diff options
Diffstat (limited to 'src/Propellor/Property')
| -rw-r--r-- | src/Propellor/Property/Grub.hs | 39 | ||||
| -rw-r--r-- | src/Propellor/Property/HostingProvider/Linode.hs | 10 | ||||
| -rw-r--r-- | src/Propellor/Property/Ssh.hs | 11 |
3 files changed, 59 insertions, 1 deletions
diff --git a/src/Propellor/Property/Grub.hs b/src/Propellor/Property/Grub.hs new file mode 100644 index 00000000..841861f4 --- /dev/null +++ b/src/Propellor/Property/Grub.hs @@ -0,0 +1,39 @@ +module Propellor.Property.Grub where + +import Propellor +import qualified Propellor.Property.File as File +import qualified Propellor.Property.Apt as Apt + +-- | Eg, hd0,0 or xen/xvda1 +type GrubDevice = String + +type TimeoutSecs = Int + +-- | Use PV-grub chaining to boot +-- +-- Useful when the VPS's pv-grub is too old to boot a modern kernel image. +-- +-- http://notes.pault.ag/linode-pv-grub-chainning/ +-- +-- The rootdev should be in the form "hd0", while the bootdev is in the form +-- "xen/xvda". +chainPVGrub :: GrubDevice -> GrubDevice -> TimeoutSecs -> Property +chainPVGrub rootdev bootdev timeout = combineProperties desc + [ File.dirExists "/boot/grub" + , "/boot/grub/menu.lst" `File.hasContent` + [ "default 1" + , "timeout " ++ show timeout + , "" + , "title grub-xen shim" + , "root (" ++ rootdev ++ ")" + , "kernel /boot/xen-shim" + , "boot" + ] + , "/boot/load.cf" `File.hasContent` + [ "configfile (" ++ bootdev ++ ")/boot/grub/grub.cfg" ] + , Apt.installed ["grub-xen"] + , flagFile (scriptProperty ["update-grub; grub-mkimage --prefix '(" ++ bootdev ++ ")/boot/grub' -c /boot/load.cf -O x86_64-xen /usr/lib/grub/x86_64-xen/*.mod > /boot/xen-shim"]) "/boot/xen-shim" + `describe` "/boot-xen-shim" + ] + where + desc = "chain PV-grub" diff --git a/src/Propellor/Property/HostingProvider/Linode.hs b/src/Propellor/Property/HostingProvider/Linode.hs new file mode 100644 index 00000000..34d72184 --- /dev/null +++ b/src/Propellor/Property/HostingProvider/Linode.hs @@ -0,0 +1,10 @@ +module Propellor.Property.HostingProvider.Linode where + +import Propellor +import qualified Propellor.Property.Grub as Grub + +-- | Linode's pv-grub-x86_64 does not currently support booting recent +-- Debian kernels compressed with xz. This sets up pv-grub chaing to enable +-- it. +chainPVGrub :: Grub.TimeoutSecs -> Property +chainPVGrub = Grub.chainPVGrub "hd0" "xen/xvda" diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 6785ede6..5a260476 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -5,6 +5,7 @@ module Propellor.Property.Ssh ( hasAuthorizedKeys, restartSshd, randomHostKeys, + hostKeys, hostKey, keyImported, knownHost, @@ -75,7 +76,15 @@ randomHostKeys = flagFile prop "/etc/ssh/.unique_host_keys" ensureProperty $ scriptProperty [ "DPKG_MAINTSCRIPT_NAME=postinst DPKG_MAINTSCRIPT_PACKAGE=openssh-server /var/lib/dpkg/info/openssh-server.postinst configure" ] --- | Sets ssh host keys. +-- | Sets all types of ssh host keys from the privdata. +hostKeys :: Context -> Property +hostKeys ctx = propertyList "known ssh host keys" + [ hostKey SshDsa ctx + , hostKey SshRsa ctx + , hostKey SshEcdsa ctx + ] + +-- | Sets a single ssh host key from the privdata. hostKey :: SshKeyType -> Context -> Property hostKey keytype context = combineProperties desc [ installkey (SshPubKey keytype "") (install writeFile ".pub") |