propellor-2.16.0: property-based host configuration management in haskell

Safe HaskellNone
LanguageHaskell98

Propellor.Property.Systemd

Contents

Synopsis

Services

started :: ServiceName -> Property NoInfo Source

Starts a systemd service.

Note that this does not configure systemd to start the service on boot, it only ensures that the service is currently running.

stopped :: ServiceName -> Property NoInfo Source

Stops a systemd service.

enabled :: ServiceName -> Property NoInfo Source

Enables a systemd service.

This does not ensure the service is started, it only configures systemd to start it on boot.

disabled :: ServiceName -> Property NoInfo Source

Disables a systemd service.

masked :: ServiceName -> RevertableProperty NoInfo Source

Masks a systemd service.

running :: ServiceName -> Property NoInfo Source

Ensures that a service is both enabled and started

restarted :: ServiceName -> Property NoInfo Source

Restarts a systemd service.

networkd :: ServiceName Source

The systemd-networkd service.

journald :: ServiceName Source

The systemd-journald service.

Configuration

configured :: FilePath -> Option -> String -> Property NoInfo Source

Ensures that an option is configured in one of systemd's config files. Does not ensure that the relevant daemon notices the change immediately.

This assumes that there is only one [Header] per file, which is currently the case for files like journald.conf and system.conf. And it assumes the file already exists with the right [Header], so new lines can just be appended to the end.

daemonReloaded :: Property NoInfo Source

Causes systemd to reload its configuration files.

Journal

persistentJournal :: Property NoInfo Source

Enables persistent storage of the journal.

journaldConfigured :: Option -> String -> Property NoInfo Source

Configures journald, restarting it so the changes take effect.

Containers and machined

machined :: Property NoInfo Source

Ensures machined and machinectl are installed

container :: MachineName -> System -> (FilePath -> Chroot) -> Container Source

Defines a container with a given machine name, and operating system, and how to create its chroot if not already present.

Properties can be added to configure the Container.

container "webserver" (System (Debian Unstable) "amd64") (Chroot.debootstrapped mempty)
   & Apt.installedRunning "apache2"
   & ...

nspawned :: Container -> RevertableProperty HasInfo Source

Runs a container using systemd-nspawn.

A systemd unit is set up for the container, so it will automatically be started on boot.

Systemd is automatically installed inside the container, and will communicate with the host's systemd. This allows systemctl to be used to examine the status of services running inside the container.

When the host system has persistentJournal enabled, journactl can be used to examine logs forwarded from the container.

Reverting this property stops the container, removes the systemd unit, and deletes the chroot and all its contents.

Container configuration

containerCfg :: String -> RevertableProperty HasInfo Source

This configures how systemd-nspawn(1) starts the container, by specifying a parameter, such as "--private-network", or "--link-journal=guest"

When there is no leading dash, "--" is prepended to the parameter.

Reverting the property will remove a parameter, if it's present.

resolvConfed :: RevertableProperty HasInfo Source

Bind mounts /etc/resolv.conf from the host into the container.

This property is enabled by default. Revert it to disable it.

linkJournal :: RevertableProperty HasInfo Source

Link the container's journal to the host's if possible. (Only works if the host has persistent journal enabled.)

This property is enabled by default. Revert it to disable it.

privateNetwork :: RevertableProperty HasInfo Source

Disconnect networking of the container from the host.

data Proto Source

Constructors

TCP 
UDP 

class Publishable a Source

Minimal complete definition

toPublish

publish :: Publishable p => p -> RevertableProperty HasInfo Source

Publish a port from the container to the host.

This feature was first added in systemd version 220.

This property is only needed (and will only work) if the container is configured to use private networking. Also, networkd should be enabled both inside the container, and on the host. For example:

 foo :: Host
 foo = host "foo.example.com"
	& Systemd.nspawned webserver
 		`requires` Systemd.running Systemd.networkd

 webserver :: Systemd.container
 webserver = Systemd.container "webserver" (Chroot.debootstrapped mempty)
	& os (System (Debian Testing) "amd64")
	& Systemd.privateNetwork
	& Systemd.running Systemd.networkd
	& Systemd.publish (Port 80 ->- Port 8080)
	& Apt.installedRunning "apache2"

class Bindable a Source

Minimal complete definition

toBind

bind :: Bindable p => p -> RevertableProperty HasInfo Source

Bind mount a file or directory from the host into the container.

bindRo :: Bindable p => p -> RevertableProperty HasInfo Source

Read-only mind mount.