- 0 Comments
- 2035 views
Welcome to CodeNameJessica
β¨ Welcome to CodeNameJessica! β¨
π» Where tech meets community.
Hello, Guest! π
You're just a few clicks away from joining an exclusive space for tech enthusiasts, problem-solvers, and lifelong learners like you.
π Why Join?
By becoming a member of CodeNameJessica, youβll get access to:
β
In-depth discussions on Linux, Security, Server Administration, Programming, and more
β
Exclusive resources, tools, and scripts for IT professionals
β
A supportive community of like-minded individuals to share ideas, solve problems, and learn together
β
Project showcases, guides, and tutorials from our members
β
Personalized profiles and direct messaging to collaborate with other techies
π Sign Up Now and Unlock Full Access!
As a guest, you're seeing just a glimpse of what we offer. Don't miss out on the complete experience! Create a free account today and start exploring everything CodeNameJessica has to offer.
CodeName Blogs
Featured Entries
- 0 Comments
- 1279 views
- 0 Comments
- 1409 views
- 0 Comments
- 1424 views
- 0 Comments
- 438 views
Our community blogs
-
by: Abhishek Prakash
Fri, 18 Jul 2025 17:00:30 +0530The AWK series continues with two more chapters. I have changed my initial plan to completely publish the AWK series in a couple of weeks. Instead, I'll go for two new chapters each week.
The good thing is that we also have an upcoming systemd series by our partner educator, and it should be published next week.
I hope you like learning from these new series πͺ
π‘Next Friday (25th July) will be Sysadmin appreciation day. Would be nice to plan something to observe this day. It's our day after all.Recent Entries
-
by: Abhishek Prakash
Thu, 17 Jul 2025 04:27:47 GMT
After Denmark and France, now we have another positive news from Europe as two major open source projects join hands to offer open source alternatives to popular enterprise tools Jira and Confluence.
Europe on a Roll: Plans Open Source Alternative to Confluence and JiraEuropean organizations are going all in for digital sovereignty with open source tools.Start of something new, something good? I sure hope so.
💬 Let's see what else you get in this edition
- Ubuntu 24.10 EOL.
- Bottles project needing help.
- Commodore making a surprise comeback.
- And other Linux news, tips, and, of course, memes!
📰 Linux and Open Source News
- Mozilla VPN is finally available on Flathub.
- Amazon's entry into the vibe coding space is here.
- Bottles needs your help to sustain development.
- Plasma Bigscreen has been revived, and it looks very promising.
- Ubuntu 24.10 has reached end-of-life; upgrade before you face issues.
Ubuntu 24.10 Reaches End of Life: Here’s What to Do NextIt’s the end of the line for Ubuntu 24.10.🧠 What We’re Thinking About
AI slop in vulnerability reports submitted to curl is becoming a big issue.
Death by a thousand slopsI have previously blogged about the relatively new trend of AI slop in vulnerability reports submitted to curl and how it hurts and exhausts us. This trend does not seem to slow down. On the contrary, it seems that we have recently not only received more AI slop but also more human slop. The latter … Continue reading Death by a thousand slops →🧮 Linux Tips, Tutorials, and More
- Learn how to use Emacs as a terminal multiplexer.
- Here are 10 beautiful fonts for your Linux terminal.
- Uncover the mystery of exit codes in Linux. It's not what you think.
- Ever had Arch gobble up 30 GB for an Electron update? I investigated it and found a fix.
And learn a few things about using the terminal in this article. You might discover something new 😄
19 Basic But Essential Linux Terminal Tips You Must KnowLearn some small, basic but often ignored things about the terminal. With the small tips, you should be able to use the terminal with slightly more efficiency.Desktop Linux is mostly neglected by the industry but loved by the community. For the past 13 years, It's FOSS has been helping people use Linux on their personal computers. And we are now facing the existential threat from AI models stealing our content.
If you like what we do and would love to support our work, please become It's FOSS Plus member. It costs $24 a year (less than the cost of a burger meal each month) and you get an ad-free reading experience with the satisfaction of helping the desktop Linux community.
👷 Homelab and Hardware Corner
Commodore is back from the dead! Well, sort of. Someone has purchased the copyrights and launching new hardware for retro computing fans.
Commodore is Back from the Dead!80s called, and they want you to know that you can pre-order the latest version of the Commodore.✨ Project Highlight
In the mood for listening to podcasts? Cozy is a nice Linux app for that.
Cozy: A Super Useful Open Source Audiobook Player for LinuxCozy makes audiobook listening easy with simple controls and an intuitive interface.📽️ Videos I am Creating for You
I explored Gradia, the new screenshot tool everyone in Linuxverse is talking about.
🧩 Quiz Time
Today we have a fun quiz that will tell you what kind of Linux distribution you are.
Which Linux Distro Are You? [Fun Quiz]You are a person, but still, you could match up with a distro.Are you good with Git? Prove it, or Git good (pun intended).
💡 Quick Handy Tip
On Dolphin file manager, you can quickly find specific files by enabling the filter bar with
Ctrl+I
or viaEdit → Filter
. Type text like .mp3 to show only matching files. Press Esc to hide the filter when done.🤣 Meme of the Week
🗓️ Tech Trivia
The German Army began using the Enigma machine on July 15, 1928, to send secret messages. It looked like a typewriter but scrambled letters into code. Years later, Alan Turing helped figure out how to break it.
🧑🤝🧑 FOSSverse Corner
One of our FOSSers is proposing a monthly call for talking about Linux from Scratch, are you interested?
Linux from Source | Who’s up For a Discussion?I’m considering the idea of possibly having a monthly meeting on Jitsi to discuss aspects of building Linux from source code. It would be somewhat similar to Linux from Scratch or BLFS. It would give members of the group a chance to talk to other people and discuss any issues they may have with building from source. Members could brainstorm what types of applications, configuration settings and/or features they would want in a custom built system. It would be an in depth way to learn more ab…As a member, you can now find sign-in link from the header menu. Makes logging in easier.
❤️ With love
Please share it with your Linux-using friends and encourage them to subscribe (hint: it's here).
Share the articles in Linux Subreddits and community forums.
Follow us on Google News and stay updated in your News feed.
Opt for It's FOSS Plus membership and support us 🙏
Enjoy FOSS 😄
Recent Entries
-
Latest entry by Blogger,
By: Edwin
Wed, 30 Apr 2025 13:08:34 +0000A lot of people want Linux but do not want to go either remove Windows or take up the overwhelming task of dual booting. For those people, WSL (Windows Subsystem for Linux) came as a blessing. WSL lets you run Linux on your Windows device without the overhead of a Virtual Machine (VM). But in some cases where you want to fix a problem or simply do not want WSL anymore, you may have to uninstall WSL from your Windows system.
Here is step-by-step guide to remove WSL from your Windows system, remove any Linux distribution, delete all related files, and clear up some disk space. Ready? Get. Set. Learn!
What is WSL
You probably knew by now that we will always start with the basics i.e., what WSL does. Think of WSL as a compatibility layer for running Linux binaries on Microsoft Windows systems. It comes in two versions:
- WSL 1: Uses a translation layer between Linux and Windows.
- WSL 2: Uses a real Linux kernel in a lightweight VM.
All around the world, WSL is a favourite among developers, system administrators, and students for running Linux tools like bash, ssh, grep, awk, and even Docker. But if you have moved to a proper Linux system or just want to do a clean reinstall, here are the instructions to remove WSL completely without any errors.
Step 1: How to Uninstall Linux Distributions
The first step to uninstall WSL completely is to remove all installed Linux distributions.
Check Installed Distros
To check for the installed Linux distributions, open PowerShell or Command Prompt and run the command:
wsl --list --all
After executing this command, you will see a list of installed distros, such as:
- Ubuntu
- Debian
- Kali
- Alpine
How to Uninstall a Linux Distro
To uninstall a distro like Ubuntu, follow these instructions:
- Press Windows key + I to open Settings window.
- Go to Apps, then click Installed Apps (or Apps & Features).
- Search for your distro and click Uninstall.
Repeat for all distros you no longer need. If you plan to uninstall WSL completely, we recommend removing all distros.
if you prefer PowerShell, run these commands
wsl --unregister <DistroName>
For example, if you want to remove Ubuntu, execute the command:
wsl --unregister Ubuntu
This removes the Linux distro and all its associated files.
Step 2: Uninstall WSL Components
Once we have removed the unwanted distros, let us uninstall the WSL platform itself.
- Open Control Panel and navigate to Programs and then click Turn Windows features on or off.
- Uncheck these boxes:
- Windows Subsystem for Linux
- Virtual Machine Platform (used by WSL 2)
- Windows Hypervisor Platform (optional)
- Click OK and restart your system.
Step 3: Remove WSL Files and Cache
Even after uninstalling WSL and Linux distributions, some data might remain. Here are the instructions to delete WSLβs cached files and reclaim disk space.
To delete the WSL Folder, open File Explorer and go to:
%USERPROFILE%\AppData\Local\Packages
Look for folders like:
- CanonicalGroupLimited…Ubuntu
- Debian…
- KaliLinux…
Delete any folders related to WSL distros you removed.
Step 4: Remove WSL CLI Tool (Optional)
If you installed WSL using the Microsoft Store (i.e., “wsl.exe” package), you can also uninstall it directly from the Installed Apps section:
- Go to Settings, and then to Apps and then open Installed Apps.
- Search for Windows Subsystem for Linux.
- Click Uninstall.
Step 5: Clean Up with Disk Cleanup Tool
Finally, use the built-in Disk Cleanup utility to clear any temporary files.
- Press “Windows key + S and search for Disk Cleanup.
- Choose your system drive (usually drive C:).
- Select options like:
- Temporary files
- System created Windows error reporting
- Delivery optimization files
- Click OK to clean up.
Bonus Section: How to Reinstall WSL (Optional)
If you are removing WSL due to issues or conflicts, you can always do a fresh reinstall.
Here is how you can install latest version of WSL via PowerShell
wsl --install
This installs WSL 2 by default, along with Ubuntu.
Wrapping Up
Uninstalling WSL may sound tricky, but by following these steps, you can completely remove Linux distributions, WSL components, and unwanted files from your system. Whether you are making space for something new or just doing some digital spring cleaning, this guide ensures that WSL is uninstalled safely and cleanly.
If you ever want to come back to the Linux world, WSL can be reinstalled with a single command, which we have covered as a precaution. Let us know if you face any errors. Happy learning!
The post Uninstall WSL: Step-by-Step Simple Guide appeared first on Unixmen.
Recent Entries
-
Latest entry by Blogger,
by: Andy Clarke
Fri, 18 Jul 2025 16:12:05 +0000A while back, our man Geoff Graham treated us to a refresher on the CSS
initial-letter
property, but how can you style drop and initial caps to reflect a brandβs visual identity and help to tell its stories?Hereβs how I do it in CSS by combining
::first-letter
andinitial-letter
with other unexpected properties, includingborder-image
, andclip-path
.Patty Meltt is an up-and-coming country music sensation. My brief: Patty Meltt is an up-and-coming country music sensation, and she needed a website to launch her new album. She wanted it to be distinctive-looking and memorable, so she called Stuff & Nonsense. Pattyβs not real, but the challenges of designing and developing sites like hers are.
First, a drop cap recap. Chris Coyier wrote about drop caps several years ago. They are a decorative letter at the beginning of a paragraph, often spanning several lines of text. Itβs a typographic flourish found in illuminated manuscripts and traditional book design, where it adds visual interest and helps guide a readerβs eye to where they should begin.
Study manuscripts from the Middle Ages onwards, and youβll find hand-decorated illuminated capitals. The artists who made these initial letters were fabulously called βilluminators.β These medieval versals went beyond showing someone where to start reading; historiated letters also illustrated the stories, which was especially useful since most people in the Middle Ages couldnβt read.
A basic drop cap On the web, drop caps can improve readability and reflect a brandβs visual identity.
A brief refresher on properties and values
In CSS, drop caps are created using the
::first-letter
pseudo-element in combination withinitial-letter
. As you might expect,::first-letter
targets the very first letter of a block of text, enabling you to style it independently from the rest of a paragraph. The first number sets how many lines tall the letter appears, and the second controls its baseline alignment β that is, which line of text the bottom of the cap sits on.p::first-letter { -webkit-initial-letter: 3 3; initial-letter: 3 3; }
Because browser support still varies, itβs common to include both the unprefixed and
-webkit-
prefixed properties for maximum compatibility. And speaking of browser support, itβs also sensible to wrap theinitial-letter
property inside an@supports
CSS at-rule so we can check for browser support and provide a fallback, if needed:@supports (initial-letter:2) or (-webkit-initial-letter:2) { p::first-letter { -webkit-initial-letter: 3 3; initial-letter: 3 3; } }
The
initial-letter
property automatically calculates the font size to match the number of lines a drop cap spans. On its own, this can make for quite a first impression. However, drop caps really start to come to life when you combineinitial-letter
with other CSS properties.Tip: Interactive examples from this article are available in my lab.
Shadows
Text shadows applied to first letters (live demo) When I want to lift a drop cap off the page, I can add a single
text-shadow
. Shadows can be colourful and donβt have to be black. I created a full live demo you can check out.p::first-letter { /* ... *// text-shadow: 6px 6px 0 #e6d5b3; }
But why use just one shadow when two hard-edged shadows will turn a cap into a classic graphic typographic element?
p::first-letter { /* ... */ text-shadow: -6px -6px 0 #7d6975, 6px 6px 0 #e6d5b3; }
Examples showing unstyled, single text shadow, and two text shadows (live demo) Strokes
A text shadow applied to a first letter (live demo) The
text-stroke
property β shorthand fortext-stroke-width
andtext-stroke-color
β adds an outline to the centre of the text shape. Itβs a Baseline feature and is now widely available. I can make the cap text transparent or colour it to match the page background.p::first-letter { /* ... */ text-stroke: 5px #e6d5b3; }
Backgrounds
Solid and gradient backgrounds applied to first letters (live demo) Adding a background is a simple way to start making a cap more decorative. I could start by adding a solid
background-color
.p::first-letter { /* ... */ background-color: #97838f; }
To add a lighting effect, I could apply a conical, linear, or radial gradient background image (hereβs a demo):
p::first-letter { /* ... */ background-color: #e6d5b3; background-image: linear-gradient(135deg,#c8b9c2 0%, #7d6975 50%); }
And even an image URL to use a bitmap or vector image as a background (and hereβs that demo):
p::first-letter { /* ... */ background-color: #e6d5b3; background-image: url(...); background-size: cover; }
Background images and a background clipped to text Things become even more interesting by clipping a bitmap, gradient, or vector background image to the text while setting its colour to
transparent
. Now, the image will only appear inside the text space (demo).p::first-letter { /* ... */ background-clip: text; color: transparent; }
Borders
Two examples of borders applied to first letters, one square and one rounded You might think borders are boring, but thereβs plenty you can do to make them look interesting. I could start by applying a solid
border
to surround the cap box (demo).p::first-letter { /* ... */ border: 5px solid #e6d5b3; }
Then, I could apply
border-radius
to slightly round all its corners (demo).p::first-letter { /* ... */ border-radius: 1rem; }
Or, I might round individual corners for a more interesting look (demo):
p::first-letter { /* ... */ border-top-left-radius: 3rem; border-bottom-right-radius: 3rem; }
A border radius applied to the first letter, where the top-left and bottom-right edges are rounded (live demo) And then thereβs the
border-image
property, a powerful, yet often overlooked CSS tool. By slicing, repeating, and outsetting images, you can create intricate borders and decorative drop caps with minimal code.A CSS border image applied to a first letter (live demo) You can insert a bitmap or vector format image, or drop a CSS gradient into the border space:
p::first-letter { /* ... */ border-style: solid; border-width: 10px; border-image: conic-gradient(...) 1; }
Clipping
Clipping first letters The
clip-path
property lets you define a custom shape that controls which parts of an element are visible and which are hidden. Instead of always showing a rectangular box, you can useclip-path
to crop elements into circles, polygons, or even complex shapes defined with SVG paths. Itβs an effective way to create visual effects like this right-facing arrow. Clipping the drop cap into an arrow shape isnβt just decorative β it reinforces direction and hierarchy, literally pointing readers to where the story begins. Hereβs a demo of the following example.p::first-letter { /* ... */ padding-inline: 1rem 2rem; background-color: #e6d5b3; clip-path: polygon(...); }
Or a glossy sticker shape cap, made by combining
clip-path
with a gradient background image and a text shadow (demo).Transforms
Two examples of transforming first letters, one rotated (demo) and one scaled (demo) You can
transform
a drop cap independently from the rest of a paragraph by rotating, scaling, skewing, or translating it to make it feel more dynamic:p::first-letter { /* ... */ margin-inline-end: 2.5em; transform: skew(20deg, 0deg); }
And with a little trial and error to arrive at the correct values, you could even flow the remaining paragraph text around the cap using the
shape-outside
property (demo):p::first-letter { /* ... */ display: block; float: left; shape-outside: polygon(0 0, 0 200px, 250px 600px); shape-margin: 50px; transform: skew(20deg, 0deg) translateX(-60px); }
Drop caps donβt just help guide a readerβs eye to where they should begin; they also set the tone for what follows. A well-designed drop cap adds visual interest at the start of a block of text, drawing attention in a way that feels intentional and designed. Because itβs often the first element the reader sees, caps can carry a lot of visual weight, making them powerful tools for expressing a brandβs identity.
Designing for Patty Meltt
Patty Meltt wanted a website packed with design details. Every element added to a design is an opportunity to be expressive, and that includes her drop caps.
Her biography page is presentable, but we felt a focus on where someone should start reading was lacking.
Patty Melttβs biography without a drop cap From the selection of designs I showed her, she felt the sticker-style cap best suited her brand.
To implement it, first, I added a cursive typeface which matches her branding and contrasts with the rest of her typographic design:
p::first-letter { font-family: "Lobster Two", sans-serif; font-weight: 700; }
I changed the cap colour to match the page background and added a semi-transparent text shadow:
p::first-letter { /* ... */ color: #140F0A; text-shadow: 6px 6px 0 rgba(163,148, 117, .8); }
Next, I clipped the cap box to a visible area shaped like a sticker:
p::first-letter { /* ... */ clip-path: polygon(...); }
…before applying two background images β a noise-filled SVG and a radial gradient β that I blended using a
background-blend-mode
:p::first-letter { /* ... */ background-image: url(img/cap-noise.svg), radial-gradient(circle, #e6d5b3 0%, #cdaa65 100%); background-blend-mode: soft-light, normal; }
Patty Melttβs biography with a stylsh new drop cap (demo) The result is a drop cap thatβs as stylish as cut-off jeans and a pair of gator-skinned boots.
Conclusion
Styling drop caps isnβt just about decoration β itβs about setting a tone, drawing readers in, and using every detail to express a brandβs voice. CSS has the tools to go beyond the default: gradients, textures, borders, and even complex shapes all help transform first letters into statements. So donβt waste the opportunities that drop caps give you. Make βem sing.
Getting Creative With Versal Letters originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.
Recent Entries
-
SaltStack (SALT): A Comprehensive Overview
SaltStack, commonly referred to as SALT, is a powerful open-source infrastructure management platform designed for scalability. Leveraging event-driven workflows, SALT provides an adaptable solution for automating configuration management, remote execution, and orchestration across diverse infrastructures.
This document offers an in-depth guide to SALT for both technical teams and business stakeholders, demystifying its features and applications.
What is SALT?
SALT is a versatile tool that serves multiple purposes in infrastructure management:
Configuration Management Tool (like Ansible, Puppet, Chef): Automates the setup and maintenance of servers and applications.
Remote Execution Engine (similar to Fabric or SSH): Executes commands on systems remotely, whether targeting a single node or thousands.
State Enforcement System: Ensures systems maintain desired configurations over time.
Event-Driven Automation Platform: Detects system changes and triggers actions in real-time.
Key Technologies:
YAML: Used for defining states and configurations in a human-readable format.
Jinja: Enables dynamic templating for YAML files.
Python: Provides extensibility through custom modules and scripts.
Supported Architectures
SALT accommodates various architectures to suit organizational needs:
Master/Minion: A centralized control model where a Salt Master manages Salt Minions to send commands and execute tasks.
Masterless: A decentralized approach using
salt-ssh
to execute tasks locally without requiring a master node.
Core Components of SALT
Component
Description
Salt Master
Central control node that manages minions, sends commands, and orchestrates infrastructure tasks.
Salt Minion
Agent installed on managed nodes that executes commands from the master.
Salt States
Declarative YAML configuration files that define desired system states (e.g., package installations).
Grains
Static metadata about a system (e.g., OS version, IP address), useful for targeting specific nodes.
Pillars
Secure, per-minion data storage for secrets and configuration details.
Runners
Python modules executed on the master to perform complex orchestration tasks.
Reactors
Event listeners that trigger actions in response to system events.
Beacons
Minion-side watchers that emit events based on system changes (e.g., file changes or CPU spikes).
Key Features of SALT
Feature
Description
Agent or Agentless
SALT can operate in agent (minion-based) or agentless (masterless) mode.
Scalability
Capable of managing tens of thousands of nodes efficiently.
Event-Driven
Reacts to real-time system changes via beacons and reactors, enabling automation at scale.
Python Extensibility
Developers can extend modules or create custom ones using Python.
Secure
Employs ZeroMQ for communication and AES encryption for data security.
Role-Based Config
Dynamically applies configurations based on server roles using grains metadata.
Granular Targeting
Targets systems using name, grains, regex, or compound filters for precise management.
Common Use Cases
SALT is widely used across industries for tasks like:
Provisioning new systems and applying base configurations.
Enforcing security policies and managing firewall rules.
Installing and enabling software packages (e.g., HTTPD, Nginx).
Scheduling and automating patching across multiple environments.
Monitoring logs and system states with automatic remediation for issues.
Managing VM and container lifecycles (e.g., Docker, LXC).
Real-World Examples
Remote Command Execution:
salt '*' test.ping
(Pings all connected systems).salt 'web*' cmd.run 'systemctl restart nginx'
(Restarts Nginx service on all web servers).
State File Example (YAML):
nginx: pkg.installed: [] service.running: - enable: True - require: - pkg: nginx
Comparing SALT to Other Tools
Feature
Salt
Ansible
Puppet
Chef
Language
YAML + Python
YAML + Jinja
Puppet DSL
Ruby DSL
Agent Required
Optional
No
Yes
Yes
Push/Pull
Both
Push
Pull
Pull
Speed
Very Fast
Medium
Medium
Medium
Scalability
High
Medium-High
Medium
Medium
Event-Driven
Yes
No
No
Limited
Security Considerations
SALT ensures secure communication and authentication:
Authentication: Uses public/private key pairs to authenticate minions.
Encryption: Communicates via ZeroMQ encrypted with AES.
Access Control: Defines granular controls using Access Control Lists (ACLs) in the Salt Master configuration.
Additional Information
For organizations seeking enhanced usability, SaltStack Config offers a graphical interface to streamline workflow management. Additionally, SALT's integration with VMware Tanzu provides advanced automation for enterprise systems.
Installation Example
On a master node (e.g., RedHat):
sudo yum install salt-master
On minion nodes:
sudo yum install salt-minion
Configure
/etc/salt/minion
with:master: your-master-hostname
Then start the minion:
sudo systemctl enable --now salt-minion
Accept the minion on the master:
sudo salt-key -L # list all keys sudo salt-key -A # accept all pending minion keys
Where to Go Next
Git-based states with gitfs
Masterless setups for container deployments
Custom modules in Python
Event-driven orchestration with beacons + reactors
Large 600+ Server Patching in 3 Regions with 3 different Environments Example
Let give an example of have 3 different environments DEV (Development), PREP (Preproduction), and PROD (Production), now let's dig a little deeper and say we have 3 different regions EUS (East US), WUS (West US), and EUR (European) and we would like these patches to be applied on changing dates, such as DEV will be patched on 3 days after the second Tuesday, PREP will be patched on 5 days after the second Tuesday, and PROD will be 5 days after the 3rd Tuesday. The final clause to this mass configuration is, we would like the patches to be applied on the Client Local Time.
In many configurations such as AUM, or JetPatch, you would need several different Maintenace Schedules or plans to create this setup. With SALT, the configuration lies inside the minion, so configuration is much more defined, and simple to manage.
Use Case Recap
You want to patch three environment groups based on local time and specific schedules:
Environment
Schedule Rule
Timezone
Dev
3rd day after 2nd Tuesday of the month
Local
PREP
5th day after 2nd Tuesday of the month
Local
Prod
5th day after 3rd Tuesday of the month
Local
Each server knows its environment via Salt grains, and the local timezone via OS or
timedatectl
.Step-by-Step Plan
Set Custom Grains for Environment & Region
Create a Python script (run daily) that:
Checks if today matches the schedule per group
If yes, uses Salt to target minions with the correct grain and run patching
Schedule this script via cron or Salt scheduler
Use Salt States to define patching
Step 1: Define Custom Grains
On each minion, configure
/etc/salt/minion.d/env_grains.conf
:grains: environment: dev # or prep, prod region: us-east # or us-west, eu-central, etc.
Then restart the minion:
sudo systemctl restart salt-minion
Verify:
salt '*' grains.items
Step 2: Salt State for Patching
Create
patching/init.sls
:update-packages: pkg.uptodate: - refresh: True - retry: attempts: 3 interval: 15 reboot-if-needed: module.run: - name: system.reboot - onlyif: 'test -f /var/run/reboot-required'
Step 3: Python Script to Orchestrate Patching
Letβs build
run_patching.py
. It:Figures out the correct date for patching
Uses
salt
CLI to run patching for each groupHandles each group in its region and timezone
#!/usr/bin/env python3 import subprocess import datetime import pytz from dateutil.relativedelta import relativedelta, TU # Define your environments and their rules envs = { "dev": {"offset": 3, "week": 2}, "prep": {"offset": 5, "week": 2}, "prod": {"offset": 5, "week": 3} } # Map environments to regions (optional) regions = { "dev": ["us-east", "us-west"], "prep": ["us-east", "eu-central"], "prod": ["us-east", "us-west", "eu-central"] } # Timezones per region region_tz = { "us-east": "America/New_York", "us-west": "America/Los_Angeles", "eu-central": "Europe/Berlin" } def calculate_patch_date(year, month, week, offset): second_tuesday = datetime.date(year, month, 1) + relativedelta(weekday=TU(week)) return second_tuesday + datetime.timedelta(days=offset) def is_today_patch_day(env, region): now = datetime.datetime.now(pytz.timezone(region_tz[region])) target_day = calculate_patch_date(now.year, now.month, envs[env]["week"], envs[env]["offset"]) return now.date() == target_day and now.hour >= desired_hour def run_salt_target(environment, region): target = f"environment:{environment} and region:{region}" print(f"Patching {target}...") subprocess.run([ "salt", "-C", target, "state.apply", "patching" ]) def main(): for env in envs: for region in regions[env]: if is_today_patch_day(env, region): run_salt_target(env, region) if __name__ == "__main__": main()
Make it executable:
chmod +x /srv/scripts/run_patching.py
Test it:
./run_patching.py
Step 4: Schedule via Cron (on Master)
Edit crontab:
crontab -e
Add daily job:
# Run daily at 6 AM UTC 0 6 * * * /srv/scripts/run_patching.py >> /var/log/salt/patching.log 2>&1
This assumes the local time logic is handled in the script using each regionβs timezone.
Security & Safety Tips
Test patching states on a few dev nodes first (
salt -G 'environment:dev' -l debug state.apply patching
)Add Slack/email notifications (Salt Reactor or Python
smtplib
)Consider dry-run support with
test=True
(inpkg.uptodate
)Use
salt-run jobs.list_jobs
to track job execution
Optional Enhancements
Use Salt Beacons + Reactors to monitor and patch in real-time
Integrate with JetPatch or Ansible for hybrid control
Add patch deferral logic for critical services
Write to a central patching log DB with job status per host
Overall Architecture
Minions:
Monitor the date/time via beacons
On patch day (based on local logic), send a custom event to the master
Master:
Reacts to that event via a reactor
Targets the sending minion and applies the
patching
state
Step-by-Step: Salt Beacon + Reactor Model
1. Define a Beacon on Each Minion
File:
/etc/salt/minion.d/patchday_beacon.conf
beacons: patchday: interval: 3600 # check every hour
This refers to a custom beacon we will define.
2. Create the Custom Beacon (on all minions)
File:
/srv/salt/_beacons/patchday.py
import datetime from dateutil.relativedelta import relativedelta, TU import pytz __virtualname__ = 'patchday' def beacon(config): ret = [] grains = __grains__ env = grains.get('environment', 'unknown') region = grains.get('region', 'unknown') # Define rules rules = { "dev": {"offset": 3, "week": 2}, "prep": {"offset": 5, "week": 2}, "prod": {"offset": 5, "week": 3} } region_tz = { "us-east": "America/New_York", "us-west": "America/Los_Angeles", "eu-central": "Europe/Berlin" } if env not in rules or region not in region_tz: return ret # invalid or missing config tz = pytz.timezone(region_tz[region]) now = datetime.datetime.now(tz) rule = rules[env] patch_day = (datetime.date(now.year, now.month, 1) + relativedelta(weekday=TU(rule["week"])) + datetime.timedelta(days=rule["offset"])) if now.date() == patch_day: ret.append({ "tag": "patch/ready", "env": env, "region": region, "datetime": now.isoformat() }) return ret
3. Sync Custom Beacon to Minions
On the master:
salt '*' saltutil.sync_beacons
Enable it:
salt '*' beacons.add patchday '{"interval": 3600}'
4. Define Reactor on the Master
File:
/etc/salt/master.d/reactor.conf
reactor: - 'patch/ready': - /srv/reactor/start_patch.sls
5. Create Reactor SLS File
File:
/srv/reactor/start_patch.sls
{% set minion_id = data['id'] %} run_patching: local.state.apply: - tgt: {{ minion_id }} - arg: - patching
This reacts to
patch/ready
event and applies thepatching
state to the calling minion.6. Testing the Full Flow
Restart the minion:
systemctl restart salt-minion
Confirm the beacon is registered:
salt '*' beacons.list
Trigger a manual test (simulate patch day by modifying date logic)
Watch events on master:
salt-run state.event pretty=True
Confirm patching applied:
salt '*' saltutil.running
7. Example:
patching/init.sls
Already shared, but here it is again for completeness:
update-packages: pkg.uptodate: - refresh: True - retry: attempts: 3 interval: 15 reboot-if-needed: module.run: - name: system.reboot - onlyif: 'test -f /var/run/reboot-required'
Benefits of This Model
Real-time and event-driven β no need for polling or external scripts
Timezone-aware, thanks to local beacon logic
Self-healing β minions signal readiness independently
Audit trail β each event is logged in Saltβs event bus
Extensible β you can easily add Slack/email alerts via additional reactors
Goal
Track patching event completions per minion
Store patch event metadata: who patched, when, result, OS, IP, environment, region, etc.
Generate readable reports in:
CSV/Excel
HTML dashboard
JSON for API or SIEM ingestion
Step 1: Customize Reactor to Log Completion
Letβs log each successful patch into a central log file or database (like SQLite or MariaDB).
Update Reactor:
/srv/reactor/start_patch.sls
Add a returner to store job status.
{% set minion_id = data['id'] %} run_patching: local.state.apply: - tgt: {{ minion_id }} - arg: - patching - kwarg: returner: local_json # You can also use 'mysql', 'elasticsearch', etc.
Configure Returner (e.g.,
local_json
)In
/etc/salt/master
:returner_dirs: - /srv/salt/returners ext_returners: local_json: file: /var/log/salt/patch_report.json
Or use a MySQL returner:
mysql.host: 'localhost' mysql.user: 'salt' mysql.pass: 'yourpassword' mysql.db: 'salt' mysql.port: 3306
Enable returners:
salt-run saltutil.sync_returners
Step 2: Normalize Patch Data (Optional Post-Processor)
If using JSON log, create a post-processing script to build reports:
process_patch_log.py
import json import csv from datetime import datetime def load_events(log_file): with open(log_file, 'r') as f: return [json.loads(line) for line in f if line.strip()] def export_csv(events, out_file): with open(out_file, 'w', newline='') as f: writer = csv.DictWriter(f, fieldnames=[ 'minion', 'date', 'environment', 'region', 'result' ]) writer.writeheader() for e in events: writer.writerow({ 'minion': e['id'], 'date': datetime.fromtimestamp(e['_stamp']).isoformat(), 'environment': e['return'].get('grains', {}).get('environment', 'unknown'), 'region': e['return'].get('grains', {}).get('region', 'unknown'), 'result': 'success' if e['success'] else 'failure' }) events = load_events('/var/log/salt/patch_report.json') export_csv(events, '/srv/reports/patching_report.csv')
Step 3: Build a Simple Web Dashboard
If you want to display reports via a browser:
π Tools:
Flask or FastAPI
Bootstrap or Chart.js
Reads JSON/CSV and renders:
Example Chart Dashboard Features:
β Last patch date per server
π Patching success rate per region/env
π΄ Highlight failed patching
π Monthly compliance timeline
Would you like a working example of that Flask dashboard? I can include the full codebase if so.
Step 4: Send Reports via Email (Optional)
π Python:
send_report_email.py
import smtplib from email.message import EmailMessage msg = EmailMessage() msg["Subject"] = "Monthly Patch Report" msg["From"] = "patchbot@example.com" msg["To"] = "it-lead@example.com" msg.set_content("Attached is the patch compliance report.") with open("/srv/reports/patching_report.csv", "rb") as f: msg.add_attachment(f.read(), maintype="text", subtype="csv", filename="patching_report.csv") with smtplib.SMTP("localhost") as s: s.send_message(msg)
Schedule that weekly or monthly with
cron
.Flask Dashboard (Patch Reporting)
app.py
from flask import Flask, render_template import csv from collections import defaultdict app = Flask(__name__) @app.route('/') def index(): results = [] success_count = defaultdict(int) fail_count = defaultdict(int) with open('/srv/reports/patching_report.csv', 'r') as f: reader = csv.DictReader(f) for row in reader: results.append(row) key = f"{row['environment']} - {row['region']}" if row['result'] == 'success': success_count[key] += 1 else: fail_count[key] += 1 summary = [ {"group": k, "success": success_count[k], "fail": fail_count[k]} for k in sorted(set(success_count) | set(fail_count)) ] return render_template('dashboard.html', results=results, summary=summary) if __name__ == '__main__': app.run(debug=True, host='0.0.0.0', port=5000)
templates/dashboard.html
<!DOCTYPE html> <html> <head> <title>Patch Compliance Dashboard</title> <style> body { font-family: Arial; padding: 20px; } table { border-collapse: collapse; width: 100%; margin-bottom: 30px; } th, td { border: 1px solid #ccc; padding: 8px; text-align: left; } th { background-color: #f4f4f4; } .fail { background-color: #fdd; } .success { background-color: #dfd; } </style> </head> <body> <h1>Patch Compliance Dashboard</h1> <h2>Summary</h2> <table> <tr><th>Group</th><th>Success</th><th>Failure</th></tr> {% for row in summary %} <tr> <td>{{ row.group }}</td> <td>{{ row.success }}</td> <td>{{ row.fail }}</td> </tr> {% endfor %} </table> <h2>Detailed Results</h2> <table> <tr><th>Minion</th><th>Date</th><th>Environment</th><th>Region</th><th>Result</th></tr> {% for row in results %} <tr class="{{ row.result }}"> <td>{{ row.minion }}</td> <td>{{ row.date }}</td> <td>{{ row.environment }}</td> <td>{{ row.region }}</td> <td>{{ row.result }}</td> </tr> {% endfor %} </table> </body> </html>
How to Use
pip install flask python app.py
Then visit
http://localhost:5000
or your serverβs IP at port 5000.Optional: SIEM/Event Forwarding
If you use Elasticsearch, Splunk, or Mezmo:
Use a returner like
es_return
,splunk_return
, or send via custom script using REST API.Normalize fields: hostname, env, os, patch time, result
Filter dashboards by compliance groupings
TL;DR: Reporting Components Checklist
Component
Purpose
Tool
JSON/DB logging
Track patch status
Returners
Post-processing script
Normalize data for business
Python
CSV/Excel export
Shareable report format
Python
csv
moduleHTML dashboard
Visualize trends/compliance
Flask, Chart.js, Bootstrap
Email automation
Notify stakeholders
smtplib
, cronSIEM/Splunk integration
Enterprise log ingestion
REST API or native returners
Recent Entries
-
No blog entries yet