgLfHp5W6WuR/lcaS9J6i7HAPwcsPDA04XDinrcpl29QwsMW1HyGS/4FSCgrDqNZ2jzP49Bka78iCLRqfl1efyYas/Zo1jQ0x+pxq2RMr root@kite")
-			]
+		`requires` rootsshkey
+		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
+	& Obnam.backupEncrypted "/home" (Cron.Times "33 3 * * *")
+		[ "--repository=sftp://2318@usw-s002.rsync.net/~/kite-home.obnam"
+		, "--client-name=kitenet.net"
+		, "--exclude=/home/joey/lib"
+		, "--one-file-system"
+		, Obnam.keepParam [Obnam.KeepDays 7, Obnam.KeepWeeks 4, Obnam.KeepMonths 6]
+		] Obnam.OnlyClient (Gpg.GpgKeyId "98147487")
+		`requires` rootsshkey
 		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
-	& Apt.serviceInstalledRunning "ntp"
-	& "/etc/timezone" `File.hasContent` ["US/Eastern"]
 
 	& alias "smtp.kitenet.net"
 	& alias "imap.kitenet.net"
@@ -337,6 +346,11 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
 	& Apache.httpsVirtualHost "letsencrypt.joeyh.name" "/var/www/html"
 		(LetsEncrypt.AgreeTOS (Just "id@joeyh.name"))
 	& alias "letsencrypt.joeyh.name"
+  where
+	rootsshkey = Ssh.userKeys (User "root")
+		(Context "kite.kitenet.net")
+		[ (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5Gza2sNqSKfNtUN4dN/Z3rlqw18nijmXFx6df2GtBoZbkIak73uQfDuZLP+AXlyfHocwdkdHEf/zrxgXS4EokQMGLZhJ37Pr3edrEn/NEnqroiffw7kyd7EqaziA6UOezcLTjWGv+Zqg9JhitYs4WWTpNzrPH3yQf1V9FunZnkzb4gJGndts13wGmPEwSuf+QHbgQvjMOMCJwWSNcJGdhDR66hFlxfG26xx50uIczXYAbgLfHp5W6WuR/lcaS9J6i7HAPwcsPDA04XDinrcpl29QwsMW1HyGS/4FSCgrDqNZ2jzP49Bka78iCLRqfl1efyYas/Zo1jQ0x+pxq2RMr root@kite")
+		]
 
 elephant :: Host
 elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
@@ -583,7 +597,7 @@ myDnsPrimary dnssec domain extras = (if dnssec then Dns.signedPrimary (Weekly No
 monsters :: [Host]    -- Systems I don't manage with propellor,
 monsters =            -- but do want to track their public keys etc.
 	[ host "usw-s002.rsync.net"
-		& Ssh.hostPubKey SshEd25519 "ssh-ed25519 SHA256:DBW4gxagH9Q3Avnus+dxaoOS5L/Q/tZlT42bcoMp+4Y"
+		& Ssh.hostPubKey SshEd25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB7yTEBGfQYdwG/oeL+U9XPMIh/dW7XNs9T+M79YIOrd"
 	, host "github.com" 
 		& Ssh.hostPubKey SshRsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="
 	, host "gitlab.com"
diff --git a/debian/changelog b/debian/changelog
index 729fe42d..cf74edaf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+propellor (2.16.0) UNRELEASED; urgency=medium
+
+  * Obnam: Only let one backup job run at a time when a host has multiple
+    different backup properties, to avoid concurrent jobs fighting over
+    scarce resources (particularly memory). Other jobs block on a lock
+    file.
+  * Removed references to *buntu from code and documentation because of
+    an unfortunate trademark use policy.
+    http://joeyh.name/blog/entry/trademark_nonsense/
+  * That included changing a data constructor to "FooBuntu", an API change.
+
+ -- Joey Hess <id@joeyh.name>  Fri, 19 Feb 2016 11:29:53 -0400
+
 propellor (2.15.4) unstable; urgency=medium
 
   * Build /usr/src/propellor/propellor.git reproducibly,
diff --git a/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment b/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment
index 5c03304b..ed972c01 100644
--- a/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment
+++ b/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment
@@ -7,13 +7,13 @@ I have heard of propellor being used on OSX. Probably that user wrote their
 own code for OSX specific stuff.
 
 Propellor properites can be parameterized by OS. Currently it has support
-for Debian and some untested support for Ubuntu. A property can be parameterized
+for Debian and some untested support for *buntu. A property can be parameterized
 like this:
 
 	foo :: Property
 	foo = property "foo" withOS desc $ \o -> case o of
 	                (Just (System (Debian _) _)) -> ensureProperty fooDebian
-	                (Just (System (Ubuntu _) _)) -> ensureProperty fooUbuntu
+	                (Just (System (FooBuntu _) _)) -> ensureProperty fooBuntu
 
 The first step for adding a new OS will be to modify <http://hackage.haskell.org/package/propellor/docs/Propellor-Types-OS.html>.
 Compilation will then warn about all OS parameterized properties that
diff --git a/propellor.cabal b/propellor.cabal
index 3e6c3c37..4d8e7f26 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
 Name: propellor
-Version: 2.15.4
+Version: 2.16.0
 Cabal-Version: >= 1.8
 License: BSD3
 Maintainer: Joey Hess <id@joeyh.name>
diff --git a/src/Propellor/Property.hs b/src/Propellor/Property.hs
index a83bffc4..eee1409c 100644
--- a/src/Propellor/Property.hs
+++ b/src/Propellor/Property.hs
@@ -255,7 +255,7 @@ isNewerThan x y = do
 --
 -- > myproperty = withOS "foo installed" $ \o -> case o of
 -- > 	(Just (System (Debian suite) arch)) -> ...
--- > 	(Just (System (Ubuntu release) arch)) -> ...
+-- > 	(Just (System (FooBuntu release) arch)) -> ...
 -- >	Nothing -> ...
 withOS :: Desc -> (Maybe System -> Propellor Result) -> Property NoInfo
 withOS desc a = property desc $ a =<< getOS
diff --git a/src/Propellor/Property/Chroot.hs b/src/Propellor/Property/Chroot.hs
index cfa70e9f..44d7036d 100644
--- a/src/Propellor/Property/Chroot.hs
+++ b/src/Propellor/Property/Chroot.hs
@@ -90,7 +90,7 @@ data Debootstrapped = Debootstrapped Debootstrap.DebootstrapConfig
 instance ChrootBootstrapper Debootstrapped where
 	buildchroot (Debootstrapped cf) system loc = case system of
 		(Just s@(System (Debian _) _)) -> Right $ debootstrap s
-		(Just s@(System (Ubuntu _) _)) -> Right $ debootstrap s
+		(Just s@(System (FooBuntu _) _)) -> Right $ debootstrap s
 		Nothing -> Left "Cannot debootstrap; `os` property not specified"
 	  where
 		debootstrap s = Debootstrap.built loc s cf
diff --git a/src/Propellor/Property/Debootstrap.hs b/src/Propellor/Property/Debootstrap.hs
index 61912b32..445c0629 100644
--- a/src/Propellor/Property/Debootstrap.hs
+++ b/src/Propellor/Property/Debootstrap.hs
@@ -91,7 +91,7 @@ built' installprop target system@(System _ arch) config =
 	
 extractSuite :: System -> Maybe String
 extractSuite (System (Debian s) _) = Just $ Apt.showSuite s
-extractSuite (System (Ubuntu r) _) = Just r
+extractSuite (System (FooBuntu r) _) = Just r
 
 -- | Ensures debootstrap is installed.
 --
@@ -108,12 +108,12 @@ installed = install <!> remove
 			)
 
 	installon (Just (System (Debian _) _)) = aptinstall
-	installon (Just (System (Ubuntu _) _)) = aptinstall
+	installon (Just (System (FooBuntu _) _)) = aptinstall
 	installon _ = sourceInstall
 
 	remove = withOS "debootstrap removed" $ ensureProperty . removefrom
 	removefrom (Just (System (Debian _) _)) = aptremove
-	removefrom (Just (System (Ubuntu _) _)) = aptremove
+	removefrom (Just (System (FooBuntu _) _)) = aptremove
 	removefrom _ = sourceRemove
 			
 	aptinstall = Apt.installed ["debootstrap"]
diff --git a/src/Propellor/Property/OS.hs b/src/Propellor/Property/OS.hs
index 1f22888c..403b1df3 100644
--- a/src/Propellor/Property/OS.hs
+++ b/src/Propellor/Property/OS.hs
@@ -85,8 +85,8 @@ cleanInstallOnce confirmation = check (not <$> doesFileExist flagfile) $
 
 	osbootstrapped = withOS (newOSDir ++ " bootstrapped") $ \o -> case o of
 		(Just d@(System (Debian _) _)) -> debootstrap d
-		(Just u@(System (Ubuntu _) _)) -> debootstrap u
-		_ -> error "os is not declared to be Debian or Ubuntu"
+		(Just u@(System (FooBuntu _) _)) -> debootstrap u
+		_ -> error "os is not declared to be Debian or *buntu"
 	
 	debootstrap targetos = ensureProperty $
 		-- Ignore the os setting, and install debootstrap from
diff --git a/src/Propellor/Property/Obnam.hs b/src/Propellor/Property/Obnam.hs
index 92c97f18..666328ac 100644
--- a/src/Propellor/Property/Obnam.hs
+++ b/src/Propellor/Property/Obnam.hs
@@ -36,6 +36,10 @@ data NumClients = OnlyClient | MultipleClients
 --
 -- Note that this property does not make obnam encrypt the backup
 -- repository.
+--
+-- Since obnam uses a fair amount of system resources, only one obnam
+-- backup job will be run at a time. Other jobs will wait their turns to
+-- run.
 backup :: FilePath -> Cron.Times -> [ObnamParam] -> NumClients -> Property NoInfo
 backup dir crontimes params numclients =
 	backup' dir crontimes params numclients
@@ -59,16 +63,18 @@ backup' dir crontimes params numclients = cronjob `describe` desc
   where
 	desc = dir ++ " backed up by obnam"
 	cronjob = Cron.niceJob ("obnam_backup" ++ dir) crontimes (User "root") "/" $
-		unwords $ catMaybes
-			[ if numclients == OnlyClient
-				-- forcelock fails if repo does not exist yet
-				then Just $ forcelockcmd ++ " 2>/dev/null ;"
-				else Nothing
-			, Just backupcmd
-			, if any isKeepParam params
-				then Just $ "&& " ++ forgetcmd
-				else Nothing
-			]
+		"flock " ++ shellEscape lockfile ++ " sh -c " ++ shellEscape cmdline
+	lockfile = "/var/lock/propellor-obnam.lock"
+	cmdline = unwords $ catMaybes
+		[ if numclients == OnlyClient
+			-- forcelock fails if repo does not exist yet
+			then Just $ forcelockcmd ++ " 2>/dev/null ;"
+			else Nothing
+		, Just backupcmd
+		, if any isKeepParam params
+			then Just $ "&& " ++ forgetcmd
+			else Nothing
+		]
 	forcelockcmd = unwords $
 		[ "obnam"
 		, "force-lock"
diff --git a/src/Propellor/Types/OS.hs b/src/Propellor/Types/OS.hs
index 447d4396..6c2dd28e 100644
--- a/src/Propellor/Types/OS.hs
+++ b/src/Propellor/Types/OS.hs
@@ -24,7 +24,7 @@ data System = System Distribution Architecture
 
 data Distribution
 	= Debian DebianSuite
-	| Ubuntu Release
+	| FooBuntu Release -- ^ "*buntu" (The actual name of this distribution is not used in Propellor per <http://joeyh.name/blog/entry/trademark_nonsense/>)
 	deriving (Show, Eq)
 
 -- | Debian has several rolling suites, and a number of stable releases,