From 2a82cc0dff4421ac416d78b26207822d435636b8 Mon Sep 17 00:00:00 2001 From: Andreas Glashauser Date: Tue, 1 Apr 2025 10:12:43 +0200 Subject: [PATCH] ADDED: states for setting up dangerzone --- .../dangerzone--configure-package-manager.sls | 49 +++++++++++++++++++ .../dangerzone--install-packages.sls | 18 +++++++ user_salt/common/dangerzone/init.sls | 3 ++ 3 files changed, 70 insertions(+) create mode 100644 user_salt/common/dangerzone/dangerzone--configure-package-manager.sls create mode 100644 user_salt/common/dangerzone/dangerzone--install-packages.sls create mode 100644 user_salt/common/dangerzone/init.sls diff --git a/user_salt/common/dangerzone/dangerzone--configure-package-manager.sls b/user_salt/common/dangerzone/dangerzone--configure-package-manager.sls new file mode 100644 index 0000000..5e9ae58 --- /dev/null +++ b/user_salt/common/dangerzone/dangerzone--configure-package-manager.sls @@ -0,0 +1,49 @@ +{% if grains['os'] == 'Fedora' and grains['id'] != 'dom0' %} + +dangerzone--configure-package-manager: + cmd.run: + - name: | + sudo dnf install 'dnf-command(config-manager)' + sudo dnf-3 config-manager --add-repo=https://packages.freedom.press/yum-tools-prod/dangerzone/dangerzone.repo + +{% elif grains['os'] == 'Debian' %} + +dangerzone--install-prerequisites: + pkg.installed: + - refresh: True + - pkgs: + - qubes-core-agent-networking + - gnupg2 + - ca-certificates + +dangerzone--create-keyrings-dir: + file.directory: + - name: /etc/apt/keyrings + - user: root + - group: root + - mode: 755 + - makedirs: True + +dangerzone--download-gpg-key: + cmd.run: + - name: | + all_proxy=http://127.0.0.1:8082 gpg --keyserver hkps://keys.openpgp.org \ + --no-default-keyring --keyring ./fpf-apt-tools-archive-keyring.gpg \ + --recv-keys "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281" && \ + mv fpf-apt-tools-archive-keyring.gpg /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg + - cwd: /tmp + - creates: /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg + - require: + - pkg: dangerzone--install-prerequisites + - file: dangerzone--create-keyrings-dir + +dangerzone--fpf-apt-repo: + pkgrepo.managed: + - name: deb [signed-by=/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg] https://packages.freedom.press/apt-tools-prod {{ grains['oscodename'] }} main + - humanname: Freedom of the Press Foundation Tools Repository Prod + - file: /etc/apt/sources.list.d/fpf-apt-tools.list + - refresh: True + - require: + - cmd: dangerzone--download-gpg-key + +{% endif %} diff --git a/user_salt/common/dangerzone/dangerzone--install-packages.sls b/user_salt/common/dangerzone/dangerzone--install-packages.sls new file mode 100644 index 0000000..bd5d2de --- /dev/null +++ b/user_salt/common/dangerzone/dangerzone--install-packages.sls @@ -0,0 +1,18 @@ +{% if grains['id'] != 'dom0' %} + +dangerzone--install-packages: + pkg.installed: + - refresh: True + - pkgs: + - qubes-core-agent-networking + - dangerzone + {% if grains['os'] == 'Fedora' %} + - require: + - cmd: dangerzone--configure-package-manager + {% endif %} + {% if grains['os'] == 'Debian' %} + - require: + - pkgrepo: dangerzone--fpf-apt-repo + {% endif %} + +{% endif %} diff --git a/user_salt/common/dangerzone/init.sls b/user_salt/common/dangerzone/init.sls new file mode 100644 index 0000000..fee19a3 --- /dev/null +++ b/user_salt/common/dangerzone/init.sls @@ -0,0 +1,3 @@ +include: + - common.dangerzone.dangerzone--configure-package-manager + - common.dangerzone.dangerzone--install-packages -- 2.39.5