{"id":19049979,"url":"https://github.com/everlag/home2","last_synced_at":"2025-11-12T10:03:25.537Z","repository":{"id":174300070,"uuid":"651358059","full_name":"Everlag/home2","owner":"Everlag","description":null,"archived":false,"fork":false,"pushed_at":"2025-01-31T05:03:23.000Z","size":259,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-31T06:17:59.988Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"SaltStack","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Everlag.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-06-09T04:22:37.000Z","updated_at":"2023-06-10T21:37:07.000Z","dependencies_parsed_at":null,"dependency_job_id":"dbe3b179-eaa5-4f41-996f-d0c8faee8e5c","html_url":"https://github.com/Everlag/home2","commit_stats":null,"previous_names":["everlag/home2"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Everlag%2Fhome2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Everlag%2Fhome2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Everlag%2Fhome2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Everlag%2Fhome2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Everlag","download_url":"https://codeload.github.com/Everlag/home2/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240106483,"owners_count":19748649,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T23:12:28.806Z","updated_at":"2025-11-12T10:03:25.470Z","avatar_url":"https://github.com/Everlag.png","language":"SaltStack","funding_links":[],"categories":[],"sub_categories":[],"readme":"TODO\nsudo salt-call --local --id=initial-setup state.apply baseline pillar='{\"SALT_ROLES\": \"nebula-ca\", \"NEBULA_HOSTNAME\": \"issuer\"}'\n\n## Preparing\n\nThere's some steps we need to execute before salt will be able to execute\n\n### prologue: proxmox\n\nIF and only if you're running this on proxmox; drop the licensed repo and adopt the regular\n\n```bash\nrm /etc/apt/sources.list.d/pve-enterprise.list\necho \"deb [arch=amd64] http://download.proxmox.com/debian/pve bullseye pve-no-subscription\" \u003e /etc/apt/sources.list.d/pve-install-repo.list\n```\n\n### general\n\nThen the remaining dependencies before we install the minion\n\n```bash\nsudo apt update \u0026\u0026 sudo apt -y upgrade \u0026\u0026 sudo apt install -y curl build-essential dkms\n# IF non-proxmox\n#sudo apt install linux-headers-$(uname -r)\n# else, if proxmox\n#sudo apt install pve-headers\n\n# if virtualbox\n# sudo apt install libxt6 libxmu6\n# THEN install guest additions following normal mount + run VBoxLinuxAdditions.run\n\n# install salt minion(edafults to only minion, not master)\ncurl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io \u0026\u0026 chmod +x bootstrap-salt.sh \u0026\u0026 sudo ./bootstrap-salt.sh -P onedir\n\n# ensure minion running\nsudo systemctl status salt-minion\n```\n\n### salt\n\nPrior to this working, get the contents of the salt directory to `/srv/salt`, probably with a symlink.\n\n**Confirm /srv/salt has this README.md within before proceeding**\n\nNote: we use the minion id in a hacky manner\n\nFirst, initialize our salt minion file with the desired roles.\nCheck the `top.sls` file to see what roles a given server should have.\n\n```bash\n# apply critical dependency including minion config\n#\n# NOTE: the SALT_ROLES here controls what states will be applied\n# and how that state will be rendered(ie, for nebula config if applicable)\nsudo salt-call --local --id=initial-setup state.apply baseline pillar='{\"SALT_ROLES\": \"role1 role2 role3\", \"NEBULA_HOSTNAME\": \"$NEBULA_HOSTNAME\"}\n```\n\n```bash\n\n# Highstate all configuration\n\nsudo salt-call --local state.apply\n\n# Present depending on enabled roles.\n./install_extensions.sh # created by vscode state\n./load_x_preferences.sh # created by comfort state\n```\n\nFor docker support\n\n```bash\n# docker fun flakiness, requires manual execution and maybe multiple retries\nsudo salt-call --local state.apply.apply docker\n```\n\nThen reboot and get into a graphical env using\n\n```bash\nstartx\n```\n\n# Initializing a VM base template\n\nProxmox base templates are easy to initialize; this generates an image that has salt-minion installed and the `baseline` state having been run.\n\n1. boot up a debian image(11 is a known good version) as a fresh VM\n1. run `vm/initialize_base_image.sh` within the fresh VM\n1. shutdown and create template\n\n# nebula\n\nTo execute nebula-related states, you need a pillar at `/srv/pillar` that contains a list of ip:port pairs for lighthouse-related contents.\n\nThe recommendation is to keep these as a separate git repo, clone it separately, and then\n\n```bash\nln -s /media/pillar /srv/pillar\n```\n\nie\n\n```yaml\nnebula_external_ips:\n  \"lighthouse-do\": 1.2.3.4:4242\n```\n\n# Individual host setup\n\n## 1m1 - vm host\n\n```bash\nsalt-call --local --id initial-setup state.apply baseline pillar='{\"SALT_ROLES\": \"nebula-node vm-ui docker\", \"NEBULA_HOSTNAME\": \"1m1\" }'\nsalt-call --local state.apply\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feverlag%2Fhome2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feverlag%2Fhome2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feverlag%2Fhome2/lists"}