diff options
| -rw-r--r-- | Host/clam.hs | 3 | ||||
| -rw-r--r-- | Makefile | 1 | ||||
| -rw-r--r-- | Property.hs | 2 | ||||
| -rw-r--r-- | Property/Hostname.hs | 15 | ||||
| -rw-r--r-- | Property/Ssh.hs | 17 |
5 files changed, 36 insertions, 2 deletions
diff --git a/Host/clam.hs b/Host/clam.hs index 53b349df..03448a82 100644 --- a/Host/clam.hs +++ b/Host/clam.hs @@ -2,13 +2,16 @@ import Property import qualified Property.Apt as Apt import qualified Property.Ssh as Ssh import qualified Property.User as User +import qualified Property.Hostname as Hostname import qualified Property.GitHome as GitHome import qualified Property.Reboot as Reboot main = defaultMain [ Apt.stdSourcesList Apt.Unstable `onChange` Apt.upgrade , Apt.installed ["etckeeper"] + , Hostname.set "clam.kitenet.net" , Apt.installed ["ssh"] + , Ssh.uniqueHostKeys , Apt.installed ["git", "myrepos"] , GitHome.installedFor "root" , check (Ssh.hasAuthorizedKeys "root") $ @@ -1,5 +1,6 @@ build: # ghc --make + $(MAKE) tags clean: rm -rf dist Setup tags diff --git a/Property.hs b/Property.hs index 5f1b3e24..349d3fd3 100644 --- a/Property.hs +++ b/Property.hs @@ -60,7 +60,7 @@ ensureProperty' (FileProperty _ f a) = go =<< doesFileExist f then noChange else makeChange $ viaTmp writeFile f (unlines ls') go False = makeChange $ writeFile f (unlines $ a []) -ensureProperty' (CmdProperty _ cmd params) = ifM (boolSystem ("./" ++ cmd) params) +ensureProperty' (CmdProperty _ cmd params) = ifM (boolSystem cmd params) ( return MadeChange , return FailedChange ) diff --git a/Property/Hostname.hs b/Property/Hostname.hs new file mode 100644 index 00000000..b4c28a2b --- /dev/null +++ b/Property/Hostname.hs @@ -0,0 +1,15 @@ +module Property.Hostname where + +import Data.List +import System.Posix +import Control.Applicative +import Data.Maybe + +import Property +import Utility.SafeCommand +import Utility.Exception + +type HostName = String + +set :: HostName -> Property +set hostname = fileHasContent "/etc/hostname" [hostname] diff --git a/Property/Ssh.hs b/Property/Ssh.hs index cca021a4..ce9c171b 100644 --- a/Property/Ssh.hs +++ b/Property/Ssh.hs @@ -38,4 +38,19 @@ hasAuthorizedKeys = go <=< homedir (readFile $ home </> ".ssh" </> "authorized_keys") restartSshd :: Property -restartSshd = CmdProperty "ssh restart" "service" [Param "sshd", Param "restart"] +restartSshd = cmdProperty "service" [Param "sshd", Param "restart"] + +{- Blow away existing host keys and make new ones. Use a flag + - file to prevent doing this more than once. -} +uniqueHostKeys :: Property +uniqueHostKeys = flagFile prop "/etc/ssh/.unique_host_keys" + `onChange` restartSshd + where + prop = IOProperty "ssh unique host keys" $ do + void $ boolSystem "sh" + [ Param "-c" + , Param "rm -f /etc/ssh/ssh_host_*" + ] + ensureProperty $ + cmdProperty "/var/lib/dpkg/info/openssh-server.postinst" + [Param "configure"] |