From f3b0eaf66369165ffac28e10d21839a1562e371f Mon Sep 17 00:00:00 2001 From: Andreas Glashauser Date: Sat, 5 Apr 2025 23:13:25 +0200 Subject: [PATCH] ADDED: state for setting up a dedicated signal qube --- .../signal/files/signal-desktop-keyring.gpg | Bin 0 -> 2223 bytes user_salt/signal/files/signal-xenial.list | 1 + user_salt/signal/init.sls | 5 +++ .../signal--configure-package-manager.sls | 32 ++++++++++++++++++ user_salt/signal/signal--create-qube.sls | 20 +++++++++++ user_salt/signal/signal--create-template.sls | 26 ++++++++++++++ user_salt/signal/signal--install-packages.sls | 19 +++++++++++ 7 files changed, 103 insertions(+) create mode 100644 user_salt/signal/files/signal-desktop-keyring.gpg create mode 100644 user_salt/signal/files/signal-xenial.list create mode 100644 user_salt/signal/init.sls create mode 100644 user_salt/signal/signal--configure-package-manager.sls create mode 100644 user_salt/signal/signal--create-qube.sls create mode 100644 user_salt/signal/signal--create-template.sls create mode 100644 user_salt/signal/signal--install-packages.sls diff --git a/user_salt/signal/files/signal-desktop-keyring.gpg b/user_salt/signal/files/signal-desktop-keyring.gpg new file mode 100644 index 0000000000000000000000000000000000000000..b5e68a0406c738a31fff4c4de4352399168f47e8 GIT binary patch literal 2223 zcmV;g2vGN#0u2OM(o>8@%6k}|}?l=%0SOu3ZEv`h(5}P#jS~+r;ni_t? zNrY}n3T$7un?2=;`~jag0jB9PBsd%;D!g%b>g1aPJsnB_zNv@#Fe&JRHV?d@SSo$G zE|9Kz$n@BA*o^WS6BXQjFQP&vrbcKpABq|fn`as*3957C<)#ZtY!dXhm}|^BLOzmj z3D<7a)N-*mDtrKvN{26^rZjd|%{;?=k4_68$XqC4Vy5EVBg(M^TBR_A2?3-B{hbyu-z z`(BqDmG2_lBBYy=;9s2YN29S#xq(t@O@O2#%Mkibv-h|F=KDkXd&>zz&^r!XSu75R zxhTF#4VE>_vMjyO{!&EJpix;;bnH^$rUT7izb)%h{& zpqVsRbL8kTCMb1Ld2on&XX>a=?Hijoo_GjW{u2zd4OL2yaWWyDMR?!zBgV8@m3sM) z>C?dM47Un`rvtRDHObYOKTANPRJLcbY=b7b(Qete|J9O)!>SXe6G6j12p8WmDPFcp zxXIB0%=!ihx|aYE0RRECF;8%1ZXj1^X>)L8av)QAb97~Gb09o(b#QQRa&$mSkmbwQ$LenA^WjruSBy1}5gDmquCEazRgY!GTe2D=Ks| zLHj`OCoX_e4j$$H{Uw0bPxP~Py%Q{{ojr50Yf~GGeiV7O2<>5et8Jd_3Sp%0$!vE6 z_};Q&(|Q&~0GOL38c85yI}H494iT_XORzqA4gNLM5f&1f>^|or>z`aRlQBgkQlnTb zFRHzjPbRgeE7oins}Imc8BOs9l3@)~Ie<$Xj4|$s9%;D(SvY#~UPFCU<~+Ne)>2qS zb)_MuNJ2|Q(rwAdA{3fz5})ZVLiC7M_t76)92$CZ4&aS;>Sxwz63lI6z;3B7^ktlo zcI~nlGy(=r-YlS_xdIIYSmjD50T2MJ#3I#DPSm>_1dP_@PLzbo$`cQ&BXeoiKlg%& zf;oevumk&0DkKPH!I`l(LH0!33l0c%}P9Zejg5#BZLFfWB1;NduI zfH?6HjBtsAZ5J1B#)FQwiEkd>RJ#cPb8eYb32*2zsN>lQ9P3j{w;Xe_%NL9ygvRFf z9}tiMi(a1K?JZ9C8@@rJ2v#RwT_Q>yoI*7H{M>TLB0rp7Rtcn7lj!#niMFs(<_8k9 zyqX!0SYnR#L|o*gnqC3o>m-`3`(mmeTeJ|B8?(k08FHnahmtlcAmHYavR76nV8aML zR#DMv*t1<$D<8rt;Erq(}ece{1J#N0A zI`)jQ>kCJg>oBiXSpCN59PbI}o%tnGAz=qhIi%UGey64H*f?@{Yqm2i$K9_SvnyOG z=NrHDxEz$k-69YQzIK-e4mFO*o#uT8bcdFDPZj}Fa=z>6PYJgeZodAR6Tyn2@u(Up>$XF`v$!j z5CEPnT5`5dcLJvFXG|+m@mybu+f%yha+GTp*tl_+A8V%c_|slt+46=SPT zG|D0gX{~au(j>xY$(%P_hy2-{{kJ*)a*5+X!}Mr_h0hE%TyEHjq`-#2+3RT>hUp0B zXw+hDu<^v%Fh)V3j0jj7W-eTs4j9NYncicRZZEPMB9y;<**2F4z`?_6>p$y@VL3%< zcK|{SbhQqE2$eCY4JD#}YM$gV%nmMsHW)uRnr7_{XQp*VcOH6+9{nb7S7Wha`Y#B= zxabO(VS}w;q1VZT``MKTQt0kH*j&_yT?6_SP{in1Mmt%}2F-{kFz=b{DV*<`|4MLl zC#wN5*0!*Uz{7{Fv5QJ1$`U!vxBmEmsMp2ON}F!a+lfv1&t<4Va~lZSFTIB~ZYkGBoc`@pRbsr9j51ybf^eY#`=ji15(t-5X*X zTFRH!Ev4GKxOS4ZQScdXRetue3^J#dnWuHwm literal 0 HcmV?d00001 diff --git a/user_salt/signal/files/signal-xenial.list b/user_salt/signal/files/signal-xenial.list new file mode 100644 index 0000000..a5b6c13 --- /dev/null +++ b/user_salt/signal/files/signal-xenial.list @@ -0,0 +1 @@ +deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main diff --git a/user_salt/signal/init.sls b/user_salt/signal/init.sls new file mode 100644 index 0000000..55edbb8 --- /dev/null +++ b/user_salt/signal/init.sls @@ -0,0 +1,5 @@ +include: + - signal.signal--create-template + - signal.signal--configure-package-manager + - signal.signal--install-packages + - signal.signal--create-qube diff --git a/user_salt/signal/signal--configure-package-manager.sls b/user_salt/signal/signal--configure-package-manager.sls new file mode 100644 index 0000000..86ab0de --- /dev/null +++ b/user_salt/signal/signal--configure-package-manager.sls @@ -0,0 +1,32 @@ +{% if grains['id'] == 'template-signal' %} + +signal--create-keyrings-dir: + file.directory: + - name: /etc/apt/keyrings + - user: root + - group: root + - mode: 755 + - makedirs: True + +signal--gpg-key: + file.managed: + - name: /usr/share/keyrings/signal-desktop-keyring.gpg + - source: salt://signal/files/signal-desktop-keyring.gpg + - user: root + - group: root + - mode: 644 + - require: + - file: signal--create-keyrings-dir + +signal--apt-repo: + pkgrepo.managed: + - name: deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main + - humanname: Signal Repository + - file: /etc/apt/sources.list.d/signal-xenial.list + - refresh: True + - require: + - cmd: dangerzone--download-gpg-key + - require: + - file: signal--gpg-key + +{% endif %} diff --git a/user_salt/signal/signal--create-qube.sls b/user_salt/signal/signal--create-qube.sls new file mode 100644 index 0000000..8f6e0b7 --- /dev/null +++ b/user_salt/signal/signal--create-qube.sls @@ -0,0 +1,20 @@ +{% if grains['id'] == 'dom0' %} + +signal--create-app-qube: + qvm.vm: + - name: q-signal + - present: + - template: template-signal + - label: yellow + - prefs: + - label: yellow + - audiovm: sys-audio + - guivm: dom0 + - netvm: sys-vpn-mullvad + - features: + - set: + - menu-items: signal-desktop.desktop + - require: + - qvm: signal--create-template + +{% endif %} diff --git a/user_salt/signal/signal--create-template.sls b/user_salt/signal/signal--create-template.sls new file mode 100644 index 0000000..77ea2a6 --- /dev/null +++ b/user_salt/signal/signal--create-template.sls @@ -0,0 +1,26 @@ +{% import "templates/versions.jinja" as version %} + +include: + - templates.templates--install-debian-minimal + +{% if grains['id'] == 'dom0' %} + +signal--create-template: + qvm.clone: + - name: template-signal + - source: debian-{{ version.debian }}-minimal + - class: TemplateVM + - require: + - qvm: templates--install-debian-{{ version.debian }}-minimal + +signal--create-template-prefs: + qvm.prefs: + - name: template-signal + - label: yellow + - audiovm: + - guivm: + - netvm: + - require: + - qvm: signal--create-template + +{% endif %} diff --git a/user_salt/signal/signal--install-packages.sls b/user_salt/signal/signal--install-packages.sls new file mode 100644 index 0000000..0d79a41 --- /dev/null +++ b/user_salt/signal/signal--install-packages.sls @@ -0,0 +1,19 @@ +{% if grains['id'] == 'template-signal' %} + +signal--install-packages: + pkg.installed: + - refresh: True + - pkgs: + - qubes-core-agent-networking + - qubes-app-shutdown-idle + - signal-desktop + - libayatana-appindicator3-1 + - dunst + - libatk1.0-0 + - libatk-bridge2.0-0 + - libcups2 + - libgtk-3-0 + - require: + - pkgrepo: signal--apt-repo + +{% endif %} -- 2.39.5