testing new feed

1 files changed, 81 insertions, 0 deletions

diff --git a/posts/installing-software-salt-qubes.org b/posts/installing-software-salt-qubes.org
new file mode 100644
index 0000000..19d1f11
--- /dev/null
+++ b/posts/installing-software-salt-qubes.org
@@ -0,0 +1,81 @@
+#+title: Methods of installing software in QubesOS with Saltstack
+#+OPTIONS: num:nil toc:nil
+#+HTML_HEAD_EXTRA: <style>*{font-family: sans-serif !important}</style>
+
+** Intro
+Here are some various methods of installing software that I've used in my personal salt configuration
+** pkg.installed
+:PROPERTIES:
+:ID:       0e128288-8e86-41b1-9d4e-8ed5d431d110
+:END:
+
+Here's ~/srv/user_salt/pkgs/accounting.sls~ as an example. It uses the simplest way of installing programs, which is just listing them under ~pkg.installed~ which pulls them from your distros main repositories. This is the most preferable way to install software if it's available.
+
+#+begin_src salt
+# Install accounting tools
+accounting--install-apps:
+  pkg.installed:
+    - pkgs:
+      - hledger # Command-line plain text accounting
+      - gnucash # Graphical GNU accounting suite
+#+end_src
+
+** move a binary file into /usr/bin
+:PROPERTIES:
+:ID:       0dacbd16-7ddd-420e-8422-acff908a3c46
+:END:
+
+Here's ~/srv/user_salt/pkgs/st.sls~ as an example. It takes a binary file that's part of this salt repository, and moves it into the ~/usr/bin/ directory in a qube.
+
+#+begin_src salt
+# Installs my build of st terminal
+/usr/bin/st:
+  file.managed:
+    - source: salt://pkgs/bin/st.bin
+    - user: root
+    - group: root
+    - mode: 777
+#+end_src
+
+** Install from third-party repo with a script
+:PROPERTIES:
+:ID:       98e7e2ec-b88b-4a92-a065-5876a4f7c0ed
+:END:
+
+Here's ~/srv/user_salt/pkgs/signal.sls~ as an example. It starts by installing some dependencies using the most common ~pkg.installed~ method, then moves an install script ~/srv/user_salt/pkgs/install-scripts/signal-repo.sh~ into a qube and executes it to install the Signal messenger.
+
+#+begin_src salt
+...
+
+signal--repo-script:
+  file.managed: # file.managed lets you place files from your salt repo into qubes
+    - name: /usr/bin/install-repo # this is where the installation script is placed
+    - source: salt://pkgs/install-scripts/signal-repo.sh # This is where the installation script was sourced
+    - user: root # sets the owner of the file, you can usually default to root
+    - group: root # sets the group of the file, you can usually default to root
+    - mode: 777 # sets the permissions of the file, you can usually default to 777 (any user on the qube has permissions)
+
+# This simply executes the install-repo script in a qube
+'install-repo':
+  cmd.run
+#+end_src
+
+Here's the installation script that's ran:
+
+*** ~/srv/user_salt/pkgs/install-scripts/signal-repo.sh~
+:PROPERTIES:
+:ID:       f07d4cd1-6ec6-41da-af32-41b9512eefb9
+:END:
+
+#+begin_src bash
+# Retrieves Signal's key for verifying the package
+# The request is proxied through 127.0.0.1:8082 to allow the template qube to access the internet
+sudo curl --proxy 127.0.0.1:8082 -s https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor | sudo tee -a /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
+
+# Defines Signal's repo in /etc/apt/sources.list.d/
+echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | tee /etc/apt/sources.list.d/signal-xenial.list
+
+# Updates packages and installs signal-desktop through the newly configured repository
+sudo apt update
+sudo apt install signal-desktop -y
+#+end_src