This repository regroups SaltStack states I developed in order to customize my Qubes OS installation.
I assume you are already quite familiar with SaltStack and Qubes OS Management stack.
All these states must take place in the base salt environment in order to take advantage of the utility provided by Qubes OS with the default SaltStack configuration.
They rely on some formulas of mine from qubeos-formulas repository and can be deployed using sync-salt-dom0-from.sh from qubesos-scripts repository.
Following commands shows how to make sure sync performed successfully. Having other states, pillars or pillars enabled is not an issue until there is no collision.
To make sure states are ready and enabled, just execute following command on dom0:
sudo qubesctl top.enabledExpected result is:
local:
----------
base:
- /srv/salt/_tops/base/myq.topTo make sure pillars used by states are ready and enabled, just execute following command on dom0:
sudo qubesctl top.enabled pillar=TrueExpected result is:
local:
----------
base:
- /srv/pillar/_tops/base/myq.top
- /srv/pillar/_tops/base/topd.config.topFollowing commands shows how to make sure all states are applied to minions.
To check what highstate would be without really applying it, just execute following command on dom0:
sudo qubesctl state.highstate test=TrueLogs generated during state application for qubes are under: /var/log/qubes with naming: mgmt-<qube_name>.log.
To display SLS generated by a jinja template, just execute following command on dom0:
sudo qubesctl slsutil.renderer <sls-or-top-file-path> 'jinja'As an example:
sudo qubesctl slsutil.renderer '/srv/salt/myq/init.top' 'jinja'To display SLS generated for a specific state, just execute following command on dom0:
sudo qubesctl state.show_sls <state-path>As an example:
sudo qubesctl state.show_sls 'myq.dev.dev'