Hi,
i currently try to recreate my setup with Saltstack and have a few problem & question.
This is my current problem:
/srv/user_salt/top.sls:
user:
...
dom0 or template-mullvad:
- mullvad-vpn
/srv/user_salt/mullvad-vpn/init.sls:
include:
- mullvad-vpn.template
- mullvad-vpn.config
- mullvad-vpn.install
/srv/user_salt/mullvad-vpn/template.sls:
{% if grains['id'] == 'dom0' %}
create-mullvad-vpn-qube:
qvm.clone:
- name: template-mullvad
- source: debian-12-minimal
{% endif %}
/srv/user_salt/mullvad-vpn/config.sls:
{% if grains['id'] == 'template-mullvad' %}
/usr/share/keyrings/mullvad-keyring.asc:
file.managed:
- source: salt://mullvad-vpn/files/mullvad-keyring.asc
/etc/apt/sources.list.d/mullvad.list:
file.managed:
- source: salt://mullvad-vpn-files
{% endif %}
/srv/user_salt/mullvad-vpn/install.sls
{% if grains['id'] == 'template-mullvad' %}
pkg.installed:
- name: qubes-core-agent-networking
- refresh: True
- require:
- sls: mullvad-vpn.config
pkg.installed:
- name: mullvad-vpn
- refresh: True
- require:
- sls: mullvad-vpn.config
{% endif %}
Now if i run sudo qubesctl --show-output --targets=template-mullvad state.highstate saltenv=user:
[ERROR] State 'qvm.clone' was not found in SLS 'mullvad-vpn.template' Reason: 'qvm.clone' is not available
And the mullvad vpn template is not created.
If i run sudo qubesctl --show-output --targets=template-mullvad state.highstate saltenv=base then:
[CRITICAL] Specific ext_pillar interface qvm_features is unavailable
(same line for qvm-prefs and qvm_tags)
I dont get why first the qvm modules are not found. I someone else already had the same problem so I added the entry “- /srv/user_salt” under file_roots.base-Key. However, it is still not working.
Edit: It “works” now, but only under certain circumstances:
sudo qubesctl --show-output --targets=template-mullvad state.highstateonly works every second time i run the command? One time i get an error that qvm* are not found, the second time it “works”- If it “works”, only the template is created, but:
- if i edit init.sls so that there is only
include:
- mullvad-vpn.template
- mullvad-vpn.config
Then it works, but with following errors at the end, and the output of the template-mullvad part is white, not red or green like the first part with the template generation in dom0:
/usr/lib/python3.13/site-packages/salt/client/ssh/__init__.py:1595: DeprecationWarning: 'maxsplit' is passed as positional argument
stdout = re.split(RSTR_RE, stoudt, 1)[1].strip()
[WARNING] top_file_merging_strategy is set to 'merge' and multiple top filies were found. Merging order is not deterministic, it may be desirable to either set top_file_merging_strategy to 'same' or use the 'env_order' configuration parameter to specify the erging order.
/usr/Lib/python3.13/site-packages/salt/client/ssh/__init__.py:1959: DeprecationWarning: 'maxsplit' is passed as positional argument
stdout = re.split(RSTR_RE, stdout, 1)[1].strip()
- but if i edit init.sls so that there is only
include:
- mullvad-vpn.template
- mullvad-vpn.config
- mullvad-vpn.install
Then it doesnt work at all, with the following error:
/usr/lib/python3.13/site-packages/salt/client/ssh/__init__.py:1595: DeprecationWarning: 'maxsplit' is passed as positional argument
stdout = re.split(RSTR_RE, stoudt, 1)[1].strip()
[WARNING] top_file_merging_strategy is set to 'merge' and multiple top filies were found. Merging order is not deterministic, it may be desirable to either set top_file_merging_strategy to 'same' or use the 'env_order' configuration parameter to specify the erging order.
/usr/Lib/python3.13/site-packages/salt/client/ssh/__init__.py:1959: DeprecationWarning: 'maxsplit' is passed as positional argument
[ERROR ] {'local': 'TypeError encountered executing state.highstate: list indices must be integers or slices, not str'}
