From 727f4c66ad75434688c1a5d2854597720fa0639e Mon Sep 17 00:00:00 2001
From: Jacob Coffee <jacob@z7x.org>
Date: Tue, 16 Jul 2024 09:14:08 -0500
Subject: [PATCH] feat: base support for noble (#382)

---
 dockerfiles/Dockerfile.noble        | 55 +++++++++++++++++++++++++++++
 salt/base/config/sources.list.jinja |  3 ++
 salt/base/repo.sls                  |  2 +-
 salt/base/salt.sls                  | 11 ++++--
 salt/nginx/init.sls                 |  2 +-
 salt/postgresql/base/init.sls       |  2 +-
 6 files changed, 69 insertions(+), 6 deletions(-)
 create mode 100644 dockerfiles/Dockerfile.noble

diff --git a/dockerfiles/Dockerfile.noble b/dockerfiles/Dockerfile.noble
new file mode 100644
index 00000000..944a0d47
--- /dev/null
+++ b/dockerfiles/Dockerfile.noble
@@ -0,0 +1,55 @@
+# Docker image to use with Vagrant
+# Aims to be as similar to normal Vagrant usage as possible
+# Adds SSH daemon, Systemd
+# Adapted from https://github.com/BashtonLtd/docker-vagrant-images/blob/master/ubuntu1404/Dockerfile
+
+FROM ubuntu:24.04
+ENV container docker
+
+RUN ln -snf /usr/share/zoneinfo/UTC /etc/localtime && echo $TZ > /etc/timezone
+
+RUN apt-get update -y && apt-get dist-upgrade -y
+
+# Install system dependencies, you may not need all of these
+RUN apt-get install -y --no-install-recommends ssh sudo libffi-dev systemd openssh-client wget gnupg-utils gnupg apt-utils ca-certificates dbus locales cron dialog rsyslog iproute2 logrotate
+
+RUN locale-gen en_US.UTF-8
+COPY ./etc/locale.conf /etc/locale.conf
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+
+COPY ./etc/ssl/private/dhparams.pem /etc/ssl/private/dhparams.pem
+
+# Install Vim
+RUN apt-get install -y vim
+
+# Needed to run systemd
+# VOLUME [ "/sys/fs/cgroup" ]
+# Doesn't appear to be necessary? See comments
+
+# Add vagrant user and key for SSH
+RUN useradd --create-home -s /bin/bash vagrant
+RUN echo -n 'vagrant:vagrant' | chpasswd
+RUN echo 'vagrant ALL = NOPASSWD: ALL' > /etc/sudoers.d/vagrant
+RUN chmod 440 /etc/sudoers.d/vagrant
+RUN mkdir -p /home/vagrant/.ssh
+RUN chmod 700 /home/vagrant/.ssh
+RUN echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ==" > /home/vagrant/.ssh/authorized_keys
+RUN chmod 600 /home/vagrant/.ssh/authorized_keys
+RUN chown -R vagrant:vagrant /home/vagrant/.ssh
+RUN sed -i -e 's/Defaults.*requiretty/#&/' /etc/sudoers
+RUN sed -i -e 's/\(UsePAM \)yes/\1 no/' /etc/ssh/sshd_config
+
+# Start SSH
+RUN mkdir /var/run/sshd
+EXPOSE 22
+RUN /usr/sbin/sshd
+
+# Setup Salt Common
+RUN wget --quiet -O /etc/apt/keyrings/salt-archive-keyring.gpg https://repo.saltproject.io/salt/py3/ubuntu/24.04/$(dpkg --print-architecture)/SALT-PROJECT-GPG-PUBKEY-2023.gpg
+RUN echo "deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=$(dpkg --print-architecture)] https://repo.saltproject.io/salt/py3/ubuntu/24.04/$(dpkg --print-architecture)/3007 noble main" > /etc/apt/sources.list.d/saltstack.list
+RUN apt-get update -y && apt-get install -y --no-install-recommends salt-minion
+
+# Start Systemd (systemctl)
+CMD ["/lib/systemd/systemd"]
diff --git a/salt/base/config/sources.list.jinja b/salt/base/config/sources.list.jinja
index 5146671e..a0bb4474 100644
--- a/salt/base/config/sources.list.jinja
+++ b/salt/base/config/sources.list.jinja
@@ -4,6 +4,8 @@
 {% set base_repo = "us.archive.ubuntu.com/ubuntu/" %}
 {% endif %}
 
+{# 24.04 Noble is the first to use /etc/apt/sources.list.d/ubuntu.list instead of 'sources.list' #}
+{% if grains["oscodename"] != "noble" %}
 ###### Ubuntu Main Repos
 deb http://{{ base_repo }} {{ grains["oscodename"] }} main restricted universe
 deb-src http://{{ base_repo }} {{ grains["oscodename"] }} main restricted universe
@@ -13,3 +15,4 @@ deb http://{{ base_repo }} {{ grains["oscodename"] }}-security main restricted u
 deb http://{{ base_repo }} {{ grains["oscodename"] }}-updates main restricted universe
 deb-src http://{{ base_repo }} {{ grains["oscodename"] }}-security main restricted universe
 deb-src http://{{ base_repo }} {{ grains["oscodename"] }}-updates main restricted universe
+{% endif %}
\ No newline at end of file
diff --git a/salt/base/repo.sls b/salt/base/repo.sls
index 6255ff3a..a646f554 100644
--- a/salt/base/repo.sls
+++ b/salt/base/repo.sls
@@ -1,4 +1,4 @@
-{% if grains["oscodename"] == "jammy" %}
+{% if grains["oscodename"] in ["jammy", "noble"] %}
 psfkey:
   file.managed:
     - name: /etc/apt/keyrings/packagecloud.asc
diff --git a/salt/base/salt.sls b/salt/base/salt.sls
index ce1ff262..e0ea8571 100644
--- a/salt/base/salt.sls
+++ b/salt/base/salt.sls
@@ -7,7 +7,7 @@ python-msgpack:
   pkg.latest:
     - name: python3-msgpack
 
-{% elif grains["oscodename"] == "jammy" %}
+{% elif grains["oscodename"] in ["jammy", "noble"] %}
 python-requests:
   pkg.latest:
     - name: python3-requests
@@ -28,17 +28,22 @@ python3-pip:
   pkg.latest
 
 {% if grains["os"] == "Ubuntu" %}
-salt-2018.3:
+salt-repo:
   pkgrepo.managed:
     - humanname: repo.saltstack.org
     {% if grains["oscodename"] == "focal" %}
     - name: deb https://archive.repo.saltproject.io/py3/ubuntu/20.04/{{ grains["osarch"] }}/archive/3004 focal main
     - key_url: https://archive.repo.saltproject.io/py3/ubuntu/20.04/{{ grains["osarch"] }}/archive/3004/salt-archive-keyring.gpg
     {% elif grains["oscodename"] == "jammy" %}
-    - name: deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch={{ grains["osarch"] }}] https://repo.saltproject.io/salt/py3/ubuntu/22.04/{{ grains["osarch"] }}/latest jammy main
+    - name: deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch={{ grains["osarch"] }}] https://repo.saltproject.io/salt/py3/ubuntu/22.04/{{ grains["osarch"] }}/3007 jammy main
     - file: /etc/apt/sources.list.d/salt.list
     - key_url: https://repo.saltproject.io/salt/py3/ubuntu/22.04/{{ grains["osarch"] }}/SALT-PROJECT-GPG-PUBKEY-2023.gpg
     - aptkey: False
+    {% elif grains["oscodename"] == "noble" %}
+    - name: deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch={{ grains["osarch"] }}] https://repo.saltproject.io/salt/py3/ubuntu/24.04/{{ grains["osarch"] }}/3007 noble main
+    - file: /etc/apt/sources.list.d/salt.list
+    - key_url: https://repo.saltproject.io/salt/py3/ubuntu/24.04/{{ grains["osarch"] }}/SALT-PROJECT-GPG-PUBKEY-2023.gpg
+    - aptkey: False
     {% else %}
     - name: deb http://archive.repo.saltstack.com/py3/ubuntu/{{ grains["osrelease"] }}/{{ grains["osarch"] }}/2018.3 {{ grains["oscodename"] }} main
     - key_url: https://archive.repo.saltstack.com/py3/ubuntu/18.04/amd64/2018.3/SALTSTACK-GPG-KEY.pub
diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
index 158dddd5..efe105e5 100644
--- a/salt/nginx/init.sls
+++ b/salt/nginx/init.sls
@@ -1,4 +1,4 @@
-{% if grains["oscodename"] == "jammy" %}
+{% if grains["oscodename"] in ["jammy", "noble"] %}
 nginxkey:
   file.managed:
     - name: /etc/apt/keyrings/nginx.asc
diff --git a/salt/postgresql/base/init.sls b/salt/postgresql/base/init.sls
index 665cf4e7..790ebe4a 100644
--- a/salt/postgresql/base/init.sls
+++ b/salt/postgresql/base/init.sls
@@ -1,4 +1,4 @@
-{% if grains["oscodename"] == "jammy" %}
+{% if grains["oscodename"] in ["jammy", "noble"] %}
 postgresql-key:
   file.managed:
     - name: /etc/apt/keyrings/postgresql.asc