Create package to contain some common install files

3isec-common.spec

@@ -0,0 +1,27 @@
+Name:           3isec-qubes-common
+Version:        1.1
+Release:        1%{?dist}
+Summary:        Common files for 3isec packages
+
+License:        GPLv3+
+SOURCE0:        3isec-common
+
+%description
+This package provides base sls files for use by other 3isec packages
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}/srv/salt
+cp -rv %{SOURCE0}/  %{buildroot}/srv/salt
+
+%files
+%defattr(-,root,root,-)
+/srv/salt/3isec-common/*
+
+%post
+
+%preun
+
+%changelog
+* Mon Mar 11 2024 unman <unman@thirdeyesecurity.org>
+- First Build

3isec-common/mutt/install.sls

@@ -0,0 +1,80 @@
+# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
+#
+
+{% if grains['nodename'] != 'dom0' %}
+
+{% if salt['pillar.get']('update_proxy:caching') %}
+{% for repo in salt['file.find']('/etc/apt/sources.list.d/', name='*list') %}
+{{ repo }}_baseurl:
+  file.replace:
+    - name: {{ repo }}
+    - pattern: 'https://'
+    - repl: 'http://HTTPS///'
+    - flags: [ 'IGNORECASE', 'MULTILINE' ]
+    - backup: False
+
+{% endfor %}
+
+/etc/apt/sources.list:
+  file.replace:
+    - names:
+      - /etc/apt/sources.list
+    - pattern: 'https://'
+    - repl: 'http://HTTPS///'
+    - flags: [ 'IGNORECASE', 'MULTILINE' ]
+
+{% endif %}
+
+update:
+  pkg.uptodate:
+    - refresh: True
+
+installed:
+  pkg.installed:
+    - pkgs:
+      - qubes-core-agent-networking
+      - qubes-app-shutdown-idle
+      - qubes-gpg-split
+      - mb2md
+      - mutt
+      - notmuch
+      - notmuch-mutt
+      - offlineimap3
+      - openssh-client
+      - rsync
+      - w3m
+      - zenity
+    - skip_suggestions: True
+    - install_recommends: False
+
+change_timeout:
+  file.replace:
+    - name: /usr/lib/python3/dist-packages/qubesidle/idleness_monitor.py
+    - pattern: '15 * 60'
+    - repl: '3 * 60'
+    - flags: [ 'IGNORECASE', 'MULTILINE' ]
+
+default_muttrc:
+  file.managed:
+    - name: /etc/skel/.muttrc
+    - source: salt://3isec-common/mutt/muttrc
+    - user: user
+    - group: user
+
+helper_script:
+  file.managed:
+    - name: /etc/skel/setup_mutt.sh
+    - source: salt://3isec-common/mutt/setup_mutt.sh
+    - user: user
+    - group: user
+    - mode: 744
+
+helper_script_menu:
+  file.managed:
+    - name: /usr/share/applications/mutt_setup.desktop
+    - source: salt:/3isec-common/mutt/mutt_setup.desktop
+    - user: user
+    - group: user
+    - mode: 755
+
+{% endif %}

3isec-common/mutt/mutt_setup.desktop

@@ -0,0 +1,10 @@
+#!/usr/bin/env xdg-open
+
+[Desktop Entry]
+Categories=Office;Network;Email;
+Comment=Simple configuration for mutt
+Exec=/home/user/setup_mutt.sh
+Icon=mutt
+Name=Setup_mutt
+Terminal=false
+Type=Application

3isec-common/mutt/muttrc

@@ -0,0 +1,79 @@
+##############################
+###   USER CONFIGURATION   ### 
+# UNCOMMENT THE RELEVANT LINES AND INSERT YOUR DETAILS
+
+## PGP
+# Specify what key to use for signing here:
+#set pgp_sign_as=0x
+## END PGP
+
+
+## IMAP
+#set folder=imaps://IMAP_SERVER/
+#set imap_user=IMAP_USERNAME
+#set imap_pass=IMAP_PASSWORD
+#set spoolfile=+INBOX
+#set imap_check_subscribed
+## END IMAP
+
+
+## POP3
+#set pop_host=pops://POP3_SERVER
+#set pop_user=POP3_USERNAME
+#set pop_pass=POP3_PASSWORD
+#set pop_checkinterval=120
+#set pop_delete=ask-no
+#set pop_last=yes
+## END POP3
+
+
+## SMTP
+#set my_user=SMTP_USERNAME
+#set smtp_url=smtps://$my_user@SMTP_SERVER
+#set ssl_force_tls=yes
+#set record= +Sent
+#set smtp_pass=SMTP_PASSWORD
+#set realname=SMTP_REAL_NAME
+#set from=EMAIL_ADDRESS
+#set use_from=yes
+#set ssl_starttls=yes
+#set ssl_force_tls=yes
+## END SMTP
+
+### END USER CONFIGURATION ###
+##############################
+
+set pgp_use_gpg_agent = no
+set crypt_use_gpgme=no
+
+# decode application/pgp
+set pgp_decode_command="qubes-gpg-client-wrapper -d --status-fd=2 --batch  %f"
+
+# decrypt a pgp/mime attachment
+set pgp_decrypt_command="$pgp_decode_command"
+
+# verify a pgp/mime signature
+#set pgp_verify_command="gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f"
+
+set mbox_type=Maildir
+set record=+mail
+
+set header_cache = "/home/user/.cache/Mail/headers"
+set editor="vi -c ':set tw=72' "
+set pager_index_lines=10
+color index green black ~N
+color index yellow black ~O
+
+macro index <F8> \
+"<enter-command>set my_old_pipe_decode=\$pipe_decode my_old_wait_key=\$wait_key nopipe_decode nowait_key<enter>\
+<shell-escape>notmuch-mutt -r --prompt search<enter>\
+<change-folder-readonly>`echo ${XDG_CACHE_HOME:-$HOME/.cache}/notmuch/mutt/results`<enter>\
+<enter-command>set pipe_decode=\$my_old_pipe_decode wait_key=\$my_old_wait_key<enter>" \
+      "notmuch: search mail"
+
+macro index <F9> \
+"<enter-command>set my_old_pipe_decode=\$pipe_decode my_old_wait_key=\$wait_key nopipe_decode nowait_key<enter>\
+<pipe-message>/usr/bin/notmuch-mutt -r thread<enter> \
+<change-folder-readonly>/home/user/.cache/notmuch/mutt/results<enter> \
+<enter-command>set pipe_decode=\$my_old_pipe_decode wait_key=\$my_old_wait_key<enter>" \
+      "notmuch: reconstruct thread"

3isec-common/mutt/setup_mutt.sh

@@ -0,0 +1,102 @@
+#!/bin/bash
+target_file=/home/user/.muttrc
+
+if grep -q "##CONFIGURED" "$target_file" ; then
+  zenity --question  --text="Mutt is already configured\nDo you want to change configuration?" --no-wrap
+  if [ $? = 1 ];then
+    exit
+  else
+    configured=1
+  fi
+fi
+
+zenity --question --text="Do you have the details of your mail server ready?"
+if [ $? = 0 ] ;then
+
+  type="$(zenity --list --title="Connection type" --text="Select the connection type" --radiolist --column=Selection --column="Connection Type" \
+  FALSE "POP3" FALSE "IMAP" )"
+  if [ $? = 1 ]; then
+    exit
+  fi
+  if [ "x$type" == "x" ]; then
+    zenity --warning  --text="No connection type selected" --no-wrap
+    exit
+  fi
+
+  zenity --info  --text="Now you need to enter the details of your mail server.\nIf you leave the password blank you will be prompted for it each time you connect." --no-wrap
+  details="$(zenity --forms --title='Log in details' \
+                   --text='Enter information about your email server' \
+                   --add-entry='Server address' \
+                   --add-entry='Server port' \
+                   --add-entry='Username' \
+                   --add-password='Password' )"
+  if [ $? = 1 ]; then
+    exit
+  fi
+  if [[ $details =~ "||" ]]; then
+    zenity --warning  --text="Missing information"
+    exit
+  fi
+
+  zenity --info  --text="Now you need to enter the details of your SMTP server.\nIf you leave the password blank you will be prompted for it each time you send mail." --no-wrap
+  smtp_details="$(zenity --forms --title='Log in details' \
+                   --text='Enter information about your SMTP server' \
+                   --add-entry='Name on outgoing emails' \
+                   --add-entry='Email address' \
+                   --add-entry='Server address' \
+                   --add-entry='Server port' \
+                   --add-entry='Username' \
+                   --add-password='Password' )"
+  if [ $? = 1 ]; then
+    exit
+  fi
+  if [[ $smtp_details =~ "||" ]]; then
+    zenity --warning  --text="Missing information"
+    exit
+  fi
+  oldifs=$IFS
+  IFS='|' read -r server_address server_port name pw <<<$details
+  IFS='|' read -r smtp_outname email smtp_address smtp_port smtp_name smtp_pw <<<$smtp_details
+  IFS=$oldifs
+  if [ $type == "POP3" ]; then
+    type=POP
+  fi
+  if [ "x$pw" != "x" ]; then
+    sed -i -E "/$type/,/END $type/  s^(set ${type,,}_pass).*^\1=$pw^ " $target_file 
+  else
+    sed -i -E "/$type/,/END $type/  s^(set ${type,,}_pass).*^#\1=^ " $target_file 
+  fi
+  sed -i -E -e "/USER CONFIGURATION/,/END USER CONFIGURATION/  s/^([^#])/#\1/ " \
+            -e "/$type/,/END $type/  { //! s/^#// }" \
+            -e "/$type/,/END $type/  s^(set folder.*\/\/).*^\1$server_address:$server_port/^ " \
+            -e "/$type/,/END $type/  s^(set pop_host.*\/\/).*^\1$server_address:$server_port^ " \
+            -e "/$type/,/END $type/  s^(set ${type,,}_user).*^\1=$name^ " $target_file 
+
+  sed -i -E -e "/SMTP/,/END SMTP/  { //! s/^#// }" \
+            -e "/SMTP/,/END SMTP/  s^(set my_user=).*^\1$smtp_name^ " \
+            -e "/SMTP/,/END SMTP/  s^(set smtp_url.*\/\/).*^\1\$my_user@$smtp_address:$smtp_port^ " \
+            -e "/SMTP/,/END SMTP/  s^(set realname=).*^\1$smtp_outname^ " \
+            -e "/SMTP/,/END SMTP/  s^(set from=).*^\1$email^ " $target_file 
+  if [ "x$smtp_pw" != "x" ]; then
+    sed -i -E "/SMTP/,/END SMTP/  s^(set smtp_pass=).*^\1$smtp_pw^ " $target_file 
+  else
+    sed -i -E "/SMTP/,/END SMTP/  s^(set smtp_pass=).*^#\1^ " $target_file 
+  fi
+
+  zenity --question --text="Do you use PGP?"
+  if [ $? = 0 ] ;then
+    key=$(zenity --entry --title "PGP key ID" --text "Enter your PGP Key ID  0x....." )
+  else
+    sed -i -E "/PGP/,/END PGP/  s/^(set pgp_sign_as=).*/#\1/ " $target_file 
+  fi
+  if [ "x$key" != "x" ]; then
+    sed -i -E "/PGP/,/END PGP/  s^.*(set pgp_sign_as=).*^\1$key^ " $target_file 
+  fi
+  if [ $configured != 1 ];then
+    sed -i '1 i ##CONFIGURED '  $target_file
+  fi
+  exit
+else
+  zenity --error --text="You need those details to set up mutt."
+  exit
+fi