Skip to main content
Version: Next

Deploying a Salt.Box Server (Without Internet Access)

info

This section describes the process of preparing, installing, and running Salt.Box on a server without internet access.

For deployment, you must first prepare all the necessary Docker images and local repositories with SLS templates on a computer with internet access.

This section describes the Salt.Box configuration for deployment from images, without setting up development mode.

Preparing Docker images on a computer with internet access

The standard Salt.Box Compose deployment requires an internet connection to download Docker images.
An internet connection is also used to synchronize with SLS repositories containing state files ("Config Boxes").

Standard Salt.Box Server Deployment

On a computer with internet access (hereinafter referred to as the "online host"), configure and run Salt.Box by standard manual.

The .env file and the set of included compose-files of the saltbox-compose project MUST match be the same with the target server without internet access (hereinafter referred to as the "offline server") at least in a part of connected compose-files.

Exporting Docker images

Export Docker images from the online host.
To do this, navigate to the saltbox-compose project directory and run the script:

./bin/sb-images-export.sh

This script supports the --overwrite flag, which overwrites existing local Docker images.

The images will be saved to the ./images/ directory.

caution

The saltbox-compose project may be running or stopped but not downed.

Preparing local SLS repositories

note

Preparing is optional and is required if the repository manifest contains files to download.

The required SLS repositories must be located in the ./_local-config-boxes/ directory or in the directory specified by the LOCAL_CONFIG_BOXES_PATH variable.
Therefore, you must place the repository folder in the specified directory.

Adding local repositories

note

Preparing is optional and is required if the repository manifest contains files to download.

Open the SLS Settings section in the main menu.

For each repository you want to add, follow these steps in the Salt.Box web interface:

  1. Add the repository URL in the format:
    file:///mnt/config-boxes/REPO_NAME,
    where REPO_NAME is the name of the local repository directory.
  2. Activate the repository.
  3. Click the Sync button.
  4. Wait for the synchronization to complete.

To verify successful file synchronization, run the script:

sudo ./bin/sb-exec.sh salt-run fileserver.file_list

Preparing data for transfer to an offline server

To transfer data, you need to copy the entire saltbox-compose/ directory, including:

  • images/ — exported Docker images
  • _local-config-boxes/ — local Config Boxes
  • _sshfs-storage/ — When using sshfs files
  • directories specified in the _UPDATE_AND_RUN_EXTRA_* variables (plugin directories, e.g., saltbox-metric-compose/, saltbox-inventory-compose/, saltbox-scheduler-compose/)

Deploying Salt.Box to an Offline Server

Importing Docker images

Copy the saltbox-compose/ directory, including the images/ directory, to the target offline server.
If some modules are included with the _UPDATE_AND_RUN_EXTRA_* env variables, the corresponding directories must also be copied.

Change your current working directory to saltbox-compose on the offline server.

Import the Docker images:

./bin/sb-images-import.sh

Starting Salt.Box without internet access

Run the startup script:

sudo ./bin/update_and_run.sh --no-pull

The --no-pull flag disables attempts to download images from remote registries and forces Docker compose to use only local images.

Configuring local repositories on an offline server

Open the SLS Settings section in the main menu.

For each repository you want to add, follow these steps in the Salt.Box web interface:

  1. Add the repository URL in the format:
    file:///mnt/config-boxes/REPO_NAME,
    where REPO_NAME is the name of the local repository directory.
  2. Activate the repository.
  3. Click the Sync button.
  4. Wait for the synchronization to complete.

Updating AUX files when sshfs_files section changes

Later, when Manifest sshfs_files sections of the SLS repositories are modified, the AUX files can be synced on the online host and copied to the an offline server:

  1. Sync the AUX files on the online host.
  2. Copy the updated AUX files and the corresponding checksum files from the directory specified in the SSHFS_STORAGE_PATH variable (by default, ./_sshfs-storage/ in the saltbox-compose project directory).
  3. Transfer the files to the same directory on the offline server.

Conclusion

After completing these steps, the offline Salt.Box instance will be fully functional without requiring an internet connection and will be able to use local SLS repositories and local Docker images.