[Whonix-devel] [qubes-devel] Offering salt help
Marek Marczykowski-Górecki
marmarek at invisiblethingslab.com
Thu May 3 17:58:55 CEST 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, May 03, 2018 at 05:36:28PM +0200, viq wrote:
> On 18-05-03 15:34:31, Marek Marczykowski-Górecki wrote:
> > On Thu, May 03, 2018 at 03:22:53PM +0200, viq wrote:
> > > On 18-04-26 08:01:00, Patrick Schleizer wrote:
> > > > viq:
> > > > > I'm somewhat experienced with salt, are there any areas where additional
> > > > > set of eyes/hands would be useful?
> > > > >
> > > > > Sorry, my python skills are slowly approaching what could be called
> > > > > "basic", so don't count on much from that side.
> > > > >
> > > >
> > > > The release of Whonix 14 is currently blocked due to missing salt files.
> > > >
> > > > Qubes-Whonix 14 SaltStack state files required
> > > >
> > > > https://github.com/QubesOS/qubes-issues/issues/3765
> > > >
> > > > If you could help out with that one, that would be amazing!
> > >
> > > I started looking at it, which led me to anon-whonix state [0] and
> > > related, and unless I'm missing something the first, simplest, naive
> > > approach would be to append "-14" to all references of templates,
> > > something like this commit [1]. Which seems way too simple, so please
> > > tell me what am I missing besides the "we want to control it via a
> > > variable" :)
> >
> > I think it's that simple. But as you've said, better add pillar for
> > that, so one could easily switch later to 15 or so.
>
> OK, then an attempt at doing that in another commit [2]. I tried to make it
> so that the default version ("14") could be changed in one spot, I'm not
> certain that adding to the load macro is the right spot - or is it?
> Also, I realised I'm most likely not using it correctly, thus [3],
Template processing order probably is wrong in [2] -
defaults.whonix_version is defined only in `load` function, but you try
to use it while defining `defaults`.
> but I
> think a single place to define the default version instead of
> {{ salt['pillar.get']('qvm:whonix:version', '14') }} throughout multiple
> files would be better.
I think you can create a single helper file with just {% set
whonix_version ... %} and include it wherever you need.
> > Thanks for looking into it!
> >
> > > As a side note, while it may be late for that, I think I'd prefer to have
> > > DVM name be closer to AppVM names than template names. When we'd have eg
> > > whonix-ws-14 and based on in anon-whonix, DVM for me should be named
> > > anon-whonix-dvm, and not whonix-ws-dvm. Or should it be
> > > whonix-ws-14-dvm, and anon-whonix preference for DVM adjusted when we
> > > get whonix 15?
>
> Part of my modifications creates whonix-ws-{{ version }}-dvm
>
> > > [0] https://github.com/QubesOS/qubes-mgmt-salt-dom0-virtual-machines/blob/master/qvm/anon-whonix.sls
> > > [1] https://github.com/viq/qubes-mgmt-salt-dom0-virtual-machines/commit/857ee77adef6ce970b5d2948804ff04928164525
> [2] https://github.com/viq/qubes-mgmt-salt-dom0-virtual-machines/commit/4b7a07ba8e4b1e5f4aa458a9d2a586bd6730340f
> [3] https://github.com/viq/qubes-mgmt-salt-dom0-virtual-machines/commit/dc5cbf32942548c5753824afce8875c2063b1ef9
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlrrMb4ACgkQ24/THMrX
1yyz3gf/Zc+RK2thRB41gnFZFKv3kHaYsRciIyjoAYnH6RVnfulivnb80vz6T9bI
IwIyArKUWWzobOeOdwVT2UkxGurKQXJboeYQTOk14DDvYfQGT9+QAUi2L5SDRt+L
Y63FGt8ibW0tWzv8R32cMh9CMSprS5HIwCXaxW1ExxS1mljCMMA6PQtbDeGWfinY
Q+EEZLIwTFQnnEDkV8xeh9DLzSLJoRWYiQPUhy4j346dCuRCvG9vP9euDsHHL9tq
7biPYg0bGU1DzOTbhqwN+B5/7R73FERCGQSkn6zbFPovxfxlMh5ZOB4Be1bz9O/Y
1wj3nHf5j4ZdfMT6a8ZqMY0VMPRDZQ==
=ZCBt
-----END PGP SIGNATURE-----
More information about the Whonix-devel
mailing list