API change: Added User and Group newtypes, and Properties that used to use the type UserName = String were changed to use them.

Note that UserName is kept and PrivData still uses it in its sum type. This is to avoid breaking PrivData serialization.
author: Joey Hess <joeyh@joeyh.name> 2015-04-22 13:04:39 -0400
committer: Joey Hess <joeyh@joeyh.name> 2015-04-22 13:04:39 -0400
commit: f35ef9d6975710f2d77c2ea708c66500861d92d1 (patch)
tree: ce00d88d1f67109b62dcdec56262e63471fba412 /src/Propellor/Property/SiteSpecific
parent: d3dbdb1f4d47142c20a498dc9279e480900b86c5 (diff)
4 files changed, 70 insertions, 70 deletions
diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
index 102e6a1d..384b2724 100644
--- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
+++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs
@@ -28,7 +28,7 @@ type TimeOut = String -- eg, 5h
 autobuilder :: Architecture -> Times -> TimeOut -> Property HasInfo
 autobuilder arch crontimes timeout = combineProperties "gitannexbuilder" $ props
 	& Apt.serviceInstalledRunning "cron"
-	& Cron.niceJob "gitannexbuilder" crontimes builduser gitbuilderdir
+	& Cron.niceJob "gitannexbuilder" crontimes (User builduser) gitbuilderdir
 		("git pull ; timeout " ++ timeout ++ " ./autobuild")
 	& rsyncpassword
   where
@@ -51,18 +51,18 @@ tree buildarch = combineProperties "gitannexbuilder tree" $ props
 	-- gitbuilderdir directory already exists when docker volume is used,
 	-- but with wrong owner.
 	& File.dirExists gitbuilderdir
-	& File.ownerGroup gitbuilderdir builduser builduser
+	& File.ownerGroup gitbuilderdir (User builduser) (Group builduser)
 	& gitannexbuildercloned
 	& builddircloned
   where
 	gitannexbuildercloned = check (not <$> (doesDirectoryExist (gitbuilderdir </> ".git"))) $ 
-		userScriptProperty builduser
+		userScriptProperty (User builduser)
 			[ "git clone git://git.kitenet.net/gitannexbuilder " ++ gitbuilderdir
 			, "cd " ++ gitbuilderdir
 			, "git checkout " ++ buildarch
 			]
 			`describe` "gitbuilder setup"
-	builddircloned = check (not <$> doesDirectoryExist builddir) $ userScriptProperty builduser
+	builddircloned = check (not <$> doesDirectoryExist builddir) $ userScriptProperty (User builduser)
 		[ "git clone git://git-annex.branchable.com/ " ++ builddir
 		]
 
@@ -89,7 +89,7 @@ buildDepsNoHaskellLibs = Apt.installed
 cabalDeps :: Property NoInfo
 cabalDeps = flagFile go cabalupdated
 	where
-		go = userScriptProperty builduser ["cabal update && cabal install git-annex --only-dependencies || true"]
+		go = userScriptProperty (User builduser) ["cabal update && cabal install git-annex --only-dependencies || true"]
 		cabalupdated = homedir </> ".cabal" </> "packages" </> "hackage.haskell.org" </> "00-index.cache"
 
 standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Docker.Container
@@ -99,7 +99,7 @@ standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.conta
 	& Apt.stdSourcesList
 	& Apt.installed ["systemd"]
 	& Apt.unattendedUpgrades
-	& User.accountFor builduser
+	& User.accountFor (User builduser)
 	& tree arch
 	& buildDepsApt
 	& autobuilder arch (Cron.Times $ show buildminute ++ " * * * *") timeout
@@ -125,9 +125,9 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe
 	& Apt.stdSourcesList
 	& Apt.installed ["systemd"]
 	& Docker.tweaked
-	& User.accountFor builduser
+	& User.accountFor (User builduser)
 	& File.dirExists gitbuilderdir
-	& File.ownerGroup homedir builduser builduser
+	& File.ownerGroup homedir (User builduser) (Group builduser)
 	& buildDepsApt
 	& flagFile chrootsetup ("/chrootsetup")
 		`requires` setupgitannexdir
@@ -139,7 +139,7 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe
 	chrootsetup = scriptProperty
 		[ "cd " ++ gitannexdir ++ " && ./standalone/android/buildchroot-inchroot"
 		]
-	haskellpkgsinstalled = userScriptProperty "builder"
+	haskellpkgsinstalled = userScriptProperty (User builduser)
 		[ "cd " ++ gitannexdir ++ " && ./standalone/android/install-haskell-packages"
 		]
 	osver = System (Debian Testing) "i386" -- once jessie is released, use: (Stable "jessie")
@@ -155,7 +155,7 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-
 	& Apt.installed ["systemd"]
 	-- This volume is shared with the armel builder.
 	& Docker.volume gitbuilderdir
-	& User.accountFor builduser
+	& User.accountFor (User builduser)
 	-- Install current versions of build deps from cabal.
 	& tree "armel"
 	& buildDepsNoHaskellLibs
@@ -163,7 +163,7 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-
 	-- The armel builder can ssh to this companion.
 	& Docker.expose "22"
 	& Apt.serviceInstalledRunning "ssh"
-	& Ssh.authorizedKeys builduser (Context "armel-git-annex-builder")
+	& Ssh.authorizedKeys (User builduser) (Context "armel-git-annex-builder")
 	& Docker.tweaked
 
 armelAutoBuilderContainer :: (System -> Docker.Image) -> Times -> TimeOut -> Docker.Container
@@ -175,7 +175,7 @@ armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "arme
 	& Apt.installed ["openssh-client"]
 	& Docker.link "armel-git-annex-builder-companion" "companion"
 	& Docker.volumes_from "armel-git-annex-builder-companion"
-	& User.accountFor builduser
+	& User.accountFor (User builduser)
 	-- TODO: automate installing haskell libs
 	-- (Currently have to run
 	-- git-annex/standalone/linux/install-haskell-packages
@@ -183,7 +183,7 @@ armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "arme
 	& buildDepsNoHaskellLibs
 	& autobuilder "armel" crontimes timeout
 		`requires` tree "armel"
-	& Ssh.keyImported SshRsa builduser (Context "armel-git-annex-builder")
+	& Ssh.keyImported SshRsa (User builduser) (Context "armel-git-annex-builder")
 	& trivial writecompanionaddress
 	& Docker.tweaked
   where
diff --git a/src/Propellor/Property/SiteSpecific/GitHome.hs b/src/Propellor/Property/SiteSpecific/GitHome.hs
index 59e62d80..d6dce7c0 100644
--- a/src/Propellor/Property/SiteSpecific/GitHome.hs
+++ b/src/Propellor/Property/SiteSpecific/GitHome.hs
@@ -6,9 +6,9 @@ import Propellor.Property.User
 import Utility.SafeCommand
 
 -- | Clones Joey Hess's git home directory, and runs its fixups script.
-installedFor :: UserName -> Property NoInfo
-installedFor user = check (not <$> hasGitDir user) $ 
-	property ("githome " ++ user) (go =<< liftIO (homedir user))
+installedFor :: User -> Property NoInfo
+installedFor user@(User u) = check (not <$> hasGitDir user) $ 
+	property ("githome " ++ u) (go =<< liftIO (homedir user))
 		`requires` Apt.installed ["git"]
   where
 	go home = do
@@ -28,7 +28,7 @@ installedFor user = check (not <$> hasGitDir user) $
 url :: String
 url = "git://git.kitenet.net/joey/home"
 
-hasGitDir :: UserName -> IO Bool
+hasGitDir :: User -> IO Bool
 hasGitDir user = go =<< homedir user
   where
 	go home = doesDirectoryExist (home </> ".git")
diff --git a/src/Propellor/Property/SiteSpecific/IABak.hs b/src/Propellor/Property/SiteSpecific/IABak.hs
index d89e85fb..f50482ff 100644
--- a/src/Propellor/Property/SiteSpecific/IABak.hs
+++ b/src/Propellor/Property/SiteSpecific/IABak.hs
@@ -17,26 +17,26 @@ userrepo = "git@gitlab.com:archiveteam/IA.bak.users.git"
 
 gitServer :: [Host] -> Property HasInfo
 gitServer knownhosts = propertyList "iabak git server" $ props
-	& Git.cloned "root" repo "/usr/local/IA.BAK" (Just "server")
-	& Git.cloned "root" repo "/usr/local/IA.BAK/client" (Just "master")
-	& Ssh.keyImported SshRsa "root" (Context "IA.bak.users.git")
-	& Ssh.knownHost knownhosts "gitlab.com" "root"
-	& Git.cloned "root" userrepo "/usr/local/IA.BAK/pubkeys" (Just "master")
+	& Git.cloned (User "root") repo "/usr/local/IA.BAK" (Just "server")
+	& Git.cloned (User "root") repo "/usr/local/IA.BAK/client" (Just "master")
+	& Ssh.keyImported SshRsa (User "root") (Context "IA.bak.users.git")
+	& Ssh.knownHost knownhosts "gitlab.com" (User "root")
+	& Git.cloned (User "root") userrepo "/usr/local/IA.BAK/pubkeys" (Just "master")
 	& Apt.serviceInstalledRunning "apache2"
 	& cmdProperty "ln" ["-sf", "/usr/local/IA.BAK/pushme.cgi", "/usr/lib/cgi-bin/pushme.cgi"]
 	& File.containsLine "/etc/sudoers" "www-data ALL=NOPASSWD:/usr/local/IA.BAK/pushed.sh"
-	& Cron.niceJob "shardstats" (Cron.Times "*/30 * * * *") "root" "/"
+	& Cron.niceJob "shardstats" (Cron.Times "*/30 * * * *") (User "root") "/"
 		"/usr/local/IA.BAK/shardstats-all"
-	& Cron.niceJob "shardmaint" Cron.Daily "root" "/"
+	& Cron.niceJob "shardmaint" Cron.Daily (User "root") "/"
 		"/usr/local/IA.BAK/shardmaint"
 
 registrationServer :: [Host] -> Property HasInfo
 registrationServer knownhosts = propertyList "iabak registration server" $ props
-	& User.accountFor "registrar"
-	& Ssh.keyImported SshRsa "registrar" (Context "IA.bak.users.git")
-	& Ssh.knownHost knownhosts "gitlab.com" "registrar"
-	& Git.cloned "registrar" repo "/home/registrar/IA.BAK" (Just "server")
-	& Git.cloned "registrar" userrepo "/home/registrar/users" (Just "master")
+	& User.accountFor (User "registrar")
+	& Ssh.keyImported SshRsa (User "registrar") (Context "IA.bak.users.git")
+	& Ssh.knownHost knownhosts "gitlab.com" (User "registrar")
+	& Git.cloned (User "registrar") repo "/home/registrar/IA.BAK" (Just "server")
+	& Git.cloned (User "registrar") userrepo "/home/registrar/users" (Just "master")
 	& Apt.serviceInstalledRunning "apache2"
 	& Apt.installed ["perl", "perl-modules"]
 	& cmdProperty "ln" ["-sf", "/home/registrar/IA.BAK/registrar/register.cgi", link]
@@ -67,7 +67,7 @@ graphiteServer = propertyList "iabak graphite server" $ props
 	& cmdProperty "graphite-manage" ["createsuperuser", "--noinput", "--username=db48x", "--email=db48x@localhost"] `flagFile` "/etc/flagFiles/graphite-user-db48x"
 		`flagFile` "/etc/graphite-superuser-db48x"
 	-- TODO: deal with passwords somehow
-	& File.ownerGroup "/var/lib/graphite/graphite.db" "_graphite" "_graphite"
+	& File.ownerGroup "/var/lib/graphite/graphite.db" (User "_graphite") (Group "_graphite")
 	& "/etc/apache2/ports.conf" `File.containsLine` "Listen 8080"
 		`onChange` Apache.restarted
 	& Apache.siteEnabled "iabak-graphite-web"
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 1a3099f4..e317c3d1 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -24,15 +24,15 @@ import Data.String.Utils
 
 scrollBox :: Property HasInfo
 scrollBox = propertyList "scroll server" $ props
-	& User.accountFor "scroll"
-	& Git.cloned "scroll" "git://git.kitenet.net/scroll" (d </> "scroll") Nothing
+	& User.accountFor (User "scroll")
+	& Git.cloned (User "scroll") "git://git.kitenet.net/scroll" (d </> "scroll") Nothing
 	& Apt.installed ["ghc", "make", "cabal-install", "libghc-vector-dev",
 		"libghc-bytestring-dev", "libghc-mtl-dev", "libghc-ncurses-dev",
 		"libghc-random-dev", "libghc-monad-loops-dev", "libghc-text-dev",
 		"libghc-ifelse-dev", "libghc-case-insensitive-dev",
 		"libghc-transformers-dev",
 		"libghc-data-default-dev", "libghc-optparse-applicative-dev"]
-	& userScriptProperty "scroll"
+	& userScriptProperty (User "scroll")
 		[ "cd " ++ d </> "scroll"
 		, "git pull"
 		, "cabal configure"
@@ -76,7 +76,7 @@ scrollBox = propertyList "scroll server" $ props
 	& Ssh.sshdConfig `File.containsLine` ("DenyUsers scroll")
 		`onChange` Ssh.restarted
 	& cmdProperty "chsh" ["scroll", "-s", s]
-	& User.hasPassword "scroll"
+	& User.hasPassword (User "scroll")
 	& Apt.serviceInstalledRunning "telnetd"
 	& Apt.installed ["shellinabox"]
 	& File.hasContent "/etc/default/shellinabox"
@@ -115,8 +115,8 @@ oldUseNetServer hosts = propertyList "olduse.net server" $ props
 	& Apt.serviceInstalledRunning "openbsd-inetd"
 	& File.notPresent "/etc/cron.daily/leafnode"
 	& File.notPresent "/etc/cron.d/leafnode"
-	& Cron.niceJob "oldusenet-expire" (Cron.Times "11 1 * * *") "news" newsspool expirecommand
-	& Cron.niceJob "oldusenet-uucp" (Cron.Times "*/5 * * * *") "news" "/" uucpcommand
+	& Cron.niceJob "oldusenet-expire" (Cron.Times "11 1 * * *") (User "news") newsspool expirecommand
+	& Cron.niceJob "oldusenet-uucp" (Cron.Times "*/5 * * * *") (User "news") "/" uucpcommand
 	& Apache.siteEnabled "nntp.olduse.net" nntpcfg
   where
 	newsspool = "/var/spool/news"
@@ -140,8 +140,8 @@ oldUseNetServer hosts = propertyList "olduse.net server" $ props
 		, "--client-name=spool"
 		, "--ssh-key=" ++ keyfile
 		] Obnam.OnlyClient
-		`requires` Ssh.keyImported' (Just keyfile) SshRsa "root" (Context "olduse.net")
-		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
+		`requires` Ssh.keyImported' (Just keyfile) SshRsa (User "root") (Context "olduse.net")
+		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
 	keyfile = "/root/.ssh/olduse.net.key"
 
 oldUseNetShellBox :: Property HasInfo
@@ -189,8 +189,8 @@ mumbleServer hosts = combineProperties hn $ props
 		[ "--repository=sftp://2318@usw-s002.rsync.net/~/" ++ hn ++ ".obnam"
 		, "--client-name=mumble"
 		] Obnam.OnlyClient
-		`requires` Ssh.keyImported SshRsa "root" (Context hn)
-		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
+		`requires` Ssh.keyImported SshRsa (User "root") (Context hn)
+		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
 	& trivial (cmdProperty "chown" ["-R", "mumble-server:mumble-server", "/var/lib/mumble-server"])
   where
 	hn = "mumble.debian.net"
@@ -204,10 +204,10 @@ gitServer hosts = propertyList "git.kitenet.net setup" $ props
 		, "--ssh-key=" ++ sshkey
 		, "--client-name=wren" -- historical
 		] Obnam.OnlyClient (Gpg.GpgKeyId "1B169BE1")
-		`requires` Ssh.keyImported' (Just sshkey) SshRsa "root" (Context "git.kitenet.net")
-		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "root"
-		`requires` Ssh.authorizedKeys "family" (Context "git.kitenet.net")
-		`requires` User.accountFor "family"
+		`requires` Ssh.keyImported' (Just sshkey) SshRsa (User "root") (Context "git.kitenet.net")
+		`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
+		`requires` Ssh.authorizedKeys (User "family") (Context "git.kitenet.net")
+		`requires` User.accountFor (User "family")
 	& Apt.installed ["git", "rsync", "gitweb"]
 	& Apt.installed ["git-annex"]
 	& Apt.installed ["kgb-client"]
@@ -222,9 +222,9 @@ gitServer hosts = propertyList "git.kitenet.net setup" $ props
 		]
 		`describe` "gitweb configured"
 	-- Repos push on to github.
-	& Ssh.knownHost hosts "github.com" "joey"
+	& Ssh.knownHost hosts "github.com" (User "joey")
 	-- I keep the website used for gitweb checked into git..
-	& Git.cloned "root" "/srv/git/joey/git.kitenet.net.git" "/srv/web/git.kitenet.net" Nothing
+	& Git.cloned (User "root") "/srv/git/joey/git.kitenet.net.git" "/srv/web/git.kitenet.net" Nothing
 	& website "git.kitenet.net"
 	& website "git.joeyh.name"
 	& Apache.modEnabled "cgi"
@@ -252,7 +252,7 @@ type AnnexUUID = String
 -- | A website, with files coming from a git-annex repository.
 annexWebSite :: Git.RepoUrl -> HostName -> AnnexUUID -> [(String, Git.RepoUrl)] -> Property HasInfo
 annexWebSite origin hn uuid remotes = propertyList (hn ++" website using git-annex") $ props
-	& Git.cloned "joey" origin dir Nothing
+	& Git.cloned (User "joey") origin dir Nothing
 		`onChange` setup
 	& alias hn
 	& postupdatehook `File.hasContent`
@@ -264,7 +264,7 @@ annexWebSite origin hn uuid remotes = propertyList (hn ++" website using git-ann
   where
 	dir = "/srv/web/" ++ hn
 	postupdatehook = dir </> ".git/hooks/post-update"
-	setup = userScriptProperty "joey" setupscript
+	setup = userScriptProperty (User "joey") setupscript
 	setupscript = 
 		[ "cd " ++ shellEscape dir
 		, "git annex reinit " ++ shellEscape uuid
@@ -344,11 +344,11 @@ gitAnnexDistributor = combineProperties "git-annex distributor, including rsync
 	& endpoint "/srv/web/downloads.kitenet.net/git-annex/autobuild/x86_64-apple-yosemite"
 	& endpoint "/srv/web/downloads.kitenet.net/git-annex/autobuild/windows"
 	-- git-annex distribution signing key
-	& Gpg.keyImported (Gpg.GpgKeyId "89C809CB") "joey"
+	& Gpg.keyImported (Gpg.GpgKeyId "89C809CB") (User "joey")
   where
 	endpoint d = combineProperties ("endpoint " ++ d)
 		[ File.dirExists d
-		, File.ownerGroup d "joey" "joey"
+		, File.ownerGroup d (User "joey") (Group "joey")
 		]
 
 downloads :: [Host] -> Property HasInfo
@@ -356,7 +356,7 @@ downloads hosts = annexWebSite "/srv/git/downloads.git"
 	"downloads.kitenet.net"
 	"840760dc-08f0-11e2-8c61-576b7e66acfd"
 	[("eubackup", "ssh://eubackup.kitenet.net/~/lib/downloads/")]
-	`requires` Ssh.knownHost hosts "eubackup.kitenet.net" "joey"
+	`requires` Ssh.knownHost hosts "eubackup.kitenet.net" (User "joey")
 	
 tmp :: Property HasInfo
 tmp = propertyList "tmp.kitenet.net" $ props
@@ -370,16 +370,16 @@ tmp = propertyList "tmp.kitenet.net" $ props
 -- Twitter, you kill us.
 twitRss :: Property HasInfo
 twitRss = combineProperties "twitter rss" $ props
-	& Git.cloned "joey" "git://git.kitenet.net/twitrss.git" dir Nothing
+	& Git.cloned (User "joey") "git://git.kitenet.net/twitrss.git" dir Nothing
 	& check (not <$> doesFileExist (dir </> "twitRss")) compiled
 	& feed "http://twitter.com/search/realtime?q=git-annex" "git-annex-twitter"
 	& feed "http://twitter.com/search/realtime?q=olduse+OR+git-annex+OR+debhelper+OR+etckeeper+OR+ikiwiki+-ashley_ikiwiki" "twittergrep"
   where
 	dir = "/srv/web/tmp.kitenet.net/twitrss"
 	crontime = Cron.Times "15 * * * *"
-	feed url desc = Cron.job desc crontime "joey" dir $
+	feed url desc = Cron.job desc crontime (User "joey") dir $
 		"./twitRss " ++ shellEscape url ++ " > " ++ shellEscape ("../" ++ desc ++ ".rss")
-	compiled = userScriptProperty "joey"
+	compiled = userScriptProperty (User "joey")
 		[ "cd " ++ dir
 		, "ghc --make twitRss" 
 		]
@@ -391,19 +391,19 @@ twitRss = combineProperties "twitter rss" $ props
 
 -- Work around for expired ssl cert.
 pumpRss :: Property NoInfo
-pumpRss = Cron.job "pump rss" (Cron.Times "15 * * * *") "joey" "/srv/web/tmp.kitenet.net/"
+pumpRss = Cron.job "pump rss" (Cron.Times "15 * * * *") (User "joey") "/srv/web/tmp.kitenet.net/"
 	"wget https://pump2rss.com/feed/joeyh@identi.ca.atom -O pump.atom.new --no-check-certificate 2>/dev/null; sed 's/ & / /g' pump.atom.new > pump.atom"
 
 ircBouncer :: Property HasInfo
 ircBouncer = propertyList "IRC bouncer" $ props
 	& Apt.installed ["znc"]
-	& User.accountFor "znc"
+	& User.accountFor (User "znc")
 	& File.dirExists (takeDirectory conf)
 	& File.hasPrivContent conf anyContext
-	& File.ownerGroup conf "znc" "znc"
-	& Cron.job "znconboot" (Cron.Times "@reboot") "znc" "~" "znc"
+	& File.ownerGroup conf (User "znc") (Group "znc")
+	& Cron.job "znconboot" (Cron.Times "@reboot") (User "znc") "~" "znc"
 	-- ensure running if it was not already
-	& trivial (userScriptProperty "znc" ["znc || true"])
+	& trivial (userScriptProperty (User "znc") ["znc || true"])
 		`describe` "znc running"
   where
 	conf = "/home/znc/.znc/configs/znc.conf"
@@ -425,9 +425,9 @@ githubBackup :: Property HasInfo
 githubBackup = propertyList "github-backup box" $ props
 	& Apt.installed ["github-backup", "moreutils"]
 	& githubKeys
-	& Cron.niceJob "github-backup run" (Cron.Times "30 4 * * *") "joey"
+	& Cron.niceJob "github-backup run" (Cron.Times "30 4 * * *") (User "joey")
 		"/home/joey/lib/backup" backupcmd
-	& Cron.niceJob "gitriddance" (Cron.Times "30 4 * * *") "joey"
+	& Cron.niceJob "gitriddance" (Cron.Times "30 4 * * *") (User "joey")
 		"/home/joey/lib/backup" gitriddancecmd
   where
 	backupcmd = intercalate "&&" $
@@ -446,7 +446,7 @@ githubKeys :: Property HasInfo
 githubKeys = 
 	let f = "/home/joey/.github-keys"
 	in File.hasPrivContent f anyContext
-		`onChange` File.ownerGroup f "joey" "joey"
+		`onChange` File.ownerGroup f (User "joey") (Group "joey")
 
 
 -- these repos are only mirrored on github, I don't want
@@ -464,13 +464,13 @@ githubMirrors =
 
 rsyncNetBackup :: [Host] -> Property NoInfo
 rsyncNetBackup hosts = Cron.niceJob "rsync.net copied in daily" (Cron.Times "30 5 * * *")
-	"joey" "/home/joey/lib/backup" "mkdir -p rsync.net && rsync --delete -az 2318@usw-s002.rsync.net: rsync.net"
-	`requires` Ssh.knownHost hosts "usw-s002.rsync.net" "joey"
+	(User "joey") "/home/joey/lib/backup" "mkdir -p rsync.net && rsync --delete -az 2318@usw-s002.rsync.net: rsync.net"
+	`requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "joey")
 
 backupsBackedupFrom :: [Host] -> HostName -> FilePath -> Property NoInfo
 backupsBackedupFrom hosts srchost destdir = Cron.niceJob desc
-	(Cron.Times "@reboot") "joey" "/" cmd
-	`requires` Ssh.knownHost hosts srchost "joey"
+	(Cron.Times "@reboot") (User "joey") "/" cmd
+	`requires` Ssh.knownHost hosts srchost (User "joey")
   where
 	desc = "backups copied from " ++ srchost ++ " on boot"
 	cmd = "rsync -az --bwlimit=300K --partial --delete " ++ srchost ++ ":lib/backup/ " ++ destdir </> srchost
@@ -483,11 +483,11 @@ obnamRepos rs = propertyList ("obnam repos for " ++ unwords rs)
 		`requires` mkdir "/home/joey/lib"
 	mkrepo r = mkdir ("/home/joey/lib/backup/" ++ r ++ ".obnam")
 	mkdir d = File.dirExists d
-		`before` File.ownerGroup d "joey" "joey"
+		`before` File.ownerGroup d (User "joey") (Group "joey")
 
 podcatcher :: Property NoInfo
 podcatcher = Cron.niceJob "podcatcher run hourly" (Cron.Times "55 * * * *")
-	"joey" "/home/joey/lib/sound/podcasts"
+	(User "joey") "/home/joey/lib/sound/podcasts"
 	"xargs git-annex importfeed -c annex.genmetadata=true < feeds; mr --quiet update"
 	`requires` Apt.installed ["git-annex", "myrepos"]
 
@@ -645,7 +645,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
 	& File.hasPrivContent dovecotusers ctx
 		`onChange` (dovecotusers `File.mode`
 			combineModes [ownerReadMode, groupReadMode])
-	& File.ownerGroup dovecotusers "root" "dovecot"
+	& File.ownerGroup dovecotusers (User "root") (Group "dovecot")
 
 	& Apt.installed ["mutt", "bsd-mailx", "alpine"]
 
@@ -713,7 +713,7 @@ dkimInstalled = go `onChange` Service.restarted "opendkim"
 		& Apt.serviceInstalledRunning "opendkim"
 		& File.dirExists "/etc/mail"
 		& File.hasPrivContent "/etc/mail/dkim.key" (Context "kitenet.net")
-		& File.ownerGroup "/etc/mail/dkim.key" "opendkim" "opendkim"
+		& File.ownerGroup "/etc/mail/dkim.key" (User "opendkim") (Group "opendkim")
 		& "/etc/default/opendkim" `File.containsLine`
 			"SOCKET=\"inet:8891@localhost\""
 		& "/etc/opendkim.conf" `File.containsLines`
author	Joey Hess <joeyh@joeyh.name>	2015-04-22 13:04:39 -0400
committer	Joey Hess <joeyh@joeyh.name>	2015-04-22 13:04:39 -0400
commit	f35ef9d6975710f2d77c2ea708c66500861d92d1 (patch)
tree	ce00d88d1f67109b62dcdec56262e63471fba412 /src/Propellor/Property/SiteSpecific
parent	d3dbdb1f4d47142c20a498dc9279e480900b86c5 (diff)