diff --git a/salt/fetcher/README.md b/salt/fetcher/README.md new file mode 100644 index 0000000..41c7075 --- /dev/null +++ b/salt/fetcher/README.md @@ -0,0 +1,43 @@ +# fetcher + +Fetch publicly accessible files over the internet in Qubes OS. + +## Table of Contents + +* [Description](#description) +* [Installation](#installation) +* [Usage](#usage) + +## Description + +A Template for DispVMs will be created and named "dvm-fetcher", from this qube +you will create others that can connect to the internet to download files. You +will be able to download from any protocol as long as the installed tools, +`curl`, `wget`, `git`, `rsync`, accept them. + +## Installation + +- Top: +```sh +qubesctl top.enable fetcher +qubesctl --targets=tpl-fetcher,dvm-fetcher state.apply +qubesctl top.disable fetcher +``` + +- State: + +```sh +qubesctl state.apply fetcher.create +qubesctl --skip-dom0 --targets=tpl-fetcher state.apply fetcher.install +qubesctl --skip-dom0 --targets=dvm-fetcher state.apply fetcher.configure-dvm +``` + + +## Usage + +You will base qubes from the Template for DispVMs `dvm-fetcher` to download +files over the internet using popular command-line tools such as `git`, +`curl`, `wget`, `rsync`. + +You can use disposables based from `dvm-fetcher` to clone repositories, +download PGP signatures, Operating System ISOs etc. diff --git a/salt/fetcher/clone.sls b/salt/fetcher/clone.sls new file mode 100644 index 0000000..0554d7f --- /dev/null +++ b/salt/fetcher/clone.sls @@ -0,0 +1,8 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{% from 'utils/macros/clone-template.sls' import clone_template -%} +{{ clone_template('debian-minimal', sls_path) }} diff --git a/salt/fetcher/clone.top b/salt/fetcher/clone.top new file mode 100644 index 0000000..6682329 --- /dev/null +++ b/salt/fetcher/clone.top @@ -0,0 +1,10 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'dom0': + - match: nodegroup + - fetcher.clone diff --git a/salt/fetcher/configure-dvm.sls b/salt/fetcher/configure-dvm.sls new file mode 100644 index 0000000..f7e6864 --- /dev/null +++ b/salt/fetcher/configure-dvm.sls @@ -0,0 +1,12 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{% if grains['nodename'] != 'dom0' -%} + +include: + - dev.home-cleanup + +{% endif -%} diff --git a/salt/fetcher/configure-dvm.top b/salt/fetcher/configure-dvm.top new file mode 100644 index 0000000..b6f9ac5 --- /dev/null +++ b/salt/fetcher/configure-dvm.top @@ -0,0 +1,10 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + '*': + - match: nodegroup + - fetcher.configure-dvm diff --git a/salt/fetcher/create.sls b/salt/fetcher/create.sls new file mode 100644 index 0000000..271b2f0 --- /dev/null +++ b/salt/fetcher/create.sls @@ -0,0 +1,42 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{%- from "qvm/template.jinja" import load -%} + +include: + - .clone + +{% load_yaml as defaults -%} +name: dvm-{{ slsdotpath }} +force: True +require: +- sls: {{ slsdotpath }}.clone +present: +- template: tpl-{{ slsdotpath }} +- label: red +prefs: +- template: tpl-{{ slsdotpath }} +- label: red +- memory: 300 +- maxmem: 500 +- vcpus: 1 +- autostart: False +- template_for_dispvms: True +- include_in_backups: False +features: +- enable: + - appmenus-dispvm +- disable: + - service.cups + - service.cups-browsed +{%- endload %} +{{ load(defaults) }} + +"{{ slsdotpath }}-resize-private-volume": + cmd.run: + - require: + - qvm: dvm-{{ slsdotpath }} + - name: qvm-volume extend dvm-{{ slsdotpath }}:private 15Gi diff --git a/salt/fetcher/create.top b/salt/fetcher/create.top new file mode 100644 index 0000000..a48edbc --- /dev/null +++ b/salt/fetcher/create.top @@ -0,0 +1,10 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'dom0': + - match: nodegroup + - fetcher.create diff --git a/salt/fetcher/init.top b/salt/fetcher/init.top new file mode 100644 index 0000000..a23e6e4 --- /dev/null +++ b/salt/fetcher/init.top @@ -0,0 +1,14 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'dom0': + - match: nodegroup + - fetcher.create + 'tpl-fetcher': + - fetcher.install + 'dvm-fetcher': + - fetcher.configure-dvm diff --git a/salt/fetcher/install.sls b/salt/fetcher/install.sls new file mode 100644 index 0000000..bdbd881 --- /dev/null +++ b/salt/fetcher/install.sls @@ -0,0 +1,31 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{% if grains['nodename'] != 'dom0' -%} + +include: + - dotfiles.copy-sh + - dotfiles.copy-x11 + - sys-pgp.install-client + +"{{ slsdotpath }}-updated": + pkg.uptodate: + - refresh: True + +"{{ slsdotpath }}-installed": + pkg.installed: + - refresh: True + - install_recommends: False + - skip_suggestions: True + - pkgs: + - qubes-core-agent-networking + - ca-certificates + - curl + - wget + - git + - rsync + +{% endif -%} diff --git a/salt/fetcher/install.top b/salt/fetcher/install.top new file mode 100644 index 0000000..056c6a9 --- /dev/null +++ b/salt/fetcher/install.top @@ -0,0 +1,9 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'tpl-fetcher': + - fetcher.install