diff options
Diffstat (limited to 'doc')
48 files changed, 672 insertions, 21 deletions
diff --git a/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file.mdwn b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file.mdwn new file mode 100644 index 00000000..b678d8d0 --- /dev/null +++ b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file.mdwn @@ -0,0 +1,34 @@ +Hello, + +Still working on the reprepro property :) + +Here A property that I am using to publish a repository via apache (this is a prototype) + + website :: String -> Property + website hn = toProp $ Apache.siteEnabled hn apachecfg + where + apachecfg = [ "<VirtualHost *>" + , "DocumentRoot " ++ basePath + , "<Directory " ++ basePath ++ ">" + , " Options Indexes FollowSymLinks Multiviews" + , " Order allow,deny" + , Apache.allowAll + , "</Directory>" + ] ++ concatMap deny ["db", "conf", "incoming"] + ++ ["</VirtualHost>"] + + deny dir = [ "<Directory \"" ++ basePath ++ "apt/*/" ++ dir ++ "\">" + , " Order deny,allow" + , " Deny from all" + , "</Directory>" + ] + +during my test I am runing the config.hs with +runhaskell config.hs (it work the first time, the apache config files are ok) + +but when I do a modification on the apachecfg and rerun the runhaskell, +the config files are not updated. I need to remove them to have an updated version. + +cheers + +Fred diff --git a/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_1_932ba6f4e444c99d8d561149d17c8fe7._comment b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_1_932ba6f4e444c99d8d561149d17c8fe7._comment new file mode 100644 index 00000000..0101ccb2 --- /dev/null +++ b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_1_932ba6f4e444c99d8d561149d17c8fe7._comment @@ -0,0 +1,30 @@ +[[!comment format=mdwn + username="picca" + subject="first run" + date="2014-12-08T09:31:46Z" + content=""" +root@mordor:~/propellor/src# PROPELLOR_DEBUG=1 runhaskell config.hs +[2014-12-08 10:27:10 CET] read: hostname [\"-f\"] +[2014-12-08 10:27:10 CET] command line: Run \"mordor\" +[2014-12-08 10:27:10 CET] read: git [\"remote\"] +[2014-12-08 10:27:10 CET] read: git [\"symbolic-ref\",\"--short\",\"HEAD\"] +[2014-12-08 10:27:10 CET] call: git [\"fetch\"] +Pull from central git repository ... done +[2014-12-08 10:27:12 CET] read: git [\"show-ref\",\"--hash\",\"master\"] +[2014-12-08 10:27:12 CET] read: git [\"show-ref\",\"--hash\",\"master\"] +mordor has Operating System (Debian Unstable) \"i386\" ... ok +[2014-12-08 10:27:12 CET] read: apt-cache [\"policy\",\"etckeeper\"] +mordor apt installed etckeeper ... ok +[2014-12-08 10:27:13 CET] read: apt-cache [\"policy\",\"ssh\"] +mordor apt installed ssh ... ok +[2014-12-08 10:27:13 CET] read: passwd [\"-S\",\"root\"] +mordor root has password ... ok +[2014-12-08 10:27:13 CET] call: a2query [\"-q\",\"-s\",\"reprepro\"] +[2014-12-08 10:27:14 CET] read: apt-cache [\"policy\",\"apache2\"] +[2014-12-08 10:27:14 CET] call: a2ensite [\"--quiet\",\"reprepro\"] +Enabling site reprepro. +[2014-12-08 10:27:15 CET] call: sh [\"-c\",\"set -e ; service 'apache2' reload >/dev/null 2>&1 || true\"] +mordor create reprepro ... done +mordor overall ... done + +"""]] diff --git a/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_2_5323336b92d9aef5a9021b924029f3af._comment b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_2_5323336b92d9aef5a9021b924029f3af._comment new file mode 100644 index 00000000..85a57383 --- /dev/null +++ b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_2_5323336b92d9aef5a9021b924029f3af._comment @@ -0,0 +1,38 @@ +[[!comment format=mdwn + username="picca" + subject="second run with content modified" + date="2014-12-08T09:37:43Z" + content=""" +Second run after adding a space here + + - , \" Options Indexes FollowSymLinks Multiviews\" + + , \" Options Indexes FollowSymLinks Multiviews\" + + + root@mordor:~/propellor/src# PROPELLOR_DEBUG=1 runhaskell config.hs + [2014-12-08 10:34:19 CET] read: hostname [\"-f\"] + [2014-12-08 10:34:19 CET] command line: Run \"mordor\" + [2014-12-08 10:34:19 CET] read: git [\"remote\"] + [2014-12-08 10:34:19 CET] read: git [\"symbolic-ref\",\"--short\",\"HEAD\"] + [2014-12-08 10:34:19 CET] call: git [\"fetch\"] + remote: Counting objects: 32, done. + remote: Compressing objects: 100% (6/6), done. + remote: Total 6 (delta 3), reused 0 (delta 0) + Dépaquetage des objets: 100% (6/6), fait. + Depuis git://git.kitenet.net/propellor + c5a8cae..9ac0dfb master -> origin/master + Pull from central git repository ... done + [2014-12-08 10:34:20 CET] read: git [\"show-ref\",\"--hash\",\"master\"] + [2014-12-08 10:34:20 CET] read: git [\"show-ref\",\"--hash\",\"master\"] + mordor has Operating System (Debian Unstable) \"i386\" ... ok + [2014-12-08 10:34:20 CET] read: apt-cache [\"policy\",\"etckeeper\"] + mordor apt installed etckeeper ... ok + [2014-12-08 10:34:21 CET] read: apt-cache [\"policy\",\"ssh\"] + mordor apt installed ssh ... ok + [2014-12-08 10:34:21 CET] read: passwd [\"-S\",\"root\"] + mordor root has password ... ok + [2014-12-08 10:34:21 CET] call: a2query [\"-q\",\"-s\",\"reprepro\"] + mordor create reprepro ... ok + mordor overall ... ok + +"""]] diff --git a/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_3_531c2c5e78fb5c62e54d84231b129dc8._comment b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_3_531c2c5e78fb5c62e54d84231b129dc8._comment new file mode 100644 index 00000000..5dc67fb0 --- /dev/null +++ b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_3_531c2c5e78fb5c62e54d84231b129dc8._comment @@ -0,0 +1,11 @@ +[[!comment format=mdwn + username="picca" + subject="comment 3" + date="2014-12-08T10:47:59Z" + content=""" +I forgot to say that the content of + +/etc/apache2/site-xxx/reprepro[.conf] + +is unmodifed after this second run +"""]] diff --git a/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_4_54281604c588a7229f9d987e8cdee802._comment b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_4_54281604c588a7229f9d987e8cdee802._comment new file mode 100644 index 00000000..a9201541 --- /dev/null +++ b/doc/forum/Apache.siteEnabled_doesn_not_update_the_apache_config_file/comment_4_54281604c588a7229f9d987e8cdee802._comment @@ -0,0 +1,16 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 4""" + date="2014-12-09T04:35:12Z" + content=""" +Pretty obvious why if you look at the code: + + enable = check (not <$> isenabled) $ + cmdProperty "a2ensite" ["--quiet", hn] + `describe` ("apache site enabled " ++ hn) + `requires` siteAvailable hn cf + +So that property was skipped entirely if the site was already enabled and never looked at the config file. + +I've put in a fix. +"""]] diff --git a/doc/forum/Propellor_without_superuser_privileges.mdwn b/doc/forum/Propellor_without_superuser_privileges.mdwn new file mode 100644 index 00000000..d7288a72 --- /dev/null +++ b/doc/forum/Propellor_without_superuser_privileges.mdwn @@ -0,0 +1,3 @@ +Joey uses propellor to popular his /home/joey on hosts he controls. I'd like to use it to populate my home directory on hosts where I don't have root. If someone gives me a shell account on a Debian box, it would be great to just run `propellor --spin` to have apply properties such as having certain stuff downloaded and compiled in `~/local/bin`, putting cronjobs in place, and checking stuff out with `myrepos`. + +Does propellor assume root access at a deep enough level that writing properties to do this stuff would be impractical? diff --git a/doc/forum/Propellor_without_superuser_privileges/comment_1_021ecbb1b8bd7e26776b49ec75e90d0c._comment b/doc/forum/Propellor_without_superuser_privileges/comment_1_021ecbb1b8bd7e26776b49ec75e90d0c._comment new file mode 100644 index 00000000..1a38ef94 --- /dev/null +++ b/doc/forum/Propellor_without_superuser_privileges/comment_1_021ecbb1b8bd7e26776b49ec75e90d0c._comment @@ -0,0 +1,26 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-12-26T19:26:00Z" + content=""" +I think that the root assumptions are in basically 3 places: + +* Many Properties assume they're run as root, and will fail if they're not. + Probably not a problem in practice for most of them. It might be nice + to make a few, such as `User.hasSomePassword` work when run as a normal + user. + +* Propellor's self-deployment involves running apt-get to instal ghc, + etc. This could be modified to check if it's not root and do a local + user of ghc if necessary. + +* `localdir = "/usr/local" and this is used in various places by eg, + `--spin`. It is, however, entirely possible to run "./propellor" in + some other directory, which causes it to run in that directory + and ensure the properties of localhost. `--spin` could certianly be + taught to run in a user mode where it uses "~/.propellor/" instead of + `localdir`. + +I think that's all! I don't plan to try to add this feature myself, but +will be happy to support anyone who wants to work on it. +"""]] diff --git a/doc/forum/Supported_OS.mdwn b/doc/forum/Supported_OS.mdwn new file mode 100644 index 00000000..f17b9054 --- /dev/null +++ b/doc/forum/Supported_OS.mdwn @@ -0,0 +1,5 @@ +What are the requirements for the configured OS ? Does it need to be Debian ? + +Would Propellor work for Arch linux, RHEL, Windows, AIX or linux on pSeries) ? + +Cheers diff --git a/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment b/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment new file mode 100644 index 00000000..3a2055ea --- /dev/null +++ b/doc/forum/Supported_OS/comment_1_f324bed708305e2667bd00f80544dd90._comment @@ -0,0 +1,23 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-12-07T15:58:03Z" + content=""" +I have heard of propellor being used on OSX. Probably that user wrote their +own code for OSX specific stuff. + +Propellor properites can be parameterized by OS. Currently it has support +for Debian and some untested support for Ubuntu. A property can be parameterized +like this: + + foo :: Property + foo = property "foo" withOS desc $ \o -> case o of + (Just (System (Debian _) _)) -> ensureProperty fooDebian + (Just (System (Ubuntu _) _)) -> ensureProperty fooUbuntu + +The first step for adding a new OS will be to modify <http://hackage.haskell.org/package/propellor-1.0.0/docs/Propellor-Types-OS.html>. +Compilation will then warn about all OS parameterized properties that +need to be updated to support your added OS, and it can be taken from there. + +I'll accept reasonable patches to support other OS's. +"""]] diff --git a/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac.mdwn b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac.mdwn new file mode 100644 index 00000000..c88defcf --- /dev/null +++ b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac.mdwn @@ -0,0 +1,12 @@ +Hello, + +I am trying propellor on Debian Jessie (haskell is fantastic for this sort or things) to setup one of my computer. + +On my network, the system administrator set proxies for http and https. +These information are available via a http://proxy/proxy.pac URL. + +So I would like to know what should be done to extract this information and set it for all users on the system ? + +Cheers + +Frederic diff --git a/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_1_69d7c8fb1d62300456575bb10e935d69._comment b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_1_69d7c8fb1d62300456575bb10e935d69._comment new file mode 100644 index 00000000..6bf8844d --- /dev/null +++ b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_1_69d7c8fb1d62300456575bb10e935d69._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-11-25T15:44:13Z" + content=""" +You could, for example, use Propellor.Propety.Cmd.cmdProperty +to run a command that sets up the proxying. If there's not a single command +that does it, you could cause propellor to fetch the url and deploy the +info itself. +"""]] diff --git a/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_2_da30b2621493e48ceabcfa5732dbcdf8._comment b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_2_da30b2621493e48ceabcfa5732dbcdf8._comment new file mode 100644 index 00000000..8458ee49 --- /dev/null +++ b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_2_da30b2621493e48ceabcfa5732dbcdf8._comment @@ -0,0 +1,19 @@ +[[!comment format=mdwn + username="picca" + subject="comment 2" + date="2014-11-25T17:55:25Z" + content=""" +In my case I need to wget the proxy.pac file and parse it to find the right proxy. + +what worried me is that these proxy.pac things are dynamical depending on the ip of the sender AND the receive. +It work nicely with web browser, but not with the unix http_proxy and HTTPS_PROXY env. + +nevertheless, I can create something to parse my local setup and extract the right http_proxy. + +Is there something available in Propellor to set a global environment variable in /etc/environment (the right place for this ?) + +cheers + +Frederic + +"""]] diff --git a/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_3_bd76d169af2ef2f154ad1f0f64506661._comment b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_3_bd76d169af2ef2f154ad1f0f64506661._comment new file mode 100644 index 00000000..9bdcb4df --- /dev/null +++ b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_3_bd76d169af2ef2f154ad1f0f64506661._comment @@ -0,0 +1,11 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-11-25T19:37:46Z" + content=""" +There's no Property that handles setting global environment currently, but +it's a reasonable one to add. + +I think that /etc/environment is read by `pam_env` logins, but maybe not +other things, so dunno. +"""]] diff --git a/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_4_a6a49d35ee8a05abc982049b55d0397c._comment b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_4_a6a49d35ee8a05abc982049b55d0397c._comment new file mode 100644 index 00000000..d2a0b45e --- /dev/null +++ b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_4_a6a49d35ee8a05abc982049b55d0397c._comment @@ -0,0 +1,11 @@ +[[!comment format=mdwn + username="picca" + subject="comment 4" + date="2014-11-25T20:01:12Z" + content=""" +I saw that there is an haskell binding for augeas. + +Maybe this could be a nice uniform interface to deal with all the system configuration files. +then no need to deal with the config file formats. + +"""]] diff --git a/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_5_7783b8a96c8032a39ff3b5b446a976ed._comment b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_5_7783b8a96c8032a39ff3b5b446a976ed._comment new file mode 100644 index 00000000..d670fa3b --- /dev/null +++ b/doc/forum/how_to_set_the_proxy_using_an_automatix_proxy.pac/comment_5_7783b8a96c8032a39ff3b5b446a976ed._comment @@ -0,0 +1,7 @@ +[[!comment format=mdwn + username="gueux" + subject="comment 5" + date="2014-11-27T08:17:36Z" + content=""" +Just looked at augeas, and add it to propellor would be great. Much more robust than Propellor.Property.File.{containsLine,containsLines,lacksLine}, at least. +"""]] diff --git a/doc/forum/modify_managed_host_propellor__39__s_.git__47__config.mdwn b/doc/forum/modify_managed_host_propellor__39__s_.git__47__config.mdwn new file mode 100644 index 00000000..0815b4b3 --- /dev/null +++ b/doc/forum/modify_managed_host_propellor__39__s_.git__47__config.mdwn @@ -0,0 +1 @@ +How can I modify the configuration of a managed host (which seems to be stored in /usr/local/propellor/.git/config) from the host on which I run propellor? diff --git a/doc/forum/modify_managed_host_propellor__39__s_.git__47__config/comment_1_da3ebb4736a1f1012b6d27bcd33ff44f._comment b/doc/forum/modify_managed_host_propellor__39__s_.git__47__config/comment_1_da3ebb4736a1f1012b6d27bcd33ff44f._comment new file mode 100644 index 00000000..f034a377 --- /dev/null +++ b/doc/forum/modify_managed_host_propellor__39__s_.git__47__config/comment_1_da3ebb4736a1f1012b6d27bcd33ff44f._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-10-31T14:40:33Z" + content=""" +I'm curious what you need to configure there.. + +But, there seems to be a simple solution: Add a Property that configures +the .git/config however you need to! :) +"""]] diff --git a/doc/forum/propellor_with_no_central_repository__63__.mdwn b/doc/forum/propellor_with_no_central_repository__63__.mdwn new file mode 100644 index 00000000..5f322878 --- /dev/null +++ b/doc/forum/propellor_with_no_central_repository__63__.mdwn @@ -0,0 +1 @@ +Is there a way to use propellor with no central repository? diff --git a/doc/forum/propellor_with_no_central_repository__63__/comment_1_6a2a5068962b17dac08609cd65887f48._comment b/doc/forum/propellor_with_no_central_repository__63__/comment_1_6a2a5068962b17dac08609cd65887f48._comment new file mode 100644 index 00000000..1f1456c5 --- /dev/null +++ b/doc/forum/propellor_with_no_central_repository__63__/comment_1_6a2a5068962b17dac08609cd65887f48._comment @@ -0,0 +1,7 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-10-31T14:39:48Z" + content=""" +Not yet, but see [[todo/git_push_over_propellor_ssh_channel]] +"""]] diff --git a/doc/forum/propellor_with_no_central_repository__63__/comment_2_0f035bb4bb5cc13574394505f28abe5e._comment b/doc/forum/propellor_with_no_central_repository__63__/comment_2_0f035bb4bb5cc13574394505f28abe5e._comment new file mode 100644 index 00000000..6a6aa946 --- /dev/null +++ b/doc/forum/propellor_with_no_central_repository__63__/comment_2_0f035bb4bb5cc13574394505f28abe5e._comment @@ -0,0 +1,9 @@ +[[!comment format=mdwn + username="joey" + subject="""yay!""" + date="2014-11-19T01:31:14Z" + content=""" +propellor now supports this mode by default, just use `propellor --spin +hostname` and the changes in the local repo will be pushed and deployed to +the host, w/o needing a centralized git repo. +"""]] diff --git a/doc/forum/property_combinator_ordering.mdwn b/doc/forum/property_combinator_ordering.mdwn new file mode 100644 index 00000000..25549bb4 --- /dev/null +++ b/doc/forum/property_combinator_ordering.mdwn @@ -0,0 +1,8 @@ +when I write + + setDistribution cfg = f `File.hasContent` cfg + `onChange` update + `requires` File.dirExists confDir + +is update called before ensuring the confiDir Exist ? +It seems to me but who knows ? diff --git a/doc/forum/property_combinator_ordering/comment_1_0ea2186b5cfa7eadaf38ac2e97fc4a2c._comment b/doc/forum/property_combinator_ordering/comment_1_0ea2186b5cfa7eadaf38ac2e97fc4a2c._comment new file mode 100644 index 00000000..c41abd90 --- /dev/null +++ b/doc/forum/property_combinator_ordering/comment_1_0ea2186b5cfa7eadaf38ac2e97fc4a2c._comment @@ -0,0 +1,31 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-12-01T15:53:11Z" + content=""" +I think that should behave intuitively, but of course if you're unsure +of this kind of thing, adding parens is a good way to disambiguate the +code. + + (f `File.hasContent` cfg `onChange` update) + `requires` File.dirExists confDir + +Written that way, it's explicit that the parenthesized part runs +together as one action. + +Or, we can do a quick test in ghci: + + joey@darkstar:~/src/propellor/src#joeyconfig>ghci Propellor.hs Propellor/Property.hs + *Propellor> let f1 = property "hasContent" (liftIO (print "f1") >> return MadeChange) + *Propellor> let f2 = property "update" (liftIO (print "f2") >> return MadeChange) + *Propellor> let f3 = property "dirExists" (liftIO (print "f3") >> return MadeChange) + *Propellor> runPropellor (Host "foo" [] mempty) $ ensureProperty $ f1 `onChange` f2 `requires` f3 + "dirExists" + "hasContent" + "update" + MadeChange + +So, yes, it's behaving as it should, first ensuring that the `requires` +property is met, and then running the main property, and since it made a +change, following up by running the `onChange` property. +"""]] diff --git a/doc/news/propellor_demo.mdwn b/doc/news/propellor_demo.mdwn new file mode 100644 index 00000000..362f56e6 --- /dev/null +++ b/doc/news/propellor_demo.mdwn @@ -0,0 +1,8 @@ +A quick demo of propellor. + +<video controls src="http://downloads.kitenet.net/talks/propellor_demo/propellor_demo.webm"></video> + +[video](http://downloads.kitenet.net/talks/propellor_demo/propellor_demo.webm) + +(Audio quality is clipped/fast in places, unfortunately this was a problem +with the source recording.) diff --git a/doc/news/version_1.2.0.mdwn b/doc/news/version_1.2.0.mdwn new file mode 100644 index 00000000..6ea5581e --- /dev/null +++ b/doc/news/version_1.2.0.mdwn @@ -0,0 +1,9 @@ +propellor 1.2.0 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Display a warning when ensureProperty is used on a property which has + Info and is so prevented from propigating it. + * Removed boolProperty; instead the new toResult can be used. (API change) + * Include Propellor.Property.OS, which was accidentially left out of the + cabal file in the last release. + * Fix Apache.siteEnabled to update the config file and reload apache when + configuration has changed."""]]
\ No newline at end of file diff --git a/doc/news/version_1.2.1.mdwn b/doc/news/version_1.2.1.mdwn new file mode 100644 index 00000000..59dd4cee --- /dev/null +++ b/doc/news/version_1.2.1.mdwn @@ -0,0 +1,6 @@ +propellor 1.2.1 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Added CryptPassword to PrivDataField, for password hashes as produced + by crypt(3). + * User.hasPassword and User.hasSomePassword will now use either + a CryptPassword or a Password from privdata, depending on which is set."""]]
\ No newline at end of file diff --git a/doc/news/version_1.2.2.mdwn b/doc/news/version_1.2.2.mdwn new file mode 100644 index 00000000..c10940fd --- /dev/null +++ b/doc/news/version_1.2.2.mdwn @@ -0,0 +1,4 @@ +propellor 1.2.2 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Revert ensureProperty warning message, too many false positives in places + where Info is correctly propigated. Better approach needed."""]]
\ No newline at end of file diff --git a/doc/news/version_1.3.0.mdwn b/doc/news/version_1.3.0.mdwn new file mode 100644 index 00000000..87abb2f7 --- /dev/null +++ b/doc/news/version_1.3.0.mdwn @@ -0,0 +1,17 @@ +propellor 1.3.0 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * --spin checks if the DNS matches any configured IP address property + of the host, and if not, sshes to the host by IP address. + * Detect #774376 and refuse to use docker if the system is so broken + that docker exec doesn't enter a chroot. + * Update intermediary propellor in --spin --via + * Added support for DNSSEC. + * Ssh.hostKey and Ssh.hostKeys no longer install public keys from + the privdata. Instead, the public keys are included in the + configuration. (API change) + * Ssh.hostKeys now removes any host keys of types that the host is not + configured to have. + * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType + parameter. (API change) + * CloudAtCost.deCruft no longer forces randomHostKeys. + * Fix build with process 1.2.1.0."""]]
\ No newline at end of file diff --git a/doc/news/version_1.3.1.mdwn b/doc/news/version_1.3.1.mdwn new file mode 100644 index 00000000..74a39ac4 --- /dev/null +++ b/doc/news/version_1.3.1.mdwn @@ -0,0 +1,6 @@ +propellor 1.3.1 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Fix bug that prevented deploying ssh host keys when the file for the + key didn't already exist. + * DNS records for hosts with known ssh public keys now automatically + include SSHFP records."""]]
\ No newline at end of file diff --git a/doc/security.mdwn b/doc/security.mdwn index 12ae18de..831b2b41 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -29,7 +29,7 @@ in cleartext private data such as passwords, ssh private keys, etc. Instead, `propellor --spin $host` looks for a `~/.propellor/privdata/privdata.gpg` file and if found decrypts it, -extracts the private that that the $host needs, and sends it to to the +extracts the private data that the $host needs, and sends it to to the $host using ssh. This lets a host know its own private data, without seeing all the rest. diff --git a/doc/security/comment_1_6b4d8f45fc60f12b2b8c41046390cf43._comment b/doc/security/comment_1_6b4d8f45fc60f12b2b8c41046390cf43._comment new file mode 100644 index 00000000..4ed9ecdb --- /dev/null +++ b/doc/security/comment_1_6b4d8f45fc60f12b2b8c41046390cf43._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawmtnXa0F3OsNh8H7yf5EEbtuufPZG-3StI" + nickname="Arnaud" + subject="Is it ok to publish to a public repository?" + date="2014-08-29T21:13:19Z" + content=""" +It is not clear to me whether or not it is safe to publish my own propellor repository to a publicly hosted service. It seems to me that when I do ./propellor --add-key MYKEYID, the private key data is stored in the repository as a commit, so pushing it exposes this data to the public. Am I wrong? + +Thanks +"""]] diff --git a/doc/security/comment_2_7cd009d097b01bb3197210b5ea77c7d5._comment b/doc/security/comment_2_7cd009d097b01bb3197210b5ea77c7d5._comment new file mode 100644 index 00000000..4d209b03 --- /dev/null +++ b/doc/security/comment_2_7cd009d097b01bb3197210b5ea77c7d5._comment @@ -0,0 +1,8 @@ +[[!comment format=mdwn + username="http://joeyh.name/" + ip="131.252.200.111" + subject="comment 2" + date="2014-08-29T21:52:02Z" + content=""" +--add-key puts your **public** key in the repository, not the private key. +"""]] diff --git a/doc/security/comment_3_91876d995c40a24858bce61a749a3c16._comment b/doc/security/comment_3_91876d995c40a24858bce61a749a3c16._comment new file mode 100644 index 00000000..4d75842d --- /dev/null +++ b/doc/security/comment_3_91876d995c40a24858bce61a749a3c16._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawmtnXa0F3OsNh8H7yf5EEbtuufPZG-3StI" + nickname="Arnaud" + subject="Remote host fails to connect" + date="2014-08-30T06:40:33Z" + content=""" +Makes sense of course, but the message one gets when doing that is a bit misleading. + +I ran into another issue: propellor deploys itself to remote host, but then the propellor instance run on remote host cannot read the remote git repo, because: + +1. the host key is not initially present in root's known_hosts, then +2. the user's (root) public key is unknown to the remote git repo, in my case bitbucket.org, and the URL used is git@bitbucket.org:abailly/capital-match-infra.git which implies connection goes through SSH + +I am puzzled: Does this mean I should add some for use by the remote host deployed to? This does not make sense so there should be another way... If I change the origin url to use https, then I cannot push locally anymore. + +Thanks for your help +"""]] diff --git a/doc/security/comment_4_347ce6a229a2347c5fd945eef72fd7f7._comment b/doc/security/comment_4_347ce6a229a2347c5fd945eef72fd7f7._comment new file mode 100644 index 00000000..b2ac4d57 --- /dev/null +++ b/doc/security/comment_4_347ce6a229a2347c5fd945eef72fd7f7._comment @@ -0,0 +1,22 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawmtnXa0F3OsNh8H7yf5EEbtuufPZG-3StI" + nickname="Arnaud" + subject="Output from propellor --spin $host" + date="2014-08-30T07:17:52Z" + content=""" +Here is the output (truncated): + + + Permission denied (publickey). + fatal: Could not read from remote repository. + + Please make sure you have the correct access rights + and the repository exists. + Git fetch ... failed + fatal: ambiguous argument 'origin/master': unknown revision or path not in the working tree. + Use '--' to separate paths from revisions, like this: + 'git <command> [<revision>...] -- [<file>...]' + propellor: user error (git [\"log\",\"-n\",\"1\",\"--format=%G?\",\"origin/master\"] exited 128) + + +"""]] diff --git a/doc/security/comment_5_0c682e12a21d1477628ff0b80e6505d4._comment b/doc/security/comment_5_0c682e12a21d1477628ff0b80e6505d4._comment new file mode 100644 index 00000000..cc26f42d --- /dev/null +++ b/doc/security/comment_5_0c682e12a21d1477628ff0b80e6505d4._comment @@ -0,0 +1,13 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawmtnXa0F3OsNh8H7yf5EEbtuufPZG-3StI" + nickname="Arnaud" + subject="Got it working..." + date="2014-08-31T12:50:17Z" + content=""" +OK, I manage to get my first propellor config run fine by setting different branch.master.url and branch.master.pushUrl configurations: + +* Use a https:// based url for the first +* Use a git:// based url for the second + +I had to nuke the remote /usr/local/propellor directory because it still had wrong configuration with a single remote url. +"""]] diff --git a/doc/security/comment_6_e5f2fdced08fb823efed35684110a840._comment b/doc/security/comment_6_e5f2fdced08fb823efed35684110a840._comment new file mode 100644 index 00000000..be8ac7f9 --- /dev/null +++ b/doc/security/comment_6_e5f2fdced08fb823efed35684110a840._comment @@ -0,0 +1,11 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 6""" + date="2014-11-19T01:35:59Z" + content=""" +@Arnaud, see [[centralized_repository]], including its documentation of a +"deploy" remote, which can be used to configure the url that remote hosts +should pull from. + +Also, propellor can be used now without any centralized repository. +"""]] diff --git a/doc/security/comment_7_ebbb6f3617c879715a35900a07ea1909._comment b/doc/security/comment_7_ebbb6f3617c879715a35900a07ea1909._comment new file mode 100644 index 00000000..e9d20642 --- /dev/null +++ b/doc/security/comment_7_ebbb6f3617c879715a35900a07ea1909._comment @@ -0,0 +1,8 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawkgUir7k_amh9RFp4D3QutX1fGh_nd7ko4" + nickname="Philipp" + subject="Passwords in PrivData" + date="2014-12-13T18:25:23Z" + content=""" +I wonder if there could be a shortcut in PrivData handling that hashes the input with crypt() instead of passing it raw to a machine. For instance passwords are stored in plain on the target machines, while this is not required to set the password in shadow: the hash would suffice. I think this page should at least spell out that fact. +"""]] diff --git a/doc/todo/editor_for_privdata__63__.mdwn b/doc/todo/editor_for_privdata__63__.mdwn new file mode 100644 index 00000000..8b91338c --- /dev/null +++ b/doc/todo/editor_for_privdata__63__.mdwn @@ -0,0 +1,4 @@ +Would adding a way to call $EDITOR to edit privdata be possible? +It would make sense for editing data like logcheck files. + +> [[done]] diff --git a/doc/todo/editor_for_privdata__63__/comment_2_4fcbdf36f32ca7cf82593a8992167aff._comment b/doc/todo/editor_for_privdata__63__/comment_2_4fcbdf36f32ca7cf82593a8992167aff._comment new file mode 100644 index 00000000..bbe93fe3 --- /dev/null +++ b/doc/todo/editor_for_privdata__63__/comment_2_4fcbdf36f32ca7cf82593a8992167aff._comment @@ -0,0 +1,9 @@ +[[!comment format=mdwn + username="http://joeyh.name/" + subject="comment 2" + date="2014-11-11T21:16:09Z" + content=""" +Already exists in `propellor --edit` + +Documentation patches accepted! :) +"""]] diff --git a/doc/todo/etckeeper.mdwn b/doc/todo/etckeeper.mdwn new file mode 100644 index 00000000..7dc80cef --- /dev/null +++ b/doc/todo/etckeeper.mdwn @@ -0,0 +1 @@ +It would be cool to have an etckeeper module :-). diff --git a/doc/todo/etckeeper/comment_1_8766da27c69bbae357d497e0e557fad2._comment b/doc/todo/etckeeper/comment_1_8766da27c69bbae357d497e0e557fad2._comment new file mode 100644 index 00000000..f080f70e --- /dev/null +++ b/doc/todo/etckeeper/comment_1_8766da27c69bbae357d497e0e557fad2._comment @@ -0,0 +1,9 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-11-06T15:46:56Z" + content=""" +All I've needed for this is `& Apt.installed ["etckeeper"]` + +Patches welcome, I suppose. +"""]] diff --git a/doc/todo/fail_if_modification_not_commited_when_using_--spin.mdwn b/doc/todo/fail_if_modification_not_commited_when_using_--spin.mdwn new file mode 100644 index 00000000..046f4a6f --- /dev/null +++ b/doc/todo/fail_if_modification_not_commited_when_using_--spin.mdwn @@ -0,0 +1,3 @@ +Sometimes I forget to commit a modification, and running "propellor --spin" automatically commits this stuff. It would be better if "propellor --spin" failed (or, even better, warned the user) that there are uncommited changes, and "propellor --spin" would just always add an empty commit. + +> --merge added; [[done]] --[[Joey]] diff --git a/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_1_7267d62ccc8db44bccb935836536e8a1._comment b/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_1_7267d62ccc8db44bccb935836536e8a1._comment new file mode 100644 index 00000000..19b2fab6 --- /dev/null +++ b/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_1_7267d62ccc8db44bccb935836536e8a1._comment @@ -0,0 +1,30 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2014-11-23T18:41:40Z" + content=""" +Letting --spin commit is part of my workflow. It's great when you're just +changing config.hs to quickly blast out the changes. + +Granted, it is not so nice when doing Property development, as changes get +fragmented across the spins used to test them. I'd be happy to find some +way to improve that. Perhaps a way could be found to get this structure of +git commits: + + manual commit------------------------->manual commit--merge + \--spin--spin--spin--spin--spin------------/ + +Where the second manual commit has an identical tree committed as does the +spin just underneath it, and so the following merge doesn't change any files, +just grafts the two branches back together. + +I guess that could be handled by haing a checkpoint command, that squashes +all the previous spins since the last checkpoint together into one commit, +lets the user edit the commit message of that, and the juggles the branches +into place and creates the merge commit -- which then becomes the new last +checkpoint. + +I'll take patches for such a thing, or more simply a way to configure --spin's +auto-committing behavior. However, I don't want to change the default +behavior to not commit. +"""]] diff --git a/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_2_e4d170a14d689bef5d9174b251a4fe6f._comment b/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_2_e4d170a14d689bef5d9174b251a4fe6f._comment new file mode 100644 index 00000000..3e8e5f62 --- /dev/null +++ b/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_2_e4d170a14d689bef5d9174b251a4fe6f._comment @@ -0,0 +1,7 @@ +[[!comment format=mdwn + username="gueux" + subject="comment 2" + date="2014-11-23T20:23:24Z" + content=""" +Your solution seems a lot better :-). +"""]] diff --git a/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_3_c69eaa9c6ae5b07b5c2dd2591de965a3._comment b/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_3_c69eaa9c6ae5b07b5c2dd2591de965a3._comment new file mode 100644 index 00000000..8ad6ab49 --- /dev/null +++ b/doc/todo/fail_if_modification_not_commited_when_using_--spin/comment_3_c69eaa9c6ae5b07b5c2dd2591de965a3._comment @@ -0,0 +1,19 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 3""" + date="2014-11-23T21:12:19Z" + content=""" +Here's a almost-script to do it, which worked when it did it by hand: + +<pre> +get old-head (git show-ref HEAD -s) +get curr-branch (refs/heads/master eg) +find old-commit (look back through git log for the first commit that was not "propellor spin") +git reset old-commit +git commit -a # user gets to edit commit message for all the spins and any staged changes here +git merge -S -s ours old-head +get current-commit (result of merge) +git update-ref curr-branch current-commit +git checkout curr-branch +</pre> +"""]] diff --git a/doc/todo/git_push_over_propellor_ssh_channel.mdwn b/doc/todo/git_push_over_propellor_ssh_channel.mdwn new file mode 100644 index 00000000..c6d42fcf --- /dev/null +++ b/doc/todo/git_push_over_propellor_ssh_channel.mdwn @@ -0,0 +1,13 @@ +Propellor currently needs a central git server. And it has a special-cased +protocol during bootstrap that transfers the git repo over to a new host, +using the ssh connection that will be used to run propellor. + +This could be improved by making a git push be done whenever +`propellor spin $host` runs. The remote propellor runs `git receive-pack`; +the local one runs `git send-pack`. + +Then there would be no need for a central git repo. Although still very +useful if you have multiple propellor driven hosts and you want to just git +commit and let cron sort them out. + +> [[done]]! --[[Joey]] diff --git a/doc/todo/info_propigation_out_of_nested_properties.mdwn b/doc/todo/info_propigation_out_of_nested_properties.mdwn index 1a586be6..b08e326f 100644 --- a/doc/todo/info_propigation_out_of_nested_properties.mdwn +++ b/doc/todo/info_propigation_out_of_nested_properties.mdwn @@ -1,7 +1,7 @@ Currently, Info about a Host's Properties is manually gathered and -propigated. propertyList combines the Info of the Properties in the list. +propigated. propertyList combines the Info of the Properties in the list; Docker.docked extracts relevant Info from the Properties of the container -(but not al of it, intentionally!). +(but not al of it, intentionally!); etc. This works, but it's error-prone. Consider this example: @@ -9,26 +9,91 @@ This works, but it's error-prone. Consider this example: (Just (System (Debian Unstable) _)) -> ensureProperty foo _ -> ensureProperty bar -Here, the Info of `foo` is not propigated out. Nor is `bar`'s Info. -Of course, only one of them will be run, and only its info should be propigated -out.. +Here, the Info of `foo` is not propigated out. Nor is `bar`'s Info. Of +course, only one of them will be run, and only its info should be +propigated out.. -This commonly afflicts eg, privData. For example, `User.hasPassword'` -has this problem, and this prevents --list-fields from listing privdata -that's not set from that property. +---- One approach might be to make the Propellor monad be able to be run in two -modes. In one mode, it actually perform IO, etc. In the other mode, all -liftIO is a no-op, but all Info encountered is accumulated using a Reader -monad. This might need two separate monad definitions. +modes. In run mode, it actually performs IO, etc. In introspection mode, all +liftIO is a no-op, but all Info encountered is accumulated using a Reader. +This might need two separate monad definitions. -That is surely doable, but the withOS example above shows a problem with it -- -the OS is itself part of a Host's info, so won't be known until all its -properties have been examined for info! +That is surely doable, but consider this example: -Perhaps that can be finessed. We don't really need to propigate out OS info. -Just DNS and PrivDataField Info. So info could be collected in 2 passes, -first as it's done now by static propertyInfo values. Then take that -and use it as the Info when running the Properties in the Reader monad. -Combine what the Reader accumulates with the static info to get the full -info. + property "demo" = do + needfoo <- liftIO checkFoo + if needfoo + then ensureProperty foo + else ensureProperty bar + +In introspection mode, the liftIO is a no-op, but needs to return a Bool. +That seems unlikely (how to pick which?), but even if some defaulting is +used, only one of foo or bar's info will be seen. + +---- + +Another approach could be something like this: + + withInfoFrom foo $ \callfoo -> + withInfoFrom bar $ \callbar -> + property "demo" = do + needfoo <- liftIO checkFoo + if needfoo + then callfoo + else callbar + +Here withInfoFrom is able to add foo and bar's Info to the info of the +property that (may) call them. + +This approach is not fully type safe; it would be possible to call +withInfoFrom in a way that didn't let it propigate the info. + +Also it has the problem that it doesn't support this: + + property "demo" = do + needfoo <- liftIO checkFoo + if needfoo + then do + foop <- liftIO getFooParam + ensureProperty (foo foop) + else ensureProperty bar + +---- + +Another approach would be to add a new SimpleProperty, which is a property +that has no Info. Only allow calling ensureProperty on this new type. + +(Or, remove propertyInfo from Property, and add a new InfoProperty that +has the info.) + +But, propertyList can only contain one type at a time, +not a mixed list of Property and SimpleProperty. + +Could a GADT be used instead? + + {-# LANGUAGE GADTs #-} + {-# LANGUAGE EmptyDataDecls #-} + + data HasInfo + data NoInfo + + data Property = IProperty (GProperty HasInfo) | SProperty (GProperty NoInfo) + + data GProperty i where + GIProperty :: Desc -> Propellor Result -> Info -> GProperty HasInfo + GSProperty :: Desc -> Propellor Result -> GProperty NoInfo + + ensureProperty :: GProperty NoInfo -> Propellor Result + ensureProperty (GSProperty d r) = r + +That works. I made a `gadtwip` git branch that elaborated on that, +to the point that Property.File compiles, but is otherwise +unfinished. Most definitions of `Property` need to be changed to +`GProperty NoInfo`, so that ensureProperty can call them. It's a big, +intrusive change, and it may complicate propellor too much. + +(I may need to make instances of Prop for `GProperty NoInfo` and `GProperty +HasInfo`, if that's possible, and make more Property combinators work on +Prop.) diff --git a/doc/todo/port_info_for_properties_for_firewall.mdwn b/doc/todo/port_info_for_properties_for_firewall.mdwn new file mode 100644 index 00000000..efaaba05 --- /dev/null +++ b/doc/todo/port_info_for_properties_for_firewall.mdwn @@ -0,0 +1,24 @@ +The firewall module could be improved if properties that set up a service +on a port included info (see Propellor.Info and Propellor.Types.Info) +about the port(s) used. + +While currently the ports have to be explicitly listed: + + & Apache.installed + & Firewall.installed + & Firewall.addRule (Rule INPUT ACCEPT (Proto TCP :- Port 80)) + & Firewall.addRule (Rule INPUT ACCEPT (Proto TCP :- Port 443)) + +Instead the ports would be derived from the installed services. + + & Apache.installed + & Firewall.installed + +There could also be some combinators to adjust the exposed +ports of a property. + + & localOnly Apache.installed + & exposedPorts [443,80] (Apt.serviceInstalledRunning "apache2") + +Such port enformation is also going to be needed as a basis of +[[type_level_port_conflict_detection]]. --[[Joey]] diff --git a/doc/todo/type_level_port_conflict_detection.mdwn b/doc/todo/type_level_port_conflict_detection.mdwn new file mode 100644 index 00000000..5aec5775 --- /dev/null +++ b/doc/todo/type_level_port_conflict_detection.mdwn @@ -0,0 +1,5 @@ +See <http://stackoverflow.com/questions/26027765/using-types-to-prevent-conflicting-port-numbers-in-a-list> --[[Joey]] + +Needs ghc newer than 7.6.3. It may be possible to port Data.Type.Equality +and Data.Type.Bool to older versions; I got them to compile but they didn't +work right. --[[Joey]] |