Recent changes to this wiki:

comment
diff --git a/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_8_ac79ac661bfafcaade6b0e6d592c8c48._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_8_ac79ac661bfafcaade6b0e6d592c8c48._comment
new file mode 100644
index 00000000..ec3a6f8b
--- /dev/null
+++ b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_8_ac79ac661bfafcaade6b0e6d592c8c48._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 8"""
+ date="2017-11-18T20:02:46Z"
+ content="""
+I agree that it would make sense for propellor's debootstrap properties
+to use the host's apt proxy setting.
+
+debootstrap does not have an option to use a proxy, but I think that
+setting `http_proxy` in the environment will probably make it work.
+"""]]

rename bug/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn to todo/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_1_59ac4661a896a514ce953a0069341869._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_1_59ac4661a896a514ce953a0069341869._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_1_59ac4661a896a514ce953a0069341869._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_1_59ac4661a896a514ce953a0069341869._comment
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_2_579894632e567a08d83e306be5e355b2._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_2_579894632e567a08d83e306be5e355b2._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_2_579894632e567a08d83e306be5e355b2._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_2_579894632e567a08d83e306be5e355b2._comment
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_4_f6c386dddf408d522841fd3bde699d15._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_4_f6c386dddf408d522841fd3bde699d15._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_4_f6c386dddf408d522841fd3bde699d15._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_4_f6c386dddf408d522841fd3bde699d15._comment
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_5_060b3ab57e525669c44192bbfdc730a4._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
diff --git a/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_7_571220abc9991ddc940c2cb150543fd2._comment b/doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_7_571220abc9991ddc940c2cb150543fd2._comment
similarity index 100%
rename from doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_7_571220abc9991ddc940c2cb150543fd2._comment
rename to doc/todo/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_7_571220abc9991ddc940c2cb150543fd2._comment

rename forum/Sbuild_chroot_are_not_compatible_with_schroot.mdwn to bug/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot.mdwn b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot.mdwn
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy.mdwn
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_1_59ac4661a896a514ce953a0069341869._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_1_59ac4661a896a514ce953a0069341869._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_1_59ac4661a896a514ce953a0069341869._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_1_59ac4661a896a514ce953a0069341869._comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_2_579894632e567a08d83e306be5e355b2._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_2_579894632e567a08d83e306be5e355b2._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_2_579894632e567a08d83e306be5e355b2._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_2_579894632e567a08d83e306be5e355b2._comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_4_f6c386dddf408d522841fd3bde699d15._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_4_f6c386dddf408d522841fd3bde699d15._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_4_f6c386dddf408d522841fd3bde699d15._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_4_f6c386dddf408d522841fd3bde699d15._comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_5_060b3ab57e525669c44192bbfdc730a4._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_7_571220abc9991ddc940c2cb150543fd2._comment b/doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_7_571220abc9991ddc940c2cb150543fd2._comment
similarity index 100%
rename from doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_7_571220abc9991ddc940c2cb150543fd2._comment
rename to doc/bug/Debootstrap_module_should_respect_a_configured_Apt.proxy/comment_7_571220abc9991ddc940c2cb150543fd2._comment

Added a comment: Reassigning this bug to the Chroot and Debootstrap infrastructure
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_7_571220abc9991ddc940c2cb150543fd2._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_7_571220abc9991ddc940c2cb150543fd2._comment
new file mode 100644
index 00000000..419b746c
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_7_571220abc9991ddc940c2cb150543fd2._comment
@@ -0,0 +1,22 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="Reassigning this bug to the Chroot and Debootstrap infrastructure"
+ date="2017-11-18T17:57:22Z"
+ content="""
+I'm almost done with my branch, and I now think that this bug applies to the `Chroot` and `Debootstrap` modules.  This is how the new sbuild module will work:
+
+    & Apt.useLocalCacher
+    & Sbuild.built Sbuild.UseCcache $ props
+    	& osDebian Unstable X86_32
+    	& Sbuild.update `period` Weekly 1
+    	& Sbuild.useHostProxy
+    & Sbuild.usableBy (User \"spwhitton\")
+    & Schroot.overlaysInTmpfs
+
+As you can see, the propagation of the host's Apt proxy into the chroot is controlled by a property of the chroot, for maximum flexibility.  For example, you could replace `Sbuild.useHostProxy` with a call to `Apt.proxy`.
+
+However, the properties of the sbuild chroot will not be applied until after the chroot is built.  So, in order to resolve Fred's issue, it is the invocation of debootstrap by the `Chroot`/`Debootstrap` modules that needs to be taught to use the host's Apt proxy, if one is set.
+
+(w.r.t. unpropelling: I'm not going to do any cleanup because /usr/local/propellor is not likely to interfere with the build.  What matters is installed build-deps, and we've established there won't be any.)
+"""]]

idea
diff --git a/doc/todo/Host_could_have_partition_table_in_Info.mdwn b/doc/todo/Host_could_have_partition_table_in_Info.mdwn
new file mode 100644
index 00000000..5ca20cc7
--- /dev/null
+++ b/doc/todo/Host_could_have_partition_table_in_Info.mdwn
@@ -0,0 +1,5 @@
+Currently, building an Image for a Host requires a partition table to be
+specified separately. However, Propellor.Property.Machine often knows
+things about the partition table (eg that there needs to be a separate EXT2
+/boot partition). So, why not let properties put something in Info and
+let the partition table be derived from that. --[[Joey]]

Add Typeable instance to OriginUrl, fixing build with old versions of ghc.
diff --git a/debian/changelog b/debian/changelog
index 91b4b3e2..06a333be 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+propellor (4.9.1) UNRELEASED; urgency=medium
+
+  * Add Typeable instance to OriginUrl, fixing build with old versions
+    of ghc.
+
+ -- Joey Hess <id@joeyh.name>  Thu, 02 Nov 2017 10:28:44 -0400
+
 propellor (4.9.0) unstable; urgency=medium
 
   * When the ipv4 and ipv6 properties are used with a container, avoid
diff --git a/doc/forum/4.9.0_fail_to_build_on_jessie/comment_2_a194d36b2f95f3f9949b606b22deb8d1._comment b/doc/forum/4.9.0_fail_to_build_on_jessie/comment_2_a194d36b2f95f3f9949b606b22deb8d1._comment
new file mode 100644
index 00000000..47f938dc
--- /dev/null
+++ b/doc/forum/4.9.0_fail_to_build_on_jessie/comment_2_a194d36b2f95f3f9949b606b22deb8d1._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-11-02T14:29:29Z"
+ content="""
+Indeed, this will probably keep biting it for different data types
+as they're added, since the new ghc builds without the explicit instance.
+
+I've fixed this one in git now.
+"""]]
diff --git a/src/Propellor/Property/PropellorRepo.hs b/src/Propellor/Property/PropellorRepo.hs
index 504ff395..825efdfd 100644
--- a/src/Propellor/Property/PropellorRepo.hs
+++ b/src/Propellor/Property/PropellorRepo.hs
@@ -1,3 +1,5 @@
+{-# LANGUAGE DeriveDataTypeable #-}
+
 module Propellor.Property.PropellorRepo where
 
 import Propellor.Base
@@ -24,4 +26,4 @@ hasOriginUrl u = setInfoProperty p (toInfo (InfoVal (OriginUrl u)))
 			else makeChange $ setRepoUrl u
 
 newtype OriginUrl = OriginUrl String
-	deriving (Show)
+	deriving (Show, Typeable)

Added a comment
diff --git a/doc/forum/4.9.0_fail_to_build_on_jessie/comment_1_b0381ff1096d4410817ea111d39b6b5e._comment b/doc/forum/4.9.0_fail_to_build_on_jessie/comment_1_b0381ff1096d4410817ea111d39b6b5e._comment
new file mode 100644
index 00000000..a2be2cbc
--- /dev/null
+++ b/doc/forum/4.9.0_fail_to_build_on_jessie/comment_1_b0381ff1096d4410817ea111d39b6b5e._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2017-11-02T08:29:32Z"
+ content="""
+I needed to add Typable and the LANGUAGE DeriveDataTypeable extension.
+
+
+thanks
+"""]]

diff --git a/doc/forum/4.9.0_fail_to_build_on_jessie.mdwn b/doc/forum/4.9.0_fail_to_build_on_jessie.mdwn
new file mode 100644
index 00000000..915ddb74
--- /dev/null
+++ b/doc/forum/4.9.0_fail_to_build_on_jessie.mdwn
@@ -0,0 +1,26 @@
+Hello while trying to build propellor on jessie, I got this error message
+
+
+    picca@irdrx1:~/.propellor$ propellor
+    Preprocessing executable 'propellor-config' for propellor-4.9.0...
+    [105 of 120] Compiling Propellor.Property.PropellorRepo ( src/Propellor/Property/PropellorRepo.hs, dist/build/propellor-config/propellor-config-tmp/Propellor/Property/PropellorRepo.o )
+
+    src/Propellor/Property/PropellorRepo.hs:17:37:
+    No instance for (Typeable OriginUrl) arising from a use of `toInfo'
+    Possible fix: add an instance declaration for (Typeable OriginUrl)
+    In the second argument of `setInfoProperty', namely
+      `(toInfo (InfoVal (OriginUrl u)))'
+    In the expression:
+      setInfoProperty p (toInfo (InfoVal (OriginUrl u)))
+    In an equation for `hasOriginUrl':
+        hasOriginUrl u
+          = setInfoProperty p (toInfo (InfoVal (OriginUrl u)))
+          where
+              p :: Property UnixLike
+              p = property ("propellor repo url " ++ u)
+                  $ do { curru <- liftIO getRepoUrl;
+                         .... }
+Resolving dependencies...
+
+
+Cheers

add news item for propellor 4.9.0
diff --git a/doc/news/version_4.7.5.mdwn b/doc/news/version_4.7.5.mdwn
deleted file mode 100644
index f2fbaf84..00000000
--- a/doc/news/version_4.7.5.mdwn
+++ /dev/null
@@ -1,3 +0,0 @@
-propellor 4.7.5 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Avoid crashing when getTerminalName fails due to eg, being in a chroot."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.9.0.mdwn b/doc/news/version_4.9.0.mdwn
new file mode 100644
index 00000000..c625e0c7
--- /dev/null
+++ b/doc/news/version_4.9.0.mdwn
@@ -0,0 +1,23 @@
+propellor 4.9.0 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * When the ipv4 and ipv6 properties are used with a container, avoid
+     propagating the address out to the host.
+   * DnsInfo has been replaced with DnsInfoPropagated and
+     DnsInfoUnpropagated. (API change)
+   * Code that used fromDnsInfo . fromInfo changes to use getDnsInfo.
+   * addDNS takes an additional Bool parameter to control whether
+     the DNS info should propagate out of containers. (API change)
+   * Made the PropellorRepo.hasOriginUrl property override the repository
+     url that --spin passes to a host.
+   * PropellorRepo.hasOriginUrl type changed to include HasInfo. (API change)
+   * Fstab.mounted: Create mount point if necessary, and mount it
+     if it's not already mounted.
+     Thanks, Nicolas Schodet
+   * Properties that check for an empty directory now treat a directory
+     containing only "lost+found" as effectively empty, to support
+     situations where the directory is a mount point of an EXT* filesystem.
+     Thanks, Nicolas Schodet
+   * Make addInfo accumulate Info in order properties appear, not
+     reverse order.
+     This fixes a bug involving reverting Systemd.resolvConfed or
+     Systemd.linkJournal."""]]
\ No newline at end of file

Make addInfo accumulate Info in order properties appear, not reverse order
This fixes a bug involving reverting Systemd.resolvConfed or
Systemd.linkJournal.
addInfo was prepending to the list for efficiency. But, that was in
conflict with mappend of two Info, which appended the second to the first.
In the case where Systemd.resolvConfed was added reverted, to override the
one added by default, that led to a list of info that had first the
reversion and then the default, so the default won. Which was wrong.
So, make addInfo accumulate in the same order mappend combines things, even
though it's a little less efficient. The efficiency probably does not
matter; there is not typically a whole lot of info.
There's some risk this change has unexpected consequences, if something
relied on the old addInfo order without using fromInfo to access to info.
But if so, that something would have been broken before when two Info
properties were combined. With this change, it would just be broken the
other way around.
This commit was sponsored by Jochen Bartl on Patreon.
diff --git a/debian/changelog b/debian/changelog
index 4739eecd..5aff022f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -17,6 +17,10 @@ propellor (4.9.0) UNRELEASED; urgency=medium
     containing only "lost+found" as effectively empty, to support
     situations where the directory is a mount point of an EXT* filesystem.
     Thanks, Nicolas Schodet
+  * Make addInfo accumulate Info in order properties appear, not
+    reverse order.
+    This fixes a bug involving reverting Systemd.resolvConfed or
+    Systemd.linkJournal.
 
  -- Joey Hess <id@joeyh.name>  Wed, 04 Oct 2017 12:46:23 -0400
 
diff --git a/doc/forum/Using_ip_address_in_a_container/comment_5_338fa2c7d0fb389c0888ba8a9095719c._comment b/doc/forum/Using_ip_address_in_a_container/comment_5_338fa2c7d0fb389c0888ba8a9095719c._comment
new file mode 100644
index 00000000..10d2c91f
--- /dev/null
+++ b/doc/forum/Using_ip_address_in_a_container/comment_5_338fa2c7d0fb389c0888ba8a9095719c._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 5"""
+ date="2017-10-25T16:51:54Z"
+ content="""
+@Nicolas, the reason it appears twice is that resolveConfed is added by
+default, and then you added it again reverted. That display could certianly
+be improved, perhaps by having it look to see if there's a resolveConfed
+setting before adding in the default one.
+
+As to why reverting it didn't work, that was a Info ordering bug, which
+I've now fixed.
+"""]]
diff --git a/src/Propellor/Types/Info.hs b/src/Propellor/Types/Info.hs
index 5db1eb52..06c45ed2 100644
--- a/src/Propellor/Types/Info.hs
+++ b/src/Propellor/Types/Info.hs
@@ -55,16 +55,15 @@ data PropagateInfo
 
 -- | Any value in the `IsInfo` type class can be added to an Info.
 addInfo :: IsInfo v => Info -> v -> Info
-addInfo (Info l) v = Info (InfoEntry v:l)
+addInfo (Info l) v = Info (l++[InfoEntry v])
 
 -- | Converts any value in the `IsInfo` type class into an Info,
 -- which is otherwise empty.
 toInfo :: IsInfo v => v -> Info
 toInfo = addInfo mempty
 
--- The list is reversed here because addInfo builds it up in reverse order.
 fromInfo :: IsInfo v => Info -> v
-fromInfo (Info l) = mconcat (mapMaybe extractInfoEntry (reverse l))
+fromInfo (Info l) = mconcat (mapMaybe extractInfoEntry l)
 
 -- | Maps a function over all values stored in the Info that are of the
 -- appropriate type.

changelog for merge
diff --git a/debian/changelog b/debian/changelog
index 3ffd818c..4739eecd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,6 +13,10 @@ propellor (4.9.0) UNRELEASED; urgency=medium
   * Fstab.mounted: Create mount point if necessary, and mount it
     if it's not already mounted.
     Thanks, Nicolas Schodet
+  * Properties that check for an empty directory now treat a directory
+    containing only "lost+found" as effectively empty, to support
+    situations where the directory is a mount point of an EXT* filesystem.
+    Thanks, Nicolas Schodet
 
  -- Joey Hess <id@joeyh.name>  Wed, 04 Oct 2017 12:46:23 -0400
 
diff --git a/doc/todo/Ignore_lost+found_directory.mdwn b/doc/todo/Ignore_lost+found_directory.mdwn
index 9b1469b3..260b69a0 100644
--- a/doc/todo/Ignore_lost+found_directory.mdwn
+++ b/doc/todo/Ignore_lost+found_directory.mdwn
@@ -8,3 +8,5 @@ I made a patch to ignore this directory, do you see any bad side effect?
 You can pull the `ignore-lost-n-found` branch at `http://git.ni.fr.eu.org/nicolas/propellor.git`.
 
 Nicolas.
+
+> [[merged|done]] thank you! --[[Joey]]

Added a comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
new file mode 100644
index 00000000..32427cef
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_6_9d6536b85cd3fd3ca3b0128aff56d797._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="comment 6"
+ date="2017-10-20T21:47:43Z"
+ content="""
+I'd forgotten that detail of our discussion.  Thanks.  Moving this onto my TODO list; hope to work on it soon.
+"""]]

Added a comment
diff --git a/doc/todo/Ignore_lost+found_directory/comment_2_cfdc0231f0f52ac1dda7a1b005e25ce0._comment b/doc/todo/Ignore_lost+found_directory/comment_2_cfdc0231f0f52ac1dda7a1b005e25ce0._comment
new file mode 100644
index 00000000..72a24a30
--- /dev/null
+++ b/doc/todo/Ignore_lost+found_directory/comment_2_cfdc0231f0f52ac1dda7a1b005e25ce0._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 2"
+ date="2017-10-19T19:40:25Z"
+ content="""
+Here is a new version.
+
+I have put it in `Utility.Directory` as it is quite generic.
+"""]]

merged pull request
diff --git a/debian/changelog b/debian/changelog
index 42eebb96..3ffd818c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,6 +10,9 @@ propellor (4.9.0) UNRELEASED; urgency=medium
   * Made the PropellorRepo.hasOriginUrl property override the repository
     url that --spin passes to a host.
   * PropellorRepo.hasOriginUrl type changed to include HasInfo. (API change)
+  * Fstab.mounted: Create mount point if necessary, and mount it
+    if it's not already mounted.
+    Thanks, Nicolas Schodet
 
  -- Joey Hess <id@joeyh.name>  Wed, 04 Oct 2017 12:46:23 -0400
 
diff --git a/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn b/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn
index 4732825f..d491bce9 100644
--- a/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn
+++ b/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn
@@ -8,3 +8,5 @@ See [[forum/Fstab.mounted_does_not_mount_if_entry_exists]].
 Please pull `fstab-mounted` branch at `http://git.ni.fr.eu.org/nicolas/propellor.git`.
 
 Nicolas.
+
+> [[done]] thanks! --[[Joey]]

forgot to add this comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_5_060b3ab57e525669c44192bbfdc730a4._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
new file mode 100644
index 00000000..2578ef8e
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_5_060b3ab57e525669c44192bbfdc730a4._comment
@@ -0,0 +1,17 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 5"""
+ date="2017-10-04T17:12:59Z"
+ content="""
+Not sure why unpropelling blocks this. IIRC we discussed using a regular
+propellor chroot to set up the sbuild chroot. And I pointed out that when
+propellor runs inside a chroot, it does it without installing any
+dependencies into the chroot; everything propellor needs to run is
+bind mounted into /usr/local/propellor in the chroot.
+
+So, the most an "unpropell" property would need to do in a chroot is to
+unmount below /usr/local/propellor and remove that directory, which should
+then be empty. This might be desirable to be sure that the sbuild
+environment is 100% clean, in the unlikely chance that something
+builds differently when /usr/local/propellor exists.
+"""]]

comment
diff --git a/doc/todo/Ignore_lost+found_directory/comment_1_77d239c2f73d23aa28a4db6806d1bbdb._comment b/doc/todo/Ignore_lost+found_directory/comment_1_77d239c2f73d23aa28a4db6806d1bbdb._comment
new file mode 100644
index 00000000..80efdeec
--- /dev/null
+++ b/doc/todo/Ignore_lost+found_directory/comment_1_77d239c2f73d23aa28a4db6806d1bbdb._comment
@@ -0,0 +1,21 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-10-15T16:52:44Z"
+ content="""
+I feel that modifying `dirCruft` to include "lost+found" is a layering
+violation, because it could change the behavior of a lot of things besides
+checking if a directory is empty "enough". Consider code that recurses
+through a directory and sets permissions or owner.
+
+This calls for a new function, or a modification to a more specific
+function, to handle the "lost+found" case.
+`Propellor.Property.Chroot.Util.unpopulated` seems like a good place to
+handle it.
+
+There are also some backup/restore properties, for Borg and Restic etc, that
+only do a restore if a directory is empty or missing, and it seems to make
+sense for them to also special-case handling of "lost+found". So it would
+make sense to move `unpopulated` to a module that's not chroot-specific
+and make those things also use it.
+"""]]

Pull request for Fstab.mounted
diff --git a/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn b/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn
new file mode 100644
index 00000000..4732825f
--- /dev/null
+++ b/doc/todo/creates_mount_point_and_always_tries_to_mount_when_using_Fstab.mounted.mdwn
@@ -0,0 +1,10 @@
+Hello,
+
+this simple change creates mount point and always tries to mount when using
+Fstab.mounted.
+
+See [[forum/Fstab.mounted_does_not_mount_if_entry_exists]].
+
+Please pull `fstab-mounted` branch at `http://git.ni.fr.eu.org/nicolas/propellor.git`.
+
+Nicolas.

Pull request to ignore lost+found
diff --git a/doc/todo/Ignore_lost+found_directory.mdwn b/doc/todo/Ignore_lost+found_directory.mdwn
new file mode 100644
index 00000000..9b1469b3
--- /dev/null
+++ b/doc/todo/Ignore_lost+found_directory.mdwn
@@ -0,0 +1,10 @@
+Hello,
+
+I had a problem where propellor refused to create a chroot because the target
+directory was not empty. Actually, the directory contained `lost+found`.
+
+I made a patch to ignore this directory, do you see any bad side effect?
+
+You can pull the `ignore-lost-n-found` branch at `http://git.ni.fr.eu.org/nicolas/propellor.git`.
+
+Nicolas.

comment
diff --git a/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists/comment_2_ec9913c603bc121dc5a3705b10918d58._comment b/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists/comment_2_ec9913c603bc121dc5a3705b10918d58._comment
new file mode 100644
index 00000000..d33c8228
--- /dev/null
+++ b/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists/comment_2_ec9913c603bc121dc5a3705b10918d58._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-10-08T16:06:37Z"
+ content="""
+It seems it would be safe to always run the mountnow property, since
+it does check if something is already mounted.
+
+Also, it would probably make sense for properties that set up mounts to
+automatically make the mount point.
+
+Patches welcome!
+"""]]

Added a comment: Some precision
diff --git a/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists/comment_1_13af56eb8b4489699f57ec671d48b092._comment b/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists/comment_1_13af56eb8b4489699f57ec671d48b092._comment
new file mode 100644
index 00000000..3bae914e
--- /dev/null
+++ b/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists/comment_1_13af56eb8b4489699f57ec671d48b092._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="Some precision"
+ date="2017-10-08T10:54:57Z"
+ content="""
+I think the first time I forgot the `File.dirExists` for the mount point, so
+the fstab modification was done, but not the mount.
+
+"""]]

Fstab.mounted does not mount if entry exists
diff --git a/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists.mdwn b/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists.mdwn
new file mode 100644
index 00000000..7c86c945
--- /dev/null
+++ b/doc/forum/Fstab.mounted_does_not_mount_if_entry_exists.mdwn
@@ -0,0 +1,14 @@
+Hello,
+
+by looking at the code, there is an onChange:
+
+	mounted fs src mnt opts = tightenTargets $
+		listed fs src mnt opts
+			`onChange` mountnow
+
+This means that if for any reason the FS is not mounted it will never be
+mounted again. Is it a bug or a feature?
+
+Thanks,
+
+Nicolas.

Added a comment: Problem with resolvConfed
diff --git a/doc/forum/Using_ip_address_in_a_container/comment_4_b0efdd9b058e2cc5cf5bebc427aac956._comment b/doc/forum/Using_ip_address_in_a_container/comment_4_b0efdd9b058e2cc5cf5bebc427aac956._comment
new file mode 100644
index 00000000..47539b79
--- /dev/null
+++ b/doc/forum/Using_ip_address_in_a_container/comment_4_b0efdd9b058e2cc5cf5bebc427aac956._comment
@@ -0,0 +1,28 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="Problem with resolvConfed"
+ date="2017-10-05T21:33:42Z"
+ content="""
+I tried to revert resolvConfed, but it seems to be ignored:
+
+    vzWeb2 :: Systemd.Container
+    vzWeb2 = Systemd.debContainer \"vz-web2\" $ props
+            & osDebian (Stable \"stretch\") X86_64
+            & ipv4 \"10.42.2.13\"
+            ! Systemd.resolvConfed
+            ...
+
+When it spins, there are two lines, one with, one without:
+
+    ...
+    vz-web2 has container configuration --link-journal=try-guest ... ok
+    vz-web2 has container configuration --bind=/etc/resolv.conf ... ok
+    vz-web2 has Operating System (Debian Linux (Stable \"stretch\")) X86_64 ... ok
+    vz-web2 has ipv4 10.42.2.13 ... ok
+    vz-web2 has container configuration without --bind=/etc/resolv.conf ... ok
+    ...
+
+And it is included in the systemd service file.
+
+"""]]

Added a comment: ipv4/ipv6
diff --git a/doc/forum/Using_ip_address_in_a_container/comment_3_faab2f836f7025d471b18c2c065338e2._comment b/doc/forum/Using_ip_address_in_a_container/comment_3_faab2f836f7025d471b18c2c065338e2._comment
new file mode 100644
index 00000000..55f46d2a
--- /dev/null
+++ b/doc/forum/Using_ip_address_in_a_container/comment_3_faab2f836f7025d471b18c2c065338e2._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="ipv4/ipv6"
+ date="2017-10-05T20:11:48Z"
+ content="""
+Thanks for the change, I will try to come with a working configuration then
+try to see what can be improved from there.
+"""]]

Added a comment: systemd-nspawn with its own network in the container
diff --git a/doc/forum/Using_ip_address_in_a_container/comment_2_520c00ed10ead57bc46940f98a2fae01._comment b/doc/forum/Using_ip_address_in_a_container/comment_2_520c00ed10ead57bc46940f98a2fae01._comment
new file mode 100644
index 00000000..78b7563a
--- /dev/null
+++ b/doc/forum/Using_ip_address_in_a_container/comment_2_520c00ed10ead57bc46940f98a2fae01._comment
@@ -0,0 +1,30 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="systemd-nspawn with its own network in the container"
+ date="2017-10-05T20:10:10Z"
+ content="""
+If you use networkd, things are quite simple, you can use
+`--network-zone=something` and it will create a bridge, add the host interface
+to it and add an interface in the container. Default networkd configuration
+will choose an IP network for the zone (it use the interface name to recognize
+what must be done), use DHCP in the container, handle DHCP request on host and
+route packets to the external interface. The bridge is automatically removed
+when all containers are shut down.
+
+Without networkd, you can create a bridge on the host in
+`/etc/network/interface`:
+
+    auto br0
+    iface br0 inet static
+        address 10.42.0.1
+	netmask 255.255.0.0
+	pre-up brctl addbr br0
+	post-down brctl delbr br0
+	bridge_fd 0
+
+Then use the `--network-bridge=br0` option. It will add the host interface
+automatically to the bridge and you need a way to configure the containers
+interface, either using networkd or the traditional ifupdown.
+
+"""]]

Fix formating
diff --git a/doc/forum/Using_ip_address_in_a_container.mdwn b/doc/forum/Using_ip_address_in_a_container.mdwn
index 57b8a2e1..6706c388 100644
--- a/doc/forum/Using_ip_address_in_a_container.mdwn
+++ b/doc/forum/Using_ip_address_in_a_container.mdwn
@@ -7,12 +7,13 @@ Previously I used lxc containers but I'm afraid adding lxc support is quite a
 large task.
 
 My previous setup includes:
- - static ip addresses per container (set using LXC, but
-   /etc/network/interface will do),
- - different hostname for each of the containers,
- - configuration of a bind zone for my local container network,
- - configuration of the firewall using ferm,
- - proxy from host to containers using nginx.
+
+- static ip addresses per container (set using LXC, but
+  /etc/network/interface will do),
+- different hostname for each of the containers,
+- configuration of a bind zone for my local container network,
+- configuration of the firewall using ferm,
+- proxy from host to containers using nginx.
 
 If I understand correctly, alias or ipv4 are propagated to the host and are
 not part of the container definition, is that right?

override deploy url with PropellorRepo.hasOriginUrl info
* Made the PropellorRepo.hasOriginUrl property override the repository
url that --spin passes to a host.
* PropellorRepo.hasOriginUrl type changed to include HasInfo. (API change)
This commit was sponsored by Jake Vosloo on Patreon.
diff --git a/debian/changelog b/debian/changelog
index 8265f777..42eebb96 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,9 @@ propellor (4.9.0) UNRELEASED; urgency=medium
   * Code that used fromDnsInfo . fromInfo changes to use getDnsInfo.
   * addDNS takes an additional Bool parameter to control whether
     the DNS info should propagate out of containers. (API change)
+  * Made the PropellorRepo.hasOriginUrl property override the repository
+    url that --spin passes to a host.
+  * PropellorRepo.hasOriginUrl type changed to include HasInfo. (API change)
 
  -- Joey Hess <id@joeyh.name>  Wed, 04 Oct 2017 12:46:23 -0400
 
diff --git a/doc/forum/how_to_boostrap_the_initial_git_repo/comment_2_84b8e438ef86d2caf4046c6e7950698b._comment b/doc/forum/how_to_boostrap_the_initial_git_repo/comment_2_84b8e438ef86d2caf4046c6e7950698b._comment
new file mode 100644
index 00000000..91fdae32
--- /dev/null
+++ b/doc/forum/how_to_boostrap_the_initial_git_repo/comment_2_84b8e438ef86d2caf4046c6e7950698b._comment
@@ -0,0 +1,23 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-10-04T17:30:30Z"
+ content="""
+I don't know what deploy branch trick you're referring to using.
+
+There is the deploy remote, which I think should do what you want:
+
+> Additionally, the url of a remote named "deploy", if it exists
+> in your ~/.propellor/ repository, is used as the origin url for
+> the other repositories.
+
+When you have a deploy remote configured in your local repository,
+the first time you spin a new host, it will clone its /usr/local/propellor
+from the url of the deploy remote. On subsequent spins, it sends the
+url over, and the host's repository's url is updated too.
+
+The PropellorRepo.hasOriginUrl property doesn't take effect until
+propellor runs with that configuration, which could be a bit of a chicken and
+egg situation. Except hmm, spin could look for that property and use
+repo url instead of the deploy remote's url. Yeah, I've done that now!
+"""]]
diff --git a/src/Propellor/Property/PropellorRepo.hs b/src/Propellor/Property/PropellorRepo.hs
index e60e7848..504ff395 100644
--- a/src/Propellor/Property/PropellorRepo.hs
+++ b/src/Propellor/Property/PropellorRepo.hs
@@ -2,18 +2,26 @@ module Propellor.Property.PropellorRepo where
 
 import Propellor.Base
 import Propellor.Git.Config
+import Propellor.Types.Info
 
 -- | Sets the url to use as the origin of propellor's git repository.
 --
--- When propellor --spin is used to update a host, the url is taken from
--- the repository that --spin is run in, and passed to the host. So, you
--- don't need to specifiy this property then. 
+-- By default, the url is taken from the deploy or origin remote of
+-- the repository that propellor --spin is run in. Setting this property
+-- overrides that default behavior with a different url.
 --
--- This property is useful when hosts are being updated without using
--- --spin, eg when using the `Propellor.Property.Cron.runPropellor` cron job.
-hasOriginUrl :: String -> Property UnixLike
-hasOriginUrl u = property ("propellor repo url " ++ u) $ do
-	curru <- liftIO getRepoUrl
-	if curru == Just u
-		then return NoChange
-		else makeChange $ setRepoUrl u
+-- When hosts are being updated without using -- --spin, eg when using
+-- the `Propellor.Property.Cron.runPropellor` cron job, this property can
+-- be set to redirect them to a new git repository url.
+hasOriginUrl :: String -> Property (HasInfo + UnixLike)
+hasOriginUrl u = setInfoProperty p (toInfo (InfoVal (OriginUrl u)))
+  where
+	p :: Property UnixLike
+	p = property ("propellor repo url " ++ u) $ do
+		curru <- liftIO getRepoUrl
+		if curru == Just u
+			then return NoChange
+			else makeChange $ setRepoUrl u
+
+newtype OriginUrl = OriginUrl String
+	deriving (Show)
diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs
index 88d2b473..4a945e82 100644
--- a/src/Propellor/Spin.hs
+++ b/src/Propellor/Spin.hs
@@ -29,6 +29,7 @@ import Propellor.Gpg
 import Propellor.Bootstrap
 import Propellor.Types.CmdLine
 import Propellor.Types.Info
+import Propellor.Property.PropellorRepo (OriginUrl(..))
 import qualified Propellor.Shim as Shim
 import Utility.FileMode
 import Utility.SafeCommand
@@ -220,7 +221,7 @@ updateServer target relay hst connect haveprecompiled privdata = do
 		v <- maybe Nothing readish <$> getMarked fromh statusMarker
 		case v of
 			(Just NeedRepoUrl) -> do
-				sendRepoUrl toh
+				sendRepoUrl hst toh
 				loop
 			(Just NeedPrivData) -> do
 				sendPrivData hn toh privdata
@@ -242,8 +243,12 @@ updateServer target relay hst connect haveprecompiled privdata = do
 				done
 			Nothing -> done
 
-sendRepoUrl :: Handle -> IO ()
-sendRepoUrl toh = sendMarked toh repoUrlMarker =<< (fromMaybe "" <$> getRepoUrl)
+sendRepoUrl :: Host -> Handle -> IO ()
+sendRepoUrl hst toh = sendMarked toh repoUrlMarker =<< geturl
+  where
+	geturl = case fromInfoVal (fromInfo (hostInfo hst)) of
+		Nothing -> fromMaybe "" <$> getRepoUrl
+		Just (OriginUrl u) -> return u
 
 sendPrivData :: HostName -> Handle -> PrivMap -> IO ()
 sendPrivData hn toh privdata = void $ actionMessage msg $ do

comment
diff --git a/doc/todo/unpropelling_a_host/comment_1_e397bfa77303a244711fd2705371e879._comment b/doc/todo/unpropelling_a_host/comment_1_e397bfa77303a244711fd2705371e879._comment
new file mode 100644
index 00000000..f236fac4
--- /dev/null
+++ b/doc/todo/unpropelling_a_host/comment_1_e397bfa77303a244711fd2705371e879._comment
@@ -0,0 +1,26 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-10-04T17:11:42Z"
+ content="""
+All this property needs to do when `inChroot` is True is unmount anything
+bound below /usr/local/propellor and delete that directory, which should be
+empty.
+
+OF course it's harder to implement it for use outside a chroot, but a
+property that works in a chroot would be enough for sbuild and would be a
+reasonable start.
+
+I don't think there's any sane way to remove cabal and stack cruft
+without deleting it all.
+
+Seems like to uninstall the build deps, it would be useful to get the build
+deps installed in the first place in a way that makes `apt-get autoremove`
+able to remove them. Currently, Bootstrap.depsCommand hardcodes
+a list of debian packages. It could instead just install propellor.deb,
+which depends on the same stuff, so the build deps get autoremoved after
+propellor is removed. 
+
+But, different versions of the propellor package might have different deps
+than the version of propellor being bootstrapped.
+"""]]

avoid propagating non-alias DNS info from container to host
* When the ipv4 and ipv6 properties are used with a container, avoid
propagating the address out to the host.
* DnsInfo has been replaced with DnsInfoPropagated and
DnsInfoUnpropagated. (API change)
* Code that used fromDnsInfo . fromInfo changes to use getDnsInfo.
* addDNS takes an additional Bool parameter to control whether
the DNS info should propagate out of containers. (API change)
This commit was sponsored by Trenton Cronholm on Patreon.
diff --git a/debian/changelog b/debian/changelog
index 70c95f35..8265f777 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+propellor (4.9.0) UNRELEASED; urgency=medium
+
+  * When the ipv4 and ipv6 properties are used with a container, avoid
+    propagating the address out to the host.
+  * DnsInfo has been replaced with DnsInfoPropagated and
+    DnsInfoUnpropagated. (API change)
+  * Code that used fromDnsInfo . fromInfo changes to use getDnsInfo.
+  * addDNS takes an additional Bool parameter to control whether
+    the DNS info should propagate out of containers. (API change)
+
+ -- Joey Hess <id@joeyh.name>  Wed, 04 Oct 2017 12:46:23 -0400
+
 propellor (4.8.1) unstable; urgency=medium
 
   * Borg: Fix propigation of exit status of borg backup.
diff --git a/doc/forum/Using_ip_address_in_a_container/comment_1_f14578affbfdb771a74a30f535b9e9a0._comment b/doc/forum/Using_ip_address_in_a_container/comment_1_f14578affbfdb771a74a30f535b9e9a0._comment
new file mode 100644
index 00000000..4c88c808
--- /dev/null
+++ b/doc/forum/Using_ip_address_in_a_container/comment_1_f14578affbfdb771a74a30f535b9e9a0._comment
@@ -0,0 +1,32 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-10-04T16:08:14Z"
+ content="""
+I'd also like to use systemd-nspawn with its own network in the container.
+Have not worked through all the necessary config, which seems fairly
+complicated on the systemd side. Examples of how to do that with propellor
+would be great to have! 
+
+(There's a partial example in the haddock for
+Systemd.publish, which uses networkd to auto-configure a private network,
+but IIRC that is missing some routing/masqerading to let the
+container access the internet.)
+
+As for `alias` and `ipv4` properties, when used in a container, their info
+does get propagated out to the info of the host as of propellor 4.8.1. 
+That was done because it's sometimes useful to have an `alias` be part
+of a container's configuration and get the DNS server automatically
+configured with that alias pointing at the host(s) that have the container.
+
+I agree it does not make sense for `ipv4`/`ipv6` used in a container
+to propagate out. I've changed propellor to not do that any longer,
+and allow controlling whether any given DNS info should propagate or not.
+
+As for the hostname, it's not currently part of the Info system,
+and so there's no risk of a container overriding its Host's name.
+Things like Hostname.sane that look at the hostname will see the parent
+host's name. Hostname.setTo should work in a container to give it
+its own name. (At some point it would probably be worth moving hostnames
+into Info to avoid the extra complication..)
+"""]]
diff --git a/src/Propellor/Info.hs b/src/Propellor/Info.hs
index ed6c2d85..fd295aa3 100644
--- a/src/Propellor/Info.hs
+++ b/src/Propellor/Info.hs
@@ -128,11 +128,11 @@ getOS = fromInfoVal <$> askInfo
 -- if the host's IP Property matches the DNS. If the DNS is missing or
 -- out of date, the host will instead be contacted directly by IP address.
 ipv4 :: String -> Property (HasInfo + UnixLike)
-ipv4 = addDNS . Address . IPv4
+ipv4 = addDNS False . Address . IPv4
 
 -- | Indicate that a host has an AAAA record in the DNS.
 ipv6 :: String -> Property (HasInfo + UnixLike)
-ipv6 = addDNS . Address . IPv6
+ipv6 = addDNS False . Address . IPv6
 
 -- | Indicates another name for the host in the DNS.
 --
@@ -145,11 +145,21 @@ alias d = pureInfoProperty' ("alias " ++ d) $ mempty
 	`addInfo` toAliasesInfo [d]
 	-- A CNAME is added here, but the DNS setup code converts it to an
 	-- IP address when that makes sense.
-	`addInfo` (toDnsInfo $ S.singleton $ CNAME $ AbsDomain d)
-
-addDNS :: Record -> Property (HasInfo + UnixLike)
-addDNS r = pureInfoProperty (rdesc r) (toDnsInfo (S.singleton r))
+	`addInfo` (toDnsInfoPropagated $ S.singleton $ CNAME $ AbsDomain d)
+
+-- | Add a DNS Record.
+addDNS
+	:: Bool
+	-- ^ When used in a container, the DNS info will only
+	-- propagate out the the Host when this is True.
+	-> Record
+	-> Property (HasInfo + UnixLike)
+addDNS prop r
+	| prop = pureInfoProperty (rdesc r) (toDnsInfoPropagated s)
+	| otherwise = pureInfoProperty (rdesc r) (toDnsInfoUnpropagated s)
   where
+	s = S.singleton r
+
 	rdesc (CNAME d) = unwords ["alias", ddesc d]
 	rdesc (Address (IPv4 addr)) = unwords ["ipv4", addr]
 	rdesc (Address (IPv6 addr)) = unwords ["ipv6", addr]
@@ -182,7 +192,7 @@ findAlias :: [Host] -> HostName -> Maybe Host
 findAlias l hn = M.lookup hn (aliasMap l)
 
 getAddresses :: Info -> [IPAddr]
-getAddresses = mapMaybe getIPAddr . S.toList . fromDnsInfo . fromInfo
+getAddresses = mapMaybe getIPAddr . S.toList . getDnsInfo
 
 hostAddresses :: HostName -> [Host] -> [IPAddr]
 hostAddresses hn hosts = maybe [] (getAddresses . hostInfo) (findHost hosts hn)
diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs
index 889aece5..d99a76b0 100644
--- a/src/Propellor/Property/Dns.hs
+++ b/src/Propellor/Property/Dns.hs
@@ -468,7 +468,7 @@ genZone inzdomain hostmap zdomain soa =
 	-- So we can just use the IPAddrs.
 	addcnames :: Host -> [Either WarningMessage (BindDomain, Record)]
 	addcnames h = concatMap gen $ filter (inDomain zdomain) $
-		mapMaybe getCNAME $ S.toList $ fromDnsInfo $ fromInfo info
+		mapMaybe getCNAME $ S.toList $ getDnsInfo info
 	  where
 		info = hostInfo h
 		gen c = case getAddresses info of
@@ -483,7 +483,7 @@ genZone inzdomain hostmap zdomain soa =
 	  where
 		info = hostInfo h
 		l = zip (repeat $ AbsDomain $ hostName h)
-			(S.toList $ S.filter (\r -> isNothing (getIPAddr r) && isNothing (getCNAME r)) (fromDnsInfo $ fromInfo info))
+			(S.toList $ S.filter (\r -> isNothing (getIPAddr r) && isNothing (getCNAME r)) (getDnsInfo info))
 
 	-- Simplifies the list of hosts. Remove duplicate entries.
 	-- Also, filter out any CHAMES where the same domain has an
@@ -531,7 +531,7 @@ genSSHFP domain h = concatMap mk . concat <$> (gen =<< get)
 	gen = liftIO . mapM genSSHFP' . M.elems . fromMaybe M.empty
 	mk r = mapMaybe (\d -> if inDomain domain d then Just (d, r) else Nothing)
 		(AbsDomain hostname : cnames)
-	cnames = mapMaybe getCNAME $ S.toList $ fromDnsInfo $ fromInfo info
+	cnames = mapMaybe getCNAME $ S.toList $ getDnsInfo info
 	hostname = hostName h
 	info = hostInfo h
 
diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs
index aeaa4643..88d2b473 100644
--- a/src/Propellor/Spin.hs
+++ b/src/Propellor/Spin.hs
@@ -173,7 +173,7 @@ getSshTarget target hst
 					return ip
 
 	configips = map val $ mapMaybe getIPAddr $
-		S.toList $ fromDnsInfo $ fromInfo $ hostInfo hst
+		S.toList $ getDnsInfo $ hostInfo hst
 
 -- Update the privdata, repo url, and git repo over the ssh
 -- connection, talking to the user's local propellor instance which is
diff --git a/src/Propellor/Types/Dns.hs b/src/Propellor/Types/Dns.hs
index 87756d81..513f162a 100644
--- a/src/Propellor/Types/Dns.hs
+++ b/src/Propellor/Types/Dns.hs
@@ -1,4 +1,5 @@
 {-# LANGUAGE DeriveDataTypeable, GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE FlexibleInstances #-}
 
 module Propellor.Types.Dns where
 
@@ -36,17 +37,37 @@ toAliasesInfo l = AliasesInfo (S.fromList l)
 fromAliasesInfo :: AliasesInfo -> [HostName]
 fromAliasesInfo (AliasesInfo s) = S.toList s
 
-newtype DnsInfo = DnsInfo { fromDnsInfo :: S.Set Record }
+-- | Use this for DNS Info that should propagate from a container to a
+-- host. For example, this can be used for CNAME to make aliases
+-- of the containers in the host be reflected in the DNS.
+newtype DnsInfoPropagated = DnsInfoPropagated
+	{ fromDnsInfoPropagated :: S.Set Record }
 	deriving (Show, Eq, Ord, Monoid, Typeable)
 
-toDnsInfo :: S.Set Record -> DnsInfo
-toDnsInfo = DnsInfo
+toDnsInfoPropagated :: S.Set Record -> DnsInfoPropagated
+toDnsInfoPropagated = DnsInfoPropagated
 
--- | DNS Info is propagated, so that eg, aliases of a container
--- are reflected in the dns for the host where it runs.
-instance IsInfo DnsInfo where
+instance IsInfo DnsInfoPropagated where
 	propagateInfo _ = PropagateInfo True
 
+-- | Use this for DNS Info that should not propagate from a container to a
+-- host. For example, an IP address of a container should not influence
+-- the host.
+newtype DnsInfoUnpropagated = DnsInfoUnpropagated
+	{ fromDnsInfoUnpropagated :: S.Set Record }
+	deriving (Show, Eq, Ord, Monoid, Typeable)
+
+toDnsInfoUnpropagated :: S.Set Record -> DnsInfoUnpropagated
+toDnsInfoUnpropagated = DnsInfoUnpropagated
+
+-- | Get all DNS Info.
+getDnsInfo :: Info -> S.Set Record

(Diff truncated)
diff --git a/doc/forum/Using_ip_address_in_a_container.mdwn b/doc/forum/Using_ip_address_in_a_container.mdwn
new file mode 100644
index 00000000..57b8a2e1
--- /dev/null
+++ b/doc/forum/Using_ip_address_in_a_container.mdwn
@@ -0,0 +1,22 @@
+Hello,
+
+I would like to create a systemd container using the --network-bridge option
+to systemd-nspawn and fixed addresses.
+
+Previously I used lxc containers but I'm afraid adding lxc support is quite a
+large task.
+
+My previous setup includes:
+ - static ip addresses per container (set using LXC, but
+   /etc/network/interface will do),
+ - different hostname for each of the containers,
+ - configuration of a bind zone for my local container network,
+ - configuration of the firewall using ferm,
+ - proxy from host to containers using nginx.
+
+If I understand correctly, alias or ipv4 are propagated to the host and are
+not part of the container definition, is that right?
+
+I am also not sure about the setting of the hostname.
+
+Do you have some hints about how this could be done?

add news item for propellor 4.8.1
diff --git a/doc/news/version_4.7.4.mdwn b/doc/news/version_4.7.4.mdwn
deleted file mode 100644
index 982f34b6..00000000
--- a/doc/news/version_4.7.4.mdwn
+++ /dev/null
@@ -1,7 +0,0 @@
-propellor 4.7.4 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Set GPG\_TTY when run at a terminal, so that gpg can do password
-     prompting despite being connected by pipes to propellor (or git).
-   * Rsync: Make rsync display less verbose.
-   * Improve PROPELLOR\_TRACE output so serialized trace values always
-     come on their own line, not mixed with title setting."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.8.1.mdwn b/doc/news/version_4.8.1.mdwn
new file mode 100644
index 00000000..fbd293cd
--- /dev/null
+++ b/doc/news/version_4.8.1.mdwn
@@ -0,0 +1,4 @@
+propellor 4.8.1 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Borg: Fix propigation of exit status of borg backup.
+   * Borg: Fix handling of UseSshKey."""]]
\ No newline at end of file

add news item for propellor 4.8.0
diff --git a/doc/news/version_4.7.3.mdwn b/doc/news/version_4.7.3.mdwn
deleted file mode 100644
index 87c58e81..00000000
--- a/doc/news/version_4.7.3.mdwn
+++ /dev/null
@@ -1,3 +0,0 @@
-propellor 4.7.3 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Expand the Trace data type."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.8.0.mdwn b/doc/news/version_4.8.0.mdwn
new file mode 100644
index 00000000..217c3154
--- /dev/null
+++ b/doc/news/version_4.8.0.mdwn
@@ -0,0 +1,21 @@
+propellor 4.8.0 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * DiskImage: Made a DiskImage type class, so that different disk image
+     formats can be implemented. The properties in this module can generate
+     any type that is a member of DiskImage. (API change)
+     (To convert existing configs, convert the filename of the disk image
+     to RawDiskImage filename.)
+   * Removed DiskImage.vmdkBuiltFor property. (API change)
+     Instead, use VirtualBoxPointer in the property that creates the disk
+     image.
+   * Apt.isInstalled: Fix handling of packages that are not known at all
+     to apt.
+   * Borg: Converted BorgRepo from a String alias to a data type.
+     (API change)
+   * Borg: Allow specifying ssh private key to use when accessing a borg
+     repo by using the BorgRepoUsing constructor with UseSshKey.
+   * Borg: Fix broken shell escaping in borg cron job.
+   * Attic: Fix broken shell escaping in attic cron job.
+   * Make lock file descriptors close-on-exec.
+   * Lvm: New module for setting up LVM volumes.
+     Thanks, Nicolas Schodet"""]]
\ No newline at end of file

Added a comment: Blocked
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_4_f6c386dddf408d522841fd3bde699d15._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_4_f6c386dddf408d522841fd3bde699d15._comment
new file mode 100644
index 00000000..17c99e16
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_4_f6c386dddf408d522841fd3bde699d15._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="Blocked"
+ date="2017-09-20T17:29:50Z"
+ content="""
+Note that this is currently blocked by: https://propellor.branchable.com/todo/unpropelling_a_host/
+"""]]

Added a comment
diff --git a/doc/forum/how_to_boostrap_the_initial_git_repo/comment_1_dca4a0a803da4cc55b9eba560496f641._comment b/doc/forum/how_to_boostrap_the_initial_git_repo/comment_1_dca4a0a803da4cc55b9eba560496f641._comment
new file mode 100644
index 00000000..13156967
--- /dev/null
+++ b/doc/forum/how_to_boostrap_the_initial_git_repo/comment_1_dca4a0a803da4cc55b9eba560496f641._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2017-09-14T12:25:18Z"
+ content="""
+just for Info I have propellor 4.7.6
+"""]]

diff --git a/doc/forum/how_to_boostrap_the_initial_git_repo.mdwn b/doc/forum/how_to_boostrap_the_initial_git_repo.mdwn
new file mode 100644
index 00000000..4493ccfe
--- /dev/null
+++ b/doc/forum/how_to_boostrap_the_initial_git_repo.mdwn
@@ -0,0 +1,43 @@
+Hello Joey,
+
+here the onfiguration of my propellor repro.
+
+    [remote "origin"]
+        url = git+ssh://git.debian.org/git/users/picca/propellor
+        fetch = +refs/heads/*:refs/remotes/origin/*
+
+I use this central repository to manage a bunch of computers.
+The problem I is that all these computer do have acces only from this url
+
+    [remote "origin"]
+        url = https://anonscm.debian.org/git/users/picca/propellor.git
+        fetch = +refs/heads/*:refs/remotes/origin/*
+
+So I can use the deploy branch trick.
+
+BUT
+
+since I have clone of the first repository (in order to push via ssh) on all of these computer (let call them locals), I need to add
+the deploy branch on all of them.
+
+So I tryed to add this directly in the propellor configuration.
+
+      & PropellorRepo.hasOriginUrl "https://anonscm.debian.org/git/users/picca/propellor.git"
+
+But when I do the spin for the first time from the locals, the url put in the /usr/local/propellor/.git/config files
+is the one from the locals cloned repository which is the ssh adress and not the https one.
+
+So the propellor spin stop with a timeout because it tryes to  git fetch  with the wrong url.
+
+
+My question is  is it normal ?
+
+
+PS: I also tryed to add
+
+  & bootstrappedFrom (GitRepoUrl "https://anonscm.debian.org/git/users/picca/propellor.git")
+
+but the result was the same.
+
+
+Cheers

Added a comment
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_6_12adb8dc952db0f1235f38c428a52fb1._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_6_12adb8dc952db0f1235f38c428a52fb1._comment
new file mode 100644
index 00000000..c933c90c
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_6_12adb8dc952db0f1235f38c428a52fb1._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 6"
+ date="2017-09-08T21:29:55Z"
+ content="""
+Just tested it, it still works.
+
+Thanks!
+"""]]

update
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment
index 8d007461..6850f3b9 100644
--- a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment
@@ -4,4 +4,9 @@
  date="2017-09-05T20:23:44Z"
  content="""
 Looks good to me, merged. Thanks for your contribution!
+
+(I did make a simplification to it
+in [[!commit 0a6ad2b17419fd877789053c87b95866cfc39c46]],
+which seems ok by inspection to me, but I've not tested. Please
+let me know if I somehow got that wrong.)
 """]]

move parseFs to Property.Partition
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn
index 0910ef5d..4b3198ee 100644
--- a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn
@@ -5,3 +5,5 @@ I am not confident my haskell code is good looking as this is my first real life
 You can pull the lvm branch at http://git.ni.fr.eu.org/nicolas/propellor.git
 
 Thanks!
+
+> merge [[done]] --[[Joey]]
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment
new file mode 100644
index 00000000..8d007461
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_5_aee8b3d2768fb7307a6cc2e3295fd1f6._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 5"""
+ date="2017-09-05T20:23:44Z"
+ content="""
+Looks good to me, merged. Thanks for your contribution!
+"""]]
diff --git a/src/Propellor/Property/Lvm.hs b/src/Propellor/Property/Lvm.hs
index e1f3b934..c5d215bc 100644
--- a/src/Propellor/Property/Lvm.hs
+++ b/src/Propellor/Property/Lvm.hs
@@ -142,27 +142,15 @@ lvState lv = do
 		then return Nothing
 		else do
 			s <- readLvSize
-			fs <- readFs
+			fs <- maybe Nothing (Partition.parseFs . takeWhile (/= '\n')) <$> readFs
 			return $ do
 				size <- s
-				return $ LvState size $ parseFs $
-					takeWhile (/= '\n') <$> fs
+				return $ LvState size fs
   where
 	readLvSize = catchDefaultIO Nothing $ readish
 		<$> readProcess "lvs" [ "-o", "size", "--noheadings",
 			"--nosuffix", "--units", "b", vglv lv ]
 	readFs = Mount.blkidTag "TYPE" (path lv)
-	parseFs (Just "ext2") = Just Partition.EXT2
-	parseFs (Just "ext3") = Just Partition.EXT3
-	parseFs (Just "ext4") = Just Partition.EXT4
-	parseFs (Just "btrfs") = Just Partition.BTRFS
-	parseFs (Just "reiserfs") = Just Partition.REISERFS
-	parseFs (Just "xfs") = Just Partition.XFS
-	parseFs (Just "fat") = Just Partition.FAT
-	parseFs (Just "vfat") = Just Partition.VFAT
-	parseFs (Just "ntfs") = Just Partition.NTFS
-	parseFs (Just "swap") = Just Partition.LinuxSwap
-	parseFs _ = Nothing
 
 -- Read extent size (or Nothing on error).
 vgExtentSize :: VolumeGroup -> IO (Maybe Integer)
diff --git a/src/Propellor/Property/Partition.hs b/src/Propellor/Property/Partition.hs
index 679675b7..27ae89ff 100644
--- a/src/Propellor/Property/Partition.hs
+++ b/src/Propellor/Property/Partition.hs
@@ -15,6 +15,20 @@ import Data.Char
 data Fs = EXT2 | EXT3 | EXT4 | BTRFS | REISERFS | XFS | FAT | VFAT | NTFS | LinuxSwap
 	deriving (Show, Eq)
 
+-- | Parse commonly used names of filesystems.
+parseFs :: String -> Maybe Fs
+parseFs "ext2" = Just EXT2
+parseFs "ext3" = Just EXT3
+parseFs "ext4" = Just EXT4
+parseFs "btrfs" = Just BTRFS
+parseFs "reiserfs" = Just REISERFS
+parseFs "xfs" = Just XFS
+parseFs "fat" = Just FAT
+parseFs "vfat" = Just VFAT
+parseFs "ntfs" = Just NTFS
+parseFs "swap" = Just LinuxSwap
+parseFs _ = Nothing
+
 data Eep = YesReallyFormatPartition
 
 -- | Formats a partition.

Added a comment
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_4_20c6734d67fefeb1a8c07730d537e06b._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_4_20c6734d67fefeb1a8c07730d537e06b._comment
new file mode 100644
index 00000000..74a8bbe1
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_4_20c6734d67fefeb1a8c07730d537e06b._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 4"
+ date="2017-09-03T21:00:36Z"
+ content="""
+I can rebase/squash, do you see something else to improve?
+"""]]

add link
diff --git a/doc/todo/unpropelling_a_host.mdwn b/doc/todo/unpropelling_a_host.mdwn
index 0e1ee2b5..5c31bd90 100644
--- a/doc/todo/unpropelling_a_host.mdwn
+++ b/doc/todo/unpropelling_a_host.mdwn
@@ -2,7 +2,7 @@ We discussed at DebConf the need for a property that removes propellor from a ho
 
 1. There is no standard way to remove cabal and stack packages from `/root` without potentially nuking stuff the user wants to keep.  So maybe the property should remove only OS packages?  I.e. best used on `OSOnly` hosts/chroots.
 
-2. What if another property on the host installs some or all of those build dependencies?  This property would be cancelled out by the unpropellor property.  Maybe properties that install packages need to set info about the packages that are meant to remain installed?
+2. What if another property on the host installs some or all of those build dependencies?  This property would be cancelled out by the unpropellor property.  Maybe properties that install packages need to [[set info about the packages that are meant to remain installed|todo/metapackage]]?
 
 The unpropellor property could just nuke `/usr/local/propellor` and leave it at that.  But then the sbuild module would need to maintain a list of propellor's build deps to remove from the newly created chroot, which is a third copy of the list..
 

unpropellor a host: raise issues
diff --git a/doc/todo/unpropelling_a_host.mdwn b/doc/todo/unpropelling_a_host.mdwn
new file mode 100644
index 00000000..0e1ee2b5
--- /dev/null
+++ b/doc/todo/unpropelling_a_host.mdwn
@@ -0,0 +1,9 @@
+We discussed at DebConf the need for a property that removes propellor from a host.  It would run itself at the end of the spin.  It needs to nuke `/usr/local/propellor`.  To what extent can it remove propellor's build dependencies?  I can see two problems to be resolved before writing any code.
+
+1. There is no standard way to remove cabal and stack packages from `/root` without potentially nuking stuff the user wants to keep.  So maybe the property should remove only OS packages?  I.e. best used on `OSOnly` hosts/chroots.
+
+2. What if another property on the host installs some or all of those build dependencies?  This property would be cancelled out by the unpropellor property.  Maybe properties that install packages need to set info about the packages that are meant to remain installed?
+
+The unpropellor property could just nuke `/usr/local/propellor` and leave it at that.  But then the sbuild module would need to maintain a list of propellor's build deps to remove from the newly created chroot, which is a third copy of the list..
+
+--spwhitton

Added a comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
new file mode 100644
index 00000000..12d59028
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_3_6aeee8ba74b363d26a49d6773c5d5014._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="spwhitton"
+ avatar="http://cdn.libravatar.org/avatar/9c3f08f80e67733fd506c353239569eb"
+ subject="comment 3"
+ date="2017-09-02T02:47:01Z"
+ content="""
+Thank you for the detailed report.
+
+I think the problem is the proxy propagation happens after the sbuild-createchroot command has run, but if the sbuild-createchroot command needs the proxy, it will fail in the way you describe.
+
+After speaking to Joey at DebConf I think I can rework the sbuild module to bypass sbuild-createchroot and run debootstrap itself, without thereby polluting the chroot that is created.  That should make it much easier to fix this bug, so I'll do that first.
+"""]]

response
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_3_1405e20c8f5dc6e9cca3732e3e368d03._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_3_1405e20c8f5dc6e9cca3732e3e368d03._comment
new file mode 100644
index 00000000..76c89ca6
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_3_1405e20c8f5dc6e9cca3732e3e368d03._comment
@@ -0,0 +1,25 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2017-09-01T22:32:43Z"
+ content="""
+One way would be to use System.Process's `close_fds` when executing
+vgs/lvs. BTW, I've seen such complaints from lvm before, in some
+situations not involving propellor.
+
+I've made a commit that makes the propellor lock FD be close-on-exec,
+which is generally a good idea for lock FDs anyway. (To prevent some 
+long-running daemon process that does not close such FDs keeping the lock
+held.)
+
+My guess is that the other 4 FDs, which are apparently pairs of FDs
+at both sides of a pipe, come from
+System.Console.Concurrent.Internal.bgProcess, which sets up just such a
+pipe. Quite possibly when vgs/lvs are run, it's via that function.
+
+Generally leaking non-lock-related FDs to child processes is not a big
+problem, as long as the child process doesn't write to random FDs (which
+would be pretty bad, but what would ever do that?) ... So I don't know if I
+want to try to chase down every FD used all through propellor to set them
+close-on-exec.
+"""]]

Added a comment
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_2_d63d84b56ece233f795d1075aaba887a._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_2_d63d84b56ece233f795d1075aaba887a._comment
new file mode 100644
index 00000000..546fe436
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_2_d63d84b56ece233f795d1075aaba887a._comment
@@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 2"
+ date="2017-09-01T21:38:16Z"
+ content="""
+Thanks for your comments.
+
+I also have a problem when running vgs/lvs, they complain about leaked file descriptors. Is it something I can fix?
+
+    File descriptor 10 (/usr/local/propellor/.lock) leaked on vgs invocation. Parent PID 31216: ./dist/build/propellor-config/p
+    File descriptor 11 (pipe:[282601]) leaked on vgs invocation. Parent PID 31216: ./dist/build/propellor-config/p
+    File descriptor 12 (pipe:[282601]) leaked on vgs invocation. Parent PID 31216: ./dist/build/propellor-config/p
+    File descriptor 13 (pipe:[282602]) leaked on vgs invocation. Parent PID 31216: ./dist/build/propellor-config/p
+    File descriptor 14 (pipe:[282602]) leaked on vgs invocation. Parent PID 31216: ./dist/build/propellor-config/p
+
+I have pushed a new version with the suggested fixes.
+"""]]

review
diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_1_74c6576b25f74c6e620eb015af8b0f6a._comment b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_1_74c6576b25f74c6e620eb015af8b0f6a._comment
new file mode 100644
index 00000000..5982361f
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal/comment_1_74c6576b25f74c6e620eb015af8b0f6a._comment
@@ -0,0 +1,26 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-08-31T22:40:34Z"
+ content="""
+That's a pretty nice job for your first haskell code! And an impressive
+module.
+
+Most of my review comments have to do with improving types.. Which is
+always a nice way to improve already good code. :)
+
+* VolumeGroup and LogicalVolume seem like easy things to mix up.
+  Also, there's never a LogicalVolume without an associated VolumeGroup.
+  So, suggest `newtype VolumeGroup = VolumeGroup String` and
+  `data LogicalVolume = LogicalVolume String VolumeGroup` -- then
+  the user would write something like 
+  `LogicalVolume "test" (VolumeGroup "vg0")`
+* Why not make `LvState` contain a `Maybe Partition.Fs` rather than
+  the string value. (This also would move the parsing of filesystem names
+  from `fsMatch` to `lvState` or perhaps to another function it uses.)
+* It seems a bit wrong for `parseSize` to include the rounding
+  to the next extent, which is not really related to parsing.
+  Would be better to split those two things into separate functions.
+
+I feel that this module is fairly close to mergeable.
+"""]]

response
diff --git a/doc/forum/Compatibility_between_different_software_versions/comment_1_1bc12b78e09c7060f4b5c434004b4b7f._comment b/doc/forum/Compatibility_between_different_software_versions/comment_1_1bc12b78e09c7060f4b5c434004b4b7f._comment
new file mode 100644
index 00000000..97ab02e8
--- /dev/null
+++ b/doc/forum/Compatibility_between_different_software_versions/comment_1_1bc12b78e09c7060f4b5c434004b4b7f._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-08-31T22:26:42Z"
+ content="""
+`withOS` or `getOS` is often used to deal with such differences,
+varying behavior depending on the Host's defined OS. For example, 
+Propellor.Property.Borg.installed does one thing on Debian jessie
+and another thing on other versions of Debian. And
+Propellor.Property.Apt.getMirror generates different urls for Debian and
+Ubuntu.
+"""]]

Compatibility between different software versions
diff --git a/doc/forum/Compatibility_between_different_software_versions.mdwn b/doc/forum/Compatibility_between_different_software_versions.mdwn
new file mode 100644
index 00000000..b2de3439
--- /dev/null
+++ b/doc/forum/Compatibility_between_different_software_versions.mdwn
@@ -0,0 +1 @@
+I'm just asking myself how (or if) we can guarantee compatibility between different versions of an application. Let's take "prosody" as an example. Even if we use the "DebianLike" property, there might be different versions of "prosody" in Debian Stable and Debian Unstable and therefore different configurations options available. Is there a way to catch those cases? Another example would be a "generic" property (which works for DebianLike and ArchLinux) for a specific software, but inside these distributions are different versions of the application. Even a "Prosody.installed" might be problematic, if the package has been renamed in a newer Debian release.

diff --git a/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn
new file mode 100644
index 00000000..0910ef5d
--- /dev/null
+++ b/doc/todo/LVM_logical_volume_creation__44___resize__44___format___38___removal.mdwn
@@ -0,0 +1,7 @@
+I have made a new property to handle logical volume with propellor.
+
+I am not confident my haskell code is good looking as this is my first real life haskell code, can you please have a look?
+
+You can pull the lvm branch at http://git.ni.fr.eu.org/nicolas/propellor.git
+
+Thanks!

response
diff --git a/doc/forum/How_to_create_a_property_with_info/comment_3_6cf0360b4922a131bca33d33acf078be._comment b/doc/forum/How_to_create_a_property_with_info/comment_3_6cf0360b4922a131bca33d33acf078be._comment
new file mode 100644
index 00000000..ac4ca94b
--- /dev/null
+++ b/doc/forum/How_to_create_a_property_with_info/comment_3_6cf0360b4922a131bca33d33acf078be._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2017-08-28T22:38:55Z"
+ content="""
+Finding a way to type check that, I don't know. It would certianly be nice
+to be able to statically check such things. The way that Info is
+implemented as a monoid that contains many different types seems to
+preclude exposing enough information for the type checker to catch such a
+problem. So it would have to be changed somehow, I don't know how.
+"""]]

Added a comment
diff --git a/doc/forum/creating_Bind9_configuration/comment_3_6b4d73b17d87d00845fda26431ded422._comment b/doc/forum/creating_Bind9_configuration/comment_3_6b4d73b17d87d00845fda26431ded422._comment
new file mode 100644
index 00000000..c61feaab
--- /dev/null
+++ b/doc/forum/creating_Bind9_configuration/comment_3_6b4d73b17d87d00845fda26431ded422._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 3"
+ date="2017-08-28T14:03:35Z"
+ content="""
+It might be a configuration from my server provider, maybe I should do a clean install :)
+
+If not using a full clone, I also have problem because I cannot use things like Utility.Units.
+"""]]

Added a comment
diff --git a/doc/forum/How_to_create_a_property_with_info/comment_2_1c2b3cb54f27fb6b6bb5de9d159dd34f._comment b/doc/forum/How_to_create_a_property_with_info/comment_2_1c2b3cb54f27fb6b6bb5de9d159dd34f._comment
new file mode 100644
index 00000000..6034e6e5
--- /dev/null
+++ b/doc/forum/How_to_create_a_property_with_info/comment_2_1c2b3cb54f27fb6b6bb5de9d159dd34f._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 2"
+ date="2017-08-26T06:29:44Z"
+ content="""
+I could have multiple host with debomatic install on it.
+I need to create a property which take a list of hosts (all with the Debomatic info) in order to generate the sources.list files.
+This way it is possible for me to select per host the sources of packages.
+
+what should be done in order to type check this ?
+I would like the compiler to says. Hey you ask for a source list from this host but it dos not contain a Debian mirror.
+
+Cheers
+"""]]

comment
diff --git a/doc/forum/How_to_create_a_property_with_info/comment_1_819902ee6b8e571f735dd2c9c93c49a9._comment b/doc/forum/How_to_create_a_property_with_info/comment_1_819902ee6b8e571f735dd2c9c93c49a9._comment
new file mode 100644
index 00000000..853e6e86
--- /dev/null
+++ b/doc/forum/How_to_create_a_property_with_info/comment_1_819902ee6b8e571f735dd2c9c93c49a9._comment
@@ -0,0 +1,29 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-08-25T23:07:12Z"
+ content="""
+It's not allowed for the content of Info to come from an IO action.
+Info has to be static. This allows one Host to introspect the Info of
+another Host. The Dns properties rely on that.
+
+So, the type checker is right in preventing this. It's also not allowed
+to use ensureProperty with a property that HasInfo, as the info would
+not propigate to the outer property. The type checker is also preventing
+you making that mistake.
+
+(You also forgot to pass the `w` parameter to `ensureProperty`, 
+which made the type checker unhappy as well and probably confused the error
+messages.)
+
+To accomplish your goal, you could use:
+
+	data DebOMaticHostMirror = DebOMaticHostMirror
+
+If a Host has this in its Info, you know that Host is the one with
+debomatic installed. You can then get its hostname using the `hostName`
+field accessor on the Host. 
+
+The property that does that will need to be passed a `[Host]` which will
+typically be the `hosts` list defined in config.hs.
+"""]]

diff --git a/doc/forum/How_to_create_a_property_with_info.mdwn b/doc/forum/How_to_create_a_property_with_info.mdwn
new file mode 100644
index 00000000..ea8babe5
--- /dev/null
+++ b/doc/forum/How_to_create_a_property_with_info.mdwn
@@ -0,0 +1,65 @@
+Hello Joey,
+
+I try to setup a debomatic service on one of my computer.
+So I created a data which will store on which host it was installed
+
+    data DebOMaticHostMirror = DebOMaticHostMirror Url
+	deriving (Eq, Show, Typeable)
+
+So now I try to create a property which get the hostname and set the info, 
+BUT I did not find the right way to do this. Here an attempt
+
+    debomaticHostMirror :: Property (HasInfo + UnixLike)
+    debomaticHostMirror = property' desc $ \w -> do
+      hostname <- asks hostName
+      ensureProperty $ pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname))
+        where
+          desc = "setup the Deb-O-Matic host name for other properties"
+
+but I get this error message
+
+    src/propellor-config.hs:935:3: error:
+    • Couldn't match expected type ‘Propellor Result’
+                  with actual type ‘Property
+                                      (Propellor.Types.MetaTypes.MetaTypes inner0)
+                                    -> Propellor Result’
+    • In a stmt of a 'do' block:
+        ensureProperty
+        $ pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname))
+      In the expression:
+        do { hostname <- asks hostName;
+             ensureProperty
+             $ pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname)) }
+      In the second argument of ‘($)’, namely
+        ‘\ w
+           -> do { hostname <- asks hostName;
+                   ensureProperty
+                   $ pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname)) }’
+
+    src/propellor-config.hs:935:20: error:
+    • Couldn't match expected type ‘OuterMetaTypesWitness outer0’
+                  with actual type ‘Property (HasInfo + UnixLike)’
+    • In the second argument of ‘($)’, namely
+        ‘pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname))’
+      In a stmt of a 'do' block:
+        ensureProperty
+        $ pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname))
+      In the expression:
+        do { hostname <- asks hostName;
+             ensureProperty
+             $ pureInfoProperty desc (InfoVal (DebOMaticHostMirror hostname)) }
+
+the Idea after is to create a property which will take the DeboMatic Info and generate the
+/etc/apt/sourses.list.d/debomatic.list on a bunch of hosts.
+
+Maybe we could have a
+
+    typeclass Mirror a where
+       toSourceListDLines :: a -> [Line]
+
+    instance Mirror DebOMaticHostMirror where
+       toSourceListDLines (DebOMaticHostMirror hostname) = ...
+
+then the stdSourceListD property should be change to use toSourceListDLines
+
+but this is another story :)

comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_13_2f8c7bb7f8ffb734a99ac3d7b28e2d62._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_13_2f8c7bb7f8ffb734a99ac3d7b28e2d62._comment
new file mode 100644
index 00000000..74dc528e
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_13_2f8c7bb7f8ffb734a99ac3d7b28e2d62._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 13"""
+ date="2017-08-24T21:11:07Z"
+ content="""
+Yes, there are two levels of caches. This does make updating the images a
+whole lot faster!
+
+Some systems don't have a very large /var partition and so I think it's
+better to let the user pick where they go. The documentation could
+certainly (always) be improved.
+
+Note that reverting any of the properties in DiskImage will clean up
+all the cache files as well as the final disk image.
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_12_4baf7efcc6f9c50e3aebd663b7792279._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_12_4baf7efcc6f9c50e3aebd663b7792279._comment
new file mode 100644
index 00000000..b6de7d0a
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_12_4baf7efcc6f9c50e3aebd663b7792279._comment
@@ -0,0 +1,23 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 12"
+ date="2017-08-24T19:11:24Z"
+ content="""
+If I understand correctly, the new typeclass need to provide a method which return the
+(RawDiskImage filename). In the process we have at least 2 cache level
+One for the chroot, and one for the RawImage.
+
+I was wondering if these cache (side effect) could not be regrouped
+under /var/cache/propellor instead of putting this randomly everywhere on the disk.
+
+This way It should be possible to \"reset\" propellor by removing the cache in order to force
+a cache rebuild.
+
+I think about this because I am not aware as a user of all these \"side effects\".
+
+propellor --purge-cache ;)
+
+cheers and thanks again
+
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_11_b1ad266b5c34b600d2d724bf5ffc40de._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_11_b1ad266b5c34b600d2d724bf5ffc40de._comment
new file mode 100644
index 00000000..79debc75
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_11_b1ad266b5c34b600d2d724bf5ffc40de._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 11"
+ date="2017-08-24T18:36:12Z"
+ content="""
+Thanks a lot joey.
+"""]]

DiskImage type class
* DiskImage: Made a DiskImage type class, so that different disk image
formats can be implemented. The properties in this module can generate
any type that is a member of DiskImage. (API change)
(To convert existing configs, convert the filename of the disk image
to RawDiskImage filename.)
* Removed DiskImage.vmdkBuiltFor property. (API change)
Instead, use VirtualBoxPointer in the property that creates the disk
image.
This commit was sponsored by Jack Hill on Patreon.
diff --git a/debian/changelog b/debian/changelog
index f8b59743..9b01183f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+propellor (4.8.0) UNRELEASED; urgency=medium
+
+  * DiskImage: Made a DiskImage type class, so that different disk image
+    formats can be implemented. The properties in this module can generate
+    any type that is a member of DiskImage. (API change)
+    (To convert existing configs, convert the filename of the disk image
+    to RawDiskImage filename.)
+  * Removed DiskImage.vmdkBuiltFor property. (API change)
+    Instead, use VirtualBoxPointer in the property that creates the disk
+    image.
+
+ -- Joey Hess <id@joeyh.name>  Thu, 24 Aug 2017 11:00:19 -0400
+
 propellor (4.7.7) unstable; urgency=medium
 
   * Locale: Display an error message when /etc/locale.gen does not contain
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_10_7982113b64a7884ce95ff38a6d876e2e._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_10_7982113b64a7884ce95ff38a6d876e2e._comment
new file mode 100644
index 00000000..3ccfc4db
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_10_7982113b64a7884ce95ff38a6d876e2e._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 10"""
+ date="2017-08-24T15:35:22Z"
+ content="""
+I've implemented the DiskImage type class.
+"""]]
diff --git a/joeyconfig.hs b/joeyconfig.hs
index 1ce15682..e98e5b51 100644
--- a/joeyconfig.hs
+++ b/joeyconfig.hs
@@ -94,12 +94,11 @@ darkstar = host "darkstar.kitenet.net" $ props
 	& Ssh.userKeys (User "joey") hostContext
 		[ (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1YoyHxZwG5Eg0yiMTJLSWJ/+dMM6zZkZiR4JJ0iUfP+tT2bm/lxYompbSqBeiCq+PYcSC67mALxp1vfmdOV//LWlbXfotpxtyxbdTcQbHhdz4num9rJQz1tjsOsxTEheX5jKirFNC5OiKhqwIuNydKWDS9qHGqsKcZQ8p+n1g9Lr3nJVGY7eRRXzw/HopTpwmGmAmb9IXY6DC2k91KReRZAlOrk0287LaK3eCe1z0bu7LYzqqS+w99iXZ/Qs0m9OqAPnHZjWQQ0fN4xn5JQpZSJ7sqO38TBAimM+IHPmy2FTNVVn9zGM+vN1O2xr3l796QmaUG1+XLL0shfR/OZbb joey@darkstar")
 		]
-	& imageBuilt "/srv/test.img" mychroot MSDOS
+	& imageBuilt (VirtualBoxPointer "/srv/test.vmdk") mychroot MSDOS
 		[ partition EXT2 `mountedAt` "/boot"
 		, partition EXT4 `mountedAt` "/"
 		, swapPartition (MegaBytes 256)
 		]
-		`before` vmdkBuiltFor "/srv/test.img"
   where
 	mychroot d = debootstrapped mempty d $ props
 		& osDebian Unstable X86_64
diff --git a/src/Propellor/Property/DiskImage.hs b/src/Propellor/Property/DiskImage.hs
index f64f685a..6c1a572c 100644
--- a/src/Propellor/Property/DiskImage.hs
+++ b/src/Propellor/Property/DiskImage.hs
@@ -8,12 +8,13 @@ module Propellor.Property.DiskImage (
 	-- * Partition specification
 	module Propellor.Property.DiskImage.PartSpec,
 	-- * Properties
-	DiskImage,
+	DiskImage(..),
+	RawDiskImage(..),
+	VirtualBoxPointer(..),
 	imageBuilt,
 	imageRebuilt,
 	imageBuiltFrom,
 	imageExists,
-	vmdkBuiltFor,
 	Grub.BIOS(..),
 ) where
 
@@ -42,7 +43,48 @@ import qualified Data.Map.Strict as M
 import qualified Data.ByteString.Lazy as L
 import System.Posix.Files
 
-type DiskImage = FilePath
+-- | Type class of disk image formats.
+class DiskImage d where
+	-- | Get the location where the raw disk image should be stored.
+	rawDiskImage :: d -> RawDiskImage
+	-- | Describe the disk image (for display to the user)
+	describeDiskImage :: d -> String
+	-- | Convert the raw disk image file in the
+	-- `rawDiskImage` location into the desired disk image format.
+	-- For best efficiency, the raw disk imasge file should be left
+	-- unchanged on disk.
+	buildDiskImage :: d -> RevertableProperty DebianLike Linux
+
+-- | A raw disk image, that can be written directly out to a disk.
+newtype RawDiskImage = RawDiskImage FilePath
+
+instance DiskImage RawDiskImage where
+	rawDiskImage = id
+	describeDiskImage (RawDiskImage f) = f
+	buildDiskImage (RawDiskImage _) = doNothing <!> doNothing
+
+-- | A virtualbox .vmdk file, which contains a pointer to the raw disk
+-- image. This can be built very quickly.
+newtype VirtualBoxPointer = VirtualBoxPointer FilePath
+
+instance DiskImage VirtualBoxPointer where
+	rawDiskImage (VirtualBoxPointer f) = RawDiskImage $
+		dropExtension f ++ ".img"
+	describeDiskImage (VirtualBoxPointer f) = f
+	buildDiskImage (VirtualBoxPointer vmdkfile) = (setup <!> cleanup)
+		`describe` (vmdkfile ++ " built")
+	  where
+		setup = cmdProperty "VBoxManage"
+			[ "internalcommands", "createrawvmdk"
+			, "-filename", vmdkfile
+			, "-rawdisk", diskimage
+			]
+			`changesFile` vmdkfile
+			`onChange` File.mode vmdkfile (combineModes (ownerWriteMode : readModes))
+			`requires` Apt.installed ["virtualbox"]
+			`requires` File.notPresent vmdkfile
+		cleanup = tightenTargets $ File.notPresent vmdkfile
+		RawDiskImage diskimage = rawDiskImage (VirtualBoxPointer vmdkfile)
 
 -- | Creates a bootable disk image.
 --
@@ -70,7 +112,7 @@ type DiskImage = FilePath
 -- > import Propellor.Property.Chroot
 -- > 
 -- > foo = host "foo.example.com" $ props
--- > 	& imageBuilt "/srv/diskimages/disk.img" mychroot
+-- > 	& imageBuilt (RawDiskImage "/srv/diskimages/disk.img") mychroot
 -- >		MSDOS
 -- >		[ partition EXT2 `mountedAt` "/boot"
 -- >			`setFlag` BootFlag
@@ -95,7 +137,7 @@ type DiskImage = FilePath
 --
 -- > foo :: Host
 -- > foo = host "foo.example.com" $ props
--- >	& imageBuilt "/srv/diskimages/bar-disk.img"
+-- >	& imageBuilt (RawDiskImage "/srv/diskimages/bar-disk.img")
 -- >		(hostChroot bar (Debootstrapped mempty))
 -- >		MSDOS
 -- >		[ partition EXT2 `mountedAt` "/boot"
@@ -111,30 +153,31 @@ type DiskImage = FilePath
 -- >	& Apt.installed ["linux-image-amd64"]
 -- >	& Grub.installed PC
 -- >	& hasPassword (User "root")
-imageBuilt :: DiskImage -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
+imageBuilt :: DiskImage d => d -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
 imageBuilt = imageBuilt' False
 
 -- | Like 'built', but the chroot is deleted and rebuilt from scratch each
 -- time. This is more expensive, but useful to ensure reproducible results
 -- when the properties of the chroot have been changed.
-imageRebuilt :: DiskImage -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
+imageRebuilt :: DiskImage d => d -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
 imageRebuilt = imageBuilt' True
 
-imageBuilt' :: Bool -> DiskImage -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
+imageBuilt' :: DiskImage d => Bool -> d -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
 imageBuilt' rebuild img mkchroot tabletype partspec =
 	imageBuiltFrom img chrootdir tabletype final partspec
 		`requires` Chroot.provisioned chroot
 		`requires` (cleanrebuild <!> (doNothing :: Property UnixLike))
 		`describe` desc
   where
-	desc = "built disk image " ++ img
+	desc = "built disk image " ++ describeDiskImage img
+	RawDiskImage imgfile = rawDiskImage img
 	cleanrebuild :: Property Linux
 	cleanrebuild
 		| rebuild = property desc $ do
 			liftIO $ removeChroot chrootdir
 			return MadeChange
 		| otherwise = doNothing
-	chrootdir = img ++ ".chroot"
+	chrootdir = imgfile ++ ".chroot"
 	chroot =
 		let c = propprivdataonly $ mkchroot chrootdir
 		in setContainerProps c $ containerProps c
@@ -161,10 +204,11 @@ cachesCleaned = "cache cleaned" ==> (Apt.cacheCleaned `pickOS` skipit)
 	skipit = doNothing :: Property UnixLike
 
 -- | Builds a disk image from the contents of a chroot.
-imageBuiltFrom :: DiskImage -> FilePath -> TableType -> Finalization -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) UnixLike
+imageBuiltFrom :: DiskImage d => d -> FilePath -> TableType -> Finalization -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
 imageBuiltFrom img chrootdir tabletype final partspec = mkimg <!> rmimg
   where
-	desc = img ++ " built from " ++ chrootdir
+	desc = describeDiskImage img ++ " built from " ++ chrootdir
+	dest@(RawDiskImage imgfile) = rawDiskImage img
 	mkimg = property' desc $ \w -> do
 		-- Unmount helper filesystems such as proc from the chroot
 		-- first; don't want to include the contents of those.
@@ -176,14 +220,17 @@ imageBuiltFrom img chrootdir tabletype final partspec = mkimg <!> rmimg
 		let (mnts, mntopts, parttable) = fitChrootSize tabletype partspec $
 			map (calcsz mnts) mnts
 		ensureProperty w $
-			imageExists' img parttable
+			imageExists' dest parttable
 				`before`
-			kpartx img (mkimg' mnts mntopts parttable)
+			kpartx imgfile (mkimg' mnts mntopts parttable)

(Diff truncated)
comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_9_eebdf852c9d73c7b11b184b7654aa78c._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_9_eebdf852c9d73c7b11b184b7654aa78c._comment
new file mode 100644
index 00000000..1b1f1e64
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_9_eebdf852c9d73c7b11b184b7654aa78c._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 9"""
+ date="2017-08-24T14:39:05Z"
+ content="""
+The `DiskImage` data type could be expanded to support different output
+formats.
+
+Or, a type class could be used, so eg:
+
+	imageBuilt :: DiskImage d => d -> (FilePath -> Chroot) -> TableType -> [PartSpec ()] -> RevertableProperty (HasInfo + DebianLike) Linux
+
+The type class would just need a function to convert from the raw disk
+image to the desired file format. Then anyone could add whatever disk image
+formats they want (which can probably shade into containers in some cases).
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_8_ca5d1f161c037c09fe853c56281f88bc._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_8_ca5d1f161c037c09fe853c56281f88bc._comment
new file mode 100644
index 00000000..9891845e
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_8_ca5d1f161c037c09fe853c56281f88bc._comment
@@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 8"
+ date="2017-08-24T07:04:07Z"
+ content="""
+It is true that my uszer prefer the embeded virtual image :).
+
+Maybe we could have a DiskImage export property which could take an output format type
+I do not know how many format are out there for these kind of virtual machines.
+Maybe this could be also a way to prepare images for the cloud. (I do not use this mayself but why not).
+What is the difference between Diskimage and containers ?
+
+Cheers
+
+Frederic
+
+"""]]

comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_7_a3de897d9d056fcb6821f3b03485ede5._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_7_a3de897d9d056fcb6821f3b03485ede5._comment
new file mode 100644
index 00000000..7c0995ff
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_7_a3de897d9d056fcb6821f3b03485ede5._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 7"""
+ date="2017-08-23T21:07:41Z"
+ content="""
+The vmdk text file is so small that I did think about just having propellor
+generate it by itself. I don't know how stable/documented it is however.
+
+I suppose that if you're distributing a vmdk image to others, you would not
+want to use the text file format, since that hard-codes the path to the
+.img file. So, perhaps there should be separate properties for vmdk text
+files that point at disk images and self-contained vmdk images.
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_6_1410b386c0f3e1ff41adb068dd611f10._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_6_1410b386c0f3e1ff41adb068dd611f10._comment
new file mode 100644
index 00000000..5bd1ab6d
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_6_1410b386c0f3e1ff41adb068dd611f10._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 6"
+ date="2017-08-23T19:42:31Z"
+ content="""
+this is good for me because I prepare a virtualbox image not for me but for our windows / MacOSX users.
+
+This is why I need to build these images.
+
+thanks for your help
+"""]]

add news item for propellor 4.7.7
diff --git a/doc/news/version_4.7.2.mdwn b/doc/news/version_4.7.2.mdwn
deleted file mode 100644
index a81220b..0000000
--- a/doc/news/version_4.7.2.mdwn
+++ /dev/null
@@ -1,7 +0,0 @@
-propellor 4.7.2 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Added PROPELLOR\_TRACE environment variable, which can be set to 1 to
-     make propellor output serialized Propellor.Message.Trace values,
-     for consumption by another program.
-   * Rsync: Make rsync display its progress, in a minimal format to avoid
-     scrolling each file down the screen."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.7.mdwn b/doc/news/version_4.7.7.mdwn
new file mode 100644
index 0000000..258f0f2
--- /dev/null
+++ b/doc/news/version_4.7.7.mdwn
@@ -0,0 +1,11 @@
+propellor 4.7.7 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Locale: Display an error message when /etc/locale.gen does not contain
+     the requested locale.
+   * Attic module is deprecated and will warn when used.
+     Attic is no longer available in Debian and appears to have been
+     mostly supersceded by Borg.
+   * Obnam module is deprecated and will warn when used.
+     Obnam has been retired by its author.
+   * Add Typeable instance to Bootstrapper, fixing build with old versions
+     of ghc. (Previous attempt was incomplete.)"""]]
\ No newline at end of file

comment
diff --git a/doc/forum/creating_Bind9_configuration/comment_2_f1bffbdd7c2ebab2dd9518ee024e7a92._comment b/doc/forum/creating_Bind9_configuration/comment_2_f1bffbdd7c2ebab2dd9518ee024e7a92._comment
new file mode 100644
index 0000000..71c8b5a
--- /dev/null
+++ b/doc/forum/creating_Bind9_configuration/comment_2_f1bffbdd7c2ebab2dd9518ee024e7a92._comment
@@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-08-23T16:00:12Z"
+ content="""
+At least on Debian, bind seems to come configured to listen on all
+interfaces by default, so I have not messed with listen-on settings at all.
+
+confLines seems to have been included in NamedConf to allow for specifying
+additional lines, but there does not seem to be an interface to set it.
+Versions of the 3 dns properties with an additional (NamedConf -> NamedConf)
+parameter woulld be one way; I'd take such a patch.
+
+As to a minimal config vs a full clone, it's up to you. With a full clone
+you can easily modify all of propellor's properties to quicklly deal with
+issues like this.. but then you might have to maintain your patches if you
+don't get them accepted into propellor.
+"""]]

comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_5_df27f39bfb7104b4440c972b71f586e4._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_5_df27f39bfb7104b4440c972b71f586e4._comment
new file mode 100644
index 0000000..374de32
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_5_df27f39bfb7104b4440c972b71f586e4._comment
@@ -0,0 +1,17 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 5"""
+ date="2017-08-23T15:49:27Z"
+ content="""
+The `vmdkBuiltFor` property is provided to make a disk image
+usable with virtualbox. If your distribution chooses not to include
+virtualbox and so you don't have virtualbox installed, what good would
+such an image be to you?
+
+To use `vmdkBuiltFor` you must already have a disk image file, which qemu
+etc can already use.
+
+"qemu-img convert" writes a whole disk image file. This is a much more
+expensive operation than what `vmdkBuiltFor` currently does, which creates
+a tiny text file that makes virtualbox use the existing disk image.
+"""]]

Add Typeable instance to Bootstrapper, fixing build with old versions of ghc. (Previous attempt was incomplete.)
diff --git a/debian/changelog b/debian/changelog
index 9de2922..f6ed0d5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,8 @@ propellor (4.7.7) UNRELEASED; urgency=medium
     mostly supersceded by Borg.
   * Obnam module is deprecated and will warn when used.
     Obnam has been retired by its author.
+  * Add Typeable instance to Bootstrapper, fixing build with old versions
+    of ghc. (Previous attempt was incomplete.)
 
  -- Joey Hess <id@joeyh.name>  Wed, 23 Aug 2017 11:41:01 -0400
 
diff --git a/doc/forum/propellor_4.7.6_does_not_compile_on_jessie/comment_1_c35f458b4c958f6397fe726f5676b700._comment b/doc/forum/propellor_4.7.6_does_not_compile_on_jessie/comment_1_c35f458b4c958f6397fe726f5676b700._comment
new file mode 100644
index 0000000..98b2d00
--- /dev/null
+++ b/doc/forum/propellor_4.7.6_does_not_compile_on_jessie/comment_1_c35f458b4c958f6397fe726f5676b700._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-08-23T15:41:55Z"
+ content="""
+I've added a typeable instance for Bootstrapper which should fix that.
+"""]]
diff --git a/src/Propellor/Bootstrap.hs b/src/Propellor/Bootstrap.hs
index 21d29bc..08af687 100644
--- a/src/Propellor/Bootstrap.hs
+++ b/src/Propellor/Bootstrap.hs
@@ -33,7 +33,7 @@ type ShellCommand = String
 -- `OSOnly` uses the OS's native packages of Cabal and all of propellor's
 -- build dependencies. It may not work on all systems.
 data Bootstrapper = Robustly Builder | OSOnly
-	deriving (Show)
+	deriving (Show, Typeable)
 
 data Builder = Cabal | Stack
 	deriving (Show, Typeable)

Added a comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_2_579894632e567a08d83e306be5e355b2._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_2_579894632e567a08d83e306be5e355b2._comment
new file mode 100644
index 0000000..53595ad
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_2_579894632e567a08d83e306be5e355b2._comment
@@ -0,0 +1,84 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 2"
+ date="2017-08-23T13:26:31Z"
+ content="""
+Hello, so I try to restart from scratch and ask for a stretch Sbuild
+
+everything went fine until the update
+
+
+    I: schroot chroot configuration written to /etc/schroot/chroot.d/stretch-amd64-propellor-VYWULd.
+    +------------------------------------------------------------------------
+    |[stretch-amd64-propellor]
+    |description=Debian stretch/amd64 autobuilder
+    |groups=root,sbuild
+    |root-groups=root,sbuild
+    |profile=sbuild
+    |type=directory
+    |directory=/srv/chroot/stretch-amd64
+    |union-type=overlay
+    +------------------------------------------------------------------------
+    I: Please rename and modify this file as required.
+    W: Not creating symlink /srv/chroot/stretch-amd64 to /etc/sbuild/chroot/stretch-amd64-propellor: file already exists
+    perl: warning: Setting locale failed.
+    perl: warning: Please check that your locale settings:
+            LANGUAGE = (unset),
+            LC_ALL = (unset),
+            LANG = \"en_GB.UTF-8\"
+        are supported and installed on your system.
+    perl: warning: Falling back to the standard locale (\"C\").
+    I: Setting reference package list.
+    I: Updating chroot.
+
+
+On my network, I need a proxy so I setup the host with 
+
+    ...
+    & Apt.proxy myproxy
+    & Sbuild.builtFor stretch Sbuild.UseCcache
+
+If I understand correctly the Apt.proxy should propagate the Apt.proxy into the Sbuild
+but when I look inside the chroot, I can not find the 
+
+    /etc/apt/apt.conf.d/20proxy
+
+file which is on the host
+
+And Indeed after a certain amount of time, the network gives a timeout
+
+    Err:1 http://deb.debian.org/debian stretch InRelease
+      Cannot initiate the connection to deb.debian.org:80 (2001:41c8:1000:21::21:4). - connect (101: Network is unreachable) [IP: 2001:41c8:1000:21::21:4 80]
+    Reading package lists...
+    W: Failed to fetch http://deb.debian.org/debian/dists/stretch/InRelease  Cannot initiate the connection to deb.debian.org:80 (2001:41c8:1000:21::21:4). - connect (101: Network is unreachable) [IP: 2001:41c8:1000:21::21:4 80]
+    W: Some index files failed to download. They have been ignored, or old ones used instead.
+    Reading package lists...
+    Building dependency tree...
+    Calculating upgrade...
+    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
+    I: Successfully set up stretch chroot.
+    I: Run \"sbuild-adduser\" to add new sbuild users.
+    sixs7.exp.synchrotron-soleil.fr sbuild schroot for System (Debian Linux (Stable \"stretch\")) X86_64 ... done
+
+the good news is that now the schroot file contain the right informations
+
+    [stretch-amd64-sbuild]
+    description=Debian stretch/amd64 autobuilder
+    groups=root,sbuild
+    root-groups=root,sbuild
+    profile=sbuild
+    type=directory
+    directory=/srv/chroot/stretch-amd64
+    union-type=overlay
+    command-prefix=/var/cache/ccache-sbuild/sbuild-setup,eatmydata
+
+
+So to summarize, I think that the Apt.proxy propagation does not work.
+
+This propagation should be optional because sometime we prepare images which are not meant to be used behind a proxy (where they were prepare)
+
+thanks for your attention :)
+
+
+"""]]

Added a comment
diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_1_59ac4661a896a514ce953a0069341869._comment b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_1_59ac4661a896a514ce953a0069341869._comment
new file mode 100644
index 0000000..b4e411b
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot/comment_1_59ac4661a896a514ce953a0069341869._comment
@@ -0,0 +1,24 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2017-08-23T13:00:13Z"
+ content="""
+this is strange because the stretch-amd64-sbuild file is wrong.
+
+here the content
+
+    [stretch-amd64-sbuild]
+    command-prefix=/var/cache/ccache-sbuild/sbuild-setup,eatmydata
+
+to compare with my previous jessie-amd64-sbuild
+
+    [jessie-amd64-sbuild]
+    type=directory
+    description=Debian jessie/amd64 autobuilder
+    directory=/srv/chroot/jessie-amd64
+    groups=root,sbuild
+    root-groups=root,sbuild
+    profile=sbuild
+    command-prefix=/var/cache/ccache-sbuild/sbuild-setup,eatmydata
+"""]]

diff --git a/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot.mdwn b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot.mdwn
new file mode 100644
index 0000000..8887f43
--- /dev/null
+++ b/doc/forum/Sbuild_chroot_are_not_compatible_with_schroot.mdwn
@@ -0,0 +1,29 @@
+Hello, I am preparing a property in order to setup a debomatic machine
+but  when I try to upload a package I get this error from debomatic
+
+    DEBUG: Command '['schroot', '-l']' returned non-zero exit status 1
+    Traceback (most recent call last):
+    File "/usr/share/debomatic/Debomatic/process.py", line 197, in _finish
+      raise e
+    File "/usr/lib/python3.5/concurrent/futures/thread.py", line 55, in run
+      result = self.fn(*self.args, **self.kwargs)
+    File "/usr/share/debomatic/Debomatic/build.py", line 525, in run
+      self._build()
+    File "/usr/share/debomatic/Debomatic/build.py", line 133, in _build
+      self._setup_chroot()
+    File "/usr/share/debomatic/Debomatic/build.py", line 395, in _setup_chroot
+      chroots = check_output(['schroot', '-l'], stderr=fd)
+    File "/usr/lib/python3.5/subprocess.py", line 316, in check_output
+      **kwargs).stdout
+    File "/usr/lib/python3.5/subprocess.py", line 398, in run
+      output=stdout, stderr=stderr)
+    subprocess.CalledProcessError: Command '['schroot', '-l']' returned non-zero exit status 1
+
+so tried on my own
+
+    :/etc/debomatic# schroot -l
+    E: /etc/schroot/chroot.d/stretch-amd64-sbuild-propellor: [stretch-amd64-sbuild]: Required key ‘directory’ is missing
+
+to my opinion the schroot config file generated by Sbuild property does something wrong.
+
+Cheers

diff --git a/doc/forum/propellor_4.7.6_does_not_compile_on_jessie.mdwn b/doc/forum/propellor_4.7.6_does_not_compile_on_jessie.mdwn
new file mode 100644
index 0000000..b3e6f7c
--- /dev/null
+++ b/doc/forum/propellor_4.7.6_does_not_compile_on_jessie.mdwn
@@ -0,0 +1,32 @@
+Hello here the error message I got while trying to compile on jessie
+
+    [ 91 of 113] Compiling Propellor.Bootstrap ( src/Propellor/Bootstrap.hs, dist/build/propellor-config/propellor-config-tmp/Propellor/Bootstrap.o ) src/Propellor/Bootstrap.hs:239:22:
+    No instance for (Typeable Bootstrapper)
+      arising from a use of `fromInfo'
+    Possible fix:
+      add an instance declaration for (Typeable Bootstrapper)
+    In the expression: fromInfo (maybe mempty hostInfo mh)
+    In a stmt of a 'do' block:
+      case fromInfo (maybe mempty hostInfo mh) of {
+        NoInfoVal
+          -> do { bs <- getGitConfigValue "propellor.buildsystem";
+                  case bs of {
+                    Just "stack" -> ...
+                    _ -> ... } }
+        InfoVal bs
+          -> case getBuilder bs of {
+               Cabal -> cabalBuild msys
+               Stack -> stackBuild msys } }
+    In the second argument of `($)', namely
+      `do { case fromInfo (maybe mempty hostInfo mh) of {
+              NoInfoVal -> do { ... }
+              InfoVal bs
+                -> case getBuilder bs of {
+                     Cabal -> ...
+                     Stack -> ... } } }'
+    Warning: The package list for 'hackage.haskell.org' does not exist. Run 'cabal
+    update' to download it.
+    Resolving dependencies...
+    Configuring propellor-4.7.6...
+
+Cheers

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_4_fc50b46606eacf59e5db227760ce38ab._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_4_fc50b46606eacf59e5db227760ce38ab._comment
new file mode 100644
index 0000000..27b70a5
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_4_fc50b46606eacf59e5db227760ce38ab._comment
@@ -0,0 +1,24 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 4"
+ date="2017-08-22T08:42:35Z"
+ content="""
+    vmdkBuiltFor :: FilePath -> RevertableProperty DebianLike UnixLike
+    vmdkBuiltFor diskimage = (setup <!> cleanup)
+	`describe` (vmdkfile ++ \" built\")
+      where
+	vmdkfile = diskimage ++ \".vmdk\"
+	setup = cmdProperty \"qemu-img\"
+		[ \"convert\"
+		, \"-O\", \"vmdk\"
+		, diskimage, vmdkfile
+		]
+		`changesFile` vmdkfile
+		`onChange` File.mode vmdkfile (combineModes (ownerWriteMode : readModes))
+		`requires` Apt.installed [\"qemu-utils\"]
+		`requires` File.notPresent vmdkfile
+	cleanup = File.notPresent vmdkfile
+
+seems to work :))
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_3_047bca6e0676f0d93338d4eff20825bf._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_3_047bca6e0676f0d93338d4eff20825bf._comment
new file mode 100644
index 0000000..aeeaf72
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_3_047bca6e0676f0d93338d4eff20825bf._comment
@@ -0,0 +1,18 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 3"
+ date="2017-08-22T07:36:06Z"
+ content="""
+It seems that we do not need virtualbox in order to generate a vmdk image
+
+I installed *qemu-utils* and then
+
+    # qemu-img convert -O vmdk soleil.img soleil.vmdk
+    # file soleil.vmdk
+    soleil.vmdk: VMware4 disk image
+
+what about using this solution instead of the virtualbox one ?
+
+Cheers
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_2_98fb34d4e76bab6ef7a981c87533f395._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_2_98fb34d4e76bab6ef7a981c87533f395._comment
new file mode 100644
index 0000000..e8898a9
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_2_98fb34d4e76bab6ef7a981c87533f395._comment
@@ -0,0 +1,14 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 2"
+ date="2017-08-22T07:12:13Z"
+ content="""
+OK, I tryed to install the wrong kernel so the initramfs was not installed.
+
+So now the only real problem is the virtualbox one ;)
+
+Cheers
+
+Frederic
+"""]]

Added a comment
diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_1_2daa4574bce2179bfd7e9e505de3f7b0._comment b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_1_2daa4574bce2179bfd7e9e505de3f7b0._comment
new file mode 100644
index 0000000..9028303
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system/comment_1_2daa4574bce2179bfd7e9e505de3f7b0._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2017-08-22T07:02:51Z"
+ content="""
+Haaaaaaa the format of the post is ugly. Is it possible to change this ?
+"""]]

diff --git a/doc/forum/DiskImage_creation_does_not_work_on_my_system.mdwn b/doc/forum/DiskImage_creation_does_not_work_on_my_system.mdwn
new file mode 100644
index 0000000..f7f5688
--- /dev/null
+++ b/doc/forum/DiskImage_creation_does_not_work_on_my_system.mdwn
@@ -0,0 +1,36 @@
+Hello, I am trying to create a virtualbox image from my stretch system.
+
+But I hve two problems :)
+
+I took your example from the DiskImage property, but in the end, I got this
+
+/srv/diskimages/soleil.img.chroot no services started ... ok
+/srv/diskimages/soleil.img.chroot has Operating System (Debian Linux Unstable) X86_32 ... ok
+/srv/diskimages/soleil.img.chroot apt installed linux-image-i686 ... ok
+/srv/diskimages/soleil.img.chroot grub package installed ... ok
+/srv/diskimages/soleil.img.chroot root has insecure password ... done
+/srv/diskimages/soleil.img.chroot account for soleil ... ok
+/srv/diskimages/soleil.img.chroot soleil has insecure password ... done
+/srv/diskimages/soleil.img.chroot user soleil in group audio ... ok
+/srv/diskimages/soleil.img.chroot user soleil in group cdrom ... ok
+/srv/diskimages/soleil.img.chroot user soleil in group dip ... ok
+/srv/diskimages/soleil.img.chroot user soleil in group floppy ... ok
+/srv/diskimages/soleil.img.chroot user soleil in group video ... ok
+/srv/diskimages/soleil.img.chroot user soleil in group plugdev ... ok
+/srv/diskimages/soleil.img.chroot user soleil in group netdev ... ok
+/srv/diskimages/soleil.img.chroot user soleil is in standard desktop groups ... ok
+/srv/diskimages/soleil.img.chroot cache cleaned ... ok
+              0   0%    0.00kB/s    0:00:00 (xfr#0, to-chk=0/3)
+            930   0%    1.77kB/s    0:00:00 (xfr#3, to-chk=0/11069)   
+chroot: impossible d'exécuter la commande « update-initramfs »: No such file or directory
+loop deleted : /dev/loop0
+
+I will try to add the pacakge which contain update-initramfs and report back
+
+
+the second problem is thaht virtualbox is no more part of stretch.
+So it is not possible to create a virtualbox image.
+
+Cheers
+
+Frederic

Added a comment
diff --git a/doc/forum/creating_Bind9_configuration/comment_1_0798f44e1f5a91fbc91c0b472ad92bfa._comment b/doc/forum/creating_Bind9_configuration/comment_1_0798f44e1f5a91fbc91c0b472ad92bfa._comment
new file mode 100644
index 0000000..d1387a2
--- /dev/null
+++ b/doc/forum/creating_Bind9_configuration/comment_1_0798f44e1f5a91fbc91c0b472ad92bfa._comment
@@ -0,0 +1,29 @@
+[[!comment format=mdwn
+ username="Nicolas.Schodet"
+ avatar="http://cdn.libravatar.org/avatar/0d7ec808ec329d04ee9a93c0da3c0089"
+ subject="comment 1"
+ date="2017-08-03T20:52:22Z"
+ content="""
+For the moment I use:
+
+```
+namedOptions :: Property DebianLike
+namedOptions =
+        File.hasContent \"/etc/bind/named.conf.options\" namedOptionsStanza
+                `onChange` Service.reloaded \"bind9\"
+  where 
+        namedOptionsStanza =
+                [ \"// automatically generated by propellor\"
+                , \"options {\"
+                , \"\tdirectory \\"/var/cache/bind\\";\"
+                , \"\tdnssec-validation auto;\"
+                , \"\tlisten-on-v6 { any; };\"
+                , \"\tlisten-on { any; };\"
+                , \"\tallow-query { any; };\"
+                , \"\tallow-recursion { localhost; };\"
+                , \"\tallow-transfer { none; };\"
+                , \"\tallow-notify { none; };\"
+                , \"};\"
+                ]
+```
+"""]]

Question about bind9 configuration
diff --git a/doc/forum/creating_Bind9_configuration.mdwn b/doc/forum/creating_Bind9_configuration.mdwn
new file mode 100644
index 0000000..5e28139
--- /dev/null
+++ b/doc/forum/creating_Bind9_configuration.mdwn
@@ -0,0 +1,9 @@
+I try to use propellor to deploy a secondary DNS server.
+
+In your configuration, I see nothing to change the `listen-on { 127.0.0.1; };` option, did I miss something?
+
+Also, in `Dns.secondaryFor`, I do not know how to set `confLines` to something else, should I use this function and peel the result until I can change this or shoud I add a `Dns.secondaryFor'` version with an extra argument?
+
+By the way, is it really advisable to use a "minimal config" instead of a full clone?
+
+Thanks!

add news item for propellor 4.7.6
diff --git a/doc/news/version_4.7.1.mdwn b/doc/news/version_4.7.1.mdwn
deleted file mode 100644
index 7b8b2ab..0000000
--- a/doc/news/version_4.7.1.mdwn
+++ /dev/null
@@ -1,4 +0,0 @@
-propellor 4.7.1 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Added Mount.isMounted.
-   * Grub.bootsMounted: Bugfix."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.6.mdwn b/doc/news/version_4.7.6.mdwn
new file mode 100644
index 0000000..4c8abd9
--- /dev/null
+++ b/doc/news/version_4.7.6.mdwn
@@ -0,0 +1,6 @@
+propellor 4.7.6 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Sbuild: Add Sbuild.userConfig property.
+     Thanks, Sean Whitton
+   * Locale: Make sure that the locales package is installed when enabling
+     locales."""]]
\ No newline at end of file

add news item for propellor 4.7.5
diff --git a/doc/news/version_4.7.0.mdwn b/doc/news/version_4.7.0.mdwn
deleted file mode 100644
index 137d576..0000000
--- a/doc/news/version_4.7.0.mdwn
+++ /dev/null
@@ -1,24 +0,0 @@
-propellor 4.7.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Add Apt.proxy property to set a host's apt proxy.
-     Thanks, Sean Whitton.
-   * Add Apt.useLocalCacher property to set up apt-cacher-ng.
-     Thanks, Sean Whitton.
-   * Rework Sbuild properties to use apt proxies/cachers instead of
-     bind-mounting the host's apt cache. This makes it possible to run more
-     than one build at a time, and lets sbuild run even if apt's cache is
-     locked by the host's apt.
-     Thanks, Sean Whitton.
-   * Sbuild: When Apt.proxy is set, it is assumed that the proxy does some
-     sort of caching, and sbuild chroots are set up to use the same proxy.
-   * Sbuild: When Apt.proxy is not set, install apt-cacher-ng, and point
-     sbuild chroots at the local apt cacher.
-   * Sbuild: Droped Sbuild.piupartsConfFor, Sbuild.piupartsConf,
-     Sbuild.shareAptCache
-     (API change)
-     No longer needed now that we are using apt proxies/cachers.
-   * Sbuild: Updated sample config in haddock for Propellor.Property.Sbuild.
-     If you use this module, please compare both your config.hs and
-     your ~/.sbuildrc with the haddock documentation.
-   * Grub.bootsMounted: Avoid failing when proc sys etc are already mounted
-     within the chroot."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.5.mdwn b/doc/news/version_4.7.5.mdwn
new file mode 100644
index 0000000..f2fbaf8
--- /dev/null
+++ b/doc/news/version_4.7.5.mdwn
@@ -0,0 +1,3 @@
+propellor 4.7.5 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Avoid crashing when getTerminalName fails due to eg, being in a chroot."""]]
\ No newline at end of file

add news item for propellor 4.7.4
diff --git a/doc/news/version_4.6.2.mdwn b/doc/news/version_4.6.2.mdwn
deleted file mode 100644
index 5093013..0000000
--- a/doc/news/version_4.6.2.mdwn
+++ /dev/null
@@ -1,8 +0,0 @@
-propellor 4.6.2 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Systemd.nspawned: Recent systemd versions such as 234 ignore
-     non-symlinks in /etc/systemd/system/multi-user.target.wants,
-     which was used to configure systemd-nspawn parameters. Instead,
-     use a service.d/local.conf file to configure that.
-   * Grub: Added bootsMounted property, a generalization of
-     DiskImage.grubBooted"""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.4.mdwn b/doc/news/version_4.7.4.mdwn
new file mode 100644
index 0000000..982f34b
--- /dev/null
+++ b/doc/news/version_4.7.4.mdwn
@@ -0,0 +1,7 @@
+propellor 4.7.4 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Set GPG\_TTY when run at a terminal, so that gpg can do password
+     prompting despite being connected by pipes to propellor (or git).
+   * Rsync: Make rsync display less verbose.
+   * Improve PROPELLOR\_TRACE output so serialized trace values always
+     come on their own line, not mixed with title setting."""]]
\ No newline at end of file

comment
diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_3_f0e087ed1a80f42d11d34fb215183205._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_3_f0e087ed1a80f42d11d34fb215183205._comment
new file mode 100644
index 0000000..ae75087
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_3_f0e087ed1a80f42d11d34fb215183205._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 3"""
+ date="2017-07-30T15:33:02Z"
+ content="""
+I've made propellor set `GPG_TTY` and verified that this lets gpg prompt
+for the password at the linux console.
+
+Since I was not able to reproduce git commit signing not working, I don't
+know for sure that this fixed that, but imagine it probably would.
+"""]]

comment
diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment
new file mode 100644
index 0000000..4112070
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-07-30T15:15:45Z"
+ content="""
+It seems that setting `GPG_TTY` does not force gpg to prompt at a tty
+when in a GUI. At least in X with gpg 2.1, I still get a GUI prompt from
+gpg. Good.
+"""]]

comment
diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment
new file mode 100644
index 0000000..2d2315c
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment
@@ -0,0 +1,30 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-07-30T14:51:13Z"
+ content="""
+I guess the problem involves running propellor at a unix tty, not in a
+GUI's virtual terminal?
+
+My limited understanding of `GPG_TTY`, refreshed by re-reading this ooold
+thread <https://bugs.debian.org/316388> is that gpg is normally able to
+detect if it's in a GUI or at a tty, and will prompt in the tty if
+necessary. Where that may fall down is when gpg is run with its stdio
+connected to pipes, since then probably isatty fails. Although in at least
+some cases, gpg apparently then 
+[falls back to /dev/tty](https://dev.gnupg.org/T1434).
+
+Propellor runs gpg with stdin and stdout piped to it when eg, decrypting
+the privdata file. I tried `propellor --list-fields` at the linux console
+and it fails there.
+
+But, when I tried `propellor --spin host` at the linux console, that worked
+ok, including making the gpg signed git commit. Of course git is running
+gpg in this case, and perhaps my version of git has its own way to avoid
+this problem.
+
+This does seems like something propellor could work around fairly
+inexpensively.
+
+(See also [[propellor_and_gpg2]].)
+"""]]

add news item for propellor 4.7.3
diff --git a/doc/news/version_4.6.1.mdwn b/doc/news/version_4.6.1.mdwn
deleted file mode 100644
index eb7bd94..0000000
--- a/doc/news/version_4.6.1.mdwn
+++ /dev/null
@@ -1,7 +0,0 @@
-propellor 4.6.1 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Added Network.dhcp' and Network.static', which allow specifying
-     additional options for interfaces files.
-   * Fix build failure on ghc-8.2.1
-     Thanks, Sergei Trofimovich.
-   * DiskImage: Fix strictness bug in .parttable read/write sequence."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.3.mdwn b/doc/news/version_4.7.3.mdwn
new file mode 100644
index 0000000..87c58e8
--- /dev/null
+++ b/doc/news/version_4.7.3.mdwn
@@ -0,0 +1,3 @@
+propellor 4.7.3 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Expand the Trace data type."""]]
\ No newline at end of file

add news item for propellor 4.7.2
diff --git a/doc/news/version_4.6.0.mdwn b/doc/news/version_4.6.0.mdwn
deleted file mode 100644
index 673051e..0000000
--- a/doc/news/version_4.6.0.mdwn
+++ /dev/null
@@ -1,8 +0,0 @@
-propellor 4.6.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Add Typeable instance to Bootstrapper, fixing build with old versions
-     of ghc.
-   * Network.static changed to take address and gateway parameters.
-     If you used the old Network.static property, it has been renamed to
-     Network.preserveStatic.
-     (Minor API change)"""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.2.mdwn b/doc/news/version_4.7.2.mdwn
new file mode 100644
index 0000000..a81220b
--- /dev/null
+++ b/doc/news/version_4.7.2.mdwn
@@ -0,0 +1,7 @@
+propellor 4.7.2 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Added PROPELLOR\_TRACE environment variable, which can be set to 1 to
+     make propellor output serialized Propellor.Message.Trace values,
+     for consumption by another program.
+   * Rsync: Make rsync display its progress, in a minimal format to avoid
+     scrolling each file down the screen."""]]
\ No newline at end of file

todo
diff --git a/doc/todo/PROPELLOR_TRACE_propigation.mdwn b/doc/todo/PROPELLOR_TRACE_propigation.mdwn
new file mode 100644
index 0000000..8f7d689
--- /dev/null
+++ b/doc/todo/PROPELLOR_TRACE_propigation.mdwn
@@ -0,0 +1,6 @@
+`PROPELLOR_TRACE` is not propigated when spinning a remote host, 
+conducting a host, and probably not when provisioning a docker or machined
+container.
+
+It is propgiated when provisioning a chroot. That's all I needed, so I
+didh't bother implementing propigation. --[[Joey]]

diff --git a/doc/forum/propellor_failed_to_sign_the_commit.mdwn b/doc/forum/propellor_failed_to_sign_the_commit.mdwn
new file mode 100644
index 0000000..83a4fd4
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit.mdwn
@@ -0,0 +1,30 @@
+Hello since sometime on my computer gpgv1 -> gpgv2 transition on Debian 
+
+I get this error message. (I need to say that I am using a NitroKey Pro for my gpg keys)
+ 
+    Propellor build ... done
+    error: gpg n'a pas pu signer les données
+    fatal: échec de l'écriture de l'objet commit
+    Git commit ... failed
+
+reading this bug report
+
+    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568375
+
+Ifound that I need to define
+
+
+    https://www.gnupg.org/documentation/manuals/gnupg/Common-Problems.html
+
+    The gpg-agent man page nowadays includes the following hint:
+
+      It is important to set the GPG_TTY environment variable in your login
+      shell, for example in the ‘~/.bashrc’ init script:
+
+      export GPG_TTY=$(tty)
+
+don't you think that propellor should define GPG_TTY in order to avoid this problem ?
+
+thanks
+
+Frederic

add news item for propellor 4.7.1
diff --git a/doc/news/version_4.5.2.mdwn b/doc/news/version_4.5.2.mdwn
deleted file mode 100644
index f726804..0000000
--- a/doc/news/version_4.5.2.mdwn
+++ /dev/null
@@ -1,5 +0,0 @@
-propellor 4.5.2 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Added Rsync.installed property.
-   * Added DiskImage.vmdkBuiltFor property which is useful for booting
-     a disk image in VirtualBox."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.1.mdwn b/doc/news/version_4.7.1.mdwn
new file mode 100644
index 0000000..7b8b2ab
--- /dev/null
+++ b/doc/news/version_4.7.1.mdwn
@@ -0,0 +1,4 @@
+propellor 4.7.1 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Added Mount.isMounted.
+   * Grub.bootsMounted: Bugfix."""]]
\ No newline at end of file

add news item for propellor 4.7.0
diff --git a/doc/news/version_4.5.1.mdwn b/doc/news/version_4.5.1.mdwn
deleted file mode 100644
index 212b4f2..0000000
--- a/doc/news/version_4.5.1.mdwn
+++ /dev/null
@@ -1,7 +0,0 @@
-propellor 4.5.1 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Reboot.toKernelNewerThan: If running kernel is new enough, avoid
-     looking at what kernels are installed.
-     Thanks, Sean Whitton.
-   * DiskImage: Avoid re-partitioning disk image unncessarily, for a large
-     speedup."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.7.0.mdwn b/doc/news/version_4.7.0.mdwn
new file mode 100644
index 0000000..137d576
--- /dev/null
+++ b/doc/news/version_4.7.0.mdwn
@@ -0,0 +1,24 @@
+propellor 4.7.0 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Add Apt.proxy property to set a host's apt proxy.
+     Thanks, Sean Whitton.
+   * Add Apt.useLocalCacher property to set up apt-cacher-ng.
+     Thanks, Sean Whitton.
+   * Rework Sbuild properties to use apt proxies/cachers instead of
+     bind-mounting the host's apt cache. This makes it possible to run more
+     than one build at a time, and lets sbuild run even if apt's cache is
+     locked by the host's apt.
+     Thanks, Sean Whitton.
+   * Sbuild: When Apt.proxy is set, it is assumed that the proxy does some
+     sort of caching, and sbuild chroots are set up to use the same proxy.
+   * Sbuild: When Apt.proxy is not set, install apt-cacher-ng, and point
+     sbuild chroots at the local apt cacher.
+   * Sbuild: Droped Sbuild.piupartsConfFor, Sbuild.piupartsConf,
+     Sbuild.shareAptCache
+     (API change)
+     No longer needed now that we are using apt proxies/cachers.
+   * Sbuild: Updated sample config in haddock for Propellor.Property.Sbuild.
+     If you use this module, please compare both your config.hs and
+     your ~/.sbuildrc with the haddock documentation.
+   * Grub.bootsMounted: Avoid failing when proc sys etc are already mounted
+     within the chroot."""]]
\ No newline at end of file

merge
diff --git a/debian/changelog b/debian/changelog
index c014eeb..c66038d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,28 @@
+propellor (4.7.0) UNRELEASED; urgency=medium
+
+  * Add Apt.proxy property to set a host's apt proxy.
+    Thanks, Sean Whitton.
+  * Add Apt.useLocalCacher property to set up apt-cacher-ng.
+    Thanks, Sean Whitton.
+  * Rework Sbuild properties to use apt proxies/cachers instead of
+    bind-mounting the host's apt cache. This makes it possible to run more
+    than one build at a time, and lets sbuild run even if apt's cache is
+    locked by the host's apt.
+    Thanks, Sean Whitton.
+  * Sbuild: When Apt.proxy is set, it is assumed that the proxy does some
+    sort of caching, and sbuild chroots are set up to use the same proxy.
+  * Sbuild: When Apt.proxy is not set, install apt-cacher-ng, and point
+    sbuild chroots at the local apt cacher.
+  * Sbuild: Droped Sbuild.piupartsConfFor, Sbuild.piupartsConf,
+    Sbuild.shareAptCache
+    (API change)
+    No longer needed now that we are using apt proxies/cachers.
+  * Sbuild: Updated sample config in haddock for Propellor.Property.Sbuild.
+    If you use this module, please compare both your config.hs and
+    your ~/.sbuildrc with the haddock documentation.
+
+ -- Joey Hess <id@joeyh.name>  Fri, 28 Jul 2017 20:13:58 -0400
+
 propellor (4.6.2) unstable; urgency=medium
 
   * Systemd.nspawned: Recent systemd versions such as 234 ignore
diff --git a/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn b/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn
index 62f619d..d37d680 100644
--- a/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn
+++ b/doc/todo/sbuild_setup_should_use_apt-cacher-ng.mdwn
@@ -18,3 +18,5 @@ Sample text for changelog/description of changes:
         Please compare both your config.hs and your ~/.sbuildrc against the haddock.
 
 --spwhitton
+
+> merge [[done]] --[[Joey]]

add news item for propellor 4.6.2
diff --git a/doc/news/version_4.5.0.mdwn b/doc/news/version_4.5.0.mdwn
deleted file mode 100644
index d78a261..0000000
--- a/doc/news/version_4.5.0.mdwn
+++ /dev/null
@@ -1,9 +0,0 @@
-propellor 4.5.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Generalized the PartSpec DSL, so it can be used for both
-     disk image partitioning, and disk device partitioning, with
-     different partition sizing methods as appropriate for the different
-     uses. (minor API change)
-   * Propellor.Property.Parted: Added calcPartTable function which uses
-     PartSpec DiskPart, and a useDiskSpace combinator.
-   * Generate a better description for versioned properties."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.6.2.mdwn b/doc/news/version_4.6.2.mdwn
new file mode 100644
index 0000000..5093013
--- /dev/null
+++ b/doc/news/version_4.6.2.mdwn
@@ -0,0 +1,8 @@
+propellor 4.6.2 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Systemd.nspawned: Recent systemd versions such as 234 ignore
+     non-symlinks in /etc/systemd/system/multi-user.target.wants,
+     which was used to configure systemd-nspawn parameters. Instead,
+     use a service.d/local.conf file to configure that.
+   * Grub: Added bootsMounted property, a generalization of
+     DiskImage.grubBooted"""]]
\ No newline at end of file

Added a comment
diff --git a/doc/forum/host_to_deal_with_dpkg::options/comment_3_62d671fb3c787aafcd4d058975208f75._comment b/doc/forum/host_to_deal_with_dpkg::options/comment_3_62d671fb3c787aafcd4d058975208f75._comment
new file mode 100644
index 0000000..4031bd1
--- /dev/null
+++ b/doc/forum/host_to_deal_with_dpkg::options/comment_3_62d671fb3c787aafcd4d058975208f75._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 3"
+ date="2017-07-28T15:53:03Z"
+ content="""
+Great it works
+
+thanks a lot
+"""]]

comment
diff --git a/doc/forum/host_to_deal_with_dpkg::options.mdwn b/doc/forum/host_to_deal_with_dpkg::options.mdwn
index a6d7498..5faaefe 100644
--- a/doc/forum/host_to_deal_with_dpkg::options.mdwn
+++ b/doc/forum/host_to_deal_with_dpkg::options.mdwn
@@ -1,3 +1,5 @@
+[[!meta title "how to deal with dpkg::options"]]
+
 Hello
 
 I try to create a distUpgrade property in order to migrate one of my computer from jessie -> stretch
diff --git a/doc/forum/host_to_deal_with_dpkg::options/comment_2_bac8129b570ce216ef9f6aa6c0e12c1e._comment b/doc/forum/host_to_deal_with_dpkg::options/comment_2_bac8129b570ce216ef9f6aa6c0e12c1e._comment
new file mode 100644
index 0000000..39e0ebc
--- /dev/null
+++ b/doc/forum/host_to_deal_with_dpkg::options/comment_2_bac8129b570ce216ef9f6aa6c0e12c1e._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-07-28T15:45:43Z"
+ content="""
+I doubt that apt's option parser deals with quotes; those are normally
+handled by the shell. runApt does not pass the command through the shell,
+so probably simply removing the quotes from inside the parameter will work.
+"""]]

Added a comment
diff --git a/doc/forum/host_to_deal_with_dpkg::options/comment_1_641dcb7be62151bdc97fd5e574f334d0._comment b/doc/forum/host_to_deal_with_dpkg::options/comment_1_641dcb7be62151bdc97fd5e574f334d0._comment
new file mode 100644
index 0000000..65756b1
--- /dev/null
+++ b/doc/forum/host_to_deal_with_dpkg::options/comment_1_641dcb7be62151bdc97fd5e574f334d0._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="picca"
+ avatar="http://cdn.libravatar.org/avatar/7e61c80d28018b10d31f6db7dddb864c"
+ subject="comment 1"
+ date="2017-07-28T15:09:12Z"
+ content="""
+please change the title, I made a mistake
+
+how to deal with ...
+
+sorry
+"""]]

diff --git a/doc/forum/host_to_deal_with_dpkg::options.mdwn b/doc/forum/host_to_deal_with_dpkg::options.mdwn
new file mode 100644
index 0000000..a6d7498
--- /dev/null
+++ b/doc/forum/host_to_deal_with_dpkg::options.mdwn
@@ -0,0 +1,39 @@
+Hello
+
+I try to create a distUpgrade property in order to migrate one of my computer from jessie -> stretch
+
+I started wit this
+
+    distUpgrade :: String -> Property DebianLike
+    distUpgrade p = combineProperties ("apt " ++ p) $ props
+	& Apt.pendingConfigured
+	& Apt.runApt ["-y", "--force-yes", "-o", "Dpkg::Options::=\"--force-confnew\"", p]
+		`assume` MadeChange
+
+But when I try to use this
+
+    ...
+    & distUpgrade dist-upgrade
+
+ I get this error message
+
+    Préconfiguration des paquets...
+    setting xserver-xorg-legacy/xwrapper/allowed_users from configuration file
+    dpkg: erreur: requiert une option d'action
+
+    Utilisez « dpkg --help » pour obtenir de l'aide à propos de l'installation et la désinstallation des paquets [*] ;
+    Utilisez « apt » ou « aptitude » pour gérer les paquets de m1578 mis à jour, 376 nouvellement installés, 72 à enlever et 0 non mis à jour.
+    Il est nécessaire de prendre 0 o/1 458 Mo dans les archives.
+
+I checked that if I run this command on the command line it works
+
+    apt-get -y --force-yes -o Dpkg::Options::="--force-confnew" dist-upgrade
+
+even If I write this it works
+
+    apt-get -y --force-yes -o Dpkg::Options::=\"--force-confnew\" dist-upgrade
+
+So it seems to me that there is a problem with the runApt method or I missed something
+
+thanks
+

add news item for propellor 4.6.1
diff --git a/doc/news/version_3.4.1.mdwn b/doc/news/version_3.4.1.mdwn
deleted file mode 100644
index 51d9c2a..0000000
--- a/doc/news/version_3.4.1.mdwn
+++ /dev/null
@@ -1,3 +0,0 @@
-propellor 3.4.1 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Fixed https url to propellor git repository."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.6.1.mdwn b/doc/news/version_4.6.1.mdwn
new file mode 100644
index 0000000..eb7bd94
--- /dev/null
+++ b/doc/news/version_4.6.1.mdwn
@@ -0,0 +1,7 @@
+propellor 4.6.1 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Added Network.dhcp' and Network.static', which allow specifying
+     additional options for interfaces files.
+   * Fix build failure on ghc-8.2.1
+     Thanks, Sergei Trofimovich.
+   * DiskImage: Fix strictness bug in .parttable read/write sequence."""]]
\ No newline at end of file

add news item for propellor 4.6.0
diff --git a/doc/news/version_4.4.0.mdwn b/doc/news/version_4.4.0.mdwn
deleted file mode 100644
index db86c53..0000000
--- a/doc/news/version_4.4.0.mdwn
+++ /dev/null
@@ -1,8 +0,0 @@
-propellor 4.4.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Propellor.Property.Timezone: New module, contributed by Sean Whitton.
-   * Propellor.Property.Sudo.enabledFor: Made revertable.
-     (minor API change)
-   * Propellor.Property.LightDM.autoLogin: Made revertable.
-     (minor API change)
-   * Propellor.Property.Conffile: Added lacksIniSetting."""]]
\ No newline at end of file
diff --git a/doc/news/version_4.6.0.mdwn b/doc/news/version_4.6.0.mdwn
new file mode 100644
index 0000000..673051e
--- /dev/null
+++ b/doc/news/version_4.6.0.mdwn
@@ -0,0 +1,8 @@
+propellor 4.6.0 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Add Typeable instance to Bootstrapper, fixing build with old versions
+     of ghc.
+   * Network.static changed to take address and gateway parameters.
+     If you used the old Network.static property, it has been renamed to
+     Network.preserveStatic.
+     (Minor API change)"""]]
\ No newline at end of file