install_qubes

scripts/install_qubes/README.md

@@ -0,0 +1,412 @@
+# Haveno on Qubes/Whonix
+
+## **Conventions:**
+
++ \# – Requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
+
++ $ or % – Requires given linux commands to be executed as a regular non-privileged user
+
+
+## **Maker vs. Taker Use-Cases:**
++ If user plans to run Haveno for short periods, dynamic onion configuration might fit within their threat model
+> For the purpose of this workshop, let’s call this the "taker" use-case
+
++ If user plans to run Haveno 24/7, using a static onion configuration might be more desirable
+> For the purpose of this workshop, let’s call this the "maker" use-case.
+
+<p style="text-align: center;"><em>ONLY Perform the Steps Required for One Use-Case</em></p>
+
+<p style="text-align: center;"><em>OR</em></p>
+
+<p style="text-align: center;"><em>Adjust the Steps to Provide Both</em></p>
+
+	IE:
+	Create haveno-template-dynamic as well as haveno-template-static
+
+                                  &
+
+	Create sys-haveno-dynamic as well as sys-haveno-static and adjust NetVM for the haveno AppVM as necessary.
+
+## **Installation (Scripted + GUI + CLI):**
+### *Create & Start Haveno TemplateVM:*
+#### Scripted
+##### In `dom0`:
+
+```shell
+$ mkdir -p /tmp/haveno && qvm-run -p dispXXXX 'cat /tmp/haveno/0.0-dom0.sh' > /tmp/haveno/0.0-dom0.sh
+$ bash /tmp/haveno/0.0-dom0.sh
+```
+#### GUI
+##### Via `Qubes Manager`:
+
++ Locate & highlight whonix-workstation-17 (TemplateVM)
+
++ Right-Click "whonix-workstation-17" and select "Clone qube" from Drop-Down
+
++ Enter "haveno-template" in "Name"
+
++ Click OK Button
+
++ Highlight "haveno-template" (TemplateVM)
+
++ Click "Start/Resume" Button
+
+#### CLI
+##### In `dom0`:
+
+```shell
+$ qvm-clone whonix-workstation-17 haveno-template && qvm-start haveno-template
+```
+
+
+### *Build Haveno TemplateVM:*
+#### Scripted
+##### In `dispXXXX` AppVM:
+
+```shell
+% qvm-copy /tmp/haveno/1.0-haveno-templatevm_taker.sh
+```
+
++ Select "haveno-template" for "Target" of Pop-Up
+
++ Click OK
+
+##### In `haveno-template` TemplateVM:
+```shell
+% sudo zsh QubesIncoming/dispXXXX/1.0-haveno-templatevm_taker.sh "PACKAGE_ARCHIVE_URL" "PACKAGE_PGP_FINGERPRINT"
+```
+
+<p style="text-align: center;">Example:</p>
+
+```shell
+$ sudo zsh QubesIncoming/dispXXXX/1.0-haveno-templatevm_taker.sh "https://github.com/retoaccess1/haveno-reto/releases/download/v1.0.18/haveno-linux-deb.zip" "DAA24D878B8D36C90120A897CA02DAC12DAE2D0F"
+```
+
+#### CLI
+##### In `haveno-template` TemplateVM:
+###### Install Dependancies:
+```shell
+# apt install -y wget
+```
+(While not a strict dependancy, `wget` is used inorder to provide continuity with the Haveno of Tails solution)
+
+
+###### Download & Import Project PGP Key:
+```shell
+# export https_proxy=http://127.0.0.1:8082
+# export KEY_SEARCH="PACKAGE_PGP_FINGERPRINT"
+```
+
+<p style="text-align: center;">Example:</p>
+
+```shell
+# export KEY_SEARCH="FAA24D878B8D36C90120A897CA02DAC12DAE2D0F"
+# curl -sL "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x$KEY_SEARCH" | gpg –import
+```
+
+###### Download Release Files:
+```shell
+# export https_proxy=http://127.0.0.1:8082
+# curl -sSLo /tmp/hashes.txt https://github.com/haveno/example/releases/download/v1.0.18/1.0.18-hashes.txt
+# curl -sSLo /tmp/hashes.txt.sig https://github.com/haveno/example/releases/download/v1.0.18/1.0.18-hashes.txt.sig
+# curl -sSLo /tmp/haveno.zip https://github.com/haveno/example/releases/download/v1.0.18/haveno_amd64_deb-latest.zip
+# curl -sSLo /tmp/haveno.zip.sig https://github.com/haveno/example/releases/download/v1.0.18/haveno_amd64_deb-latest.zip.sig
+```
+
+Note:
+<p style="text-align: center;"><em>Above are dummy URLS which MUST be replaced with actual working URLs</em></p>
+
+###### Verify Release Files:
+```shell
+# if [[ $(gpg --digest-algo SHA256 --verify /tmp/hashes.txt.sig /tmp/hashes.txt 2>&1) =~ 'Good signature' ]]; then printf $'SHASUM file has a VALID signature!\n'; else printf $'SHASUMS failed signature check\n' && exit; fi
+```
+
+###### Verify Hash, Unpack & Install Package:
+```shell
+# if [[ $(cat /tmp/hashes.txt) =~ $(sha512sum /tmp/haveno*.zip | awk '{ print $1 }') ]] ; then printf $'SHA Hash IS valid!\n' && mkdir -p /usr/share/desktop-directories && cd /tmp && unzip /tmp/haveno*.zip && apt install -y /tmp/haveno*.deb && chown -R $(ls /home):$(ls /home) /opt/haveno; else printf $'WARNING: Bad Hash!\n' && exit; fi
+```
+
+
+###### Verify Jar:
+```shell
+# if [[ $(cat /tmp/desktop*.SHA-256) =~ $(sha256sum /opt/haveno/lib/app/desktop*.jar | awk '{ print $1 }') ]] ; then printf $'SHA Hash IS valid!\n' && printf 'Happy trading!\n'; else printf $'WARNING: Bad Hash!\n' && exit; fi
+```
+
+### **Create & Start Haveno NetVM**:
+#### Scripted
+##### In `dom0`:
+```shell
+$ mkdir -p /tmp/haveno && qvm-run -p dispXXXX 'cat /tmp/haveno/0.0-dom1.sh' > /tmp/haveno/0.1-dom0.sh
+$ bash /tmp/haveno/0.1-dom0.sh
+```
+
+#### GUI
+##### Via `Qubes Manager`:
+
++ Click "New qube" Button
+
++ Enter "sys-haveno" for "Name and label"
+
++ Click the Button Beside "Name and label" and Select "orange"
+
++ Select "whonix-gateway-17" from "Template" Drop-Down
+
++ Select "sys-firewall" from "Networking" Drop-Down
+
++ Tick "Launch settings after creation" Radio-Box
+
++ Click OK
+
++ Click "Advanced" Tab
+
++ Enter "51" for "Initial memory"
+
+<p style="text-align: center;"><em>(Within reason, can adjust to personal preference)</em></p>
+
++ Enter "512" for "Max memory"
+
+<p style="text-align: center;"><em>(Within reason, can adjust to personal preference)</em></p>
+
++ Tick "Provides network" Radio-Box
+
++ Click "Apply" Button
+
++ Click "OK" Button
+
++ Click "Start/Resume" Button
+
+#### CLI
+##### In `dom0`:
+```shell
+$ qvm-create --template whonix-gateway-17 --class AppVM --label=orange --property memory=512 --property maxmem=512 --property netvm=sys-firewall --property provides_network=true sys-haveno
+```
+
+### **Build Haveno NetVM:**
+#### Scripted (Taker)
+##### In `dispXXXX` AppVM:
+```shell
+$ qvm-copy 2.0-haveno-netvm_taker.sh
+```
+
++ Select "sys-haveno" for "Target" Within Pop-Up
+
++ Click "OK" Button
+
+##### In `sys-haveno` NetVM:
+```shell
+% sudo zsh QubesIncoming/dev/2.0-haveno-netvm_taker.sh
+```
+
+#### CLI (Taker)
+##### In `sys-haveno` NetVM:
+###### *Add Taker onion-grater Profile*:
+```shell
+# onion-grater-add 40_bisq
+# poweroff
+```
+
+<p style="text-align: center;">Note:</p>
+<p style="text-align: center;"><em>This works because the profile is already available by default via the onion-grater package while, haveno and bisq share the same default port of 9999</em></p>
+
+#### Scripted (Maker)
+##### In `dispXXXX` AppVM:
+```shell
+$ qvm-copy 2.0-haveno-netvm_maker.sh
+```
++ Select "sys-haveno" for "Target" of Pop-Up
+
++ Click OK
+
+##### In `sys-haveno` NetVM:
+```shell
+% sudo zsh QubesIncoming/dispXXXX/2.0-haveno-netvm_maker.sh "$HAVENO_APPVM_IP"
+```
+
+#### CLI (Maker)
+##### In `sys-haveno` NetVM:
+###### Prepare Maker Hidden Service:
+```shell
+# printf "\nConnectionPadding 1\nHiddenServiceDir /var/lib/tor/haveno-dex/\nHiddenServicePort 9999 $HAVENO_APPVM_IP:9999\n\n" >> /usr/local/etc/torrc.d/50_user.conf
+```
+
+###### View & Verify Change:
+```shell
+# tail /usr/local/etc/torrc.d/50_user.conf
+```
+
+<p style="text-align: center;"><b>Confirm output contains exactly:</b></p>
+
+>		ConnectionPadding 1
+>		HiddenServiceDir /var/lib/tor/haveno-dex/
+>		HiddenServicePort 9999 $HAVENO_APPVM_IP:9999
+
+
+### **Create & Start Haveno AppVM**:
+#### Scripted
+##### In `dom0`:
+```shell
+$ mkdir -p /tmp/haveno && qvm-run -p dispXXXX 'cat /tmp/haveno/0.2-dom0.sh' > /tmp/haveno/0.2-dom0.sh
+$ bash /tmp/haveno/0.2-dom0.sh
+```
+#### GUI
+##### Via `Qubes Manager`:
+
++ Click "New qube" Button
+
++ Enter "haveno" for "Name and label"
+
++ Click the Button Beside "Name and label" and Select "orange"
+
++ Select "haveno-template" from "Template" Drop-Down
+
++ Select "sys-haveno" from "Networking" Drop-Down
+
++ Tick "Launch settings after creation" Radio-Box
+
++ Click OK
+
++ Click "Advanced" Tab
+
++ Enter "2048" for "Initial memory"
+
+<p style="text-align: center;"><em>(Within reason, can adjust to personal preference)</em></p>
+
++ Enter "4096" for "Max memory"
+
+<p style="text-align: center;"><em>(Within reason, can adjust to personal preference)</em></p>
+
++ Click "<<" Button
+
++ Highlight "Haveno" Under "Available"
+
++ Click ">" Button
+
++ Click "Apply" Button
+
++ Click "OK" Button
+
++ Click "Start/Resume" Button
+
+#### CLI
+##### In `dom0`:
+```shell
+$ qvm-create --template haveno-template --class AppVM --label=orange --property memory=2048 --property maxmem=4096 --property netvm=sys-haveno haveno
+$ printf 'haveno-Haveno.desktop' | qvm-appmenus --set-whitelist – haveno
+```
+
+### **Build Haveno AppVM**:
+#### Scripted (Taker)
+##### In `dispXXXX` AppVM:
+```shell
+$ qvm-copy /tmp/haveno/3.0-haveno-appvm_taker.sh
+```
+
++ Select "haveno" for "Target" of Pop-Up
+
++ Click OK
+
+##### In `haveno` AppVM:
+```shell
+% sudo zsh QubesIncoming/dispXXXX/3.0-haveno-appvm_taker.sh
+```
+#### CLI (Taker)
+##### In `haveno` AppVM:
+###### Prepare Firewall Settings
+```shell
+# printf "\n# Prepare Local FW Settings\nmkdir -p /usr/local/etc/whonix_firewall.d\n" >> /rw/config/rc.local
+# printf "\n# Poke FW\nprintf \"EXTERNAL_OPEN_PORTS+=\\\\\" 9999 \\\\\"\\\n\" | tee /usr/local/etc/whonix_firewall.d/50_user.conf\n" >> /rw/config/rc.local
+# printf "\n# Restart FW\nwhonix_firewall\n\n" >> /rw/config/rc.local
+```
+###### View & Verify Change:
+<p style="text-align: center;"><b>Confirm output contains exactly:</b></p>
+
+>		# Poke FW
+>		printf "EXTERNAL_OPEN_PORTS+=" 9999 "\n" | tee /usr/local/etc/whonix_firewall.d/50_user.conf
+>
+>		# Restart FW
+>		whonix_firewall
+
+```shell
+# tail /rw/config/rc.local
+# poweroff
+```
+#### Scripted (Maker)
+##### In `dispXXXX` AppVM:
+```shell
+$ qvm-copy /tmp/haveno/3.1-haveno-appvm_maker.sh "$HAVENO_NETVM_ONION_ADDRESS"
+```
+
++ Select "haveno" for "Target" of Pop-Up
+
++ Click OK
+
+##### In `haveno`:
+```shell
+% sudo zsh QubesIncoming/dispXXXX/3.0-haveno-appvm_maker.sh
+```
+#### CLI (Maker)
+##### In `haveno` AppVM:
+###### Prepare Maker Hidden Service
+```shell
+# printf "\nConnectionPadding 1\nHiddenServiceDir /var/lib/tor/haveno-dex/\nHiddenServicePort 9999 haveno:9999\n\n" >> /usr/local/etc/torrc.d/50_user.conf
+```
+
+###### View & Verify Change
+<p style="text-align: center;"><b>Confirm output contains exactly:</b></p>
+
+>		## Haveno-DEX
+>		ConnectionPadding 1
+>		HiddenServiceDir /var/lib/tor/haveno-dex/
+>		HiddenServicePort 9999 haveno:9999
+
+```shell
+# tail /usr/local/etc/torrc.d/50_user.conf
+# poweroff
+```
+
+### **Remove Haveno AppVM, TemplateVM & NetVM:**
+#### Scripted
+##### In `dom0`:
+```shell
+$ mkdir -p /tmp/haveno && qvm-run -p dispXXXX 'cat /tmp/haveno/0.3-dom0.sh' > /tmp/haveno/0.3-dom0.sh
+$ bash /tmp/haveno/0.3-dom0.sh
+```
+#### GUI
+##### Via `Qubes Manager`:
+
++ Highlight "haveno" (AppVM)
+
++ Click "Delete qube"
+
++ Enter "haveno"
+
++ Click "OK" Button
+
++ Highlight "haveno-template" (TemplateVM)
+
++ Click "Delete qube"
+
++ Enter "haveno-template"
+
++ Click "OK" Button
+
++ Highlight "sys-haveno" (NetVM)
+
++ Click "Delete qube"
+
++ Enter "sys-haveno"
+
++ Click "OK" Button
+
+#### CLI
+##### In `dom0`:
+```shell
+$ qvm-shutdown --force haveno haveno-template sys-haveno && qvm-remove haveno haveno-template sys-haveno
+```
+
+
+## *If this helped you, you know what to do*:
+### **XMR**:
+
+***85mRPDHW9SuGTDUoMJvt9W4u16Yp1j1SFDrcbfKH2vP1b59nZ62aKVqjfLoyxXrMZYMkNBGzAsuvCCDHPo4AHGx4K8Zmet6***
+

scripts/install_qubes/scripts/0.0-dom0.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## ./haveno-on-qubes/scripts/0.0-dom0.sh
+
+## Create & Start Haveno TemplateVM:
+qvm-clone whonix-workstation-17 haveno-template && qvm-start haveno-template
+

scripts/install_qubes/scripts/0.1-dom0.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## ./haveno-on-qubes/scripts/0.1-dom0.sh
+
+## Create Haveno NetVM:
+qvm-create --template whonix-gateway-17 --class AppVM --label=orange --property memory=512 --property maxmem=512 --property netvm=sys-firewall sys-haveno && qvm-start sys-haveno
+

scripts/install_qubes/scripts/0.2-dom0.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+## ./haveno-on-qubes/scripts/0.2-dom0.sh
+
+## Create Haveno AppVM:
+qvm-create --template haveno-template --class AppVM --label=orange --property memory=2048 --property maxmem=4096 --property netvm=sys-haveno haveno && qvm-start haveno-template
+printf 'haveno-Haveno.desktop' | qvm-appmenus --set-whitelist - haveno
+

scripts/install_qubes/scripts/0.3-dom0.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## ./haveno-on-qubes/scripts/0.3-dom0.sh
+
+## Remove Haveno GuestVMs
+qvm-shutdown --force haveno haveno-template sys-haveno && qvm-remove haveno haveno-template sys-haveno
+

scripts/install_qubes/scripts/1.0-haveno-templatevm.sh

@@ -0,0 +1,124 @@
+#!/bin/zsh
+## ./haveno-on-qubes/scripts/1.1-haveno-templatevm_maker.sh
+
+if [[ $# -ne 2 ]] ; then
+    printf "\nNo arguments provided!\n\nThis script requires two arguments to by provided:\nBinary URL & PGP Fingerprint\n\nPlease review documentation and try again.\n\nExiting now ...\n"
+    exit 1
+fi
+
+
+## Update & Upgrade
+apt update && apt upgrade -y
+
+
+## Install wget
+apt install -y wget
+
+
+## Function to print messages in blue:
+echo_blue() {
+  echo -e "\033[1;34m$1\033[0m"
+}
+
+
+# Function to print error messages in red:
+echo_red() {
+  echo -e "\033[0;31m$1\033[0m"
+}
+
+
+## Sweep for old release files
+rm *.asc desktop-*-SNAPSHOT-all.jar.SHA-256 haveno*
+
+
+## Define URL & PGP Fingerprint etc. vars:
+user_url=$1
+base_url=$(printf ${user_url} | awk -F'/' -v OFS='/' '{$NF=""}1')
+expected_fingerprint=$2
+binary_filename=$(awk -F'/' '{ print $NF }' <<< "$user_url")
+package_filename="haveno.deb"
+signature_filename="${binary_filename}.sig"
+key_filename="$(printf "$expected_fingerprint" | tr -d ' ' | sed -E 's/.*(................)/\1/' )".asc
+wget_flags="--tries=10 --timeout=10 --waitretry=5 --retry-connrefused --show-progress"
+
+
+## Debug:
+printf "\nUser URL=$user_url\n"
+printf "\nBase URL=$base_url\n"
+printf "\nFingerprint=$expected_fingerprint\n"
+printf "\nBinary Name=$binary_filename\n"
+printf "\nPackage Name=$package_filename\n"
+printf "\nSig Filename=$signature_filename\n"
+printf "\nKey Filename=$key_filename\n"
+
+
+## Configure for tinyproxy:
+export https_proxy=http://127.0.0.1:8082
+
+
+## Download Haveno binary:
+echo_blue "Downloading Haveno from URL provided ..."
+wget "${wget_flags}" -cq "${user_url}" || { echo_red "Failed to download Haveno binary."; exit 1; }
+
+
+## Download Haveno signature file:
+echo_blue "Downloading Haveno signature ..."
+wget "${wget_flags}" -cq "${base_url}""${signature_filename}" || { echo_red "Failed to download Haveno signature."; exit 1; }
+
+
+## Download the GPG key:
+echo_blue "Downloading signing GPG key ..."
+wget "${wget_flags}" -cqO "${key_filename}" "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x$(echo "$expected_fingerprint" | tr -d ' ')" || { echo_red "Failed to download GPG key."; exit 1; }
+
+
+## Import the GPG key:
+echo_blue "Importing the GPG key ..."
+gpg --import "${key_filename}" || { echo_red "Failed to import GPG key."; exit 1; }
+
+
+## Extract imported fingerprints:
+imported_fingerprints=$(gpg --with-colons --fingerprint | grep -A 1 'pub' | grep 'fpr' | cut -d: -f10 | tr -d '\n')
+
+
+## Remove spaces from the expected fingerprint for comparison:
+formatted_expected_fingerprint=$(echo "${expected_fingerprint}" | tr -d ' ')
+
+
+## Check if the expected fingerprint is in the list of imported fingerprints:
+if [[ ! "${imported_fingerprints}" =~ "${formatted_expected_fingerprint}" ]]; then
+  echo_red "The imported GPG key fingerprint does not match the expected fingerprint."
+  exit 1
+fi
+
+
+## Verify the downloaded binary with the signature:
+echo_blue "Verifying the signature of the downloaded file ..."
+OUTPUT=$(gpg --digest-algo SHA256 --verify "${signature_filename}" "${binary_filename}" 2>&1)
+
+if ! echo "$OUTPUT" | grep -q "Good signature from"; then
+    echo_red "Verification failed: $OUTPUT"
+    exit 1;
+    else 7z x "${binary_filename}" && mv haveno*.deb "${package_filename}"
+fi
+
+
+echo_blue "Haveno binaries have been successfully verified."
+
+
+# Install Haveno:
+echo_blue "Installing Haveno ..."
+apt install -y ./"${package_filename}" || { echo_red "Failed to install Haveno."; exit 1; }
+
+
+## Adjust permissions:
+echo_blue "Adjust permissions ..."
+chown -R $(ls /home):$(ls /home) /opt/haveno
+
+
+## Finalize
+echo_blue "Haveno TemplateVM installation and configuration complete."
+printf "%s \n" "Press [ENTER] to complete ..."
+read ans
+exit
+#poweroff
+

scripts/install_qubes/scripts/2.0-haveno-netvm_taker.sh

@@ -0,0 +1,27 @@
+#!/bin/zsh
+## ./haveno-on-qubes/scripts/2.0-haveno-netvm_taker.sh
+
+## Function to print messages in blue:
+echo_blue() {
+  echo -e "\033[1;34m$1\033[0m"
+}
+
+
+# Function to print error messages in red:
+echo_red() {
+  echo -e "\033[0;31m$1\033[0m"
+}
+
+
+## onion-grater
+# Add onion-grater Profile
+echo_blue "\nAdding onion-grater Profile ..."
+onion-grater-add 40_bisq
+#echo_blue "\nRestarting onion-grater Service ..."
+#systemctl restart onion-grater.service
+echo_blue "Haveno NetVM configuration complete."
+printf "%s \n" "Press [ENTER] to complete ..."
+read ans
+#exit
+poweroff
+

scripts/install_qubes/scripts/2.1-haveno-netvm_maker.sh

@@ -0,0 +1,39 @@
+#!/bin/zsh
+## ./haveno-on-qubes/scripts/2.1-haveno-netvm_maker.sh
+
+if [[ $# -ne 1 ]] ; then
+    printf "\nNo arguments provided!\n\nThis script requires an argument to by provided:\nIP Address of Haveno AppVM\n\nPlease review documentation and try again.\n\nExiting now ...\n"
+    exit 1
+fi
+
+
+HAVENO_APPVM_IP=$1
+
+## Function to print messages in blue:
+echo_blue() {
+  echo -e "\033[1;34m$1\033[0m"
+}
+
+
+# Function to print error messages in red:
+echo_red() {
+  echo -e "\033[0;31m$1\033[0m"
+}
+
+
+# Prepare Maker Hidden Service
+echo_blue "\nConfiguring Hidden Service (Onion) ..."
+printf "\n## Haveno-DEX\nConnectionPadding 1\nHiddenServiceDir /var/lib/tor/haveno-dex/\nHiddenServicePort 9999 $HAVENO_APPVM_IP:9999\n\n" >> /usr/local/etc/torrc.d/50_user.conf
+
+
+## View & Verify Change
+echo_blue "\nReview the following output and be certain in matches documentation found in manual guide exactly!\n"
+tail /usr/local/etc/torrc.d/50_user.conf
+#echo_blue "\nRestarting tor Service ..."
+#systemctl restart tor.service
+echo_blue "Haveno NetVM configuration complete."
+printf "%s \n" "Press [ENTER] to complete ..."
+read ans
+#exit
+poweroff
+

scripts/install_qubes/scripts/3.0-haveno-appvm_taker.sh

@@ -0,0 +1,33 @@
+#!/bin/zsh
+## ./haveno-on-qubes/scripts/3.0-haveno-appvm_taker.sh 
+
+## Function to print messages in blue:
+echo_blue() {
+  echo -e "\033[1;34m$1\033[0m"
+}
+
+
+# Function to print error messages in red:
+echo_red() {
+  echo -e "\033[0;31m$1\033[0m"
+}
+
+
+## Prepare Firewall Settings
+echo_blue "\nConfiguring FW ..."
+printf "\n# Prepare Local FW Settings\nmkdir -p /usr/local/etc/whonix_firewall.d\n" >> /rw/config/rc.local
+printf "\n# Poke FW\nprintf \"EXTERNAL_OPEN_PORTS+=\\\\\" 9999 \\\\\"\\\n\" | tee /usr/local/etc/whonix_firewall.d/50_user.conf\n" >> /rw/config/rc.local
+printf "\n# Restart FW\nwhonix_firewall\n\n" >> /rw/config/rc.local
+
+
+### Adjust Desktop Launcher:
+echo_blue "Adjustng desktop launcher ..."
+mkdir -p /home/$(ls /home)/\.local/share/applications
+sed 's|/opt/haveno/bin/Haveno|/opt/haveno/bin/Haveno --torControlPort=9051 --socks5ProxyXmrAddress=127.0.0.1:9050 --useTorForXmr=on|g' > /home/$(ls /home)/.local/share/applications/haveno-Haveno.desktop
+chown -R $(ls /home):$(ls /home) /home/$(ls /home)/.local/share/applications/haveno-Haveno.desktop
+echo_blue "Haveno AppVM configuration complete."
+printf "%s \n" "Press [ENTER] to complete ..."
+read ans
+exit
+#poweroff
+

scripts/install_qubes/scripts/3.1-haveno-appvm_maker.sh

@@ -0,0 +1,50 @@
+#!/bin/zsh
+## ./haveno-on-qubes/scripts/3.1-haveno-appvm_maker.sh
+
+if [[ $# -ne 1 ]] ; then
+    printf "\nNo arguments provided!\n\nThis script requires an argument to by provided:\nOnion Address of Haveno NetVM\n\nPlease review documentation and try again.\n\nExiting now ...\n"
+    exit 1
+fi
+
+
+## Function to print messages in blue:
+echo_blue() {
+  echo -e "\033[1;34m$1\033[0m"
+}
+
+
+# Function to print error messages in red:
+echo_red() {
+  echo -e "\033[0;31m$1\033[0m"
+}
+
+
+ONION=$1
+
+
+## Prepare Firewall Settings
+echo_blue "\nConfiguring FW ..."
+printf "\n# Prepare Local FW Settings\nmkdir -p /usr/local/etc/whonix_firewall.d\n" >> /rw/config/rc.local
+printf "\n# Poke FW\nprintf \"EXTERNAL_OPEN_PORTS+=\\\\\" 9999 \\\\\"\\\n\" | tee /usr/local/etc/whonix_firewall.d/50_user.conf\n" >> /rw/config/rc.local
+printf "\n# Restart FW\nwhonix_firewall\n\n" >> /rw/config/rc.local
+
+
+## View & Verify Change
+echo_blue "\nReview the following output and be certain in matches documentation found in documentation exactly!\n"
+tail /rw/config/rc.local
+printf "%s \n" "Press [ENTER] to complete ..."
+read ans
+:
+
+
+### Adjust Desktop Launcher:
+echo_blue "Adjustng desktop launcher ..."
+mkdir -p /home/$(ls /home)/\.local/share/applications
+sed 's|/opt/haveno/bin/Haveno|/opt/haveno/bin/Haveno --socks5ProxyXmrAddress=127.0.0.1:9050 --useTorForXmr=on --nodePort=9999 --hiddenServiceAddress=$ONION|g' /opt/haveno/lib/haveno-Haveno.desktop > /home/$(ls /home)/.local/share/applications/haveno-Haveno.desktop
+chown -R $(ls /home):$(ls /home) /home/$(ls /home)/.local/share/applications
+echo_blue "Haveno AppVM configuration complete."
+printf "%s \n" "Press [ENTER] to complete ..."
+read ans
+exit
+#poweroff
+