2022-08-05 08:18:39 -04:00
|
|
|
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
|
|
|
|
#
|
|
|
|
|
|
|
|
{% if grains['nodename'] != 'dom0' %}
|
2024-02-12 18:22:59 -05:00
|
|
|
{% for repo in salt['file.find']('/etc/apt/sources.list.d/', name='*list') %}
|
|
|
|
{{ repo }}_baseurl:
|
|
|
|
file.replace:
|
|
|
|
- name: {{ repo }}
|
|
|
|
- pattern: 'https://'
|
|
|
|
- repl: 'http://HTTPS///'
|
|
|
|
- flags: [ 'IGNORECASE', 'MULTILINE' ]
|
|
|
|
- backup: False
|
|
|
|
|
|
|
|
{% endfor %}
|
2022-08-05 08:18:39 -04:00
|
|
|
|
|
|
|
/etc/apt/sources.list:
|
|
|
|
file.replace:
|
|
|
|
- names:
|
|
|
|
- /etc/apt/sources.list
|
|
|
|
- pattern: 'http://HTTPS///'
|
|
|
|
- repl: 'https://'
|
|
|
|
- flags: [ 'IGNORECASE', 'MULTILINE' ]
|
|
|
|
|
2022-08-05 08:29:21 -04:00
|
|
|
|
2022-08-05 08:18:39 -04:00
|
|
|
{% set IP = salt['cmd.shell']('qubesdb-read /qubes-ip') %}
|
|
|
|
{% set GW = salt['cmd.shell']('qubesdb-read /qubes-gateway') %}
|
|
|
|
|
2024-02-03 00:35:48 -05:00
|
|
|
/etc/network/interfaces.d/enX0:
|
2022-08-05 08:18:39 -04:00
|
|
|
file.managed:
|
|
|
|
- source:
|
2024-02-03 00:35:48 -05:00
|
|
|
- salt://pihole/enX0
|
2022-08-05 08:18:39 -04:00
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- makedirs: True
|
|
|
|
|
|
|
|
set_ip:
|
|
|
|
file.line:
|
2024-02-03 00:35:48 -05:00
|
|
|
- name: /etc/network/interfaces.d/enX0
|
2022-08-05 08:18:39 -04:00
|
|
|
- match: address
|
|
|
|
- mode: replace
|
|
|
|
- content: "address {{IP}}"
|
|
|
|
|
|
|
|
set_gw:
|
|
|
|
file.line:
|
2024-02-03 00:35:48 -05:00
|
|
|
- name: /etc/network/interfaces.d/enX0
|
2022-08-05 08:18:39 -04:00
|
|
|
- match: gateway
|
|
|
|
- mode: replace
|
|
|
|
- content: "gateway {{GW}}"
|
|
|
|
|
|
|
|
'systemctl restart networking':
|
|
|
|
cmd.run:
|
|
|
|
- runas: root
|
|
|
|
|
|
|
|
Pihole_update:
|
|
|
|
pkg.uptodate:
|
|
|
|
- refresh: True
|
|
|
|
|
2022-08-05 08:29:21 -04:00
|
|
|
Pihole_installed:
|
|
|
|
pkg.installed:
|
|
|
|
- pkgs:
|
|
|
|
- qubes-core-agent-networking
|
|
|
|
- qubes-core-agent-passwordless-root
|
2022-09-02 11:49:48 -04:00
|
|
|
- qubes-core-agent-dom0-updates
|
2022-08-05 08:29:21 -04:00
|
|
|
- curl
|
|
|
|
- dnsutils
|
|
|
|
- firefox-esr
|
|
|
|
- git
|
|
|
|
- idn2
|
|
|
|
- lighttpd
|
|
|
|
- netcat-openbsd
|
|
|
|
- php-cgi
|
|
|
|
- php-common
|
|
|
|
- php-intl
|
|
|
|
- php-json
|
|
|
|
- php-sqlite3
|
|
|
|
- php-xml
|
|
|
|
- unzip
|
|
|
|
|
|
|
|
https://github.com/pi-hole/pi-hole.git:
|
|
|
|
git.latest:
|
|
|
|
- name: https://github.com/pi-hole/pi-hole.git
|
|
|
|
- user: root
|
|
|
|
- target: /root/pi-hole
|
|
|
|
|
2022-08-05 09:00:01 -04:00
|
|
|
/etc/pihole/setupVars.conf:
|
|
|
|
file.managed:
|
|
|
|
- source:
|
|
|
|
- salt://pihole/setupVars.conf
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- makedirs: True
|
|
|
|
|
|
|
|
Pihole-setup:
|
|
|
|
cmd.run:
|
|
|
|
- name: '/root/pi-hole/automated\ install/basic-install.sh --unattended'
|
|
|
|
|
2022-08-05 10:07:16 -04:00
|
|
|
/rw/config/qubes-firewall.d/update_nft.sh:
|
|
|
|
file.managed:
|
|
|
|
- source:
|
|
|
|
- salt://pihole/update_nft.sh
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- makedirs: True
|
|
|
|
- mode: 755
|
|
|
|
|
2024-02-03 00:35:48 -05:00
|
|
|
/rw/config/qubes-firewall.d/update_nft.nft:
|
2022-08-05 10:07:16 -04:00
|
|
|
file.managed:
|
|
|
|
- source:
|
2024-02-03 00:35:48 -05:00
|
|
|
- salt://pihole/update_nft.nft
|
2022-08-05 10:07:16 -04:00
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- makedirs: True
|
|
|
|
- mode: 755
|
|
|
|
|
2024-02-03 00:35:48 -05:00
|
|
|
/rw/config/network-hooks.d/internalise.sh:
|
2022-08-05 21:30:13 -04:00
|
|
|
file.managed:
|
|
|
|
- source:
|
2024-02-03 00:35:48 -05:00
|
|
|
- salt://pihole/internalise.sh
|
2022-08-05 21:30:13 -04:00
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- makedirs: True
|
|
|
|
- mode: 755
|
|
|
|
|
2024-02-03 00:35:48 -05:00
|
|
|
/rw/config/network-hooks.d/update_nft.sh:
|
2022-08-05 21:30:13 -04:00
|
|
|
file.managed:
|
|
|
|
- source:
|
2024-02-03 00:35:48 -05:00
|
|
|
- salt://pihole/update_nft.sh
|
2022-08-05 21:30:13 -04:00
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- makedirs: True
|
|
|
|
- mode: 755
|
|
|
|
|
2022-08-05 10:07:16 -04:00
|
|
|
/etc/dnsmasq.conf:
|
|
|
|
file.prepend:
|
|
|
|
- text:
|
|
|
|
- interface=lo
|
|
|
|
- bind-interfaces
|
|
|
|
|
2022-08-05 08:18:39 -04:00
|
|
|
{% endif %}
|