propellor spin

author: Joey Hess <joey@kitenet.net> 2014-05-23 12:30:25 -0400
committer: Joey Hess <joey@kitenet.net> 2014-05-23 12:30:25 -0400
commit: 0ec565a590e0b5e70af4f4f922925e5b0b718376 (patch)
tree: bdf14818215c90e20a1d1bdb4b920d1570b15a60 /src/Propellor/Property/HostingProvider/DigitalOcean.hs
parent: 4f239d1360c87b069279ce1b100db4a057f94e48 (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/src/Propellor/Property/HostingProvider/DigitalOcean.hs b/src/Propellor/Property/HostingProvider/DigitalOcean.hs
new file mode 100644
index 00000000..24dfd356
--- /dev/null
+++ b/src/Propellor/Property/HostingProvider/DigitalOcean.hs
@@ -0,0 +1,21 @@
+module Propellor.Property.HostingProvider.DigitalOcean where
+
+import Propellor
+import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.File as File
+
+-- Digital Ocean does not provide any way to boot
+-- the kernel provided by the distribution, except using kexec.
+-- Without this, some old, and perhaps insecure kernel will be used.
+--
+-- Note that this only causes the new kernel to be loaded on reboot.
+-- If the power is cycled, the old kernel still boots up.
+-- TODO: detect this and reboot immediately?
+distroKernel :: Property
+distroKernel = propertyList "digital ocean distro kernel hack"
+	[ Apt.installed ["grub-pc", "kexec-tools"]
+	, "/etc/default/kexec" `File.containsLines`
+		[ "LOAD_KEXEC=true"
+		, "USE_GRUB_CONFIG=true"
+		]
+	]
author	Joey Hess <joey@kitenet.net>	2014-05-23 12:30:25 -0400
committer	Joey Hess <joey@kitenet.net>	2014-05-23 12:30:25 -0400
commit	0ec565a590e0b5e70af4f4f922925e5b0b718376 (patch)
tree	bdf14818215c90e20a1d1bdb4b920d1570b15a60 /src/Propellor/Property/HostingProvider/DigitalOcean.hs
parent	4f239d1360c87b069279ce1b100db4a057f94e48 (diff)