Merge branch 'master' into joeyconfig

author: Joey Hess <joeyh@joeyh.name> 2018-02-27 12:09:46 -0400
committer: Joey Hess <joeyh@joeyh.name> 2018-02-27 12:09:46 -0400
commit: 3919fa183bce29d4fbdbdcc4bd780e462dd6700f (patch)
tree: 1e549d69ec771d7f5505b94c93c5843bd44850fb /src/Propellor/Property/Openssl.hs
parent: 3e1d8b6b6cbbb4d9560fb0d2ea1aec22e5f19239 (diff)
parent: 094a6419f7e5ddb0566e10ef4122306187dc00d7 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/src/Propellor/Property/Openssl.hs b/src/Propellor/Property/Openssl.hs
new file mode 100644
index 00000000..a91b8195
--- /dev/null
+++ b/src/Propellor/Property/Openssl.hs
@@ -0,0 +1,29 @@
+-- | Maintainer: Félix Sipma <felix+propellor@gueux.org>
+
+module Propellor.Property.Openssl where
+
+import Propellor.Base
+import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.File as File
+import Utility.FileMode
+import Utility.SafeCommand
+
+
+installed :: Property DebianLike
+installed = Apt.installed ["openssl"]
+
+dhparamsLength :: Int
+dhparamsLength = 2048
+
+dhparams :: FilePath
+dhparams = "/etc/ssl/private/dhparams.pem"
+
+safeDhparams :: Property DebianLike
+safeDhparams = propertyList "safe dhparams" $ props
+	& File.dirExists (takeDirectory dhparams)
+	& installed
+	& check (not <$> doesFileExist dhparams) (createDhparams dhparams dhparamsLength)
+
+createDhparams :: FilePath -> Int -> Property UnixLike
+createDhparams f l = property ("generate new dhparams: " ++ f) $ liftIO $ withUmask 0o0177 $ withFile f WriteMode $ \h ->
+	cmdResult <$> boolSystem' "openssl" [Param "dhparam", Param (show l)] (\p -> p { std_out = UseHandle h })
author	Joey Hess <joeyh@joeyh.name>	2018-02-27 12:09:46 -0400
committer	Joey Hess <joeyh@joeyh.name>	2018-02-27 12:09:46 -0400
commit	3919fa183bce29d4fbdbdcc4bd780e462dd6700f (patch)
tree	1e549d69ec771d7f5505b94c93c5843bd44850fb /src/Propellor/Property/Openssl.hs
parent	3e1d8b6b6cbbb4d9560fb0d2ea1aec22e5f19239 (diff)
parent	094a6419f7e5ddb0566e10ef4122306187dc00d7 (diff)