ADDED: state for setting up a dedicated signal qube

author Andreas Glashauser <ag@andreasglashauser.com>

Sat, 5 Apr 2025 21:13:25 +0000 (23:13 +0200)

committer Andreas Glashauser <ag@andreasglashauser.com>

Sat, 5 Apr 2025 21:13:25 +0000 (23:13 +0200)
author Andreas Glashauser <ag@andreasglashauser.com>
Sat, 5 Apr 2025 21:13:25 +0000 (23:13 +0200)
committer Andreas Glashauser <ag@andreasglashauser.com>
Sat, 5 Apr 2025 21:13:25 +0000 (23:13 +0200)
diff --git a/user_salt/signal/files/signal-desktop-keyring.gpg b/user_salt/signal/files/signal-desktop-keyring.gpg

new file mode 100644 (file)

index 0000000..b5e68a0

Binary files /dev/null and b/user_salt/signal/files/signal-desktop-keyring.gpg differ
diff --git a/user_salt/signal/files/signal-xenial.list b/user_salt/signal/files/signal-xenial.list

new file mode 100644 (file)

index 0000000..a5b6c13
--- /dev/null
+++ b/user_salt/signal/files/signal-xenial.list
@@ -0,0 +1 @@
+deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main
diff --git a/user_salt/signal/init.sls b/user_salt/signal/init.sls

new file mode 100644 (file)

index 0000000..55edbb8
--- /dev/null
+++ b/user_salt/signal/init.sls
@@ -0,0 +1,5 @@
+include:
+  - signal.signal--create-template
+  - signal.signal--configure-package-manager
+  - signal.signal--install-packages
+  - signal.signal--create-qube
diff --git a/user_salt/signal/signal--configure-package-manager.sls b/user_salt/signal/signal--configure-package-manager.sls

new file mode 100644 (file)

index 0000000..86ab0de
--- /dev/null
+++ b/user_salt/signal/signal--configure-package-manager.sls
@@ -0,0 +1,32 @@
+{% if grains['id'] == 'template-signal' %}
+
+signal--create-keyrings-dir:
+  file.directory:
+    - name: /etc/apt/keyrings
+    - user: root
+    - group: root
+    - mode: 755
+    - makedirs: True
+
+signal--gpg-key:
+  file.managed:
+    - name: /usr/share/keyrings/signal-desktop-keyring.gpg
+    - source: salt://signal/files/signal-desktop-keyring.gpg
+    - user: root
+    - group: root
+    - mode: 644
+    - require:
+      - file: signal--create-keyrings-dir
+
+signal--apt-repo:
+  pkgrepo.managed:
+    - name: deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main
+    - humanname: Signal Repository
+    - file: /etc/apt/sources.list.d/signal-xenial.list
+    - refresh: True
+    - require:
+      - cmd: dangerzone--download-gpg-key
+    - require:
+      - file: signal--gpg-key
+
+{% endif %}
diff --git a/user_salt/signal/signal--create-qube.sls b/user_salt/signal/signal--create-qube.sls

new file mode 100644 (file)

index 0000000..8f6e0b7
--- /dev/null
+++ b/user_salt/signal/signal--create-qube.sls
@@ -0,0 +1,20 @@
+{% if grains['id'] == 'dom0' %}
+
+signal--create-app-qube:
+  qvm.vm:
+    - name: q-signal
+    - present:
+      - template: template-signal
+      - label: yellow
+    - prefs:
+      - label: yellow
+      - audiovm: sys-audio
+      - guivm: dom0
+      - netvm: sys-vpn-mullvad
+    - features:
+      - set:
+        - menu-items: signal-desktop.desktop
+    - require:
+      - qvm: signal--create-template
+
+{% endif %}
diff --git a/user_salt/signal/signal--create-template.sls b/user_salt/signal/signal--create-template.sls

new file mode 100644 (file)

index 0000000..77ea2a6
--- /dev/null
+++ b/user_salt/signal/signal--create-template.sls
@@ -0,0 +1,26 @@
+{% import "templates/versions.jinja" as version %}
+
+include:
+  - templates.templates--install-debian-minimal
+
+{% if grains['id'] == 'dom0' %}
+
+signal--create-template:
+  qvm.clone:
+    - name: template-signal
+    - source: debian-{{ version.debian }}-minimal
+    - class: TemplateVM
+    - require:
+      - qvm: templates--install-debian-{{ version.debian }}-minimal
+
+signal--create-template-prefs:
+  qvm.prefs:
+    - name: template-signal
+    - label: yellow
+    - audiovm:
+    - guivm:
+    - netvm:
+    - require:
+      - qvm: signal--create-template
+
+{% endif %}
diff --git a/user_salt/signal/signal--install-packages.sls b/user_salt/signal/signal--install-packages.sls

new file mode 100644 (file)

index 0000000..0d79a41
--- /dev/null
+++ b/user_salt/signal/signal--install-packages.sls
@@ -0,0 +1,19 @@
+{% if grains['id'] == 'template-signal' %}
+
+signal--install-packages:
+  pkg.installed:
+    - refresh: True
+    - pkgs:
+      - qubes-core-agent-networking
+      - qubes-app-shutdown-idle
+      - signal-desktop
+      - libayatana-appindicator3-1
+      - dunst
+      - libatk1.0-0
+      - libatk-bridge2.0-0
+      - libcups2
+      - libgtk-3-0
+    - require:
+      - pkgrepo: signal--apt-repo
+
+{% endif %}
author	Andreas Glashauser <ag@andreasglashauser.com>
	Sat, 5 Apr 2025 21:13:25 +0000 (23:13 +0200)
committer	Andreas Glashauser <ag@andreasglashauser.com>
	Sat, 5 Apr 2025 21:13:25 +0000 (23:13 +0200)
user_salt/signal/files/signal-desktop-keyring.gpg	[new file with mode: 0644]	patch \| blob
user_salt/signal/files/signal-xenial.list	[new file with mode: 0644]	patch \| blob
user_salt/signal/init.sls	[new file with mode: 0644]	patch \| blob
user_salt/signal/signal--configure-package-manager.sls	[new file with mode: 0644]	patch \| blob
user_salt/signal/signal--create-qube.sls	[new file with mode: 0644]	patch \| blob
user_salt/signal/signal--create-template.sls	[new file with mode: 0644]	patch \| blob
user_salt/signal/signal--install-packages.sls	[new file with mode: 0644]	patch \| blob