diff options
-rw-r--r-- | README.rst | 2 | ||||
-rw-r--r-- | consfigurator.asd | 4 | ||||
-rw-r--r-- | debian/changelog | 12 | ||||
-rw-r--r-- | debian/copyright | 2 | ||||
-rw-r--r-- | doc/conf.py | 4 | ||||
-rw-r--r-- | doc/news.rst | 25 | ||||
-rw-r--r-- | emacs/consfigurator.el.in | 2 | ||||
-rw-r--r-- | src/property/apache.lisp | 9 | ||||
-rw-r--r-- | src/property/apt.lisp | 7 | ||||
-rw-r--r-- | src/property/disk.lisp | 8 | ||||
-rw-r--r-- | src/property/file.lisp | 31 |
11 files changed, 80 insertions, 26 deletions
@@ -77,7 +77,7 @@ regarding the reporting of bugs and submission of patches/pull requests. License ======= -| Copyright (C) 2015-2018, 2020-2022 Sean Whitton +| Copyright (C) 2015-2018, 2020-2024 Sean Whitton | Copyright (C) 2021-2022 David Bremner Consfigurator is free software: you can redistribute it and/or modify it under diff --git a/consfigurator.asd b/consfigurator.asd index ecb8a29..6cacf8b 100644 --- a/consfigurator.asd +++ b/consfigurator.asd @@ -1,6 +1,6 @@ (defsystem "consfigurator" :description "Lisp declarative configuration management system" - :version "1.3.1" + :version "1.4.0" :author "Sean Whitton <spwhitton@spwhitton.name>" :licence "GPL-3+" :serial t @@ -103,7 +103,7 @@ (defsystem "consfigurator/tests" :description "Tests for Consfigurator, Lisp declarative configuration management system" - :version "1.3.1" + :version "1.4.0" :author "Sean Whitton <spwhitton@spwhitton.name>" :licence "GPL-3+" :serial t diff --git a/debian/changelog b/debian/changelog index 599a188..b6dd0c5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +consfigurator (1.4.0-1) unstable; urgency=medium + + * New upstream release. + + -- Sean Whitton <spwhitton@spwhitton.name> Thu, 09 May 2024 18:28:26 +0100 + +consfigurator (1.3.2-1) unstable; urgency=medium + + * New upstream release. + + -- Sean Whitton <spwhitton@spwhitton.name> Wed, 24 Apr 2024 08:34:43 +0100 + consfigurator (1.3.1-1) unstable; urgency=medium * New upstream release. diff --git a/debian/copyright b/debian/copyright index f0241b2..6411817 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,7 +1,7 @@ Consfigurator Lisp declarative configuration management system -Copyright (C)2015-2018, 2020-2023 Sean Whitton +Copyright (C)2015-2018, 2020-2024 Sean Whitton Copyright (C)2021-2022 David Bremner Copyright (C)2002-2023 Free Software Foundation, Inc. diff --git a/doc/conf.py b/doc/conf.py index 689487f..32b7c00 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -18,11 +18,11 @@ # -- Project information ----------------------------------------------------- project = 'Consfigurator' -copyright = '2015-2018, 2020-2023, Sean Whitton, 2021-2022 David Bremner' +copyright = '2015-2018, 2020-2024, Sean Whitton, 2021-2022 David Bremner' author = 'Sean Whitton' # The full version, including alpha/beta/rc tags -release = '1.3.1' +release = '1.4.0' # -- General configuration --------------------------------------------------- diff --git a/doc/news.rst b/doc/news.rst index 190a4f6..62287e6 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -23,15 +23,38 @@ In summary, you should always be able to upgrade to a release which only increments ``patch``, but if either of the other two components have changed, you should review this document and see if your consfig needs updating. -1.3.2 (unreleased) +1.4.1 (unreleased) +------------------ + +- DISK::CREATE-VOLUME for DISK:PARTITIONED-VOLUME now executes + ``sgdisk --clear`` before ``sgdisk --zap-all`` to avoid certain failures to + clear out the block device. + +1.4.0 (2024-05-09) +------------------ + +- APACHE:HTTPS-VHOST now adds an Apache ``<Directory>`` directive which + ensures that HTTP access to the ``.well-known/acme-challenge/`` subdirectory + of the document root is granted. + +- APT:STANDARD-SOURCES-FOR will not try to add *-backports sources for stable + releases whose *-backports dists are gone from the official Debian mirrors. + +1.3.2 (2024-04-24) ------------------ - Add LIBVIRT:KVM-BOOTS-LVM-LV and LIBVIRT:KVM-BOOTS-LVM-LV-FOR. +- Pass ``--batch`` and ``--no-tty`` to gpg(1) to avoid some tty issues. + Thanks to David Bremner. + - Fix a bug in DISK:HOST-LOGICAL-VOLUMES-EXIST that meant it would try to add ``/etc/fstab`` entries for each logical volume it created rather than for each filesystem it tries to mount. +- FILE:HOST-DATA-UPLOADED and FILE:HOST-SECRET-UPLOADED can now upload + multiple files. + 1.3.1 (2023-06-12) ------------------ diff --git a/emacs/consfigurator.el.in b/emacs/consfigurator.el.in index 7e5de7a..dfeb60a 100644 --- a/emacs/consfigurator.el.in +++ b/emacs/consfigurator.el.in @@ -5,7 +5,7 @@ ;; Author: Sean Whitton <spwhitton@spwhitton.name> ;; Maintainer: Sean Whitton <spwhitton@spwhitton.name> -;; Version: 1.3.1 +;; Version: 1.4.0 ;; URL: https://git.spwhitton.name/consfigurator/tree/emacs/consfigurator.el.in ;; Keywords: languages, lisp, syntax, unix diff --git a/src/property/apache.lisp b/src/property/apache.lisp index b299a20..56d0a16 100644 --- a/src/property/apache.lisp +++ b/src/property/apache.lisp @@ -1,6 +1,6 @@ ;;; Consfigurator -- Lisp declarative configuration management system -;;; Copyright (C) 2021 Sean Whitton <spwhitton@spwhitton.name> +;;; Copyright (C) 2021, 2024 Sean Whitton <spwhitton@spwhitton.name> ;;; This file is free software; you can redistribute it and/or modify ;;; it under the terms of the GNU General Public License as published by @@ -137,6 +137,13 @@ restart Apache." ,@initial "RewriteEngine On" "RewriteRule ^/.well-known/acme-challenge.* - [L]" + ,(format nil "<Directory ~A>" + (unix-namestring + (merge-pathnames + #P".well-known/acme-challenge/" + (ensure-directory-pathname htdocs)))) + "Require all granted" + "</Directory>" ,@additional-config ;; redirect everything else to https "RewriteRule (.*) https://%{SERVER_NAME}$1 [R=301,L,NE]" diff --git a/src/property/apt.lisp b/src/property/apt.lisp index 11367d2..d3112e2 100644 --- a/src/property/apt.lisp +++ b/src/property/apt.lisp @@ -284,13 +284,14 @@ only upgrade Debian stable." (mapcar (lambda (m) (list* m #?"${suite}-updates" +sections+)) (get-mirrors)))) + (old-suite-p (memstr= suite '("stretch" "jessie" "buster"))) (backports (and (subtypep (type-of os) 'os:debian-stable) + (not old-suite-p) (mapcar (lambda (m) (list* m #?"${suite}-backports" +sections+)) (get-mirrors)))) - (security-suite (if (memstr= suite '("stretch" "jessie" "buster")) - #?"${suite}/updates" - #?"${suite}-security")) + (security-suite + (if old-suite-p #?"${suite}/updates" #?"${suite}-security")) (security (and (or (subtypep (type-of os) 'os:debian-stable) (subtypep (type-of os) 'os:debian-testing)) (list diff --git a/src/property/disk.lisp b/src/property/disk.lisp index e1b307c..a3d53aa 100644 --- a/src/property/disk.lisp +++ b/src/property/disk.lisp @@ -1,6 +1,6 @@ ;;; Consfigurator -- Lisp declarative configuration management system -;;; Copyright (C) 2021-2022 Sean Whitton <spwhitton@spwhitton.name> +;;; Copyright (C) 2021-2024 Sean Whitton <spwhitton@spwhitton.name> ;;; This file is free software; you can redistribute it and/or modify ;;; it under the terms of the GNU General Public License as published by @@ -364,7 +364,13 @@ The default value of 0 means the next free sector.") (defmethod create-volume ((volume partitioned-volume) (file pathname)) (with-slots (volume-contents) volume + ;; See <https://bugs.launchpad.net/ironic-python-agent/+bug/1737556>. + ;; We don't take sgdisk upstream's suggestion there to ignore the exit + ;; code of --zap-all because we do want to assert somehow that a + ;; successful zeroing-out of any old partition tables has occurred. + (mrun :may-fail "sgdisk" "--clear" file) (mrun :inform "sgdisk" "--zap-all" file) + (mrun :inform "sgdisk" ;; Turn off partition alignment when specific start sectors have ;; been specified, so that we can be sure they will be respected. diff --git a/src/property/file.lisp b/src/property/file.lisp index 8ab31d1..f5866c8 100644 --- a/src/property/file.lisp +++ b/src/property/file.lisp @@ -173,13 +173,15 @@ any of the regular expressions PATTERNS." (containing-directory-exists destination) (maybe-write-remote-file-data destination iden1 iden2))) -(defproplist host-data-uploaded :posix - (destination - ;; Require an absolute path because we don't know the remote home - ;; directory at hostattrs time, so can't resolve it ourselves. - &aux (destination (unix-namestring - (ensure-pathname destination :want-absolute t)))) - (data-uploaded (get-hostname) destination destination)) +(defpropspec host-data-uploaded :posix (&rest destinations) + (loop with hn = (get-hostname) + for destination in destinations + ;; Require absolute paths because we don't know the remote home + ;; directory at hostattrs time, so can't resolve it ourselves. + for destination* = (unix-namestring + (ensure-pathname destination :want-absolute t)) + collect `(data-uploaded ,hn ,destination* ,destination*) into propapps + finally (return (cons 'seqprops propapps)))) (defprop secret-uploaded :posix (iden1 iden2 destination) (:desc #?"${destination} installed") @@ -189,12 +191,15 @@ any of the regular expressions PATTERNS." (:apply (maybe-write-remote-file-data destination iden1 iden2 :mode #o600))) -(defproplist host-secret-uploaded :posix - (destination - ;; Require an absolute path like with HOST-DATA-UPLOADED. - &aux (destination (unix-namestring - (ensure-pathname destination :want-absolute t)))) - (secret-uploaded (get-hostname) destination destination)) +(defpropspec host-secret-uploaded :posix (&rest destinations) + (loop with hn = (get-hostname) + for destination in destinations + ;; Require absolute paths like with HOST-DATA-UPLOADED. + for destination* = (unix-namestring + (ensure-pathname destination :want-absolute t)) + collect `(secret-uploaded ,hn ,destination* ,destination*) + into propapps + finally (return (cons 'seqprops propapps)))) (defprop data-cache-purged :posix () "Ensure that any prerequisite data cached in the remote home directory is removed." |