propellor-2.7.0: property-based host configuration management in haskell

Safe HaskellNone
LanguageHaskell98

Propellor.Property.OS

Synopsis

Documentation

cleanInstallOnce :: Confirmation -> Property NoInfo Source

Replaces whatever OS was installed before with a clean installation of the OS that the Host is configured to have.

This is experimental; use with caution!

This can replace one Linux distribution with different one. But, it can also fail and leave the system in an unbootable state.

To avoid this property being accidentially used, you have to provide a Confirmation containing the name of the host that you intend to apply the property to.

This property only runs once. The cleanly installed system will have a file /etc/propellor-cleaninstall, which indicates it was cleanly installed.

The files from the old os will be left in /old-os

After the OS is installed, and if all properties of the host have been successfully satisfied, the host will be rebooted to properly load the new OS.

You will typically want to run some more properties after the clean install succeeds, to bootstrap from the cleanly installed system to a fully working system. For example:

& os (System (Debian Unstable) "amd64")
& cleanInstallOnce (Confirmed "foo.example.com")
   `onChange` propertyList "fixing up after clean install"
       [ preserveNetwork
       , preserveResolvConf
       , preserveRootSshAuthorized
       , Apt.update
       -- , Grub.boots "/dev/sda"
       --   `requires` Grub.installed Grub.PC
       -- , oldOsRemoved (Confirmed "foo.example.com")
       ]
& Hostname.sane
& Apt.installed ["linux-image-amd64"]
& Apt.installed ["ssh"]
& User.hasSomePassword "root"
& User.accountFor "joey"
& User.hasSomePassword "joey"
-- rest of system properties here

preserveNetwork :: Property NoInfo Source

/etc/network/interfaces is configured to bring up the network interface that currently has a default route configured, using the same (static) IP address.

preserveRootSshAuthorized :: Property NoInfo Source

/root/.ssh/authorized_keys has added to it any ssh keys that were authorized in the old OS. Any other contents of the file are retained.