| Commit message (Collapse) | Author | Age |
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
To do common tasks like adding users in an idempotent way requires some
non-obvious incantations, so it is worth providing properties for these tasks.
Signed-off-by: David Bremner <david@tethera.net>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
Additionally, in conventions.rst, fix an example of the :SUDO connection type
to use the correct hostname for looking up the password.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This means you can apply properties like FILE:HAS-CONTENT without also having
to explicitly apply FILE:{CONTAINING-,}DIRECTORY-EXISTS or similar.
If missing intermediate directories need to have particular modes or
ownership, it is easy to apply properties to ensure those directories exist
with those attributes before applying the property which will create the file.
Then there are no missing directories for the latter property to create. In
the case where a mode for the file is supplied, leave it to the caller to
create the directories, as a safety measure (see 487a473390).
In the future we might create missing intermediate directories based on a
supplied mode, such as creating them 0750 when the supplied mode is 0640.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
| |
As we are uploading secrets, perhaps some of those directories need to be
created with permissions other than 0755, so as a safety measure, leave it to
the caller to create them.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
This allows selectively overriding that redirect.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
| |
The --variant=buildd argument to debootstrap(8), used by default by
SBUILD:BUILT, produces a chroot without any /etc/hosts file. Thus processes
in the chroot, including apt(8), may not be able to resolve "localhost".
This is relevant to the case of APT:USES-LOCAL-CACHER outside the chroot and
APT:USES-PARENT-PROXY within, as suggested by SBUILD:BUILT's docstring.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
The existing text does not imply that IDEN1 has to be right under LOCATION,
but let's make it explicit.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
This allows the user to conveniently maintain a set of files in their consfig
tree (or elsewhere) for deployment as data.
Signed-off-by: David Bremner <david@tethera.net>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
| |
Suggested-by: Yehouda Harpaz <yeh@lispworks.com>
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If *CONSFIG* is NIL because the user called (in-consfig nil), then
initialising a propspec without any supplied list of ASDF systems will still
result in a NO-CONSFIG warning, the text of which suggests calling IN-CONSFIG.
For now, avoid that situation by disallowing (in-consfig nil). If the user
doesn't want to use the *CONSFIG* feature, it is probably best if they muffle
the warning or explicitly supply a list of ASDF systems in each piece of code
that initialises propspecs, rather than declaring (in-consfig nil).
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
| |
*CONSFIG* is meant to be an optional feature, and this should make it easier
to write code which doesn't use it. For example, code running in an
IMAGE-DUMPED image might use (deploy-these :local ...) to build a propspec,
but *PACKAGE* is likely to be COMMON-LISP-USER, not the user's consfig.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
Before this change, the variables would be unbound in IMAGE-DUMPED images.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
The use of %{SERVER_NAME} makes the configuration line a constant value.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
The new rule is sufficient for the Let's Encrypt challenge to succeed, and has
the advantage of avoiding interference with other subpaths of .well-known/.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
Necessary because we use #.(length +alphanum+) later in the file.
Reported-by: Yehouda Harpaz <yeh@lispworks.com>
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
| |
DATA.GIT-SNAPSHOT generates version numbers like 2342423.ab09890f2bcd where
only the first, purely numerical component is intended for comparison, and the
second component is just additional information. UIOP's utilities don't give
the correct answers for cases like that; e.g. (uiop:version<= "1.a" "0") => T.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
The name will show up in, e.g., top(1) inside containers.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
| |
With most connection types stdout is not a tty and so we get one entry per
line anyway. However, unless we explicitly pass -1, lxc-ls(1) can add
unwanted trailing whitespace to these lines.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
TRIMFUN will typically be STRING-TRIM, STRING-LEFT-TRIM or STRING-RIGHT-TRIM.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update stored checksums when reinvoking, else the SBCL-specific checks in
%DUMP-CONSFIGURATOR-IN-GRANDCHILD will always fail in reinvoked images.
- Also update *US* when reinvoking; previously, the code in IMAGE-DUMPED to
skip the dump when the target filename is the executable we're running from
was using the old value of *US* and thus would probably never skip the dump.
- Don't abort the dump just because the target filename is the executable
we're running from (I believe the restriction was accidentally included when
refactoring a previous work-in-progress version of fbe55a361f).
- %DUMP-CONSFIGURATOR-IN-GRANDCHILD: ensure we remove the hook which evaluates
the parent process's request so it doesn't get run again.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
SB-EXT:*RUNTIME-PATHNAME* is the path to the executable.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|