propellor

propellor config for hosts.
git clone git://git.ricketyspace.net/propellor.git
Log | Files | Refs | LICENSE

commit e61cfcf6b8d5f51347ffd1f9c0d79087f942cda8
parent 10adf65992e148cd387de0c50c82fd6708ecf7bb
Author: rsiddharth <s@ricketyspace.net>
Date:   Sun, 11 Feb 2018 13:55:13 +0000

propellor spin

Diffstat:
config.hs | 12++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/config.hs b/config.hs @@ -62,13 +62,18 @@ main = defaultMain hosts -- The hosts propellor knows about. hosts :: [Host] -hosts = [ cygnus, crux, ara, lyra ] ++ m31 +hosts = privateHosts ++ publicHosts ++ m31 + +privateHosts :: [Host] +privateHosts = [ cygnus ] + +publicHosts :: [Host] +publicHosts = [ crux, ara, lyra ] -- configure cygnus. cygnus :: Host cygnus = host "cygnus.ricketyspace.net" $ props & osDebian Unstable X86_64 - & ipv4 "127.0.0.1" & File.hasContent "/etc/motd" (["At cygnus."]) -- apt config. & Apt.stdSourcesList @@ -693,7 +698,7 @@ lyra = host "lyra.ricketyspace.net" $props & File.ownerGroup "/etc/dkimkeys/ricketyspace.net" (User "opendkim") (Group "opendkim") & File.hasPrivContent "/etc/dkimkeys/ricketyspace.net/mail.private" (Context "ricketyspace.net") -- bind - & Dns.primary hosts "ricketyspace.net" + & Dns.primary publicHosts "ricketyspace.net" (Dns.mkSOA "lyra.ricketyspace.net" 20180129) [ (RootDomain, NS $ RelDomain "lyra") @@ -704,7 +709,6 @@ lyra = host "lyra.ricketyspace.net" $props , (RelDomain "mail._domainkey", TXT "v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ClUrJTSt/UISOTEoZy36SfCjuyuajJVGEzYrhuysn2CA3MNt6y3dsHrjalA04Bix02KySMVEHcbScsd54MHhvk364pOkapuAEFIAmvY9SiZGRWsKMK5tgq/aSgH6xFg6M1CupV4QHWFgk193juiEdnB8uwXKTxOdKP/P/xbU3h98MFvXmNzT8sEr5VMZHiTdzqcxCLLfhx27iwjFJh4td6y+0n5YO/M2zf3n9ikXIof/dw4lA5Xo2icI3G88LMl9Tk4vcY0UVXXXulKmrnrn96Nyow0zU31kB/NUb1HbOxaVLz7KJThS+U9NV/66vZ5blwg7aExJXkPfVEtLTca+wIDAQAB") , (RelDomain "_dmarc", TXT "v=DMARC1; p=none; rua=mailto:root@ricketyspace.net") ] - -- & Dns.secondary hosts "ns6.gandi.net" -- root config & Ssh.authorizedKey (User "root") sCanonicalSshPubKey -- w config