On Tue, May 12, 2020 at 05:01:33PM +0100, [email protected] wrote: > On 2020-05-11 16:11, unman wrote: > > On Mon, May 11, 2020 at 10:52:32AM -0400, Stumpy wrote: > > > On 2020-05-11 10:26, 'Ryan Tate' via qubes-users wrote: > > > > Saw the new f31 templateVM (thanks for that) and just curious how folks > > > > generally migrate to a new templateVM. > > > > > > > > I manually maintain this big text list of packages and just use that to > > > > manually update the fresh templateVM to what I need. There's typically > > > > also some non package installs, which I include basic pointers for > > > > (think downloaded rpms and so forth), as well as some outside repos to > > > > add (e.g. keybase). There's also typically some packages I forgot to put > > > > on the list, which I can usually suss out by going through the bash > > > > history for the old template, although often there's one or two that > > > > slip through the cracks, which I find out about eventually and it's not > > > > a huge deal. > > > > > > > > I'm particularly curious if anyone does anything more sophisticated than > > > > that, using salt or some other automated deploy system to prep new > > > > template images. > > > > > > > > Thanks for any tips! > > > > > > > > > > Ditto, would really be interested as well, I have a similar system but i > > > am > > > sure there are better ways to do it. > > > > > > > Salt it - if you get used to using salt, it's simple to use. > > If you want to install a package, don't open the template and install it > > there, edit the install.sls file to include the package, and run > > `qubesctl --skip-dom0 --targets=<template> state.apply install` > > > > What's the advantage of using Salt in comparison to 'qvm-run ...' commands > bundled to a script to manage template modifications? In this case you've > also a executable documentation. > What's I'm missing? >
You're missing the range and flexibility of salt. As soon as you move beyond the most basic provisioning of a system, the scripting approach starts to become a messy bundle. I used to use bash scripts, qvm-tools, sed, and STILL I'd have to go in and finish off by hand. With Salt, I build and configure templates, individual qubes. It's simple to restore a subset of my system for when I'm travelling, or rebuild complete configurations. I wouldn't go back. Of course you *can* do everything using qvm-tools in scripts, but the salt tools are cleaner and more flexible. . unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200513100514.GA8893%40thirdeyesecurity.org.
