Linux distrohoppers tool with Saltstack
Github can be found here
My goal is to make a privacy minded distrohoppers toolbox. So that I can easily change distros and install all my needed aplications and configs. The other reason is to make privacy easy. If you run this you get https://someonewhocares.org/hosts/hosts hosts file. Firefox with disabled telemetry and duckduckgo as startpage, Nextcloud client and keepassxc and enables firewall. My goal is to make a salt like Tero Karvinen sirotin That when I try new Linux distros I can always just run a local salt putting everything in same state.
- Removes Titlebar!
- Smooth scrolling like shown here
- Removed all telemetry in about:config
- Removed alert when closing multiple tabs
- Enabled white default theme
- Enabled autoscrolling
Destroy all the ads
My salt installs [someonewhocares hosts file] (https://someonewhocares.org/hosts/hosts) so you will not see ads and protects your privacy.
Firewall with only ssh enabled
Okey here are some details it will add a watch state to salt so it will restart firewall if rules are changed. And port 22/tcp is only openone with ipv4 and ipv6
- keepassxc (adds offical PPA)
- nextcloud-client (adds offical PPA)
- ufw (enables it only ssh open)
- # stacer (system monitor) (adds offical PPA, not ready for 18.10)
- signal desktop (adds offical PPA)
Problems installing salt-minion
I have been running tests with many different Distros and I came across a problem, not all distros installed salt-minion with apt mainly Ubuntu 18.10 based distros that had some missing dependencies?
I found the official multiplatform bootstrap installer for salt. It works very well with but its not perfect. With linux mint and Kde Neon I get this error “No dependencies installation function found. Exitting…”
I made a workaround with
if [ ! -d /srv/]; then curl -L https://bootstrap.saltstack.com -o install_salt.sh sudo sh install_salt.sh -P fi
Dealing with error messages
salt minion not found. trying to add
sudo apt-add-repository multiverse to the instalation code. And I got this error
also happens on xubuntu 18.10
Update: I noticed that Stacer does not yet support 18.10 with ppa so you will get an error if you install it on newer machines. I have commented it out for now.
Still errors so the next thing I was wondering if the saltstack 2017 what comes with multiverse is the reason for my error messages so I searched for Saltstack PPA and found it. I added the file to my github and added these lines in the start of my instalation file
wget -O - https://repo.saltstack.com/apt/debian/9/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add - cd /etc/apt/sources.list.d/ wget https://raw.githubusercontent.com/aksratamo/salt/master/saltstack.list
Now it wil install the 2018 Saltstack. And IT WORKS!
* Xubuntu 18.04.1 and 18.10,
* Ubuntu 18.04.1 and 18.10
* Kubuntu 18.04.1 and 18.10
* Linux Mint 19.1 Cinnamon
* Linux Mint 19 Mate
* Linux Mint 19 Xfce
* ElementaryOs (adding ppa not working)
* KdeNeon (adding ppa not working)
But I still get some error messages with KdeNeon and ElementaryOS
Explaining the code
In https://github.com/aksratamo/salt/tree/master/instalation-scripts you will find 2 files called “linux-advanced.sh” and “linux-basic.sh” both do essentially the same. They first they check if it has run already bu checking if helloworld.txt exists (created if salt manages to run). The code was borrowed from an other student project jisosomppi.
if [ -f /tmp/helloworld.txt ]; then echo "===> This install script has already been run! It is intended to be run only once <===" exit 0 fi
Then it will add the official repo for Saltstack because the Saltstack on ubuntu repo does not work with 18.10.
wget -O - https://repo.saltstack.com/apt/debian/9/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add - cd /etc/apt/sources.list.d/ wget https://raw.githubusercontent.com/aksratamo/salt/master/saltstack.list cd
Next it will install Git and Salt minion and gives the minion ID. This is the only difference in advanced the minion ID is “linux-advanced” and with basic installation its “linux-apps”
sudo apt-get update sudo apt-get install git salt-minion -y sudo echo -e "master: localhost\nid: linux-apps" | sudo tee /etc/salt/minion
And as last step it will pull my salt project from git and runs it.
cd /srv/ sudo git clone https://github.com/aksratamo/salt cd salt/ sudo salt-call --local state.apply
The basic installation first installs apps I like. Then it configures Firewall and will watch the files so if the Salt files are changed it will restart Firewall automatically.
#Enable Firewall and configs /etc/ufw/ufw.conf: file.managed: - source: salt://linux-apps/ufw.conf - show_changes: False /etc/ufw/user.rules: file.managed: - source: salt://linux-apps/user.rules - show_changes: False /etc/ufw/user6.rules: file.managed: - source: salt://linux-apps/user6.rules - show_changes: False ufwservice: service.running: - name: ufw - watch: - file: /etc/ufw/user6.rules - file: /etc/ufw/user.rules - file: /etc/ufw/ufw.conf
Then it configures Firefox with included files
#Firefox preferences /etc/firefox/syspref.js: file.managed: - source: salt://linux-apps/syspref.js #Add someonewhocares host list to hostfile /etc/hosts: file.managed: - source: salt://hosts - show_changes: False
In advanced installation
First it adds the custom PPA when needed. I used two different ways for this for testing purposes
nextcloud-ppa: pkgrepo.managed: - ppa: nextcloud-devs/client signal-desktop: pkgrepo.managed: - humanname: Signal-desktop PPA - name: deb https://updates.signal.org/desktop/apt xenial main - file: /etc/apt/sources.list.d/signal-xenial.list - key_url: salt://linux-advanced/keys.asc
And in the end there is just a list for apps I want to be installed.
linux-advanced: pkg.installed: - pkgs: - neofetch - keepassxc - httpie - nextcloud-client - qbittorrent - signal-desktop
An other school project where I borrowed the idea of installing local master minion. https://github.com/jisosomppi/log-analysis
My project is mostly taken inspiration from my teachers masterless installation. https://github.com/terokarvinen/sirotin