Merge branch 'joeyconfig'

Conflicts:
	privdata.joey/privdata.gpg

1 files changed, 49 insertions, 36 deletions

diff --git a/config-joey.hs b/config-joey.hs
index 73c9687b..dec2701b 100644
--- a/config-joey.hs
+++ b/config-joey.hs
@@ -76,7 +76,6 @@ darkstar = host "darkstar.kitenet.net"
 	& ipv6 "2001:4830:1600:187::2" -- sixxs tunnel
 
 	& Apt.buildDep ["git-annex"] `period` Daily
-	& Docker.configured
 
 	& JoeySites.postfixClientRelay (Context "darkstar.kitenet.net")
 	& JoeySites.dkimMilter
@@ -84,7 +83,6 @@ darkstar = host "darkstar.kitenet.net"
 gnu :: Host
 gnu = host "gnu.kitenet.net"
 	& Apt.buildDep ["git-annex"] `period` Daily
-	& Docker.configured
 
 	& JoeySites.postfixClientRelay (Context "gnu.kitenet.net")
 	& JoeySites.dkimMilter
@@ -98,18 +96,18 @@ clam = standardSystem "clam.kitenet.net" Unstable "amd64"
 	& Ssh.randomHostKeys
 	& Apt.unattendedUpgrades
 	& Network.ipv6to4
+
 	& Tor.isRelay
 	& Tor.named "kite1"
 	& Tor.bandwidthRate (Tor.PerMonth "400 GB")
 
-	& Docker.configured
-	& Docker.garbageCollected `period` Daily
-	& Docker.docked webserver
+	& Systemd.nspawned webserver
 	& File.dirExists "/var/www/html"
-	& File.notPresent "/var/www/html/index.html"
-	& "/var/www/index.html" `File.hasContent` ["hello, world"]
+	& File.notPresent "/var/www/index.html"
+	& "/var/www/html/index.html" `File.hasContent` ["hello, world"]
 	& alias "helloworld.kitenet.net"
-	& Docker.docked oldusenetShellBox
+	
+	& Systemd.nspawned oldusenetShellBox
 
 	& JoeySites.scrollBox
 	& alias "scroll.joeyh.name"
@@ -133,9 +131,11 @@ orca = standardSystem "orca.kitenet.net" Unstable "amd64"
 	& Apt.serviceInstalledRunning "ntp"
 	& Systemd.persistentJournal
 
-	& Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer
+	& Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+		GitAnnexBuilder.standardAutoBuilder
 		(System (Debian Testing) "amd64") fifteenpast "2h")
-	& Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer
+	& Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+		GitAnnexBuilder.standardAutoBuilder
 		(System (Debian Testing) "i386") fifteenpast "2h")
 	& Systemd.nspawned (GitAnnexBuilder.androidAutoBuilderContainer
 		(Cron.Times "1 1 * * *") "3h")
@@ -151,15 +151,20 @@ honeybee = standardSystem "honeybee.kitenet.net" Testing "armhf"
 	-- (Also, system is not currently running a stock kernel,
 	-- although it should be able to.)
 	& Postfix.satellite
-	& Apt.serviceInstalledRunning "ntp"
 	& Apt.serviceInstalledRunning "aiccu"
+	& Apt.serviceInstalledRunning "swapspace"
+	& Apt.serviceInstalledRunning "ntp"
 
 	-- Not using systemd-nspawn because it's broken (kernel issue?)
-	-- & Systemd.nspawned (GitAnnexBuilder.standardAutoBuilderContainer
-	-- 	osver Cron.Daily "22h")
+	-- & Systemd.nspawned (GitAnnexBuilder.autoBuilderContainer
+	-- 	GitAnnexBuilder.armAutoBuilder
+	-- 		builderos Cron.Daily "22h")
 	& Chroot.provisioned 
 		(Chroot.debootstrapped builderos mempty "/var/lib/container/armel-git-annex-builder"
-			& GitAnnexBuilder.standardAutoBuilder builderos Cron.Daily "22h")
+			& "/etc/timezone" `File.hasContent` ["America/New_York"]
+			& GitAnnexBuilder.armAutoBuilder
+				builderos (Cron.Times "1 1 * * *") "12h"
+		)
   where
 	-- Using unstable to get new enough ghc for TH on arm.
 	builderos = System (Debian Unstable) "armel"
@@ -247,9 +252,6 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64"
 		, "zsh"
 		]
 	
-	& Docker.configured
-	& Docker.garbageCollected `period` Daily
-	
 	& alias "nntp.olduse.net"
 	& JoeySites.oldUseNetServer hosts
 	
@@ -306,13 +308,14 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
 	& myDnsSecondary
 	
 	& Docker.configured
-	& Docker.docked oldusenetShellBox
 	& Docker.docked openidProvider
 		`requires` Apt.serviceInstalledRunning "ntp"
 	& Docker.docked ancientKitenet
 	& Docker.docked jerryPlay
 	& Docker.garbageCollected `period` (Weekly (Just 1))
 	
+	& Systemd.nspawned oldusenetShellBox
+	
 	& JoeySites.scrollBox
 	& alias "scroll.joeyh.name"
 	& alias "eu.scroll.joeyh.name"
@@ -320,7 +323,7 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64"
 	-- For https port 443, shellinabox with ssh login to
 	-- kitenet.net
 	& alias "shell.kitenet.net"
-	& Docker.docked kiteShellBox
+	& Systemd.nspawned kiteShellBox
 	-- Nothing is using http port 80, so listen on
 	-- that port for ssh, for traveling on bad networks that
 	-- block 22.
@@ -397,22 +400,21 @@ iabak = host "iabak.archiveteam.org"
        --'                        __|II|      ,.
      ----                      __|II|II|__   (  \_,/\
 --'-------'\o/-'-.-'-.-'-.- __|II|II|II|II|___/   __/ -'-.-'-.-'-.-'-.-'-.-'-
--------------------------- |      [Docker]       / --------------------------
+-------------------------- |   [Containers]      / --------------------------
 -------------------------- :                    / ---------------------------
 --------------------------- \____, o          ,' ----------------------------
 ---------------------------- '--,___________,'  -----------------------------
 
 -- Simple web server, publishing the outside host's /var/www
-webserver :: Docker.Container
+webserver :: Systemd.Container
 webserver = standardStableContainer "webserver"
-	& Docker.publish "80:80"
-	& Docker.volume "/var/www:/var/www"
+	& Systemd.bind "/var/www"
 	& Apt.serviceInstalledRunning "apache2"
 
 -- My own openid provider. Uses php, so containerized for security
 -- and administrative sanity.
 openidProvider :: Docker.Container
-openidProvider = standardStableContainer "openid-provider"
+openidProvider = standardStableDockerContainer "openid-provider"
 	& alias "openid.kitenet.net"
 	& Docker.publish "8081:80"
 	& OpenId.providerFor [User "joey", User "liw"]
@@ -420,32 +422,30 @@ openidProvider = standardStableContainer "openid-provider"
 
 -- Exhibit: kite's 90's website.
 ancientKitenet :: Docker.Container
-ancientKitenet = standardStableContainer "ancient-kitenet"
+ancientKitenet = standardStableDockerContainer "ancient-kitenet"
 	& alias "ancient.kitenet.net"
 	& Docker.publish "1994:80"
 	& Apt.serviceInstalledRunning "apache2"
-	& Git.cloned (User "root") "git://kitenet-net.branchable.com/" "/var/www"
+	& Git.cloned (User "root") "git://kitenet-net.branchable.com/" "/var/www/html"
 		(Just "remotes/origin/old-kitenet.net")
 
-oldusenetShellBox :: Docker.Container
+oldusenetShellBox :: Systemd.Container
 oldusenetShellBox = standardStableContainer "oldusenet-shellbox"
 	& alias "shell.olduse.net"
-	& Docker.publish "4200:4200"
 	& JoeySites.oldUseNetShellBox
 
 jerryPlay :: Docker.Container
-jerryPlay = standardContainer "jerryplay" Unstable "amd64"
+jerryPlay = standardDockerContainer "jerryplay" Unstable "amd64"
 	& alias "jerryplay.kitenet.net"
 	& Docker.publish "2202:22"
 	& Docker.publish "8001:80"
 	& Apt.installed ["ssh"]
 	& User.hasSomePassword (User "root")
 	& Ssh.permitRootLogin True
-	
-kiteShellBox :: Docker.Container
+
+kiteShellBox :: Systemd.Container
 kiteShellBox = standardStableContainer "kiteshellbox"
 	& JoeySites.kiteShellBox
-	& Docker.publish "443:443"
 
 type Motd = [String]
 
@@ -476,12 +476,25 @@ standardSystemUnhardened hn suite arch motd = host hn
 	& Apt.removed ["exim4", "exim4-daemon-light", "exim4-config", "exim4-base"]
 		`onChange` Apt.autoRemove
 
-standardStableContainer :: Docker.ContainerName -> Docker.Container
+-- This is my standard container setup, Featuring automatic upgrades.
+standardContainer :: Systemd.MachineName -> DebianSuite -> Architecture -> Systemd.Container
+standardContainer name suite arch = Systemd.container name chroot
+	& os system
+	& Apt.stdSourcesList `onChange` Apt.upgrade
+	& Apt.unattendedUpgrades
+	& Apt.cacheCleaned
+  where
+	system = System (Debian suite) arch
+	chroot = Chroot.debootstrapped system mempty
+
+standardStableContainer :: Systemd.MachineName -> Systemd.Container
 standardStableContainer name = standardContainer name (Stable "jessie") "amd64"
 
--- This is my standard container setup, Featuring automatic upgrades.
-standardContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Docker.Container
-standardContainer name suite arch = Docker.container name (dockerImage system)
+standardStableDockerContainer :: Docker.ContainerName -> Docker.Container
+standardStableDockerContainer name = standardDockerContainer name (Stable "jessie") "amd64"
+
+standardDockerContainer :: Docker.ContainerName -> DebianSuite -> Architecture -> Docker.Container
+standardDockerContainer name suite arch = Docker.container name (dockerImage system)
 	& os system
 	& Apt.stdSourcesList `onChange` Apt.upgrade
 	& Apt.unattendedUpgrades