propellor

propellor config for hosts.
git clone git://git.ricketyspace.net/propellor.git
Log | Files | Refs | LICENSE

commit 33b9960a087801f30cb2a423162a338b4e62c0fc
parent 81fb51712449819e3d468fbdb6fa52cb208f8d10
Author: rsiddharth <s@ricketyspace.net>
Date:   Tue, 15 May 2018 22:45:10 +0000

propellor spin

Diffstat:
config.hs | 13+++++++++++++
1 file changed, 13 insertions(+), 0 deletions(-)

diff --git a/config.hs b/config.hs @@ -48,6 +48,7 @@ import qualified Propellor.Property.Cron as Cron import qualified Propellor.Property.Dns as Dns import qualified Propellor.Property.Fail2Ban as Fail2Ban import qualified Propellor.Property.File as File +import qualified Propellor.Property.Group as Group import qualified Propellor.Property.Locale as Locale import qualified Propellor.Property.Nginx as Nginx import qualified Propellor.Property.Postfix as Postfix @@ -710,14 +711,26 @@ lyra = host "lyra.ricketyspace.net" $props , (RelDomain "mail._domainkey", TXT "v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ClUrJTSt/UISOTEoZy36SfCjuyuajJVGEzYrhuysn2CA3MNt6y3dsHrjalA04Bix02KySMVEHcbScsd54MHhvk364pOkapuAEFIAmvY9SiZGRWsKMK5tgq/aSgH6xFg6M1CupV4QHWFgk193juiEdnB8uwXKTxOdKP/P/xbU3h98MFvXmNzT8sEr5VMZHiTdzqcxCLLfhx27iwjFJh4td6y+0n5YO/M2zf3n9ikXIof/dw4lA5Xo2icI3G88LMl9Tk4vcY0UVXXXulKmrnrn96Nyow0zU31kB/NUb1HbOxaVLz7KJThS+U9NV/66vZ5blwg7aExJXkPfVEtLTca+wIDAQAB") , (RelDomain "_dmarc", TXT "v=DMARC1; p=none; rua=mailto:root@ricketyspace.net") ] + -- + & Group.exists (Group "pubs") Nothing -- root config & Ssh.authorizedKey (User "root") sCanonicalSshPubKey & File.hasContent "/root/.tmux.conf" tmuxConf -- w config & User.accountFor (User "w") + & User.hasGroup (User "w") (Group "pubs") & Ssh.authorizedKey (User "w") sCanonicalSshPubKey + --- pub dir config + & File.dirExists "/home/w/pub" + & File.ownerGroup "/home/w/pub" (User "w") (Group "pubs") + & File.mode "/home/w/pub" 0O0770 + --- gpub dir config + & File.dirExists "/home/w/gpub" + & File.ownerGroup "/home/w/gpub" (User "w") (Group "pubs") + & File.mode "/home/w/gpub" 0O0770 -- g config & User.accountFor (User "g") + & User.hasGroup (User "g") (Group "pubs") & Ssh.authorizedKey (User "g") sCanonicalSshPubKey -- s config & User.accountFor (User "s")