diff options
| author | Joey Hess <joey@kitenet.net> | 2014-04-17 22:28:21 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-04-17 22:28:21 -0400 |
| commit | 27ff3e9f2188f899c1130b5876ed19ca124df3b4 (patch) | |
| tree | 0ee94fa989e4d5b2f6c1539eac35dc0b0ce8db18 /Propellor/Property/Apt.hs | |
| parent | 26548768a53d9f1d26020c1d486c7fd3d6772162 (diff) | |
| parent | bddb6306f533f79da068db897b4938fdd3d29920 (diff) | |
Merge branch 'joeyconfig'
Diffstat (limited to 'Propellor/Property/Apt.hs')
| -rw-r--r-- | Propellor/Property/Apt.hs | 46 |
1 files changed, 40 insertions, 6 deletions
diff --git a/Propellor/Property/Apt.hs b/Propellor/Property/Apt.hs index 3842cb02..d31e8b46 100644 --- a/Propellor/Property/Apt.hs +++ b/Propellor/Property/Apt.hs @@ -17,6 +17,8 @@ sourcesList = "/etc/apt/sources.list" type Url = String type Section = String +type SourcesGenerator = DebianSuite -> [Line] + showSuite :: DebianSuite -> String showSuite Stable = "stable" showSuite Testing = "testing" @@ -39,7 +41,7 @@ srcLine l = case words l of stdSections :: [Section] stdSections = ["main", "contrib", "non-free"] -binandsrc :: String -> DebianSuite -> [Line] +binandsrc :: String -> SourcesGenerator binandsrc url suite | isStable suite = [l, srcLine l, bl, srcLine bl] | otherwise = [l, srcLine l] @@ -47,14 +49,14 @@ binandsrc url suite l = debLine (showSuite suite) url stdSections bl = debLine backportSuite url stdSections -debCdn :: DebianSuite -> [Line] +debCdn :: SourcesGenerator debCdn = binandsrc "http://cdn.debian.net/debian" -kernelOrg :: DebianSuite -> [Line] +kernelOrg :: SourcesGenerator kernelOrg = binandsrc "http://mirrors.kernel.org/debian" -- | Only available for Stable and Testing -securityUpdates :: DebianSuite -> [Line] +securityUpdates :: SourcesGenerator securityUpdates suite | isStable suite || suite == Testing = let l = "deb http://security.debian.org/ " ++ showSuite suite ++ "/updates " ++ unwords stdSections @@ -67,13 +69,27 @@ securityUpdates suite -- Since the CDN is sometimes unreliable, also adds backup lines using -- kernel.org. stdSourcesList :: DebianSuite -> Property -stdSourcesList suite = setSourcesList - (concatMap (\gen -> gen suite) [debCdn, kernelOrg, securityUpdates]) +stdSourcesList suite = stdSourcesList' suite [] + +-- | Adds additional sources.list generators. +-- +-- Note that if a Property needs to enable an apt source, it's better +-- to do so via a separate file in /etc/apt/sources.list.d/ +stdSourcesList' :: DebianSuite -> [SourcesGenerator] -> Property +stdSourcesList' suite more = setSourcesList + (concatMap (\gen -> gen suite) generators) `describe` ("standard sources.list for " ++ show suite) + where + generators = [debCdn, kernelOrg, securityUpdates] ++ more setSourcesList :: [Line] -> Property setSourcesList ls = sourcesList `File.hasContent` ls `onChange` update +setSourcesListD :: [Line] -> FilePath -> Property +setSourcesListD ls basename = f `File.hasContent` ls `onChange` update + where + f = "/etc/apt/sources.list.d/" ++ basename ++ ".list" + runApt :: [String] -> Property runApt ps = cmdProperty' "apt-get" ps noninteractiveEnv @@ -208,3 +224,21 @@ reConfigure package vals = reconfigure `requires` setselections -- package names. serviceInstalledRunning :: Package -> Property serviceInstalledRunning svc = Service.running svc `requires` installed [svc] + +data AptKey = AptKey + { keyname :: String + , pubkey :: String + } + +trustsKey :: AptKey -> RevertableProperty +trustsKey k = RevertableProperty trust untrust + where + desc = "apt trusts key " ++ keyname k + f = "/etc/apt/trusted.gpg.d" </> keyname k ++ ".gpg" + untrust = File.notPresent f + trust = check (not <$> doesFileExist f) $ Property desc $ makeChange $ do + withHandle StdinHandle createProcessSuccess + (proc "gpg" ["--no-default-keyring", "--keyring", f, "--import", "-"]) $ \h -> do + hPutStr h (pubkey k) + hClose h + nukeFile $ f ++ "~" -- gpg dropping |