-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/
-- | High level Haskell bindings to LXC (Linux containers).
--
-- The library provides Haskell LXC API, wrapping bindings-lxc
-- package.
@package lxc
@version 0.3.2
-- | Internal module with utility functions. Normally you should import
-- System.LXC module only.
module System.LXC.Internal.Utils
-- | Collect flags in a single integer value.
mkFlags :: (Num b, Bits b) => (a -> b) -> [a] -> b
-- | Internal module to support options and structures to run commands
-- inside LXC containers. Normally you should import System.LXC
-- module only.
module System.LXC.Internal.AttachOptions
-- | exec function to use for attach.
--
-- See attachRunCommand and attachRunShell.
newtype AttachExecFn
AttachExecFn :: C_lxc_attach_exec_t -> AttachExecFn
[getAttachExecFn] :: AttachExecFn -> C_lxc_attach_exec_t
-- | LXC environment policy.
data AttachEnvPolicy
-- | Retain the environment.
AttachKeepEnv :: AttachEnvPolicy
-- | Clear the environment.
AttachClearEnv :: AttachEnvPolicy
-- | Convert AttachEnvPolicy to internal representation.
fromAttachEnvPolicy :: Num a => AttachEnvPolicy -> a
-- | Flags for attach.
data AttachFlag
-- | Move to cgroup. On by default.
AttachMoveToCGroup :: AttachFlag
-- | Drop capabilities. On by default.
AttachDropCapabilities :: AttachFlag
-- | Set personality. On by default
AttachSetPersonality :: AttachFlag
-- | Execute under a Linux Security Module. On by default.
AttachLSMExec :: AttachFlag
-- | Remount /proc filesystem. Off by default.
AttachRemountProcSys :: AttachFlag
-- | FIXME: unknown. Off by default.
AttachLSMNow :: AttachFlag
-- | Mask of flags to apply by default.
AttachDefault :: AttachFlag
-- | All Linux Security Module flags.
AttachLSM :: AttachFlag
-- | Convert AttachFlag to bit flag.
fromAttachFlag :: Num a => AttachFlag -> a
-- | LXC attach options for attach.
--
--
-- - NOTE: for stdin, stdout and
-- stderr descriptors dup2() will be used before
-- calling exec_function, (assuming not 0, 1
-- and 2 are specified) and the original fds are closed before
-- passing control over. Any O_CLOEXEC flag will be removed
-- after that.
--
data AttachOptions
AttachOptions :: [AttachFlag] -> Int -> Maybe Int64 -> Maybe FilePath -> UserID -> GroupID -> AttachEnvPolicy -> [String] -> [String] -> Fd -> Fd -> Fd -> AttachOptions
-- | Any combination of AttachFlag flags.
[attachFlags] :: AttachOptions -> [AttachFlag]
-- | The namespaces to attach to (CLONE_NEW... flags). | Initial
-- personality (Nothing to autodetect).
--
--
-- - This may be ignored if lxc is compiled without
-- personality support
--
[attachNamespaces] :: AttachOptions -> Int
[attachPersonality] :: AttachOptions -> Maybe Int64
-- | Inital current directory, Nothing to use cwd.
--
-- If the current directory does not exist in the container, the root
-- directory will be used instead because of kernel defaults.
[attachInitialCWD] :: AttachOptions -> Maybe FilePath
-- | The user-id to run as.
--
--
-- - NOTE: Set to -1 for default behaviour (init uid
-- for userns containers or 0 (super-user) if detection
-- fails).
--
[attachUID] :: AttachOptions -> UserID
-- | The group-id to run as.
--
--
-- - NOTE: Set to -1 for default behaviour (init gid
-- for userns containers or 0 (super-user) if detection
-- fails).
--
[attachGID] :: AttachOptions -> GroupID
-- | Environment policy.
[attachEnvPolicy] :: AttachOptions -> AttachEnvPolicy
-- | Extra environment variables to set in the container environment.
[attachExtraEnvVars] :: AttachOptions -> [String]
-- | Names of environment variables in existing environment to retain in
-- container environment.
[attachExtraKeepEnv] :: AttachOptions -> [String]
-- | stdin file descriptor.
[attachStdinFD] :: AttachOptions -> Fd
-- | stdout file descriptor.
[attachStdoutFD] :: AttachOptions -> Fd
-- | stderr file descriptor.
[attachStderrFD] :: AttachOptions -> Fd
-- | Default attach options to use.
defaultAttachOptions :: AttachOptions
-- | Representation of a command to run in a container.
data AttachCommand
AttachCommand :: FilePath -> [String] -> AttachCommand
-- | The program to run (passed to execvp).
[attachProgram] :: AttachCommand -> FilePath
-- | The argv of that program, including the program itself as the
-- first element.
[attachArgv] :: AttachCommand -> [String]
-- | Allocate lxc_attach_options_t structure in a temporary
-- storage.
withC'lxc_attach_options_t :: AttachOptions -> (Ptr C'lxc_attach_options_t -> IO a) -> IO a
-- | Allocate lxc_attach_command_t structure in a temporary
-- storage.
withC'lxc_attach_command_t :: AttachCommand -> (Ptr C'lxc_attach_command_t -> IO a) -> IO a
-- | Run a command in the container.
attachRunCommand :: AttachExecFn
-- | Run a shell command in the container.
attachRunShell :: AttachExecFn
instance GHC.Show.Show System.LXC.Internal.AttachOptions.AttachOptions
instance GHC.Show.Show System.LXC.Internal.AttachOptions.AttachFlag
instance GHC.Classes.Eq System.LXC.Internal.AttachOptions.AttachFlag
instance GHC.Show.Show System.LXC.Internal.AttachOptions.AttachEnvPolicy
instance GHC.Classes.Eq System.LXC.Internal.AttachOptions.AttachEnvPolicy
-- | Internal module to provide a set of functions to create, control and
-- manage LXC containers. Normally you should import System.LXC
-- module only.
module System.LXC.Internal.Container
type ContainerCreateFn = Ptr C'lxc_container -> CString -> CString -> Ptr C'bdev_specs -> CInt -> Ptr CString -> IO CBool
mkCreateFn :: FunPtr ContainerCreateFn -> ContainerCreateFn
type ContainerCloneFn = Ptr C'lxc_container -> CString -> CString -> CInt -> CString -> CString -> C'uint64_t -> Ptr CString -> IO (Ptr C'lxc_container)
mkCloneFn :: FunPtr ContainerCloneFn -> ContainerCloneFn
type ContainerBoolFn = Ptr C'lxc_container -> IO CBool
mkBoolFn :: FunPtr ContainerBoolFn -> ContainerBoolFn
type ContainerStringFn = Ptr C'lxc_container -> IO CString
mkStringFn :: FunPtr ContainerStringFn -> ContainerStringFn
type ContainerProcessIDFn = Ptr C'lxc_container -> IO C'pid_t
mkProcessIDFn :: FunPtr ContainerProcessIDFn -> ContainerProcessIDFn
type ContainerStringBoolFn = Ptr C'lxc_container -> CString -> IO CBool
mkStringBoolFn :: FunPtr ContainerStringBoolFn -> ContainerStringBoolFn
type ContainerBoolBoolFn = Ptr C'lxc_container -> CBool -> IO CBool
mkBoolBoolFn :: FunPtr ContainerBoolBoolFn -> ContainerBoolBoolFn
type ContainerStartFn = Ptr C'lxc_container -> CInt -> Ptr CString -> IO CBool
mkStartFn :: FunPtr ContainerStartFn -> ContainerStartFn
type ContainerShutdownFn = Ptr C'lxc_container -> CInt -> IO CBool
mkShutdownFn :: FunPtr ContainerShutdownFn -> ContainerShutdownFn
type ContainerClearConfigFn = Ptr C'lxc_container -> IO ()
mkClearConfigFn :: FunPtr ContainerClearConfigFn -> ContainerClearConfigFn
type ContainerGetRunningConfigItemFn = Ptr C'lxc_container -> CString -> IO CString
mkGetRunningConfigItemFn :: FunPtr ContainerGetRunningConfigItemFn -> ContainerGetRunningConfigItemFn
type ContainerGetItemFn = Ptr C'lxc_container -> CString -> CString -> CInt -> IO CInt
mkGetItemFn :: FunPtr ContainerGetItemFn -> ContainerGetItemFn
type ContainerSetItemFn = Ptr C'lxc_container -> CString -> CString -> IO CBool
mkSetItemFn :: FunPtr ContainerSetItemFn -> ContainerSetItemFn
type ContainerGetInterfacesFn = Ptr C'lxc_container -> IO (Ptr CString)
mkGetInterfacesFn :: FunPtr ContainerGetInterfacesFn -> ContainerGetInterfacesFn
type ContainerGetIPsFn = Ptr C'lxc_container -> CString -> CString -> CInt -> IO (Ptr CString)
mkGetIPsFn :: FunPtr ContainerGetIPsFn -> ContainerGetIPsFn
type ContainerWaitFn = Ptr C'lxc_container -> CString -> CInt -> IO CBool
mkWaitFn :: FunPtr ContainerWaitFn -> ContainerWaitFn
type ContainerSnapshotFn = Ptr C'lxc_container -> CString -> IO CInt
mkSnapshotFn :: FunPtr ContainerSnapshotFn -> ContainerSnapshotFn
type ContainerSnapshotListFn = Ptr C'lxc_container -> Ptr (Ptr C'lxc_snapshot) -> IO CInt
mkSnapshotListFn :: FunPtr ContainerSnapshotListFn -> ContainerSnapshotListFn
type ContainerConsoleGetFDFn = Ptr C'lxc_container -> Ptr CInt -> Ptr CInt -> IO CInt
mkConsoleGetFDFn :: FunPtr ContainerConsoleGetFDFn -> ContainerConsoleGetFDFn
type ContainerConsoleFn = Ptr C'lxc_container -> CInt -> CInt -> CInt -> CInt -> CInt -> IO CInt
mkConsoleFn :: FunPtr ContainerConsoleFn -> ContainerConsoleFn
type ContainerAttachFn = Ptr C'lxc_container -> C_lxc_attach_exec_t -> Ptr () -> Ptr C'lxc_attach_options_t -> Ptr C'pid_t -> IO CInt
mkAttachFn :: FunPtr ContainerAttachFn -> ContainerAttachFn
type ContainerAttachRunWaitFn = Ptr C'lxc_container -> Ptr C'lxc_attach_options_t -> CString -> Ptr CString -> IO CInt
mkAttachRunWaitFn :: FunPtr ContainerAttachRunWaitFn -> ContainerAttachRunWaitFn
type SnapshotFreeFn = Ptr C'lxc_snapshot -> IO ()
mkFreeFn :: FunPtr SnapshotFreeFn -> SnapshotFreeFn
-- | LXC container-related computations. LXC ~ ReaderT
-- (String, Ptr C'lxc_container) IO.
--
-- Run LXC a computations using withContainer.
newtype LXC a
LXC :: ReaderT (String, Ptr C'lxc_container) IO a -> LXC a
[runLXC] :: LXC a -> ReaderT (String, Ptr C'lxc_container) IO a
lxc :: (Ptr C'lxc_container -> IO a) -> LXC a
-- | Run LXC a computation for a given Container.
--
--
-- - for the whole computation a single lxc_container
-- structure will be allocated; it will be automatically freed at the end
-- of computation.
--
withContainer :: MonadIO m => Container -> LXC a -> m a
-- | LXC error structure.
data LXCError
LXCError :: String -> Int -> LXCError
-- | Error message.
[lxcErrorString] :: LXCError -> String
-- | Error number.
[lxcErrorNum] :: LXCError -> Int
-- | Pretty print LXC error message.
prettyLXCError :: LXCError -> String
-- | Options for clone operation.
data CloneOption
-- | Do not edit the rootfs to change the hostname.
CloneKeepName :: CloneOption
-- | Do not change the MAC address on network interfaces.
CloneKeepMacAddr :: CloneOption
-- | Snapshot the original filesystem(s).
CloneSnapshot :: CloneOption
-- | Use the same bdev type.
CloneKeepBDevType :: CloneOption
-- | Snapshot only if bdev supports it, else copy.
CloneMaybeSnapshot :: CloneOption
-- | Number of LXC_CLONE_* flags.
CloneMaxFlags :: CloneOption
-- | Options for create operation.
data CreateOption
-- | Redirect stdin to /dev/zero and stdout and
-- stderr to /dev/null.
CreateQuiet :: CreateOption
-- | Number of LXC_CREATE* flags.
CreateMaxFlags :: CreateOption
-- | Turn CloneOption into a bit flag.
cloneFlag :: Num a => CloneOption -> a
-- | Turn CreateOption into a bit flag.
createFlag :: Num a => CreateOption -> a
-- | An LXC container snapshot.
data Snapshot
Snapshot :: String -> Maybe FilePath -> String -> FilePath -> Snapshot
-- | Name of snapshot.
[snapshotName] :: Snapshot -> String
-- | Full path to snapshots comment file.
[snapshotCommentPathname] :: Snapshot -> Maybe FilePath
-- | Time snapshot was created.
[snapshotTimestamp] :: Snapshot -> String
-- | Full path to LXCPATH for snapshot.
[snapshotLXCPath] :: Snapshot -> FilePath
-- | Container object.
data Container
Container :: String -> Maybe String -> Container
-- | Container name.
[containerName] :: Container -> String
-- | Container config path.
[containerConfigPath] :: Container -> Maybe String
-- | Allocate a new lxc_container.
newC'lxc_container :: Container -> IO (Ptr C'lxc_container)
peekC'lxc_container :: Ptr C'lxc_container -> IO (String -> Container)
-- | Marshal Container to lxc_container using temporary
-- storage.
withC'lxc_container :: Container -> (Ptr C'lxc_container -> IO a) -> IO a
-- | Container state.
data ContainerState
-- | Container is stopped.
ContainerStopped :: ContainerState
-- | Container is starting.
ContainerStarting :: ContainerState
-- | Container is running.
ContainerRunning :: ContainerState
-- | Container is stopping.
ContainerStopping :: ContainerState
-- | Container is aborting.
ContainerAborting :: ContainerState
-- | Container is freezing.
ContainerFreezing :: ContainerState
-- | Container is frozen.
ContainerFrozen :: ContainerState
-- | Container is thawed.
ContainerThawed :: ContainerState
-- | Container is in some other state.
ContainerOtherState :: String -> ContainerState
-- | Parse state as string representation.
parseState :: String -> ContainerState
-- | Get string representation of a state.
printState :: ContainerState -> String
-- | Specifications for how to create a new backing store.
data BDevSpecs
BDevSpecs :: String -> Word64 -> FilePath -> String -> String -> Maybe String -> FilePath -> BDevSpecs
-- | Filesystem type.
[bdevFSType] :: BDevSpecs -> String
-- | Filesystem size in bytes.
[bdevFSSize] :: BDevSpecs -> Word64
-- | ZFS root path.
[bdevZFSRootPath] :: BDevSpecs -> FilePath
-- | LVM Volume Group name.
[bdevLVMVolumeGroupName] :: BDevSpecs -> String
-- | LVM Logical Volume name.
[bdevLVMLogicalVolumeName] :: BDevSpecs -> String
-- | LVM thin pool to use, if any.
[bdevLVMThinPool] :: BDevSpecs -> Maybe String
-- | Directory path.
[bdevDirectory] :: BDevSpecs -> FilePath
-- | Marshal Haskell BDevSpecs into C structure using temporary
-- storage.
--
--
-- - the memory is freed when the subcomputation terminates (either
-- normally or via an exception), so the pointer to the temporary storage
-- must not be used after this.
--
withC'bdev_specs :: BDevSpecs -> (Ptr C'bdev_specs -> IO a) -> IO a
type Field s a = Ptr s -> Ptr a
mkFn :: (FunPtr (Ptr s -> a) -> (Ptr s -> a)) -> Field s (FunPtr (Ptr s -> a)) -> Ptr s -> IO a
boolFn :: Field C'lxc_container (FunPtr ContainerBoolFn) -> LXC Bool
stringBoolFn :: Field C'lxc_container (FunPtr ContainerStringBoolFn) -> Maybe String -> LXC Bool
boolBoolFn :: Field C'lxc_container (FunPtr ContainerBoolBoolFn) -> Bool -> LXC Bool
getItemFn :: Field C'lxc_container (FunPtr ContainerGetItemFn) -> String -> LXC (Maybe String)
setItemFn :: Field C'lxc_container (FunPtr ContainerSetItemFn) -> String -> Maybe String -> LXC Bool
setItemFn' :: Field C'lxc_container (FunPtr ContainerSetItemFn) -> String -> String -> LXC Bool
-- | Whether container wishes to be daemonized.
getDaemonize :: LXC Bool
-- | Get last container's error.
getLastError :: LXC (Maybe LXCError)
-- | Determine if /var/lib/lxc/$name/config exists.
--
-- True if container is defined, else False.
isDefined :: LXC Bool
-- | Determine if container is running.
--
-- True on success, else False.
isRunning :: LXC Bool
-- | Determine state of container.
state :: LXC ContainerState
-- | Freeze running container.
--
-- True on success, else False.
freeze :: LXC Bool
-- | Thaw a frozen container.
--
-- True on success, else False.
unfreeze :: LXC Bool
-- | Determine process ID of the containers init process.
initPID :: LXC (Maybe ProcessID)
-- | Load the specified configuration for the container.
loadConfig :: Maybe FilePath -> LXC Bool
-- | Start the container.
start :: Bool -> [String] -> LXC Bool
-- | Stop the container.
--
-- True on success, else False.
stop :: LXC Bool
-- | Determine if the container wants to run disconnected from the
-- terminal.
wantDaemonize :: Bool -> LXC Bool
-- | Determine whether container wishes all file descriptors to be closed
-- on startup.
wantCloseAllFDs :: Bool -> LXC Bool
-- | Return current config file name.
configFileName :: LXC (Maybe FilePath)
-- | Wait for container to reach a particular state.
--
--
-- - A timeout of -1 means wait forever. A timeout 0
-- means do not wait.
--
wait :: ContainerState -> Int -> LXC Bool
-- | Set a key/value configuration option.
setConfigItem :: String -> String -> LXC Bool
-- | Delete the container.
--
-- True on success, else False.
--
--
-- - NOTE: Container must be stopped and have no dependent
-- snapshots.
--
destroy :: LXC Bool
-- | Save configuaration to a file.
saveConfig :: FilePath -> LXC Bool
-- | Rename a container.
rename :: String -> LXC Bool
-- | Request the container reboot by sending it SIGINT.
--
-- True if reboot request successful, else False.
reboot :: LXC Bool
-- | Request the container shutdown by sending it SIGPWR.
shutdown :: Int -> LXC Bool
-- | Completely clear the containers in-memory configuration.
clearConfig :: LXC ()
-- | Retrieve the value of a config item.
getConfigItem :: String -> LXC (Maybe String)
-- | Retrieve the value of a config item from running container.
getRunningConfigItem :: String -> LXC (Maybe String)
-- | Retrieve a list of config item keys given a key prefix.
getKeys :: String -> LXC [String]
-- | Obtain a list of network interfaces.
getInterfaces :: LXC [String]
-- | Determine the list of container IP addresses.
getIPs :: String -> String -> Word32 -> LXC [String]
-- | Retrieve the specified cgroup subsystem value for the container.
getCGroupItem :: String -> LXC (Maybe String)
-- | Set the specified cgroup subsystem value for the container.
setCGroupItem :: String -> String -> LXC Bool
-- | Clear a configuration item.
--
-- Analog of setConfigItem.
clearConfigItem :: String -> LXC Bool
-- | Determine full path to the containers configuration file.
--
-- Each container can have a custom configuration path. However by
-- default it will be set to either the LXCPATH configure
-- variable, or the lxcpath value in the LXC_GLOBAL_CONF
-- configuration file (i.e. /etc/lxc/lxc.conf).
--
-- The value for a specific container can be changed using
-- setConfigPath.
getConfigPath :: LXC FilePath
-- | Set the full path to the containers configuration file.
setConfigPath :: FilePath -> LXC Bool
-- | Copy a stopped container.
clone :: Maybe String -> Maybe FilePath -> [CloneOption] -> Maybe String -> Maybe String -> Maybe Word64 -> [String] -> LXC (Maybe Container)
-- | Allocate a console tty for the container.
--
--
-- - The returned file descriptor is used to keep the tty allocated.
-- The caller should call close(2) on the returned file descriptor when
-- no longer required so that it may be allocated by another caller.
--
consoleGetFD :: Maybe Int -> LXC (Maybe (Int, Int, Int))
-- | Allocate and run a console tty.
console :: Maybe Int -> Fd -> Fd -> Fd -> Int -> LXC Bool
-- | Create a sub-process attached to a container and run a function inside
-- it.
attach :: AttachExecFn -> AttachCommand -> AttachOptions -> LXC (Maybe ProcessID)
-- | Run a program inside a container and wait for it to exit.
attachRunWait :: AttachOptions -> String -> [String] -> LXC (Maybe ExitCode)
-- | Create a container snapshot.
--
-- Assuming default paths, snapshots will be created as
-- /var/lib/lxc/<c>/snaps/snap<n> where
-- <c> represents the container name and
-- <n> represents the zero-based snapshot number.
snapshot :: Maybe FilePath -> LXC (Maybe Int)
peekC'lxc_snapshot :: Ptr C'lxc_snapshot -> IO Snapshot
-- | Obtain a list of container snapshots.
snapshotList :: LXC [Snapshot]
-- | Create a new container based on a snapshot.
--
-- The restored container will be a copy (not snapshot) of the snapshot,
-- and restored in the lxcpath of the original container.
--
--
-- - WARNING: If new name is the same as the current container
-- name, the container will be destroyed. However, this will fail if the
-- snapshot is overlay-based, since the snapshots will pin the original
-- container.
-- - NOTE: As an example, if the container exists as
-- /var/lib/lxc/c1, snapname might be "snap0"
-- (representing /var/lib/lxc/c1/snaps/snap0). If new name is
-- c2, then snap0 will be copied to
-- /var/lib/lxc/c2.
--
snapshotRestore :: String -> String -> LXC Bool
-- | Destroy the specified snapshot.
snapshotDestroy :: String -> LXC Bool
-- | Determine if the caller may control the container.
--
-- False if there is a control socket for the container monitor
-- and the caller may not access it, otherwise returns True.
mayControl :: LXC Bool
-- | Add specified device to the container.
addDeviceNode :: FilePath -> Maybe FilePath -> LXC Bool
-- | Remove specified device from the container.
removeDeviceNode :: FilePath -> Maybe FilePath -> LXC Bool
-- | Create a container.
create :: String -> Maybe String -> Maybe BDevSpecs -> [CreateOption] -> [String] -> LXC Bool
-- | Add a reference to the specified container.
getRef :: Ptr C'lxc_container -> IO Bool
-- | Drop a reference to the specified container.
--
-- Just False on success, Just True if reference was
-- successfully dropped and container has been freed, and
-- Nothing on error.
dropRef :: Ptr C'lxc_container -> IO (Maybe Bool)
-- | Obtain a list of all container states.
getWaitStates :: IO [ContainerState]
-- | Get the value for a global config key.
getGlobalConfigItem :: String -> IO (Maybe String)
-- | Determine version of LXC.
getVersion :: IO String
listContainersFn :: (CString -> Ptr (Ptr CString) -> Ptr (Ptr (Ptr C'lxc_container)) -> IO CInt) -> Maybe String -> IO [Container]
-- | Get a list of defined containers in a lxcpath.
listDefinedContainers :: Maybe String -> IO [Container]
-- | Get a list of active containers for a given lxcpath.
listActiveContainers :: Maybe String -> IO [Container]
-- | Get a complete list of all containers for a given lxcpath.
listAllContainers :: Maybe String -> IO [Container]
-- | Close log file.
logClose :: IO ()
instance GHC.Show.Show System.LXC.Internal.Container.BDevSpecs
instance GHC.Show.Show System.LXC.Internal.Container.ContainerState
instance GHC.Classes.Eq System.LXC.Internal.Container.ContainerState
instance GHC.Show.Show System.LXC.Internal.Container.Container
instance GHC.Show.Show System.LXC.Internal.Container.Snapshot
instance GHC.Classes.Ord System.LXC.Internal.Container.CreateOption
instance GHC.Classes.Eq System.LXC.Internal.Container.CreateOption
instance GHC.Classes.Ord System.LXC.Internal.Container.CloneOption
instance GHC.Classes.Eq System.LXC.Internal.Container.CloneOption
instance GHC.Show.Show System.LXC.Internal.Container.LXCError
instance Control.Monad.IO.Class.MonadIO System.LXC.Internal.Container.LXC
instance Control.Monad.Reader.Class.MonadReader (GHC.Base.String, GHC.Ptr.Ptr Bindings.LXC.Container.C'lxc_container) System.LXC.Internal.Container.LXC
instance GHC.Base.Monad System.LXC.Internal.Container.LXC
instance GHC.Base.Applicative System.LXC.Internal.Container.LXC
instance GHC.Base.Functor System.LXC.Internal.Container.LXC
-- | Options and structures to run commands inside LXC containers. You can
-- get more info about LXC at
-- https://help.ubuntu.com/lts/serverguide/lxc.html and
-- https://linuxcontainers.org.
--
-- Normally you should import System.LXC module only.
module System.LXC.AttachOptions
-- | LXC attach options for attach.
--
--
-- - NOTE: for stdin, stdout and
-- stderr descriptors dup2() will be used before
-- calling exec_function, (assuming not 0, 1
-- and 2 are specified) and the original fds are closed before
-- passing control over. Any O_CLOEXEC flag will be removed
-- after that.
--
data AttachOptions
AttachOptions :: [AttachFlag] -> Int -> Maybe Int64 -> Maybe FilePath -> UserID -> GroupID -> AttachEnvPolicy -> [String] -> [String] -> Fd -> Fd -> Fd -> AttachOptions
-- | Any combination of AttachFlag flags.
[attachFlags] :: AttachOptions -> [AttachFlag]
-- | The namespaces to attach to (CLONE_NEW... flags). | Initial
-- personality (Nothing to autodetect).
--
--
-- - This may be ignored if lxc is compiled without
-- personality support
--
[attachNamespaces] :: AttachOptions -> Int
[attachPersonality] :: AttachOptions -> Maybe Int64
-- | Inital current directory, Nothing to use cwd.
--
-- If the current directory does not exist in the container, the root
-- directory will be used instead because of kernel defaults.
[attachInitialCWD] :: AttachOptions -> Maybe FilePath
-- | The user-id to run as.
--
--
-- - NOTE: Set to -1 for default behaviour (init uid
-- for userns containers or 0 (super-user) if detection
-- fails).
--
[attachUID] :: AttachOptions -> UserID
-- | The group-id to run as.
--
--
-- - NOTE: Set to -1 for default behaviour (init gid
-- for userns containers or 0 (super-user) if detection
-- fails).
--
[attachGID] :: AttachOptions -> GroupID
-- | Environment policy.
[attachEnvPolicy] :: AttachOptions -> AttachEnvPolicy
-- | Extra environment variables to set in the container environment.
[attachExtraEnvVars] :: AttachOptions -> [String]
-- | Names of environment variables in existing environment to retain in
-- container environment.
[attachExtraKeepEnv] :: AttachOptions -> [String]
-- | stdin file descriptor.
[attachStdinFD] :: AttachOptions -> Fd
-- | stdout file descriptor.
[attachStdoutFD] :: AttachOptions -> Fd
-- | stderr file descriptor.
[attachStderrFD] :: AttachOptions -> Fd
-- | Default attach options to use.
defaultAttachOptions :: AttachOptions
-- | Representation of a command to run in a container.
data AttachCommand
AttachCommand :: FilePath -> [String] -> AttachCommand
-- | The program to run (passed to execvp).
[attachProgram] :: AttachCommand -> FilePath
-- | The argv of that program, including the program itself as the
-- first element.
[attachArgv] :: AttachCommand -> [String]
-- | exec function to use for attach.
--
-- See attachRunCommand and attachRunShell.
newtype AttachExecFn
AttachExecFn :: C_lxc_attach_exec_t -> AttachExecFn
[getAttachExecFn] :: AttachExecFn -> C_lxc_attach_exec_t
-- | Run a command in the container.
attachRunCommand :: AttachExecFn
-- | Run a shell command in the container.
attachRunShell :: AttachExecFn
-- | LXC environment policy.
data AttachEnvPolicy
-- | Retain the environment.
AttachKeepEnv :: AttachEnvPolicy
-- | Clear the environment.
AttachClearEnv :: AttachEnvPolicy
-- | Flags for attach.
data AttachFlag
-- | Move to cgroup. On by default.
AttachMoveToCGroup :: AttachFlag
-- | Drop capabilities. On by default.
AttachDropCapabilities :: AttachFlag
-- | Set personality. On by default
AttachSetPersonality :: AttachFlag
-- | Execute under a Linux Security Module. On by default.
AttachLSMExec :: AttachFlag
-- | Remount /proc filesystem. Off by default.
AttachRemountProcSys :: AttachFlag
-- | FIXME: unknown. Off by default.
AttachLSMNow :: AttachFlag
-- | Mask of flags to apply by default.
AttachDefault :: AttachFlag
-- | All Linux Security Module flags.
AttachLSM :: AttachFlag
-- | Convert AttachEnvPolicy to internal representation.
fromAttachEnvPolicy :: Num a => AttachEnvPolicy -> a
-- | Convert AttachFlag to bit flag.
fromAttachFlag :: Num a => AttachFlag -> a
-- | This module provides a set of functions to create, control and manage
-- LXC containers. You can get more info about LXC at
-- https://help.ubuntu.com/lts/serverguide/lxc.html and
-- https://linuxcontainers.org.
--
-- Normally you should import System.LXC module only.
module System.LXC.Container
-- | LXC container-related computations. LXC ~ ReaderT
-- (String, Ptr C'lxc_container) IO.
--
-- Run LXC a computations using withContainer.
data LXC a
-- | Run LXC a computation for a given Container.
--
--
-- - for the whole computation a single lxc_container
-- structure will be allocated; it will be automatically freed at the end
-- of computation.
--
withContainer :: MonadIO m => Container -> LXC a -> m a
-- | Container object.
data Container
Container :: String -> Maybe String -> Container
-- | Container name.
[containerName] :: Container -> String
-- | Container config path.
[containerConfigPath] :: Container -> Maybe String
-- | An LXC container snapshot.
data Snapshot
Snapshot :: String -> Maybe FilePath -> String -> FilePath -> Snapshot
-- | Name of snapshot.
[snapshotName] :: Snapshot -> String
-- | Full path to snapshots comment file.
[snapshotCommentPathname] :: Snapshot -> Maybe FilePath
-- | Time snapshot was created.
[snapshotTimestamp] :: Snapshot -> String
-- | Full path to LXCPATH for snapshot.
[snapshotLXCPath] :: Snapshot -> FilePath
-- | Specifications for how to create a new backing store.
data BDevSpecs
BDevSpecs :: String -> Word64 -> FilePath -> String -> String -> Maybe String -> FilePath -> BDevSpecs
-- | Filesystem type.
[bdevFSType] :: BDevSpecs -> String
-- | Filesystem size in bytes.
[bdevFSSize] :: BDevSpecs -> Word64
-- | ZFS root path.
[bdevZFSRootPath] :: BDevSpecs -> FilePath
-- | LVM Volume Group name.
[bdevLVMVolumeGroupName] :: BDevSpecs -> String
-- | LVM Logical Volume name.
[bdevLVMLogicalVolumeName] :: BDevSpecs -> String
-- | LVM thin pool to use, if any.
[bdevLVMThinPool] :: BDevSpecs -> Maybe String
-- | Directory path.
[bdevDirectory] :: BDevSpecs -> FilePath
-- | Container state.
data ContainerState
-- | Container is stopped.
ContainerStopped :: ContainerState
-- | Container is starting.
ContainerStarting :: ContainerState
-- | Container is running.
ContainerRunning :: ContainerState
-- | Container is stopping.
ContainerStopping :: ContainerState
-- | Container is aborting.
ContainerAborting :: ContainerState
-- | Container is freezing.
ContainerFreezing :: ContainerState
-- | Container is frozen.
ContainerFrozen :: ContainerState
-- | Container is thawed.
ContainerThawed :: ContainerState
-- | Container is in some other state.
ContainerOtherState :: String -> ContainerState
-- | Parse state as string representation.
parseState :: String -> ContainerState
-- | Get string representation of a state.
printState :: ContainerState -> String
-- | Options for clone operation.
data CloneOption
-- | Do not edit the rootfs to change the hostname.
CloneKeepName :: CloneOption
-- | Do not change the MAC address on network interfaces.
CloneKeepMacAddr :: CloneOption
-- | Snapshot the original filesystem(s).
CloneSnapshot :: CloneOption
-- | Use the same bdev type.
CloneKeepBDevType :: CloneOption
-- | Snapshot only if bdev supports it, else copy.
CloneMaybeSnapshot :: CloneOption
-- | Number of LXC_CLONE_* flags.
CloneMaxFlags :: CloneOption
-- | Options for create operation.
data CreateOption
-- | Redirect stdin to /dev/zero and stdout and
-- stderr to /dev/null.
CreateQuiet :: CreateOption
-- | Number of LXC_CREATE* flags.
CreateMaxFlags :: CreateOption
-- | Turn CloneOption into a bit flag.
cloneFlag :: Num a => CloneOption -> a
-- | Turn CreateOption into a bit flag.
createFlag :: Num a => CreateOption -> a
-- | LXC error structure.
data LXCError
LXCError :: String -> Int -> LXCError
-- | Error message.
[lxcErrorString] :: LXCError -> String
-- | Error number.
[lxcErrorNum] :: LXCError -> Int
-- | Pretty print LXC error message.
prettyLXCError :: LXCError -> String
-- | Determine if /var/lib/lxc/$name/config exists.
--
-- True if container is defined, else False.
isDefined :: LXC Bool
-- | Determine if container is running.
--
-- True on success, else False.
isRunning :: LXC Bool
-- | Determine state of container.
state :: LXC ContainerState
-- | Determine process ID of the containers init process.
initPID :: LXC (Maybe ProcessID)
-- | Obtain a list of network interfaces.
getInterfaces :: LXC [String]
-- | Determine the list of container IP addresses.
getIPs :: String -> String -> Word32 -> LXC [String]
-- | Whether container wishes to be daemonized.
getDaemonize :: LXC Bool
-- | Get last container's error.
getLastError :: LXC (Maybe LXCError)
-- | Return current config file name.
configFileName :: LXC (Maybe FilePath)
-- | Determine full path to the containers configuration file.
--
-- Each container can have a custom configuration path. However by
-- default it will be set to either the LXCPATH configure
-- variable, or the lxcpath value in the LXC_GLOBAL_CONF
-- configuration file (i.e. /etc/lxc/lxc.conf).
--
-- The value for a specific container can be changed using
-- setConfigPath.
getConfigPath :: LXC FilePath
-- | Set the full path to the containers configuration file.
setConfigPath :: FilePath -> LXC Bool
-- | Load the specified configuration for the container.
loadConfig :: Maybe FilePath -> LXC Bool
-- | Save configuaration to a file.
saveConfig :: FilePath -> LXC Bool
-- | Retrieve a list of config item keys given a key prefix.
getKeys :: String -> LXC [String]
-- | Set a key/value configuration option.
setConfigItem :: String -> String -> LXC Bool
-- | Retrieve the value of a config item.
getConfigItem :: String -> LXC (Maybe String)
-- | Retrieve the value of a config item from running container.
getRunningConfigItem :: String -> LXC (Maybe String)
-- | Completely clear the containers in-memory configuration.
clearConfig :: LXC ()
-- | Clear a configuration item.
--
-- Analog of setConfigItem.
clearConfigItem :: String -> LXC Bool
-- | Start the container.
start :: Bool -> [String] -> LXC Bool
-- | Stop the container.
--
-- True on success, else False.
stop :: LXC Bool
-- | Request the container reboot by sending it SIGINT.
--
-- True if reboot request successful, else False.
reboot :: LXC Bool
-- | Request the container shutdown by sending it SIGPWR.
shutdown :: Int -> LXC Bool
-- | Freeze running container.
--
-- True on success, else False.
freeze :: LXC Bool
-- | Thaw a frozen container.
--
-- True on success, else False.
unfreeze :: LXC Bool
-- | Wait for container to reach a particular state.
--
--
-- - A timeout of -1 means wait forever. A timeout 0
-- means do not wait.
--
wait :: ContainerState -> Int -> LXC Bool
-- | Create a container.
create :: String -> Maybe String -> Maybe BDevSpecs -> [CreateOption] -> [String] -> LXC Bool
-- | Copy a stopped container.
clone :: Maybe String -> Maybe FilePath -> [CloneOption] -> Maybe String -> Maybe String -> Maybe Word64 -> [String] -> LXC (Maybe Container)
-- | Rename a container.
rename :: String -> LXC Bool
-- | Delete the container.
--
-- True on success, else False.
--
--
-- - NOTE: Container must be stopped and have no dependent
-- snapshots.
--
destroy :: LXC Bool
-- | Allocate a console tty for the container.
--
--
-- - The returned file descriptor is used to keep the tty allocated.
-- The caller should call close(2) on the returned file descriptor when
-- no longer required so that it may be allocated by another caller.
--
consoleGetFD :: Maybe Int -> LXC (Maybe (Int, Int, Int))
-- | Allocate and run a console tty.
console :: Maybe Int -> Fd -> Fd -> Fd -> Int -> LXC Bool
-- | Create a sub-process attached to a container and run a function inside
-- it.
attach :: AttachExecFn -> AttachCommand -> AttachOptions -> LXC (Maybe ProcessID)
-- | Run a program inside a container and wait for it to exit.
attachRunWait :: AttachOptions -> String -> [String] -> LXC (Maybe ExitCode)
-- | Create a container snapshot.
--
-- Assuming default paths, snapshots will be created as
-- /var/lib/lxc/<c>/snaps/snap<n> where
-- <c> represents the container name and
-- <n> represents the zero-based snapshot number.
snapshot :: Maybe FilePath -> LXC (Maybe Int)
-- | Obtain a list of container snapshots.
snapshotList :: LXC [Snapshot]
-- | Create a new container based on a snapshot.
--
-- The restored container will be a copy (not snapshot) of the snapshot,
-- and restored in the lxcpath of the original container.
--
--
-- - WARNING: If new name is the same as the current container
-- name, the container will be destroyed. However, this will fail if the
-- snapshot is overlay-based, since the snapshots will pin the original
-- container.
-- - NOTE: As an example, if the container exists as
-- /var/lib/lxc/c1, snapname might be "snap0"
-- (representing /var/lib/lxc/c1/snaps/snap0). If new name is
-- c2, then snap0 will be copied to
-- /var/lib/lxc/c2.
--
snapshotRestore :: String -> String -> LXC Bool
-- | Destroy the specified snapshot.
snapshotDestroy :: String -> LXC Bool
-- | Determine if the container wants to run disconnected from the
-- terminal.
wantDaemonize :: Bool -> LXC Bool
-- | Determine whether container wishes all file descriptors to be closed
-- on startup.
wantCloseAllFDs :: Bool -> LXC Bool
-- | Retrieve the specified cgroup subsystem value for the container.
getCGroupItem :: String -> LXC (Maybe String)
-- | Set the specified cgroup subsystem value for the container.
setCGroupItem :: String -> String -> LXC Bool
-- | Determine if the caller may control the container.
--
-- False if there is a control socket for the container monitor
-- and the caller may not access it, otherwise returns True.
mayControl :: LXC Bool
-- | Add specified device to the container.
addDeviceNode :: FilePath -> Maybe FilePath -> LXC Bool
-- | Remove specified device from the container.
removeDeviceNode :: FilePath -> Maybe FilePath -> LXC Bool
-- | Get a list of defined containers in a lxcpath.
listDefinedContainers :: Maybe String -> IO [Container]
-- | Get a list of active containers for a given lxcpath.
listActiveContainers :: Maybe String -> IO [Container]
-- | Get a complete list of all containers for a given lxcpath.
listAllContainers :: Maybe String -> IO [Container]
-- | Obtain a list of all container states.
getWaitStates :: IO [ContainerState]
-- | Get the value for a global config key.
getGlobalConfigItem :: String -> IO (Maybe String)
-- | Determine version of LXC.
getVersion :: IO String
-- | Close log file.
logClose :: IO ()
-- | Create, control and manage LXC containers through Haskell API. You can
-- get more info about LXC at
-- https://help.ubuntu.com/lts/serverguide/lxc.html and
-- https://linuxcontainers.org.
--
-- Most of container-related functions (e.g. start, attach,
-- destroy) perform in LXC monad. To run LXC
-- a computation you need to specify a container using
-- withContainer function. When working with a single container it
-- might be handy to have an alias like this:
--
--
-- let containerName = withContainer (Container "container-name" configPath)
--
--
-- You can start using Haskell LXC API bindings similar to a command line
-- tool from GHCi:
--
--
-- $ ghci
-- >>> import System.LXC
-- >>> let trusty = withContainer (Container "trusty" Nothing)
-- >>> trusty $ create "download" Nothing Nothing [] ["-d", "ubuntu", "-r", "trusty", "-a", "amd64"]
-- Using image from local cache
-- Unpacking the rootfs
--
-- ---
-- You just created an Ubuntu container (release=trusty, arch=amd64, variant=default)
-- The default username/password is: ubuntu / ubuntu
-- To gain root privileges, please use sudo.
--
-- True
-- >>> trusty $ start False []
-- True
-- >>> trusty state
-- ContainerRunning
-- >>> trusty $ attachRunWait defaultAttachOptions "echo" ["echo", "Hello, world!"]
-- Hello, world!
-- Just ExitSuccess
-- >>> trusty stop
-- True
-- >>> Just trustySnapC <- trusty $ clone (Just "trusty-snap") Nothing [CloneSnapshot] Nothing Nothing Nothing []
-- >>> let trustySnap = withContainer trustySnapC
-- >>> trustySnap $ start False []
-- True
-- >>> trustySnap getInterfaces
-- ["eth0","lo"]
-- >>> trustySnap $ getIPs "eth0" "inet" 0
-- ["10.0.3.135"]
-- >>> trustySnap $ shutdown (-1)
-- True
-- >>> trustySnap state
-- ContainerStopped
--
--
-- For more examples, please see examples/ folder.
module System.LXC