diff options
| author | Joey Hess <joeyh@joeyh.name> | 2015-10-10 15:17:15 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-10-10 15:17:15 -0400 |
| commit | 480a25aaa804208d76cd362c9a6bd222ec66dee6 (patch) | |
| tree | 7fae0a11735caab29e5c1106a243d7527b25e3d8 /src/Propellor/Property/OpenId.hs | |
| parent | 1799f634d89f588eeaef6ff2f6226adf5add3389 (diff) | |
| parent | 63d653ee19b0f1bf2f4115d9f4ae9a93b00bae90 (diff) | |
Merge branch 'joeyconfig'
Diffstat (limited to 'src/Propellor/Property/OpenId.hs')
| -rw-r--r-- | src/Propellor/Property/OpenId.hs | 38 |
1 files changed, 29 insertions, 9 deletions
diff --git a/src/Propellor/Property/OpenId.hs b/src/Propellor/Property/OpenId.hs index 1f6f2559..ae437518 100644 --- a/src/Propellor/Property/OpenId.hs +++ b/src/Propellor/Property/OpenId.hs @@ -1,21 +1,34 @@ module Propellor.Property.OpenId where -import Propellor +import Propellor.Base import qualified Propellor.Property.File as File import qualified Propellor.Property.Apt as Apt -import qualified Propellor.Property.Service as Service +import qualified Propellor.Property.Apache as Apache import Data.List -providerFor :: [User] -> String -> Property HasInfo -providerFor users baseurl = propertyList desc $ map toProp - [ Apt.serviceInstalledRunning "apache2" - , Apt.installed ["simpleid"] - `onChange` Service.restarted "apache2" - , File.fileProperty (desc ++ " configured") +-- | Openid provider, using the simpleid PHP CGI, with apache. +-- +-- Runs on usual port by default. When a nonstandard port is specified, +-- apache is limited to listening only on that port. Warning: Specifying +-- a port won't compose well with other apache properties on the same +-- host. +-- +-- It's probably a good idea to put this property inside a docker or +-- systemd-nspawn container. +providerFor :: [User] -> HostName -> Maybe Port -> Property HasInfo +providerFor users hn mp = propertyList desc $ props + & Apt.serviceInstalledRunning "apache2" + & apacheconfigured + & Apt.installed ["simpleid"] + `onChange` Apache.restarted + & File.fileProperty (desc ++ " configured") (map setbaseurl) "/etc/simpleid/config.inc" - ] ++ map identfile users + & propertyList desc (map identfile users) where + baseurl = hn ++ case mp of + Nothing -> "" + Just (Port p) -> show p url = "http://"++baseurl++"/simpleid" desc = "openid provider " ++ url setbaseurl l @@ -23,6 +36,13 @@ providerFor users baseurl = propertyList desc $ map toProp "define('SIMPLEID_BASE_URL', '"++url++"');" | otherwise = l + apacheconfigured = case mp of + Nothing -> toProp $ + Apache.virtualHost hn (Port 80) "/var/www/html" + Just p -> propertyList desc $ props + & Apache.listenPorts [p] + & Apache.virtualHost hn p "/var/www/html" + -- the identities directory controls access, so open up -- file mode identfile (User u) = File.hasPrivContentExposed |