propellor

propellor config for hosts.
git clone git://git.ricketyspace.net/propellor.git
Log | Files | Refs | LICENSE

commit e3a7674eff06e7ce6a9798b33b0a52f30b5f3690
parent 26f7b529755103f8909e8f8e9ceac0b260de8508
Author: rsiddharth <s@ricketyspace.net>
Date:   Thu, 22 Aug 2019 22:01:26 -0400

propellor spin

Diffstat:
config.hs | 28++++++++++++++++++++++++++--
1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/config.hs b/config.hs @@ -121,8 +121,8 @@ ara = host "ara.ricketyspace.net" $props virgo :: Host virgo = host "virgo.ricketyspace.net" $props & osDebian (Stable "buster") X86_64 - & ipv4 "144.202.9.116" - & ipv6 "2001:19f0:5:19c8:5400:02ff:fe33:4b1f" + & ipv4 "149.28.238.48" + & ipv6 "2001:19f0:5:1d90:5400:02ff:fe3b:3624" & Locale.available "en_US.UTF-8" & File.hasContent "/etc/motd" (["At virgo."]) -- apt @@ -134,9 +134,33 @@ virgo = host "virgo.ricketyspace.net" $props & Ssh.passwordAuthentication False -- system & Fail2Ban.installed + -- crons + & stagitGenCron + -- web + & Group.exists (Group "pubs") Nothing + -- web - root + & File.dirExists "/var/www/root" + & File.ownerGroup "/var/www/root" (User "www-data") (Group "pubs") + & File.mode "/var/www/root/" 0O0770 + -- web - git + & File.dirExists "/var/www/git.rs" + & File.ownerGroup "/var/www/git.rs" (User "www-data") (Group "pubs") + & File.mode "/var/www/git.rs/" 0O0770 + -- www-data config + & User.hasGroup (User "www-data") (Group "pubs") -- root config & File.hasContent "/root/.tmux.conf" tmuxConf & Ssh.authorizedKey (User "root") sCanonicalSshPubKey + -- g config + & User.accountFor (User "g") + & User.hasGroup (User "g") (Group "pubs") + & Ssh.authorizedKey (User "g") sCanonicalSshPubKey + & Ssh.authorizedKey (User "g") sAraSshPubKey + -- s config + & User.accountFor (User "s") + & User.hasPassword (User "s") + & Sudo.enabledFor (User "s") + & Ssh.authorizedKey (User "s") sCanonicalSshPubKey -- configure lyra