fix: pgp template is fedora based without salt fix

2024-10-01 02:35:49 -04:00 · 2024-06-14 07:36:41 +02:00 · 2024-06-14 07:36:41 +02:00 · e1a15d8a7e
commit e1a15d8a7e
parent 3ece491564
4 changed files with 60 additions and 0 deletions
--- a/salt/sys-pgp/README.md
+++ b/salt/sys-pgp/README.md
@ -22,6 +22,7 @@ and access to them is made from the client through Qrexec.
 sudo qubesctl top.enable sys-pgp
 sudo qubesctl --targets=tpl-sys-pgp,sys-pgp state.apply
 sudo qubesctl top.disable sys-pgp
 sudo qubesctl state.apply sys-pgp.prefs
 ```
 - State:
@ -30,6 +31,7 @@ sudo qubesctl top.disable sys-pgp
 sudo qubesctl state.apply sys-pgp.create
 sudo qubesctl --skip-dom0 --targets=tpl-sys-pgp state.apply sys-pgp.install
 sudo qubesctl --skip-dom0 --targets=sys-pgp state.apply sys-pgp.configure
 sudo qubesctl state.apply sys-pgp.prefs
 ```
 <!-- pkg:end:post-install -->
--- a/salt/sys-pgp/create.sls
+++ b/salt/sys-pgp/create.sls
@ -8,12 +8,14 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 include:
  - .clone
  - fedora-minimal.prefs
 {% load_yaml as defaults -%}
 name: tpl-{{ slsdotpath }}
 force: True
 require:
 - sls: {{ slsdotpath }}.clone
 - sls: fedora-minimal.prefs
 prefs:
 - audiovm: ""
 {%- endload %}
@ -45,3 +47,22 @@ features:
 {% from 'utils/macros/policy.sls' import policy_set with context -%}
 {{ policy_set(sls_path, '80') }}
 "{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora":
  qvm.vm:
    - require:
      - qvm: dvm-fedora
    - name: tpl-{{ slsdotpath }}
    - prefs:
      - management_dispvm: dvm-fedora
 ## TODO: Remove when template with patch reaches upstream or updates enforce
 ## salt-deps to be installed.
 ## https://github.com/QubesOS/qubes-issues/issues/8806
 "{{ slsdotpath }}-install-salt-deps":
  cmd.script:
    - require:
      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-dvm-fedora"
    - name: salt-patch.sh
    - source: salt://fedora-minimal/files/admin/bin/salt-patch.sh
    - args: tpl-{{ slsdotpath }}
--- a/salt/sys-pgp/prefs.sls
+++ b/salt/sys-pgp/prefs.sls
@ -0,0 +1,27 @@
 {#
 SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
 SPDX-License-Identifier: AGPL-3.0-or-later
 #}
 include:
  - .create
 "{{ slsdotpath }}-set-management_dispvm-to-default":
  qvm.vm:
    - require:
      - cmd: "{{ slsdotpath }}-install-salt-deps"
    - name: tpl-{{ slsdotpath }}
    - prefs:
      - management_dispvm: "*default*"
 ## TODO: Remove when template with patch reaches upstream or updates enforce
 ## salt-deps to be installed.
 ## https://github.com/QubesOS/qubes-issues/issues/8806
 "{{ slsdotpath }}-shutdown-template":
  qvm.shutdown:
    - require:
      - qvm: "{{ slsdotpath }}-set-management_dispvm-to-default"
    - name: tpl-{{ slsdotpath }}
    - flags:
      - force
--- a/salt/sys-pgp/prefs.top
+++ b/salt/sys-pgp/prefs.top
@ -0,0 +1,10 @@
 {#
 SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
 SPDX-License-Identifier: AGPL-3.0-or-later
 #}
 base:
  'dom0':
    - match: nodegroup
    - sys-pgp.prefs