diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-09-15 21:52:01 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-09-15 21:52:01 -0400 |
| commit | e11363625f29ab0f45a3db989f3245398c2a4182 (patch) | |
| tree | af49bb2de6cf31c2f194fe621a52a19bf54bdb50 | |
| parent | b81abff0d4cd9266115ded70129a2ac357b20cef (diff) | |
propellor spin
| -rw-r--r-- | joeyconfig.hs | 15 | ||||
| -rw-r--r-- | src/Propellor/Property/Tor.hs | 2 |
2 files changed, 16 insertions, 1 deletions
diff --git a/joeyconfig.hs b/joeyconfig.hs index bfdc2795..48b34392 100644 --- a/joeyconfig.hs +++ b/joeyconfig.hs @@ -457,12 +457,14 @@ pell = host "pell.branchable.com" $ props & Apt.unattendedUpgrades & Branchable.server hosts +-- See https://joeyh.name/code/keysafe/servers/ for requirements. keysafe :: Host keysafe = host "keysafe.joeyh.name" $ props & ipv4 "139.59.17.168" & Hostname.sane & osDebian (Stable "jessie") X86_64 & Apt.stdSourcesList `onChange` Apt.upgrade + & Apt.unattendedUpgrades & DigitalOcean.distroKernel -- This is a 500 mb VM, so need more ram to build propellor. & Apt.serviceInstalledRunning "swapspace" @@ -491,6 +493,19 @@ keysafe = host "keysafe.joeyh.name" $ props & Tor.bandwidthRate (Tor.PerMonth "750 GB") -- keysafe installed manually until package is available + + & Obnam.backupEncrypted "/var/lib/keysafe" (Cron.Times "42 9 * * *") + [ "--repository=sftp://2318@usw-s002.rsync.net/~/keysafe.obnam" + , "--client-name=keysafe.joeyh.name" + , Obnam.keepParam [Obnam.KeepDays 7, Obnam.KeepWeeks 4] + ] Obnam.OnlyClient (Gpg.GpgKeyId "98147487") + `requires` rootsshkey + `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root") + where + rootsshkey = Ssh.userKeys (User "root") + (Context "keysafe.joeyh.name") + [ (SshEd25519, "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEx8bK9ZbXVEgEvxQeXLjnr9cGa/QvoB459aglP529My root@keysafe") + ] iabak :: Host iabak = host "iabak.archiveteam.org" $ props diff --git a/src/Propellor/Property/Tor.hs b/src/Propellor/Property/Tor.hs index 5b8a84ea..ea9f39ed 100644 --- a/src/Propellor/Property/Tor.hs +++ b/src/Propellor/Property/Tor.hs @@ -145,7 +145,7 @@ hiddenServiceAvailable hn port = hiddenServiceHostName $ hiddenService hn port r <- satisfy mh <- liftIO $ tryIO $ readFile (varLib </> hn </> "hostname") case mh of - Right h -> infoMessage $ unwords ["hidden service hostname:", h] + Right h -> infoMessage ["hidden service hostname:", h] Left _e -> warningMessage "hidden service hostname not available yet" return r |