diff --git a/salt/workstation/init.sls b/salt/desktop/init.sls similarity index 80% rename from salt/workstation/init.sls rename to salt/desktop/init.sls index e270c0430..217a4777d 100644 --- a/salt/workstation/init.sls +++ b/salt/desktop/init.sls @@ -1,7 +1,7 @@ include: - - workstation.xwindows + - desktop.xwindows {# If the master is 'salt' then the minion hasn't been configured and isn't connected to the grid. #} {# We need this since the trusted-ca state uses mine data. #} {% if grains.master != 'salt' %} - - workstation.trusted-ca + - desktop.trusted-ca {% endif %} diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls new file mode 100644 index 000000000..9c3e8ccd2 --- /dev/null +++ b/salt/desktop/packages.sls @@ -0,0 +1,302 @@ +{% from 'vars/globals.map.jinja' import GLOBALS %} + +{# we only want this state to run it is CentOS #} +{% if GLOBALS.os == 'Rocky' %} + + +desktop_packages: + pkg.installed: + - pkgs: + - NetworkManager + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-team + - NetworkManager-tui + - NetworkManager-wifi + - NetworkManager-wwan + - PackageKit-gstreamer-plugin + - aajohan-comfortaa-fonts + - abattis-cantarell-fonts + - acl + - alsa-ucm + - alsa-utils + - anaconda + - anaconda-install-env-deps + - anaconda-live + - at + - attr + - audit + - authselect + - basesystem + - bash + - bash-completion + - bc + - blktrace + - bluez + - bolt + - bpftool + - bzip2 + - chkconfig + - chrony + - cinnamon + - cinnamon-control-center + - cinnamon-screensaver + - cockpit + - coreutils + - cpio + - cronie + - crontabs + - crypto-policies + - crypto-policies-scripts + - cryptsetup + - curl + - cyrus-sasl-plain + - dbus + - dejavu-sans-fonts + - dejavu-sans-mono-fonts + - dejavu-serif-fonts + - dnf + - dnf-plugins-core + - dos2unix + - dosfstools + - dracut-config-rescue + - dracut-live + - e2fsprogs + - ed + - efi-filesystem + - efibootmgr + - efivar-libs + - eom + - ethtool + - f36-backgrounds-extras-gnome + - f36-backgrounds-gnome + - f37-backgrounds-extras-gnome + - f37-backgrounds-gnome + - file + - filesystem + - firewall-config + - firewalld + - fprintd-pam + - git + - glibc + - glibc-all-langpacks + - gnome-calculator + - gnome-disk-utility + - gnome-screenshot + - gnome-system-monitor + - gnome-terminal + - gnupg2 + - google-noto-emoji-color-fonts + - google-noto-sans-cjk-ttc-fonts + - google-noto-sans-gurmukhi-fonts + - google-noto-sans-sinhala-vf-fonts + - google-noto-serif-cjk-ttc-fonts + - grub2-common + - grub2-pc-modules + - grub2-tools + - grub2-tools-efi + - grub2-tools-extra + - grub2-tools-minimal + - grubby + - gstreamer1-plugins-bad-free + - gstreamer1-plugins-good + - gstreamer1-plugins-ugly-free + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-smb + - hostname + - hyperv-daemons + - ibus-anthy + - ibus-hangul + - ibus-libpinyin + - ibus-libzhuyin + - ibus-m17n + - ibus-typing-booster + - imsettings-systemd + - initial-setup-gui + - initscripts + - initscripts-rename-device + - iproute + - iproute-tc + - iprutils + - iputils + - irqbalance + - iwl100-firmware + - iwl1000-firmware + - iwl105-firmware + - iwl135-firmware + - iwl2000-firmware + - iwl2030-firmware + - iwl3160-firmware + - iwl5000-firmware + - iwl5150-firmware + - iwl6000g2a-firmware + - iwl6000g2b-firmware + - iwl6050-firmware + - iwl7260-firmware + - jomolhari-fonts + - julietaula-montserrat-fonts + - kbd + - kernel + - kernel-modules + - kernel-modules-extra + - kernel-tools + - kexec-tools + - khmer-os-system-fonts + - kmod-kvdo + - kpatch + - kpatch-dnf + - ledmon + - less + - liberation-mono-fonts + - liberation-sans-fonts + - liberation-serif-fonts + - libertas-sd8787-firmware + - libstoragemgmt + - libsysfs + - lightdm + - linux-firmware + - logrotate + - lohit-assamese-fonts + - lohit-bengali-fonts + - lohit-devanagari-fonts + - lohit-gujarati-fonts + - lohit-kannada-fonts + - lohit-odia-fonts + - lohit-tamil-fonts + - lohit-telugu-fonts + - lshw + - lsof + - lsscsi + - lvm2 + - mailcap + - man-db + - man-pages + - mcelog + - mdadm + - memtest86+ + - metacity + - microcode_ctl + - mlocate + - mtr + - nano + - ncurses + - nemo-fileroller + - nemo-image-converter + - nemo-preview + - net-tools + - netronome-firmware + - nm-connection-editor + - nmap-ncat + - nvme-cli + - open-vm-tools-desktop + - openssh-clients + - openssh-server + - p11-kit + - paktype-naskh-basic-fonts + - parole + - parted + - passwd + - pciutils + - pinfo + - pipewire + - pipewire-alsa + - pipewire-gstreamer + - pipewire-jack-audio-connection-kit + - pipewire-pulseaudio + - pipewire-utils + - plymouth + - policycoreutils + - powerline + - ppp + - prefixdevname + - procps-ng + - psacct + - pt-sans-fonts + - python3-libselinux + - qemu-guest-agent + - quota + - realmd + - redshift-gtk + - rocky-backgrounds + - rocky-release + - rootfiles + - rpm + - rpm-plugin-audit + - rsync + - rsyslog + - rsyslog-gnutls + - rsyslog-gssapi + - rsyslog-relp + - salt-minion + - sane-backends-drivers-scanners + - selinux-policy-targeted + - setroubleshoot + - setup + - sg3_utils + - sg3_utils-libs + - shadow-utils + - sil-abyssinica-fonts + - sil-nuosu-fonts + - sil-padauk-fonts + - slick-greeter + - slick-greeter-cinnamon + - smartmontools + - smc-meera-fonts + - sos + - spice-vdagent + - sssd + - sssd-common + - sssd-kcm + - stix-fonts + - strace + - sudo + - symlinks + - syslinux + - systemd + - systemd-udev + - tar + - tcpdump + - teamd + - thai-scalable-waree-fonts + - time + - tmux + - tmux-powerline + - transmission + - tree + - tuned + - unzip + - usb_modeswitch + - usbutils + - util-linux + - util-linux-user + - vdo + - vim-enhanced + - vim-minimal + - vim-powerline + - virt-what + - wget + - which + - wireplumber + - words + - xdg-user-dirs-gtk + - xed + - xfsdump + - xfsprogs + - xreader + - yum + - zip + +{% else %} + +desktop_packages_os_fail: + test.fail_without_changes: + - comment: 'SO Analyst Workstation can only be installed on Rocky' + +{% endif %} diff --git a/salt/workstation/remove_gui.sls b/salt/desktop/remove_gui.sls similarity index 76% rename from salt/workstation/remove_gui.sls rename to salt/desktop/remove_gui.sls index 363b8c433..e66700f11 100644 --- a/salt/workstation/remove_gui.sls +++ b/salt/desktop/remove_gui.sls @@ -10,8 +10,8 @@ remove_graphical_target: - force: True {% else %} -workstation_trusted-ca_os_fail: +desktop_trusted-ca_os_fail: test.fail_without_changes: - - comment: 'SO Analyst Workstation can only be installed on CentOS' + - comment: 'SO Desktop can only be installed on Rocky' {% endif %} diff --git a/salt/workstation/trusted-ca.sls b/salt/desktop/trusted-ca.sls similarity index 97% rename from salt/workstation/trusted-ca.sls rename to salt/desktop/trusted-ca.sls index a8d48c046..0045f9cd2 100644 --- a/salt/workstation/trusted-ca.sls +++ b/salt/desktop/trusted-ca.sls @@ -29,7 +29,7 @@ update_ca_certs: {% else %} -workstation_trusted-ca_os_fail: +desktop_trusted-ca_os_fail: test.fail_without_changes: - comment: 'SO Analyst Workstation can only be installed on CentOS' diff --git a/salt/workstation/xwindows.sls b/salt/desktop/xwindows.sls similarity index 77% rename from salt/workstation/xwindows.sls rename to salt/desktop/xwindows.sls index d8fb53976..75230c532 100644 --- a/salt/workstation/xwindows.sls +++ b/salt/desktop/xwindows.sls @@ -4,7 +4,7 @@ {% if GLOBALS.os == 'Rocky' %} include: - - workstation.packages + - desktop.packages graphical_target: file.symlink: @@ -12,13 +12,12 @@ graphical_target: - target: /lib/systemd/system/graphical.target - force: True - require: - - pkg: X Window System - - pkg: graphical_extras + - desktop_packages {% else %} -workstation_xwindows_os_fail: +desktop_xwindows_os_fail: test.fail_without_changes: - - comment: 'SO Analyst Workstation can only be installed on CentOS' + - comment: 'SO Analyst Workstation can only be installed on Rocky' {% endif %} diff --git a/salt/docker/init.sls b/salt/docker/init.sls index 36530c9c3..5fa97c452 100644 --- a/salt/docker/init.sls +++ b/salt/docker/init.sls @@ -26,10 +26,10 @@ dockerheldpackages: dockerheldpackages: pkg.installed: - pkgs: - - containerd.io: 1.6.20-3.1.el9 - - docker-ce: 23.0.5-1.el9 - - docker-ce-cli: 23.0.5-1.el9 - - docker-ce-rootless-extras: 23.0.5-1.el9 + - containerd.io: 1.6.21-3.1.el9 + - docker-ce: 24.0.2-1.el9 + - docker-ce-cli: 24.0.2-1.el9 + - docker-ce-rootless-extras: 24.0.2-1.el9 - hold: True - update_holds: True {% endif %} diff --git a/salt/workstation/packages.sls b/salt/workstation/packages.sls deleted file mode 100644 index 6b9b9c689..000000000 --- a/salt/workstation/packages.sls +++ /dev/null @@ -1,62 +0,0 @@ -{% from 'vars/globals.map.jinja' import GLOBALS %} - -{# we only want this state to run it is CentOS #} -{% if GLOBALS.os == 'Rocky' %} - -xwindows_group: - pkg.group_installed: - - name: X Window System - -graphical_extras: - pkg.installed: - - pkgs: - - gnome-classic-session - - gnome-terminal - - gnome-terminal-nautilus - - control-center - - liberation-mono-fonts - - file-roller - -workstation_packages: - pkg.installed: - - pkgs: - - wget - - curl - - unzip - - gedit - - mono-core - - mono-basic - - mono-winforms - - expect - - wireshark-gnome - - dsniff - - hping3 - - netsed - - ngrep - - python36-scapy - - ssldump - - tcpdump - - tcpflow - - whois - - chromium - - libevent - - sslsplit - - perl-IO-Compress - - perl-Net-DNS - - securityonion-networkminer - - securityonion-chaosreader - - securityonion-analyst-extras - - securityonion-bittwist - - securityonion-tcpstat - - securityonion-tcptrace - - securityonion-foremost - - securityonion-strelka-oneshot - - securityonion-strelka-fileshot - -{% else %} - -workstation_packages_os_fail: - test.fail_without_changes: - - comment: 'SO Analyst Workstation can only be installed on CentOS' - -{% endif %}