From 4e4fb9ab7ca13f5148c6d4b08f53f518429530a8 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 18 Apr 2014 03:59:06 -0400 Subject: get rid of AttrProperty Now both Property and RevertableProperty can influence Attr on their own. --- debian/changelog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 3daeb395..3cef12dc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,6 @@ -propellor (0.3.2) UNRELEASED; urgency=medium +propellor (0.4.0) UNRELEASED; urgency=medium + * Constructor of Property has changed (use property function instead). * Run all cron jobs under chronic from moreutils to avoid unnecessary mails. -- Joey Hess Thu, 17 Apr 2014 21:00:43 -0400 -- cgit v1.3-2-g0d8e From 5f6c3ad56490a8c3063f8daa1cd8b0a302b63ddd Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 18 Apr 2014 04:48:49 -0400 Subject: All Property combinators now combine together their Attr settings. So Attr settings can be made inside a propertyList, for example. --- Propellor/Attr.hs | 4 +-- Propellor/Engine.hs | 2 +- Propellor/Property.hs | 79 ++++++++++++++++++++++++----------------- Propellor/Property/Apt.hs | 4 +-- Propellor/Property/Cmd.hs | 1 + Propellor/Property/Scheduled.hs | 4 +-- Propellor/Types.hs | 18 ++++------ Propellor/Types/Attr.hs | 2 ++ TODO | 6 ++-- debian/changelog | 5 ++- 10 files changed, 70 insertions(+), 55 deletions(-) (limited to 'debian') diff --git a/Propellor/Attr.hs b/Propellor/Attr.hs index d4fb25d2..03c882cc 100644 --- a/Propellor/Attr.hs +++ b/Propellor/Attr.hs @@ -10,7 +10,7 @@ import qualified Data.Set as S import qualified Data.Map as M import Control.Applicative -pureAttrProperty :: Desc -> (Attr -> Attr) -> Property +pureAttrProperty :: Desc -> SetAttr -> Property pureAttrProperty desc = Property ("has " ++ desc) (return NoChange) hostname :: HostName -> Property @@ -35,7 +35,7 @@ cnameFor domain mkp = let p = mkp domain in p { propertyAttr = propertyAttr p . addCName domain } -addCName :: HostName -> Attr -> Attr +addCName :: HostName -> SetAttr addCName domain d = d { _cnames = S.insert domain (_cnames d) } sshPubKey :: String -> Property diff --git a/Propellor/Engine.hs b/Propellor/Engine.hs index c697d853..55ce7f77 100644 --- a/Propellor/Engine.hs +++ b/Propellor/Engine.hs @@ -18,7 +18,7 @@ runPropellor attr a = runReaderT (runWithAttr a) attr mainProperties :: Attr -> [Property] -> IO () mainProperties attr ps = do r <- runPropellor attr $ - ensureProperties [property "overall" $ ensureProperties ps] + ensureProperties [Property "overall" (ensureProperties ps) id] setTitle "propellor: done" hFlush stdout case r of diff --git a/Propellor/Property.hs b/Propellor/Property.hs index aa419069..24494654 100644 --- a/Propellor/Property.hs +++ b/Propellor/Property.hs @@ -5,6 +5,7 @@ module Propellor.Property where import System.Directory import Control.Monad import Data.Monoid +import Data.List import Control.Monad.IfElse import "mtl" Control.Monad.Reader @@ -15,23 +16,21 @@ import Propellor.Engine import Utility.Monad import System.FilePath -makeChange :: IO () -> Propellor Result -makeChange a = liftIO a >> return MadeChange - -noChange :: Propellor Result -noChange = return NoChange +-- Constructs a Property. +property :: Desc -> Propellor Result -> Property +property d s = Property d s id -- | Combines a list of properties, resulting in a single property -- that when run will run each property in the list in turn, -- and print out the description of each as it's run. Does not stop -- on failure; does propigate overall success/failure. propertyList :: Desc -> [Property] -> Property -propertyList desc ps = property desc $ ensureProperties ps +propertyList desc ps = Property desc (ensureProperties ps) (combineSetAttrs ps) -- | Combines a list of properties, resulting in one property that -- ensures each in turn, stopping on failure. combineProperties :: Desc -> [Property] -> Property -combineProperties desc ps = property desc $ go ps NoChange +combineProperties desc ps = Property desc (go ps NoChange) (combineSetAttrs ps) where go [] rs = return rs go (l:ls) rs = do @@ -44,11 +43,8 @@ combineProperties desc ps = property desc $ go ps NoChange -- that ensures the first, and if the first succeeds, ensures the second. -- The property uses the description of the first property. before :: Property -> Property -> Property -p1 `before` p2 = property (propertyDesc p1) $ do - r <- ensureProperty p1 - case r of - FailedChange -> return FailedChange - _ -> ensureProperty p2 +p1 `before` p2 = p2 `requires` p1 + `describe` (propertyDesc p1) -- | Makes a perhaps non-idempotent Property be idempotent by using a flag -- file to indicate whether it has run before. @@ -57,13 +53,13 @@ flagFile :: Property -> FilePath -> Property flagFile p = flagFile' p . return flagFile' :: Property -> IO FilePath -> Property -flagFile' p getflagfile = property (propertyDesc p) $ do +flagFile' p getflagfile = adjustProperty p $ \satisfy -> do flagfile <- liftIO getflagfile - go flagfile =<< liftIO (doesFileExist flagfile) + go satisfy flagfile =<< liftIO (doesFileExist flagfile) where - go _ True = return NoChange - go flagfile False = do - r <- ensureProperty p + go _ _ True = return NoChange + go satisfy flagfile False = do + r <- satisfy when (r == MadeChange) $ liftIO $ unlessM (doesFileExist flagfile) $ do createDirectoryIfMissing True (takeDirectory flagfile) @@ -73,22 +69,24 @@ flagFile' p getflagfile = property (propertyDesc p) $ do --- | Whenever a change has to be made for a Property, causes a hook -- Property to also be run, but not otherwise. onChange :: Property -> Property -> Property -p `onChange` hook = property (propertyDesc p) $ do - r <- ensureProperty p - case r of - MadeChange -> do - r' <- ensureProperty hook - return $ r <> r' - _ -> return r +p `onChange` hook = Property (propertyDesc p) satisfy (combineSetAttr p hook) + where + satisfy = do + r <- ensureProperty p + case r of + MadeChange -> do + r' <- ensureProperty hook + return $ r <> r' + _ -> return r (==>) :: Desc -> Property -> Property (==>) = flip describe infixl 1 ==> --- | Makes a Property only be performed when a test succeeds. +-- | Makes a Property only need to do anything when a test succeeds. check :: IO Bool -> Property -> Property -check c p = property (propertyDesc p) $ ifM (liftIO c) - ( ensureProperty p +check c p = adjustProperty p $ \satisfy -> ifM (liftIO c) + ( satisfy , return NoChange ) @@ -99,8 +97,8 @@ check c p = property (propertyDesc p) $ ifM (liftIO c) -- to be made as it is to just idempotently assure the property is -- satisfied. For example, chmodding a file. trivial :: Property -> Property -trivial p = property (propertyDesc p) $ do - r <- ensureProperty p +trivial p = adjustProperty p $ \satisfy -> do + r <- satisfy if r == MadeChange then return NoChange else return r @@ -133,16 +131,33 @@ host hn = Host [] (\_ -> newAttr hn) -- | Adds a property to a Host -- --- Can add Properties, RevertableProperties, and AttrProperties +-- Can add Properties and RevertableProperties (&) :: IsProp p => Host -> p -> Host -(Host ps as) & p = Host (ps ++ [toProp p]) (getAttr p . as) +(Host ps as) & p = Host (ps ++ [toProp p]) (setAttr p . as) infixl 1 & -- | Adds a property to the Host in reverted form. (!) :: Host -> RevertableProperty -> Host -(Host ps as) ! p = Host (ps ++ [toProp q]) (getAttr q . as) +(Host ps as) ! p = Host (ps ++ [toProp q]) (setAttr q . as) where q = revert p infixl 1 ! + +-- Changes the action that is performed to satisfy a property. +adjustProperty :: Property -> (Propellor Result -> Propellor Result) -> Property +adjustProperty p f = p { propertySatisfy = f (propertySatisfy p) } + +-- Combines the Attr settings of two properties. +combineSetAttr :: (IsProp p, IsProp q) => p -> q -> SetAttr +combineSetAttr p q = setAttr p . setAttr q + +combineSetAttrs :: IsProp p => [p] -> SetAttr +combineSetAttrs = foldl' (.) id . map setAttr + +makeChange :: IO () -> Propellor Result +makeChange a = liftIO a >> return MadeChange + +noChange :: Propellor Result +noChange = return NoChange diff --git a/Propellor/Property/Apt.hs b/Propellor/Property/Apt.hs index 2115dc50..9234cbbf 100644 --- a/Propellor/Property/Apt.hs +++ b/Propellor/Property/Apt.hs @@ -157,8 +157,8 @@ buildDepIn dir = go `requires` installedMin ["devscripts", "equivs"] -- | Package installation may fail becuse the archive has changed. -- Run an update in that case and retry. robustly :: Property -> Property -robustly p = property (propertyDesc p) $ do - r <- ensureProperty p +robustly p = adjustProperty p $ \satisfy -> do + r <- satisfy if r == FailedChange then ensureProperty $ p `requires` update else return r diff --git a/Propellor/Property/Cmd.hs b/Propellor/Property/Cmd.hs index 5b7494ee..bcd08246 100644 --- a/Propellor/Property/Cmd.hs +++ b/Propellor/Property/Cmd.hs @@ -12,6 +12,7 @@ import Data.List import "mtl" Control.Monad.Reader import Propellor.Types +import Propellor.Property import Utility.Monad import Utility.SafeCommand import Utility.Env diff --git a/Propellor/Property/Scheduled.hs b/Propellor/Property/Scheduled.hs index 0e639129..f2911e50 100644 --- a/Propellor/Property/Scheduled.hs +++ b/Propellor/Property/Scheduled.hs @@ -19,13 +19,13 @@ import qualified Data.Map as M -- This uses the description of the Property to keep track of when it was -- last run. period :: Property -> Recurrance -> Property -period prop recurrance = property desc $ do +period prop recurrance = flip describe desc $ adjustProperty prop $ \satisfy -> do lasttime <- liftIO $ getLastChecked (propertyDesc prop) nexttime <- liftIO $ fmap startTime <$> nextTime schedule lasttime t <- liftIO localNow if Just t >= nexttime then do - r <- ensureProperty prop + r <- satisfy liftIO $ setLastChecked t (propertyDesc prop) return r else noChange diff --git a/Propellor/Types.hs b/Propellor/Types.hs index 01be9a5a..42401d12 100644 --- a/Propellor/Types.hs +++ b/Propellor/Types.hs @@ -8,12 +8,11 @@ module Propellor.Types , HostName , Propellor(..) , Property(..) - , property , RevertableProperty(..) , IsProp , describe , toProp - , getAttr + , setAttr , requires , Desc , Result(..) @@ -34,7 +33,7 @@ import "MonadCatchIO-transformers" Control.Monad.CatchIO import Propellor.Types.Attr import Propellor.Types.OS -data Host = Host [Property] (Attr -> Attr) +data Host = Host [Property] SetAttr -- | Propellor's monad provides read-only access to attributes of the -- system. @@ -55,13 +54,10 @@ data Property = Property { propertyDesc :: Desc , propertySatisfy :: Propellor Result -- ^ must be idempotent; may run repeatedly - , propertyAttr :: Attr -> Attr + , propertyAttr :: SetAttr -- ^ a property can affect the overall Attr } -property :: Desc -> Propellor Result -> Property -property d s = Property d s id - -- | A property that can be reverted. data RevertableProperty = RevertableProperty Property Property @@ -72,12 +68,12 @@ class IsProp p where -- | Indicates that the first property can only be satisfied -- once the second one is. requires :: p -> Property -> p - getAttr :: p -> (Attr -> Attr) + setAttr :: p -> SetAttr instance IsProp Property where describe p d = p { propertyDesc = d } toProp p = p - getAttr = propertyAttr + setAttr = propertyAttr x `requires` y = Property (propertyDesc x) satisfy attr where attr = propertyAttr x . propertyAttr y @@ -95,8 +91,8 @@ instance IsProp RevertableProperty where toProp (RevertableProperty p1 _) = p1 (RevertableProperty p1 p2) `requires` y = RevertableProperty (p1 `requires` y) p2 - -- | Gets the Attr of the currently active side. - getAttr (RevertableProperty p1 _p2) = getAttr p1 + -- | Return the SetAttr of the currently active side. + setAttr (RevertableProperty p1 _p2) = setAttr p1 type Desc = String diff --git a/Propellor/Types/Attr.hs b/Propellor/Types/Attr.hs index 1ff58148..00611775 100644 --- a/Propellor/Types/Attr.hs +++ b/Propellor/Types/Attr.hs @@ -42,3 +42,5 @@ newAttr hn = Attr hn S.empty Nothing Nothing Nothing [] type HostName = String type Domain = String + +type SetAttr = Attr -> Attr diff --git a/TODO b/TODO index 93dcf0d4..96324ad5 100644 --- a/TODO +++ b/TODO @@ -15,7 +15,5 @@ * There is no way for a property of a docker container to require some property be met outside the container. For example, some servers need ntp installed for a good date source. -* Attributes can only be set in the top level property list for a Host. - If an attribute is set inside a propertyList, it won't propigate out. - Fix this. Probably the fix involves combining AttrProperty into Property. - Then propertyList can gather the attributes from its list. +* Docking a container in a host should add to the host any cnames that + are assigned to the container. diff --git a/debian/changelog b/debian/changelog index 3cef12dc..ee7df1e8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,10 @@ propellor (0.4.0) UNRELEASED; urgency=medium * Constructor of Property has changed (use property function instead). - * Run all cron jobs under chronic from moreutils to avoid unnecessary mails. + * All Property combinators now combine together their Attr settings. + So Attr settings can be made inside a propertyList, for example. + * Run all cron jobs under chronic from moreutils to avoid unnecessary + mails. -- Joey Hess Thu, 17 Apr 2014 21:00:43 -0400 -- cgit v1.3-2-g0d8e From 7e9853520b5b7233ce9a9c8153f6c366cab0ee39 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 18 Apr 2014 23:41:26 -0400 Subject: The `cname` property was renamed to `aka` as it does not always generate CNAME in the DNS. --- Propellor/Attr.hs | 11 +++-------- Propellor/Property/Dns.hs | 4 ++-- TODO | 2 +- config-joey.hs | 26 +++++++++++++------------- debian/changelog | 2 ++ 5 files changed, 21 insertions(+), 24 deletions(-) (limited to 'debian') diff --git a/Propellor/Attr.hs b/Propellor/Attr.hs index a4d7a958..8c4a2add 100644 --- a/Propellor/Attr.hs +++ b/Propellor/Attr.hs @@ -41,16 +41,11 @@ ipv6 :: String -> Property ipv6 addr = pureAttrProperty ("ipv6 " ++ addr) (addDNS $ Address $ IPv6 addr) --- | Indicate that a host has a CNAME pointing at it in the DNS. -cname :: Domain -> Property -cname domain = pureAttrProperty ("cname " ++ domain) +-- | Indicates another name for the host in the DNS. +aka :: Domain -> Property +aka domain = pureAttrProperty ("aka " ++ domain) (addDNS $ CNAME $ AbsDomain domain) -cnameFor :: Domain -> (Domain -> Property) -> Property -cnameFor domain mkp = - let p = mkp domain - in p { propertyAttr = propertyAttr p . addDNS (CNAME $ AbsDomain domain) } - addDNS :: Record -> SetAttr addDNS record d = d { _dns = S.insert record (_dns d) } diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 7abeb552..7c26f1d5 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -33,7 +33,7 @@ import Data.List -- -- > host "foo.example.com" -- > & ipv4 "192.168.1.1" --- > & cname "mail.exmaple.com" +-- > & aka "mail.exmaple.com" -- -- Will cause that host and its cnames to appear in the zone file. -- @@ -112,7 +112,7 @@ servingZones zs = hasContent namedconf (concatMap confStanza zs) -- repository to the SerialNumber. -- -- Handy trick: You don't need to list IPAddrs in the [Record], --- just make some Host sets its cname to the root of domain. +-- just make some Host sets its `aka` to the root of domain. mkSOA :: Domain -> SerialNumber -> [Record] -> SOA mkSOA d sn rs = SOA { sDomain = AbsDomain d diff --git a/TODO b/TODO index 7a1e1df6..85875a9d 100644 --- a/TODO +++ b/TODO @@ -23,4 +23,4 @@ PrivData..), or the public key should not be stored in the PrivData, and instead configured using the attr. Getting the ssh host key into the attr will allow automatically - exporting it via DNS. + exporting it via DNS (SSHFP record) diff --git a/config-joey.hs b/config-joey.hs index 4063aa31..eae3a155 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -48,18 +48,18 @@ hosts = -- (o) ` & Postfix.satellite & Docker.configured - & cname "shell.olduse.net" + & aka "shell.olduse.net" & JoeySites.oldUseNetShellBox - & cname "openid.kitenet.net" + & aka "openid.kitenet.net" & Docker.docked hosts "openid-provider" `requires` Apt.installed ["ntp"] - & cname "ancient.kitenet.net" + & aka "ancient.kitenet.net" & Docker.docked hosts "ancient-kitenet" -- I'd rather this were on diatom, but it needs unstable. - & cname "kgb.kitenet.net" + & aka "kgb.kitenet.net" & JoeySites.kgbServer & Docker.garbageCollected `period` Daily @@ -112,25 +112,25 @@ hosts = -- (o) ` & Apache.multiSSL & File.ownerGroup "/srv/web" "joey" "joey" - & cname "git.kitenet.net" - & cname "git.joeyh.name" + & aka "git.kitenet.net" + & aka "git.joeyh.name" & JoeySites.gitServer hosts - & cname "downloads.kitenet.net" + & aka "downloads.kitenet.net" & JoeySites.annexWebSite hosts "/srv/git/downloads.git" "downloads.kitenet.net" "840760dc-08f0-11e2-8c61-576b7e66acfd" [("turtle", "ssh://turtle.kitenet.net/~/lib/downloads/")] & JoeySites.annexRsyncServer - & cname "tmp.kitenet.net" + & aka "tmp.kitenet.net" & JoeySites.annexWebSite hosts "/srv/git/joey/tmp.git" "tmp.kitenet.net" "26fd6e38-1226-11e2-a75f-ff007033bdba" [] & JoeySites.twitRss - & cname "nntp.olduse.net" + & aka "nntp.olduse.net" & JoeySites.oldUseNetServer hosts & Apt.installed ["ntop"] @@ -285,11 +285,11 @@ monsters = -- but do want to track their public keys etc. , host "wren.kitenet.net" & ipv4 "80.68.85.49" & ipv6 "2001:41c8:125:49::10" - & cname "kite.kitenet.net" + & aka "kite.kitenet.net" , host "branchable.com" & ipv4 "66.228.46.55" & ipv6 "2600:3c03::f03c:91ff:fedf:c0e5" - & cname "olduse.net" - & cname "www.olduse.net" - & cname "git.olduse.net" + & aka "olduse.net" + & aka "www.olduse.net" + & aka "git.olduse.net" ] diff --git a/debian/changelog b/debian/changelog index ee7df1e8..2442dd18 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,8 @@ propellor (0.4.0) UNRELEASED; urgency=medium So Attr settings can be made inside a propertyList, for example. * Run all cron jobs under chronic from moreutils to avoid unnecessary mails. + * The `cname` property was renamed to `aka` as it does not always generate + CNAME in the DNS. -- Joey Hess Thu, 17 Apr 2014 21:00:43 -0400 -- cgit v1.3-2-g0d8e From d1db64b3bc4ef1c802344f666eb160d9a8c97cca Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 01:26:38 -0400 Subject: Propellor can configure primary DNS servers, including generating zone files, which is done by looking at the properties of hosts in a domain. --- Propellor/Attr.hs | 6 ++++ Propellor/Property/Dns.hs | 82 ++++++++++++++++++++++++++++++----------------- Propellor/Types/Attr.hs | 9 ++++-- Propellor/Types/Dns.hs | 4 +-- config-joey.hs | 42 ++++++++++++------------ debian/changelog | 9 ++++-- 6 files changed, 93 insertions(+), 59 deletions(-) (limited to 'debian') diff --git a/Propellor/Attr.hs b/Propellor/Attr.hs index 8c4a2add..a54d8833 100644 --- a/Propellor/Attr.hs +++ b/Propellor/Attr.hs @@ -49,6 +49,12 @@ aka domain = pureAttrProperty ("aka " ++ domain) addDNS :: Record -> SetAttr addDNS record d = d { _dns = S.insert record (_dns d) } +addNamedConf :: NamedConf -> SetAttr +addNamedConf conf d = d { _namedconf = S.insert conf (_namedconf d) } + +getNamedConf :: Propellor (S.Set NamedConf) +getNamedConf = asks _namedconf + sshPubKey :: String -> Property sshPubKey k = pureAttrProperty ("ssh pubkey known") $ \d -> d { _sshPubKey = Just k } diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 7c26f1d5..90556d2d 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -2,7 +2,6 @@ module Propellor.Property.Dns ( module Propellor.Types.Dns, primary, secondary, - servingZones, mkSOA, rootAddressesFrom, writeZoneFile, @@ -26,8 +25,6 @@ import Data.List -- | Primary dns server for a domain. -- --- TODO: Does not yet add it to named.conf.local. --- -- Most of the content of the zone file is configured by setting properties -- of hosts. For example, -- @@ -35,40 +32,70 @@ import Data.List -- > & ipv4 "192.168.1.1" -- > & aka "mail.exmaple.com" -- --- Will cause that host and its cnames to appear in the zone file. +-- Will cause that hostmame and its alias to appear in the zone file, +-- with the configured IP address. -- -- The [(Domain, Record)] list can be used for additional records -- that cannot be configured elsewhere. For example, it might contain -- CNAMEs pointing at hosts that propellor does not control. primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property primary hosts domain soa rs = withwarnings (check needupdate baseprop) - `requires` Apt.serviceInstalledRunning "bind9" + `requires` servingZones `onChange` Service.reloaded "bind9" where (partialzone, warnings) = genZone hosts domain soa zone = partialzone { zHosts = zHosts partialzone ++ rs } zonefile = "/etc/bind/propellor/db." ++ domain - needupdate = (/= Just zone) <$> readZonePropellorFile zonefile - baseprop = property ("dns primary for " ++ domain) $ makeChange $ do - writeZoneFile zone zonefile + baseprop = Property ("dns primary for " ++ domain) + (makeChange $ writeZoneFile zone zonefile) + (addNamedConf conf) withwarnings p = adjustProperty p $ \satisfy -> do mapM_ warningMessage warnings satisfy - -namedconf :: FilePath -namedconf = "/etc/bind/named.conf.local" - -zoneDesc :: NamedConf -> String -zoneDesc z = confDomain z ++ " (" ++ show (confType z) ++ ")" - -secondary :: Domain -> [IPAddr] -> NamedConf -secondary domain masters = NamedConf - { confDomain = domain - , confType = Secondary - , confFile = "db." ++ domain - , confMasters = masters - , confLines = ["allow-transfer { }"] - } + conf = NamedConf + { confDomain = domain + , confType = Master + , confFile = zonefile + , confMasters = [] + , confLines = [] + } + needupdate = do + v <- readZonePropellorFile zonefile + return $ case v of + Nothing -> True + Just oldzone -> + -- compare everything except serial + let oldserial = sSerialĀ (zSOA oldzone) + z = zone { zSOA = (zSOA zone) { sSerial = oldserial } } + in z /= oldzone || oldserial < sSerial (zSOA zone) + +-- | Secondary dns server for a domain. +secondary :: [Host] -> Domain -> HostName -> Property +secondary hosts domain master = pureAttrProperty desc (addNamedConf conf) + `requires` servingZones + where + desc = "dns secondary for " ++ domain + conf = NamedConf + { confDomain = domain + , confType = Secondary + , confFile = "db." ++ domain + , confMasters = hostAddresses master hosts + , confLines = ["allow-transfer { }"] + } + +-- | Rewrites the whole named.conf.local file to serve the zones +-- configured by `primary` and `secondary`, and ensures that bind9 is +-- running. +servingZones :: Property +servingZones = property "serving configured dns zones" go + `requires` Apt.serviceInstalledRunning "bind9" + `onChange` Service.reloaded "bind9" + where + go = do + zs <- getNamedConf + ensureProperty $ + hasContent namedConfFile $ + concatMap confStanza $ S.toList zs confStanza :: NamedConf -> [Line] confStanza c = @@ -89,13 +116,8 @@ confStanza c = (map (\ip -> "\t\t" ++ fromIPAddr ip ++ ";") (confMasters c)) ++ [ "\t};" ] --- | Rewrites the whole named.conf.local file to serve the specified --- zones. -servingZones :: [NamedConf] -> Property -servingZones zs = hasContent namedconf (concatMap confStanza zs) - `describe` ("dns server for zones: " ++ unwords (map zoneDesc zs)) - `requires` Apt.serviceInstalledRunning "bind9" - `onChange` Service.reloaded "bind9" +namedConfFile :: FilePath +namedConfFile = "/etc/bind/named.conf.local" -- | Generates a SOA with some fairly sane numbers in it. -- diff --git a/Propellor/Types/Attr.hs b/Propellor/Types/Attr.hs index cf8bdf1a..f64b0487 100644 --- a/Propellor/Types/Attr.hs +++ b/Propellor/Types/Attr.hs @@ -9,8 +9,9 @@ import qualified Data.Set as S data Attr = Attr { _hostname :: HostName , _os :: Maybe System - , _dns :: S.Set Dns.Record , _sshPubKey :: Maybe String + , _dns :: S.Set Dns.Record + , _namedconf :: S.Set Dns.NamedConf , _dockerImage :: Maybe String , _dockerRunParams :: [HostName -> String] @@ -21,6 +22,7 @@ instance Eq Attr where [ _hostname x == _hostname y , _os x == _os y , _dns x == _dns y + , _namedconf x == _namedconf y , _sshPubKey x == _sshPubKey y , _dockerImage x == _dockerImage y @@ -32,13 +34,14 @@ instance Show Attr where show a = unlines [ "hostname " ++ _hostname a , "OS " ++ show (_os a) - , "dns " ++ show (_dns a) , "sshPubKey " ++ show (_sshPubKey a) + , "dns " ++ show (_dns a) + , "namedconf " ++ show (_namedconf a) , "docker image " ++ show (_dockerImage a) , "docker run params " ++ show (map (\mk -> mk "") (_dockerRunParams a)) ] newAttr :: HostName -> Attr -newAttr hn = Attr hn Nothing S.empty Nothing Nothing [] +newAttr hn = Attr hn Nothing Nothing S.empty S.empty Nothing [] type SetAttr = Attr -> Attr diff --git a/Propellor/Types/Dns.hs b/Propellor/Types/Dns.hs index 9d801ef6..e367202a 100644 --- a/Propellor/Types/Dns.hs +++ b/Propellor/Types/Dns.hs @@ -19,10 +19,10 @@ data NamedConf = NamedConf , confMasters :: [IPAddr] , confLines :: [String] } - deriving (Show, Eq) + deriving (Show, Eq, Ord) data Type = Master | Secondary - deriving (Show, Eq) + deriving (Show, Eq, Ord) -- | Represents a bind 9 zone file. data Zone = Zone diff --git a/config-joey.hs b/config-joey.hs index eae3a155..e49a062c 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -64,17 +64,6 @@ hosts = -- (o) ` & Docker.garbageCollected `period` Daily & Apt.installed ["git-annex", "mtr", "screen"] - - & Dns.primary hosts "olduse.net" - ( Dns.mkSOA "ns1.kitenet.net" 100 - [ NS (AbsDomain "ns1.kitenet.net") - , NS (AbsDomain "ns6.gandi.net") - , NS (AbsDomain "ns2.kitenet.net") - , MX 0 (AbsDomain "kitenet.net") - , TXT "v=spf1 a -all" - ] - ) - [ (RelDomain "article", CNAME $ AbsDomain "virgil.koldfront.dk") ] -- Orca is the main git-annex build box. , standardSystem "orca.kitenet.net" Unstable "amd64" @@ -101,7 +90,7 @@ hosts = -- (o) ` & Ssh.hostKey SshEcdsa & Apt.unattendedUpgrades & Apt.serviceInstalledRunning "ntp" - & Dns.servingZones myDnsSecondary + & myDnsSecondary & Postfix.satellite & Apt.serviceInstalledRunning "apache2" @@ -133,6 +122,17 @@ hosts = -- (o) ` & aka "nntp.olduse.net" & JoeySites.oldUseNetServer hosts + & Dns.primary hosts "olduse.net" + ( Dns.mkSOA "ns1.kitenet.net" 100 + [ NS (AbsDomain "ns1.kitenet.net") + , NS (AbsDomain "ns6.gandi.net") + , NS (AbsDomain "ns2.kitenet.net") + , MX 0 (AbsDomain "kitenet.net") + , TXT "v=spf1 a -all" + ] + ) + [ (RelDomain "article", CNAME $ AbsDomain "virgil.koldfront.dk") ] + & Apt.installed ["ntop"] @@ -244,17 +244,17 @@ cleanCloudAtCost = propertyList "cloudatcost cleanup" ] ] -myDnsSecondary :: [Dns.NamedConf] -myDnsSecondary = - [ Dns.secondary "kitenet.net" master - , Dns.secondary "joeyh.name" master - , Dns.secondary "ikiwiki.info" master - , Dns.secondary "olduse.net" master - , Dns.secondary "branchable.com" branchablemaster +myDnsSecondary :: Property +myDnsSecondary = propertyList "dns secondary for all my domains" + [ Dns.secondary hosts "kitenet.net" master + , Dns.secondary hosts "joeyh.name" master + , Dns.secondary hosts "ikiwiki.info" master + , Dns.secondary hosts "olduse.net" master + , Dns.secondary hosts "branchable.com" branchablemaster ] where - master = hostAddresses "wren.kitenet.net" hosts - branchablemaster = hostAddresses "branchable.com" hosts + master = "wren.kitenet.net" + branchablemaster = "branchable.com" main :: IO () main = defaultMain hosts diff --git a/debian/changelog b/debian/changelog index 2442dd18..463b1819 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,12 +1,15 @@ propellor (0.4.0) UNRELEASED; urgency=medium - * Constructor of Property has changed (use property function instead). + * Propellor can configure primary DNS servers, including generating + zone files, which is done by looking at the properties of hosts + in a domain. + * The `cname` property was renamed to `aka` as it does not always generate + CNAME in the DNS. + * Constructor of Property has changed (use `property` function instead). * All Property combinators now combine together their Attr settings. So Attr settings can be made inside a propertyList, for example. * Run all cron jobs under chronic from moreutils to avoid unnecessary mails. - * The `cname` property was renamed to `aka` as it does not always generate - CNAME in the DNS. -- Joey Hess Thu, 17 Apr 2014 21:00:43 -0400 -- cgit v1.3-2-g0d8e From 9e578aca6b0914443c95f8691fd3ba39522f28fc Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 01:28:46 -0400 Subject: rename aka to alias --- Propellor/Attr.hs | 4 ++-- Propellor/Property/Dns.hs | 4 ++-- Propellor/Property/Docker.hs | 4 ++-- config-joey.hs | 26 +++++++++++++------------- debian/changelog | 4 ++-- 5 files changed, 21 insertions(+), 21 deletions(-) (limited to 'debian') diff --git a/Propellor/Attr.hs b/Propellor/Attr.hs index a54d8833..fb94dc34 100644 --- a/Propellor/Attr.hs +++ b/Propellor/Attr.hs @@ -42,8 +42,8 @@ ipv6 addr = pureAttrProperty ("ipv6 " ++ addr) (addDNS $ Address $ IPv6 addr) -- | Indicates another name for the host in the DNS. -aka :: Domain -> Property -aka domain = pureAttrProperty ("aka " ++ domain) +alias :: Domain -> Property +alias domain = pureAttrProperty ("aka " ++ domain) (addDNS $ CNAME $ AbsDomain domain) addDNS :: Record -> SetAttr diff --git a/Propellor/Property/Dns.hs b/Propellor/Property/Dns.hs index 90556d2d..e47d6c32 100644 --- a/Propellor/Property/Dns.hs +++ b/Propellor/Property/Dns.hs @@ -30,7 +30,7 @@ import Data.List -- -- > host "foo.example.com" -- > & ipv4 "192.168.1.1" --- > & aka "mail.exmaple.com" +-- > & alias "mail.exmaple.com" -- -- Will cause that hostmame and its alias to appear in the zone file, -- with the configured IP address. @@ -134,7 +134,7 @@ namedConfFile = "/etc/bind/named.conf.local" -- repository to the SerialNumber. -- -- Handy trick: You don't need to list IPAddrs in the [Record], --- just make some Host sets its `aka` to the root of domain. +-- just make some Host sets its `alias` to the root of domain. mkSOA :: Domain -> SerialNumber -> [Record] -> SOA mkSOA d sn rs = SOA { sDomain = AbsDomain d diff --git a/Propellor/Property/Docker.hs b/Propellor/Property/Docker.hs index e05a8dd3..e5b8d64a 100644 --- a/Propellor/Property/Docker.hs +++ b/Propellor/Property/Docker.hs @@ -183,8 +183,8 @@ memory = runProp "memory" -- | Link with another container on the same host. link :: ContainerName -> ContainerAlias -> Property -link linkwith alias = genProp "link" $ \hn -> - fromContainerId (ContainerId hn linkwith) ++ ":" ++ alias +link linkwith calias = genProp "link" $ \hn -> + fromContainerId (ContainerId hn linkwith) ++ ":" ++ calias -- | A short alias for a linked container. -- Each container has its own alias namespace. diff --git a/config-joey.hs b/config-joey.hs index e49a062c..b22f0e07 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -48,18 +48,18 @@ hosts = -- (o) ` & Postfix.satellite & Docker.configured - & aka "shell.olduse.net" + & alias "shell.olduse.net" & JoeySites.oldUseNetShellBox - & aka "openid.kitenet.net" + & alias "openid.kitenet.net" & Docker.docked hosts "openid-provider" `requires` Apt.installed ["ntp"] - & aka "ancient.kitenet.net" + & alias "ancient.kitenet.net" & Docker.docked hosts "ancient-kitenet" -- I'd rather this were on diatom, but it needs unstable. - & aka "kgb.kitenet.net" + & alias "kgb.kitenet.net" & JoeySites.kgbServer & Docker.garbageCollected `period` Daily @@ -101,25 +101,25 @@ hosts = -- (o) ` & Apache.multiSSL & File.ownerGroup "/srv/web" "joey" "joey" - & aka "git.kitenet.net" - & aka "git.joeyh.name" + & alias "git.kitenet.net" + & alias "git.joeyh.name" & JoeySites.gitServer hosts - & aka "downloads.kitenet.net" + & alias "downloads.kitenet.net" & JoeySites.annexWebSite hosts "/srv/git/downloads.git" "downloads.kitenet.net" "840760dc-08f0-11e2-8c61-576b7e66acfd" [("turtle", "ssh://turtle.kitenet.net/~/lib/downloads/")] & JoeySites.annexRsyncServer - & aka "tmp.kitenet.net" + & alias "tmp.kitenet.net" & JoeySites.annexWebSite hosts "/srv/git/joey/tmp.git" "tmp.kitenet.net" "26fd6e38-1226-11e2-a75f-ff007033bdba" [] & JoeySites.twitRss - & aka "nntp.olduse.net" + & alias "nntp.olduse.net" & JoeySites.oldUseNetServer hosts & Dns.primary hosts "olduse.net" @@ -285,11 +285,11 @@ monsters = -- but do want to track their public keys etc. , host "wren.kitenet.net" & ipv4 "80.68.85.49" & ipv6 "2001:41c8:125:49::10" - & aka "kite.kitenet.net" + & alias "kite.kitenet.net" , host "branchable.com" & ipv4 "66.228.46.55" & ipv6 "2600:3c03::f03c:91ff:fedf:c0e5" - & aka "olduse.net" - & aka "www.olduse.net" - & aka "git.olduse.net" + & alias "olduse.net" + & alias "www.olduse.net" + & alias "git.olduse.net" ] diff --git a/debian/changelog b/debian/changelog index 463b1819..136d61b2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,8 +3,8 @@ propellor (0.4.0) UNRELEASED; urgency=medium * Propellor can configure primary DNS servers, including generating zone files, which is done by looking at the properties of hosts in a domain. - * The `cname` property was renamed to `aka` as it does not always generate - CNAME in the DNS. + * The `cname` property was renamed to `alias` as it does not always + generate CNAME in the DNS. * Constructor of Property has changed (use `property` function instead). * All Property combinators now combine together their Attr settings. So Attr settings can be made inside a propertyList, for example. -- cgit v1.3-2-g0d8e From 6aeeaaab9073675e8c043d009c97ff62d809975b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 19 Apr 2014 02:10:41 -0400 Subject: prep release --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 136d61b2..beaca78a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -propellor (0.4.0) UNRELEASED; urgency=medium +propellor (0.4.0) unstable; urgency=medium * Propellor can configure primary DNS servers, including generating zone files, which is done by looking at the properties of hosts @@ -11,7 +11,7 @@ propellor (0.4.0) UNRELEASED; urgency=medium * Run all cron jobs under chronic from moreutils to avoid unnecessary mails. - -- Joey Hess Thu, 17 Apr 2014 21:00:43 -0400 + -- Joey Hess Sat, 19 Apr 2014 02:09:56 -0400 propellor (0.3.1) unstable; urgency=medium -- cgit v1.3-2-g0d8e