From c15160c18fb09f0342f4102f080b30d64799d99c Mon Sep 17 00:00:00 2001 From: Your Name Date: Wed, 2 Apr 2025 23:34:59 -0600 Subject: testing new feed --- posts/installing-software-salt-qubes.html | 297 ++++++++++++++++++++++++++++++ 1 file changed, 297 insertions(+) create mode 100644 posts/installing-software-salt-qubes.html (limited to 'posts/installing-software-salt-qubes.html') diff --git a/posts/installing-software-salt-qubes.html b/posts/installing-software-salt-qubes.html new file mode 100644 index 0000000..04d4a19 --- /dev/null +++ b/posts/installing-software-salt-qubes.html @@ -0,0 +1,297 @@ + + + + + + + +Methods of installing software in QubesOS with Saltstack + + + + + +
+

Methods of installing software in QubesOS with Saltstack

+
+

Intro

+
+

+Here are some various methods of installing software that I’ve used in my personal salt configuration +

+
+
+
+

pkg.installed

+
+

+Here’s /srv/user_salt/pkgs/accounting.sls as an example. It uses the simplest way of installing programs, which is just listing them under pkg.installed which pulls them from your distros main repositories. This is the most preferable way to install software if it’s available. +

+ +
+
# Install accounting tools
+accounting--install-apps:
+  pkg.installed:
+    - pkgs:
+      - hledger # Command-line plain text accounting
+      - gnucash # Graphical GNU accounting suite
+
+
+
+
+
+

move a binary file into /usr/bin

+
+

+Here’s /srv/user_salt/pkgs/st.sls as an example. It takes a binary file that’s part of this salt repository, and moves it into the ~/usr/bin/ directory in a qube. +

+ +
+
# Installs my build of st terminal
+/usr/bin/st:
+  file.managed:
+    - source: salt://pkgs/bin/st.bin
+    - user: root
+    - group: root
+    - mode: 777
+
+
+
+
+
+

Install from third-party repo with a script

+
+

+Here’s /srv/user_salt/pkgs/signal.sls as an example. It starts by installing some dependencies using the most common pkg.installed method, then moves an install script /srv/user_salt/pkgs/install-scripts/signal-repo.sh into a qube and executes it to install the Signal messenger. +

+ +
+
...
+
+signal--repo-script:
+  file.managed: # file.managed lets you place files from your salt repo into qubes
+    - name: /usr/bin/install-repo # this is where the installation script is placed
+    - source: salt://pkgs/install-scripts/signal-repo.sh # This is where the installation script was sourced
+    - user: root # sets the owner of the file, you can usually default to root
+    - group: root # sets the group of the file, you can usually default to root
+    - mode: 777 # sets the permissions of the file, you can usually default to 777 (any user on the qube has permissions)
+
+# This simply executes the install-repo script in a qube
+'install-repo':
+  cmd.run
+
+
+ +

+Here’s the installation script that’s ran: +

+
+
+

/srv/user_salt/pkgs/install-scripts/signal-repo.sh

+
+
+
# Retrieves Signal's key for verifying the package
+# The request is proxied through 127.0.0.1:8082 to allow the template qube to access the internet
+sudo curl --proxy 127.0.0.1:8082 -s https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor | sudo tee -a /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
+
+# Defines Signal's repo in /etc/apt/sources.list.d/
+echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | tee /etc/apt/sources.list.d/signal-xenial.list
+
+# Updates packages and installs signal-desktop through the newly configured repository
+sudo apt update
+sudo apt install signal-desktop -y
+
+
+
+
+
+
+
+

Created: 2025-04-02 Wed 23:33

+
+ + -- cgit v1.2.3