From c03f18385fa50b441de97ff366aa51b74509e485 Mon Sep 17 00:00:00 2001
From: Ben Grande <ben.grande.b@gmail.com>
Date: Mon, 18 Dec 2023 15:31:19 +0000
Subject: [PATCH] feat: fetcher

---
 salt/fetcher/README.md         | 43 ++++++++++++++++++++++++++++++++++
 salt/fetcher/clone.sls         |  8 +++++++
 salt/fetcher/clone.top         | 10 ++++++++
 salt/fetcher/configure-dvm.sls | 12 ++++++++++
 salt/fetcher/configure-dvm.top | 10 ++++++++
 salt/fetcher/create.sls        | 42 +++++++++++++++++++++++++++++++++
 salt/fetcher/create.top        | 10 ++++++++
 salt/fetcher/init.top          | 14 +++++++++++
 salt/fetcher/install.sls       | 31 ++++++++++++++++++++++++
 salt/fetcher/install.top       |  9 +++++++
 10 files changed, 189 insertions(+)
 create mode 100644 salt/fetcher/README.md
 create mode 100644 salt/fetcher/clone.sls
 create mode 100644 salt/fetcher/clone.top
 create mode 100644 salt/fetcher/configure-dvm.sls
 create mode 100644 salt/fetcher/configure-dvm.top
 create mode 100644 salt/fetcher/create.sls
 create mode 100644 salt/fetcher/create.top
 create mode 100644 salt/fetcher/init.top
 create mode 100644 salt/fetcher/install.sls
 create mode 100644 salt/fetcher/install.top

diff --git a/salt/fetcher/README.md b/salt/fetcher/README.md
new file mode 100644
index 0000000..41c7075
--- /dev/null
+++ b/salt/fetcher/README.md
@@ -0,0 +1,43 @@
+# fetcher
+
+Fetch publicly accessible files over the internet in Qubes OS.
+
+## Table of Contents
+
+* [Description](#description)
+* [Installation](#installation)
+* [Usage](#usage)
+
+## Description
+
+A Template for DispVMs will be created and named "dvm-fetcher", from this qube
+you will create others that can connect to the internet to download files. You
+will be able to download from any protocol as long as the installed tools,
+`curl`, `wget`, `git`, `rsync`, accept them.
+
+## Installation
+
+- Top:
+```sh
+qubesctl top.enable fetcher
+qubesctl --targets=tpl-fetcher,dvm-fetcher state.apply
+qubesctl top.disable fetcher
+```
+
+- State:
+<!-- pkg:begin:post-install -->
+```sh
+qubesctl state.apply fetcher.create
+qubesctl --skip-dom0 --targets=tpl-fetcher state.apply fetcher.install
+qubesctl --skip-dom0 --targets=dvm-fetcher state.apply fetcher.configure-dvm
+```
+<!-- pkg:end:post-install -->
+
+## Usage
+
+You will base qubes from the Template for DispVMs `dvm-fetcher` to download
+files over the internet using popular command-line tools such as `git`,
+`curl`, `wget`, `rsync`.
+
+You can use disposables based from `dvm-fetcher` to clone repositories,
+download PGP signatures, Operating System ISOs etc.
diff --git a/salt/fetcher/clone.sls b/salt/fetcher/clone.sls
new file mode 100644
index 0000000..0554d7f
--- /dev/null
+++ b/salt/fetcher/clone.sls
@@ -0,0 +1,8 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+{% from 'utils/macros/clone-template.sls' import clone_template -%}
+{{ clone_template('debian-minimal', sls_path) }}
diff --git a/salt/fetcher/clone.top b/salt/fetcher/clone.top
new file mode 100644
index 0000000..6682329
--- /dev/null
+++ b/salt/fetcher/clone.top
@@ -0,0 +1,10 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  'dom0':
+    - match: nodegroup
+    - fetcher.clone
diff --git a/salt/fetcher/configure-dvm.sls b/salt/fetcher/configure-dvm.sls
new file mode 100644
index 0000000..f7e6864
--- /dev/null
+++ b/salt/fetcher/configure-dvm.sls
@@ -0,0 +1,12 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+{% if grains['nodename'] != 'dom0' -%}
+
+include:
+  - dev.home-cleanup
+
+{% endif -%}
diff --git a/salt/fetcher/configure-dvm.top b/salt/fetcher/configure-dvm.top
new file mode 100644
index 0000000..b6f9ac5
--- /dev/null
+++ b/salt/fetcher/configure-dvm.top
@@ -0,0 +1,10 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  '*':
+    - match: nodegroup
+    - fetcher.configure-dvm
diff --git a/salt/fetcher/create.sls b/salt/fetcher/create.sls
new file mode 100644
index 0000000..271b2f0
--- /dev/null
+++ b/salt/fetcher/create.sls
@@ -0,0 +1,42 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+{%- from "qvm/template.jinja" import load -%}
+
+include:
+  - .clone
+
+{% load_yaml as defaults -%}
+name: dvm-{{ slsdotpath }}
+force: True
+require:
+- sls: {{ slsdotpath }}.clone
+present:
+- template: tpl-{{ slsdotpath }}
+- label: red
+prefs:
+- template: tpl-{{ slsdotpath }}
+- label: red
+- memory: 300
+- maxmem: 500
+- vcpus: 1
+- autostart: False
+- template_for_dispvms: True
+- include_in_backups: False
+features:
+- enable:
+  - appmenus-dispvm
+- disable:
+  - service.cups
+  - service.cups-browsed
+{%- endload %}
+{{ load(defaults) }}
+
+"{{ slsdotpath }}-resize-private-volume":
+  cmd.run:
+    - require:
+      - qvm: dvm-{{ slsdotpath }}
+    - name: qvm-volume extend dvm-{{ slsdotpath }}:private 15Gi
diff --git a/salt/fetcher/create.top b/salt/fetcher/create.top
new file mode 100644
index 0000000..a48edbc
--- /dev/null
+++ b/salt/fetcher/create.top
@@ -0,0 +1,10 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  'dom0':
+    - match: nodegroup
+    - fetcher.create
diff --git a/salt/fetcher/init.top b/salt/fetcher/init.top
new file mode 100644
index 0000000..a23e6e4
--- /dev/null
+++ b/salt/fetcher/init.top
@@ -0,0 +1,14 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  'dom0':
+    - match: nodegroup
+    - fetcher.create
+  'tpl-fetcher':
+    - fetcher.install
+  'dvm-fetcher':
+    - fetcher.configure-dvm
diff --git a/salt/fetcher/install.sls b/salt/fetcher/install.sls
new file mode 100644
index 0000000..bdbd881
--- /dev/null
+++ b/salt/fetcher/install.sls
@@ -0,0 +1,31 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+{% if grains['nodename'] != 'dom0' -%}
+
+include:
+  - dotfiles.copy-sh
+  - dotfiles.copy-x11
+  - sys-pgp.install-client
+
+"{{ slsdotpath }}-updated":
+  pkg.uptodate:
+    - refresh: True
+
+"{{ slsdotpath }}-installed":
+  pkg.installed:
+    - refresh: True
+    - install_recommends: False
+    - skip_suggestions: True
+    - pkgs:
+      - qubes-core-agent-networking
+      - ca-certificates
+      - curl
+      - wget
+      - git
+      - rsync
+
+{% endif -%}
diff --git a/salt/fetcher/install.top b/salt/fetcher/install.top
new file mode 100644
index 0000000..056c6a9
--- /dev/null
+++ b/salt/fetcher/install.top
@@ -0,0 +1,9 @@
+{#
+SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  'tpl-fetcher':
+    - fetcher.install