From 0b4a95f6c212e7d103cec5737f1917a413b0b1c2 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:28:17 -0400 Subject: --spin checks if the DNS matches any configured IP address property of the host, and if not, sshes to the host by IP address. --- src/Propellor/Spin.hs | 36 ++++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 3bafd165..a9a61c16 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -14,6 +14,9 @@ import System.Posix.Directory import Control.Concurrent.Async import Control.Exception (bracket) import qualified Data.ByteString as B +import qualified Data.Set as S +import qualified Network.BSD as BSD +import Network.Socket (inet_ntoa) import Propellor import Propellor.Protocol @@ -44,17 +47,20 @@ spin target relay hst = do when viarelay $ void $ boolSystem "ssh-add" [] + sshtarget <- ("root@" ++) <$> case relay of + Just r -> pure r + Nothing -> getSshTarget target hst + -- Install, or update the remote propellor. updateServer target relay hst - (proc "ssh" $ cacheparams ++ [user, shellWrap probecmd]) - (proc "ssh" $ cacheparams ++ [user, shellWrap updatecmd]) + (proc "ssh" $ cacheparams ++ [sshtarget, shellWrap probecmd]) + (proc "ssh" $ cacheparams ++ [sshtarget, shellWrap updatecmd]) -- And now we can run it. - unlessM (boolSystem "ssh" (map Param $ cacheparams ++ ["-t", user, shellWrap runcmd])) $ + unlessM (boolSystem "ssh" (map Param $ cacheparams ++ ["-t", sshtarget, shellWrap runcmd])) $ error $ "remote propellor failed" where hn = fromMaybe target relay - user = "root@"++hn relaying = relay == Just target viarelay = isJust relay && not relaying @@ -84,6 +90,28 @@ spin target relay hst = do then "--serialized " ++ shellEscape (show (Spin [target] (Just target))) else "--continue " ++ shellEscape (show (SimpleRun target)) +-- Check if the Host contains an IP address that matches one of the IPs +-- in the DNS for the HostName. If so, the HostName is used as-is, +-- but if the DNS is out of sync with the Host config, or doesn't have +-- the host in it at all, use one of the Host's IPs instead. +getSshTarget :: HostName -> Host -> IO String +getSshTarget target hst + | isJust configip = go =<< catchMaybeIO (BSD.getHostByName target) + | otherwise = return target + where + go Nothing = useip + go (Just hostentry) = maybe useip (const $ return target) + =<< firstM matchingtarget (BSD.hostAddresses hostentry) + + matchingtarget a = (==) target <$> inet_ntoa a + + useip = return $ fromMaybe target configip + + configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of + [] -> Nothing + (IPv4 a:_) -> Just a + (IPv6 a:_) -> Just a + -- Update the privdata, repo url, and git repo over the ssh -- connection, talking to the user's local propellor instance which is -- running the updateServer -- cgit v1.3-2-g0d8e From 72b7b0652577b5c454687ed576606023ba8f7386 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:31:30 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index a9a61c16..67fa7c58 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -105,7 +105,11 @@ getSshTarget target hst matchingtarget a = (==) target <$> inet_ntoa a - useip = return $ fromMaybe target configip + useip = case configip of + Nothing -> return target + Just ip -> do + warningMessage $ "DNS seems out of date for " ++ target ++ "; using IP address from configuration instead." + return ip configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of [] -> Nothing -- cgit v1.3-2-g0d8e From b059ae4c77bca559ea25de2ee4eaa4a67dd55a75 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:34:02 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 67fa7c58..476cb1a4 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -96,19 +96,19 @@ spin target relay hst = do -- the host in it at all, use one of the Host's IPs instead. getSshTarget :: HostName -> Host -> IO String getSshTarget target hst - | isJust configip = go =<< catchMaybeIO (BSD.getHostByName target) + | isJust configip = go =<< tryIO (BSD.getHostByName target) | otherwise = return target where - go Nothing = useip - go (Just hostentry) = maybe useip (const $ return target) + go (Left e) = useip (show e) + go (Right hostentry) = maybe (useip $ "none matching " ++ fromMaybe "missing" configip) (const $ return target) =<< firstM matchingtarget (BSD.hostAddresses hostentry) matchingtarget a = (==) target <$> inet_ntoa a - useip = case configip of + useip why = case configip of Nothing -> return target Just ip -> do - warningMessage $ "DNS seems out of date for " ++ target ++ "; using IP address from configuration instead." + warningMessage $ "DNS seems out of date for " ++ target ++ "(" ++ why ++ "); using IP address from configuration instead." return ip configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of -- cgit v1.3-2-g0d8e From f3f60a74c47ee837331f24b3541596deda97169c Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:36:51 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 476cb1a4..c2fde99e 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -100,15 +100,19 @@ getSshTarget target hst | otherwise = return target where go (Left e) = useip (show e) - go (Right hostentry) = maybe (useip $ "none matching " ++ fromMaybe "missing" configip) (const $ return target) - =<< firstM matchingtarget (BSD.hostAddresses hostentry) + go (Right hostentry) = ifM (anyM matchingtarget (BSD.hostAddresses hostentry)) + ( return target + , do + ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) + useip ("DNS " ++ show ips ++ " /= configured " ++ show (maybeToList configip)) + ) matchingtarget a = (==) target <$> inet_ntoa a useip why = case configip of Nothing -> return target Just ip -> do - warningMessage $ "DNS seems out of date for " ++ target ++ "(" ++ why ++ "); using IP address from configuration instead." + warningMessage $ "DNS seems out of date for " ++ target ++ " (" ++ why ++ "); using IP address from configuration instead." return ip configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of -- cgit v1.3-2-g0d8e From 6fb45673d03f6d49a2de0896ad7ce9e4b3d335aa Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:42:34 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index c2fde99e..42f7bf7b 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -96,29 +96,27 @@ spin target relay hst = do -- the host in it at all, use one of the Host's IPs instead. getSshTarget :: HostName -> Host -> IO String getSshTarget target hst - | isJust configip = go =<< tryIO (BSD.getHostByName target) + | null configips = go =<< tryIO (BSD.getHostByName target) | otherwise = return target where go (Left e) = useip (show e) - go (Right hostentry) = ifM (anyM matchingtarget (BSD.hostAddresses hostentry)) + go (Right hostentry) = ifM (anyM matchingconfig (BSD.hostAddresses hostentry)) ( return target , do ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) - useip ("DNS " ++ show ips ++ " /= configured " ++ show (maybeToList configip)) + useip ("DNS " ++ show ips ++ " vs configured " ++ show configips) ) - matchingtarget a = (==) target <$> inet_ntoa a + matchingconfig a = flip elem configips <$> inet_ntoa a - useip why = case configip of + useip why = case headMaybe configips of Nothing -> return target Just ip -> do warningMessage $ "DNS seems out of date for " ++ target ++ " (" ++ why ++ "); using IP address from configuration instead." return ip - configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of - [] -> Nothing - (IPv4 a:_) -> Just a - (IPv6 a:_) -> Just a + configips = map fromIPAddr $ mapMaybe getIPAddr $ + S.toList $ _dns $ hostInfo hst -- Update the privdata, repo url, and git repo over the ssh -- connection, talking to the user's local propellor instance which is -- cgit v1.3-2-g0d8e From f89aeaa0e8858109d44fdaa5911f5fecacf7ce6b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 16:18:36 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 42f7bf7b..a6744bf4 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -101,7 +101,9 @@ getSshTarget target hst where go (Left e) = useip (show e) go (Right hostentry) = ifM (anyM matchingconfig (BSD.hostAddresses hostentry)) - ( return target + ( do + print "MATCHING IP" + return target , do ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) useip ("DNS " ++ show ips ++ " vs configured " ++ show configips) -- cgit v1.3-2-g0d8e From 31739ac1a60b461519702b24e14df98cf173941b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 16:19:32 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'src/Propellor/Spin.hs') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index a6744bf4..14275957 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -96,14 +96,12 @@ spin target relay hst = do -- the host in it at all, use one of the Host's IPs instead. getSshTarget :: HostName -> Host -> IO String getSshTarget target hst - | null configips = go =<< tryIO (BSD.getHostByName target) - | otherwise = return target + | null configips = return target + | otherwise = go =<< tryIO (BSD.getHostByName target) where go (Left e) = useip (show e) go (Right hostentry) = ifM (anyM matchingconfig (BSD.hostAddresses hostentry)) - ( do - print "MATCHING IP" - return target + ( return target , do ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) useip ("DNS " ++ show ips ++ " vs configured " ++ show configips) -- cgit v1.3-2-g0d8e From 7cbd367e1ce6079efe1add4cc3baec3ffc0b5b49 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 17:09:21 -0400 Subject: Update intermediary propellor in --spin --via --- debian/changelog | 1 + src/Propellor/CmdLine.hs | 4 ++-- src/Propellor/Spin.hs | 2 +- src/Propellor/Types.hs | 1 + 4 files changed, 5 insertions(+), 3 deletions(-) (limited to 'src/Propellor/Spin.hs') diff --git a/debian/changelog b/debian/changelog index 2d298329..f857a4ea 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,7 @@ propellor (1.2.3) UNRELEASED; urgency=medium of the host, and if not, sshes to the host by IP address. * Detect #774376 and refuse to use docker if the system is so broken that docker exec doesn't enter a chroot. + * Update intermediary propellor in --spin --via -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs index 3e375c7e..378367e8 100644 --- a/src/Propellor/CmdLine.hs +++ b/src/Propellor/CmdLine.hs @@ -54,7 +54,6 @@ processCmdLine = go =<< getArgs go ("--help":_) = do usage stdout exitFailure - go ("--update":_:[]) = return $ Update Nothing go ("--boot":_:[]) = return $ Update Nothing -- for back-compat go ("--serialized":s:[]) = serialized Serialized s go ("--continue":s:[]) = serialized Continue s @@ -98,8 +97,9 @@ defaultMain hostlist = do go _ (DockerChain hn cid) = Docker.chain hostlist hn cid go _ (DockerInit hn) = Docker.init hn go _ (GitPush fin fout) = gitPushHelper fin fout + go _ (Relay h) = forceConsole >> updateFirst (Update (Just h)) (update (Just h)) go _ (Update Nothing) = forceConsole >> fetchFirst (onlyprocess (update Nothing)) - go _ (Update (Just h)) = forceConsole >> fetchFirst (update (Just h)) + go _ (Update (Just h)) = update (Just h) go _ Merge = mergeSpin go True cmdline@(Spin _ _) = buildFirst cmdline $ go False cmdline go True cmdline = updateFirst cmdline $ go False cmdline diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 14275957..a1035387 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -80,7 +80,7 @@ spin target relay hst = do , "if ! test -x ./propellor; then make deps build; fi" , if viarelay then "./propellor --continue " ++ - shellEscape (show (Update (Just target))) + shellEscape (show (Relay target)) -- Still using --boot for back-compat... else "./propellor --boot " ++ target ] diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs index 63abd226..fc10cb20 100644 --- a/src/Propellor/Types.hs +++ b/src/Propellor/Types.hs @@ -165,6 +165,7 @@ data CmdLine | Serialized CmdLine | Continue CmdLine | Update (Maybe HostName) + | Relay HostName | DockerInit HostName | DockerChain HostName String | ChrootChain HostName FilePath Bool Bool -- cgit v1.3-2-g0d8e