fix: install salt depends in fedora-39-minimal

Fixes: https://github.com/ben-grande/qusal/issues/38
2024-10-01 02:35:49 -04:00 · 2024-03-23 22:09:49 +01:00 · 2024-03-23 22:09:49 +01:00 · cf88ad1ed4
commit cf88ad1ed4
parent 81bf77cabe
12 changed files with 171 additions and 16 deletions
--- a/salt/fedora-minimal/README.md
+++ b/salt/fedora-minimal/README.md
@ -21,6 +21,7 @@ it.
 sudo qubesctl top.enable fedora-minimal
 sudo qubesctl --targets=fedora-39-minimal state.apply
 sudo qubesctl top.disable fedora-minimal
+sudo qubesctl state.apply fedora-minimal.prefs
 ```

 - State:
@ -28,6 +29,7 @@ sudo qubesctl top.disable fedora-minimal
 ```sh
 sudo qubesctl state.apply fedora-minimal.create
 sudo qubesctl --skip-dom0 --targets=fedora-39-minimal state.apply fedora-minimal.install
+sudo qubesctl state.apply fedora-minimal.prefs
 ```
 <!-- pkg:end:post-install -->

--- a/salt/fedora-minimal/create.sls
+++ b/salt/fedora-minimal/create.sls
@ -9,6 +9,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 {%- import slsdotpath ~ "/template.jinja" as template -%}

 include:
+  - fedora.create
  - .clone

 "dvm-{{ template.template }}-absent":
@ -62,3 +63,22 @@ features:
  - menu-items: "qubes-open-file-manager.desktop qubes-run-terminal.desktop qubes-start.desktop"
 {%- endload %}
 {{ load(defaults) }}
+
+"{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora":
+  qvm.vm:
+    - require:
+      - qvm: dvm-fedora
+    - name: {{ template.template }}
+    - prefs:
+      - management_dispvm: dvm-fedora
+
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
+## https://github.com/QubesOS/qubes-issues/issues/8806
+"{{ slsdotpath }}-install-salt-deps":
+  cmd.script:
+    - require:
+      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora"
+    - name: salt-patch.sh
+    - source: salt://fedora-minimal/files/admin/bin/salt-patch.sh
+    - args: {{ template.template }}
--- a/salt/fedora-minimal/files/admin/bin/salt-patch.sh
+++ b/salt/fedora-minimal/files/admin/bin/salt-patch.sh
@ -0,0 +1,16 @@
+#!/bin/sh
+
+## SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+##
+## SPDX-License-Identifier: AGPL-3.0-or-later
+
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
+## https://github.com/QubesOS/qubes-issues/issues/8806
+
+set -eu
+
+qube="${1}"
+qvm-run --user=root --pass-io --filter-escape-chars --no-color-output \
+  --no-color-stderr "${qube}" -- \
+  "dnf --quiet install --refresh --assumeyes --setopt=install_weak_deps=False python3-urllib3"
--- a/salt/fedora-minimal/prefs.sls
+++ b/salt/fedora-minimal/prefs.sls
@ -0,0 +1,29 @@
+{#
+SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+{%- import slsdotpath ~ "/template.jinja" as template -%}
+
+include:
+  - .create
+
+"{{ slsdotpath }}-set-management_dispvm-to-default":
+  qvm.vm:
+    - require:
+      - cmd: "{{ slsdotpath }}-install-salt-deps"
+    - name: {{ template.template }}
+    - prefs:
+      - management_dispvm: "*default*"
+
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
+## https://github.com/QubesOS/qubes-issues/issues/8806
+"{{ slsdotpath }}-shutdown-template":
+  qvm.shutdown:
+    - require:
+      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-default"
+    - name: {{ template.template }}
+    - flags:
+      - force
--- a/salt/fedora-minimal/prefs.top
+++ b/salt/fedora-minimal/prefs.top
@ -0,0 +1,10 @@
+{#
+SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  'dom0':
+    - match: nodegroup
+    - fedora-minimal.prefs
--- a/salt/mgmt/create.sls
+++ b/salt/mgmt/create.sls
@ -9,12 +9,14 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 include:
  - fedora.create
  - .clone
+  - fedora-minimal.prefs

 {% load_yaml as defaults -%}
 name: tpl-{{ slsdotpath }}
 force: True
 require:
 - sls: {{ slsdotpath }}.clone
+- sls: fedora-minimal.prefs
 prefs:
 - audiovm: ""
 {%- endload %}
@ -48,15 +50,20 @@ features:
 {{ load(defaults) }}

 "{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora":
-  cmd.run:
+  qvm.vm:
    - require:
      - qvm: dvm-fedora
-    - name: qubes-prefs management_dispvm dvm-fedora
+    - name: tpl-{{ slsdotpath }}
+    - prefs:
+      - management_dispvm: dvm-fedora

-## TODO: Remove when template with patch reaches upstream.
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
 ## https://github.com/QubesOS/qubes-issues/issues/8806
-"{{ slsdotpath }}-install-":
-  cmd.run:
+"{{ slsdotpath }}-install-salt-deps":
+  cmd.script:
    - require:
-      - qvm: tpl-{{ slsdotpath }}
-    - name: qvm-run -u root tpl-{{ slsdotpath }} -- dnf install --refresh --assumeyes --setopt=install_weak_deps=False python3-urllib3
+      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora"
+    - name: salt-patch.sh
+    - source: salt://fedora-minimal/files/admin/bin/salt-patch.sh
+    - args: tpl-{{ slsdotpath }}
--- a/salt/mgmt/install.top
+++ b/salt/mgmt/install.top
@ -1,10 +1,9 @@
 {#
-SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>

 SPDX-License-Identifier: AGPL-3.0-or-later
 #}

 base:
  'tpl-mgmt':
-    - match: glob
    - mgmt.install
--- a/salt/mgmt/prefs.sls
+++ b/salt/mgmt/prefs.sls
@ -1,21 +1,33 @@
 {#
-SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>

 SPDX-License-Identifier: AGPL-3.0-or-later
 #}

-"{{ slsdotpath }}-set-management_dispvm":
-  cmd.run:
-    - name: qubes-prefs management_dispvm dvm-{{ slsdotpath }}
+include:
+  - .create
+
+"{{ slsdotpath }}-set-management_dispvm-to-default":
+  qvm.vm:
+    - require:
+      - cmd: "{{ slsdotpath }}-install-salt-deps"
+    - name: tpl-{{ slsdotpath }}
+    - prefs:
+      - management_dispvm: "*default*"

 "{{ slsdotpath }}-remove-default-mgmt-dvm":
  qvm.absent:
-    - name: default-mgmt-dvm
    - require:
-      - cmd: {{ slsdotpath }}-set-management_dispvm
+      - qvm: {{ slsdotpath }}-set-management_dispvm-to-default
+    - name: default-mgmt-dvm

-## TODO: Remove when template with patch reaches upstream.
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
 ## https://github.com/QubesOS/qubes-issues/issues/8806
 "{{ slsdotpath }}-shutdown-template":
  qvm.shutdown:
+    - require:
+      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-default"
    - name: tpl-{{ slsdotpath }}
+    - flags:
+      - force
--- a/salt/qubes-builder/README.md
+++ b/salt/qubes-builder/README.md
@ -35,6 +35,7 @@ template.
 sudo qubesctl top.enable qubes-builder
 sudo qubesctl --targets=tpl-qubes-builder,dvm-qubes-builder,qubes-builder state.apply
 sudo qubesctl top.disable qubes-builder
+sudo qubesctl state.apply qubes-builder.prefs
 ```

 - State
@ -42,6 +43,7 @@ sudo qubesctl top.disable qubes-builder
 ```sh
 sudo qubesctl state.apply qubes-builder.create
 sudo qubesctl --skip-dom0 --targets=tpl-qubes-builder state.apply qubes-builder.install
+sudo qubesctl state.apply qubes-builder.prefs
 sudo qubesctl --skip-dom0 --targets=dvm-qubes-builder state.apply qubes-builder.configure-qubes-executor
 sudo qubesctl --skip-dom0 --targets=qubes-builder state.apply qubes-builder.configure
 ```
--- a/salt/qubes-builder/create.sls
+++ b/salt/qubes-builder/create.sls
@ -8,12 +8,14 @@ SPDX-License-Identifier: AGPL-3.0-or-later

 include:
  - .clone
+  - fedora-minimal.prefs

 {% load_yaml as defaults -%}
 name: tpl-{{ slsdotpath }}
 force: True
 require:
 - sls: {{ slsdotpath }}.clone
+- sls: fedora-minimal.prefs
 prefs:
 - audiovm: ""
 {%- endload %}
@ -85,3 +87,22 @@ features:

 {% from 'utils/macros/policy.sls' import policy_set with context -%}
 {{ policy_set(sls_path, '70') }}
+
+"{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora":
+  qvm.vm:
+    - require:
+      - qvm: dvm-fedora
+    - name: tpl-{{ slsdotpath }}
+    - prefs:
+      - management_dispvm: dvm-fedora
+
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
+## https://github.com/QubesOS/qubes-issues/issues/8806
+"{{ slsdotpath }}-install-salt-deps":
+  cmd.script:
+    - require:
+      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora"
+    - name: salt-patch.sh
+    - source: salt://fedora-minimal/files/admin/bin/salt-patch.sh
+    - args: tpl-{{ slsdotpath }}
--- a/salt/qubes-builder/prefs.sls
+++ b/salt/qubes-builder/prefs.sls
@ -0,0 +1,27 @@
+{#
+SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+include:
+  - .create
+
+"{{ slsdotpath }}-set-management_dispvm-to-default":
+  qvm.vm:
+    - require:
+      - cmd: "{{ slsdotpath }}-install-salt-deps"
+    - name: tpl-{{ slsdotpath }}
+    - prefs:
+      - management_dispvm: "*default*"
+
+## TODO: Remove when template with patch reaches upstream or updates enforce
+## salt-deps to be installed.
+## https://github.com/QubesOS/qubes-issues/issues/8806
+"{{ slsdotpath }}-shutdown-template":
+  qvm.shutdown:
+    - require:
+      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-default"
+    - name: tpl-{{ slsdotpath }}
+    - flags:
+      - force
--- a/salt/qubes-builder/prefs.top
+++ b/salt/qubes-builder/prefs.top
@ -0,0 +1,10 @@
+{#
+SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+base:
+  'dom0':
+    - match: nodegroup
+    - qubes-builder.prefs