From 4e038a43cc9978af1015c53ab7cf27355d989069 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 17 Oct 2015 13:57:51 -0400 Subject: use Info to detect controller loops Much less invasive than the other implementation. --- config-joey.hs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'config-joey.hs') diff --git a/config-joey.hs b/config-joey.hs index b5982161..f862a2fb 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -27,6 +27,7 @@ import qualified Propellor.Property.Journald as Journald import qualified Propellor.Property.Chroot as Chroot import qualified Propellor.Property.Aiccu as Aiccu import qualified Propellor.Property.OS as OS +import qualified Propellor.Property.Spin as Spin import qualified Propellor.Property.HostingProvider.CloudAtCost as CloudAtCost import qualified Propellor.Property.HostingProvider.Linode as Linode import qualified Propellor.Property.SiteSpecific.GitHome as GitHome @@ -189,6 +190,7 @@ honeybee = standardSystem "honeybee.kitenet.net" Testing "armhf" kite :: Host kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64" [ "Welcome to kite!" ] + & Spin.controllerFor clam & ipv4 "66.228.36.95" & ipv6 "2600:3c03::f03c:91ff:fe73:b0d2" & alias "kitenet.net" -- cgit v1.3-2-g0d8e From ba71ad4132a19a37b955d5d865253506394581b7 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 17 Oct 2015 14:06:57 -0400 Subject: do propigate Controlling info out of containers If someone wants to make a container be a controller, that should work, and it should then detect loops that loop back to the container's host. --- config-joey.hs | 1 - src/Propellor/Property/Spin.hs | 6 ++++-- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'config-joey.hs') diff --git a/config-joey.hs b/config-joey.hs index f862a2fb..e973d35e 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -190,7 +190,6 @@ honeybee = standardSystem "honeybee.kitenet.net" Testing "armhf" kite :: Host kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64" [ "Welcome to kite!" ] - & Spin.controllerFor clam & ipv4 "66.228.36.95" & ipv6 "2600:3c03::f03c:91ff:fe73:b0d2" & alias "kitenet.net" diff --git a/src/Propellor/Property/Spin.hs b/src/Propellor/Property/Spin.hs index 81ff24f6..ee65b0a9 100644 --- a/src/Propellor/Property/Spin.hs +++ b/src/Propellor/Property/Spin.hs @@ -106,7 +106,9 @@ controllerFor h = toSpin h `requires` Ssh.installed -- | Uses `Propellor.Property.Ssh.keysImported` to set up the ssh keys --- for a controller; so the corresponding private keys come from the privdata. +-- for the root user on a controller. +-- +-- (The corresponding private keys come from the privdata.) controllerKeys :: [(SshKeyType, Ssh.PubKeyText)] -> Property HasInfo controllerKeys ks = Ssh.userKeys (User "root") hostContext ks `requires` Ssh.installed @@ -129,7 +131,7 @@ isControlledBy :: Host -> Controlling -> Bool h `isControlledBy` (Controlled hs) = any (== hostName h) (map hostName hs) instance IsInfo Controlling where - propigateInfo _ = False + propigateInfo _ = True mkControllingInfo :: Host -> Info mkControllingInfo controlled = addInfo mempty (Controlled [controlled]) -- cgit v1.3-2-g0d8e