Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-01-26 22:37:17 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'nastaziya-new_temlates'

Browse Source
This commit is contained in:
Andrew David Wong 2019-10-29 23:03:04 -05:00
commit 23d42b5007
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
5 changed files with 108 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
external/os-guides/centos.md vendored Normal file
View File

@ -0,0 +1,36 @@
---
layout: doc
title: CentOS Template
permalink: /doc/templates/centos/
---
# CentOS Template
If you would like to use a stable, predictable, manageable and reproducible distribution in your AppVMs, you can install the CentOS template, provided by Qubes in ready to use binary package.
For the minimal version, please see [Minimal TemplateVMs](/doc/templates/minimal/)
## Installation
CentOS-7 can be installed with the following command:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-centos-7
To switch, reinstall and uninstall a CentOS TemplateVM that is already installed in your system, see *How to [switch], [reinstall] and [uninstall]*.
#### After Installing
After a fresh install, we recommend to [Update the TemplateVM](/doc/software-update-vm/).
## Want to contribute?
* [How can I contribute to the Qubes Project?](/doc/contributing/)
* [Guidelines for Documentation Contributors](/doc/doc-guidelines/)
[switch]: /doc/templates/#switching
[reinstall]: /doc/reinstall-template/
[uninstall]: /doc/templates/#uninstalling

32
user/managing-os/fedora/fedora-xfce.md Normal file
View File

@ -0,0 +1,32 @@
---
layout: doc
title: The Fedora Xfce TemplateVM
permalink: /doc/templates/fedora-xfce/
---
The Fedora Xfce TemplateVM
=====================
If you would like to use Fedora Xfce (more lightweight compared to GNOME desktop environment) Linux distribution in your qubes, you can install one of the available Fedora Xfce templates.
Installing
----------
To install a specific Fedora Xfce TemplateVM that is not currently installed in your system, use the following command in dom0:
$ sudo qubes-dom0-update --enablerepo=qubes-templates-itl qubes-template-fedora-XX-xfce
(Replace `XX` with the Fedora Xfce version number of the template you wish to install.)
To reinstall a Fedora Xfce TemplateVM that is already installed in your system, see [How to Reinstall a TemplateVM].
Upgrading
---------
To upgrade your Fedora TemplateVM, please see [Upgrading Fedora TemplateVMs].
[Upgrading Fedora TemplateVMs]: /doc/template/fedora/upgrade/
[How to Reinstall a TemplateVM]: /doc/reinstall-template/

6
user/managing-os/fedora/fedora.md
View File

@ -6,9 +6,7 @@ permalink: /doc/templates/fedora/
# The Fedora TemplateVM # The Fedora TemplateVM
The Fedora [TemplateVM] is the default TemplateVM in Qubes OS. The Fedora [TemplateVM] is the default TemplateVM in Qubes OS. This page is about the standard (or "full") Fedora TemplateVM. For the minimal and Xfce versions, please see the [Minimal TemplateVMs] and [Fedora Xfce] pages.
This page is about the standard (or "full") Fedora TemplateVM.
For the minimal version, please see the [Minimal TemplateVMs] page.
## Installing ## Installing
@ -51,6 +49,7 @@ This section contains notes about specific Fedora releases.
[TemplateVM]: /doc/templates/ [TemplateVM]: /doc/templates/
[Fedora Xfce]: /doc/templates/fedora-xfce/
[Minimal TemplateVMs]: /doc/templates/minimal/ [Minimal TemplateVMs]: /doc/templates/minimal/
[end-of-life]: https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule [end-of-life]: https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule
[supported]: /doc/supported-versions/#templatevms [supported]: /doc/supported-versions/#templatevms
@ -61,4 +60,3 @@ This section contains notes about specific Fedora releases.
[Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms [Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms
[Upgrading Fedora TemplateVMs]: /doc/template/fedora/upgrade/ [Upgrading Fedora TemplateVMs]: /doc/template/fedora/upgrade/
[install]: /doc/templates/#installing [install]: /doc/templates/#installing

40
user/managing-os/minimal-templates.md
View File

@ -16,7 +16,7 @@ redirect_from:
The Minimal [TemplateVMs] are lightweight versions of their standard TemplateVM counterparts. The Minimal [TemplateVMs] are lightweight versions of their standard TemplateVM counterparts.
They have only the most vital packages installed, including a minimal X and xterm installation. They have only the most vital packages installed, including a minimal X and xterm installation.
The sections below contain instructions for using the template and provide some examples for common use cases. The sections below contain instructions for using the template and provide some examples for common use cases.
There are currently two Minimal TemplateVMs corresponding to the standard [Fedora] and [Debian] TemplateVMs. There are currently three Minimal TemplateVMs corresponding to the standard [Fedora], [Debian] and [CentOS] TemplateVMs.
## Important ## Important
@ -42,6 +42,10 @@ You may wish to try again with the testing repository enabled:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-itl-testing qubes-template-X-minimal [user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-itl-testing qubes-template-X-minimal
If you would like to install a community distribution, try the install command by enabling the community repository:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-X-minimal
The download may take a while depending on your connection speed. The download may take a while depending on your connection speed.
@ -85,7 +89,7 @@ As usual, the required packages are to be installed in the running template with
- Commonly used utilities: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring`. - Commonly used utilities: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring`.
- Audio: `pulseaudio-qubes`. - Audio: `pulseaudio-qubes`.
- [FirewallVM](/doc/firewall/), such as the template for `sys-firewall`: at least `qubes-core-agent-networking` and `iproute`, and also `qubes-core-agent-dom0-updates` if you want to use it as the `UpdateVM` (which is normally `sys-firewall`). - [FirewallVM](/doc/firewall/), such as the template for `sys-firewall`: at least `qubes-core-agent-networking` and `iproute`, and also `qubes-core-agent-dom0-updates` if you want to use it as the `UpdateVM` (which is normally `sys-firewall`).
- NetVM, such as the template for `sys-net`: `qubes-core-agent-networking` `qubes-core-agent-network-manager` `NetworkManager-wifi` `network-manager-applet` `wireless-tools` `dejavu-sans-fonts` `notification-daemon` `gnome-keyring` `polkit` `@hardware-support`. - NetVM, such as the template for `sys-net`: `qubes-core-agent-networking` `qubes-core-agent-network-manager` `NetworkManager-wifi` `network-manager-applet` `wireless-tools` `notification-daemon` `gnome-keyring` `polkit` `@hardware-support`.
If your network devices need extra packages for the template to work as a network VM, use the `lspci` command to identify the devices, then run `dnf search firmware` (replace `firmware` with the appropriate device identifier) to find the needed packages and then install them. If your network devices need extra packages for the template to work as a network VM, use the `lspci` command to identify the devices, then run `dnf search firmware` (replace `firmware` with the appropriate device identifier) to find the needed packages and then install them.
If you need utilities for debugging and analyzing network connections, install `tcpdump` `telnet` `nmap` `nmap-ncat`. If you need utilities for debugging and analyzing network connections, install `tcpdump` `telnet` `nmap` `nmap-ncat`.
- [USB qube](/doc/usb-qubes/), such as the template for `sys-usb`: `qubes-input-proxy-sender`. - [USB qube](/doc/usb-qubes/), such as the template for `sys-usb`: `qubes-input-proxy-sender`.
@ -102,7 +106,7 @@ You may also wish to consider additional packages from the `qubes-core-agent` su
- `qubes-core-agent-sysvinit`: Qubes unit files for SysV init style or upstart. - `qubes-core-agent-sysvinit`: Qubes unit files for SysV init style or upstart.
- `qubes-core-agent-networking`: Networking support. Required for general network access and particularly if the template is to be used for a `sys-net` or `sys-firewall` VM. - `qubes-core-agent-networking`: Networking support. Required for general network access and particularly if the template is to be used for a `sys-net` or `sys-firewall` VM.
- `qubes-core-agent-network-manager`: Integration for NetworkManager. Useful if the template is to be used for a `sys-net` VM. - `qubes-core-agent-network-manager`: Integration for NetworkManager. Useful if the template is to be used for a `sys-net` VM.
- `network-manager-applet`: Useful (together with `dejavu-sans-fonts` and `notification-daemon`) to have a system tray icon if the template is to be used for a `sys-net` VM. - `network-manager-applet`: Useful `notification-daemon` to have a system tray icon if the template is to be used for a `sys-net` VM.
- `qubes-core-agent-dom0-updates`: Script required to handle `dom0` updates. Any template which the VM responsible for 'dom0' updates (e.g. `sys-firewall`) is based on must contain this package. - `qubes-core-agent-dom0-updates`: Script required to handle `dom0` updates. Any template which the VM responsible for 'dom0' updates (e.g. `sys-firewall`) is based on must contain this package.
- `qubes-usb-proxy`: Required if the template is to be used for a USB qube (`sys-usb`) or for any destination qube to which USB devices are to be attached (e.g `sys-net` if using USB network adapter). - `qubes-usb-proxy`: Required if the template is to be used for a USB qube (`sys-usb`) or for any destination qube to which USB devices are to be attached (e.g `sys-net` if using USB network adapter).
- `pulseaudio-qubes`: Needed to have audio on the template VM. - `pulseaudio-qubes`: Needed to have audio on the template VM.
@ -121,7 +125,7 @@ To access the `journald` log, use the `journalctl` command.
### Debian ### Debian
As you would expect, the required packages can be installed in the running template with any apt-based command. As you would expect, the required packages can be installed in the running template with any apt-based command.
For example : (Replace "packages` with a space-delimited list of packages to be installed.) For example : (Replace `packages` with a space-delimited list of packages to be installed.)
[user@your-new-clone ~]$ sudo apt install packages [user@your-new-clone ~]$ sudo apt install packages
@ -130,8 +134,8 @@ Use case | Description | Required steps
**Standard utilities** | If you need the commonly used utilities | Install the following packages: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring` **Standard utilities** | If you need the commonly used utilities | Install the following packages: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring`
**Networking** | If you want networking | Install qubes-core-agent-networking **Networking** | If you want networking | Install qubes-core-agent-networking
**Audio** | If you want sound from your VM... | Install `pulseaudio-qubes` **Audio** | If you want sound from your VM... | Install `pulseaudio-qubes`
**FirewallVM** | You can use the minimal template as a template for a [FirewallVM](/doc/firewall/), like `sys-firewall` | Install `qubes-core-agent-networking`, and `nftables`. Also install `qubes-core-agent-dom0-updates` if you want to use a qube based on the template as an updateVM (normally sys-firewall). **FirewallVM** | You can use the minimal template as a template for a [FirewallVM](/doc/firewall/), like `sys-firewall` | Install `qubes-core-agent-networking`. Also install `qubes-core-agent-dom0-updates` if you want to use a qube based on the template as an updateVM (normally sys-firewall).
**NetVM** | You can use this template as the basis for a NetVM such as `sys-net` | Install the following packages: `qubes-core-agent-networking`, `qubes-core-agent-network-manager`, and `nftables`. **NetVM** | You can use this template as the basis for a NetVM such as `sys-net` | Install the following packages: `qubes-core-agent-networking`, `qubes-core-agent-network-manager`.
**NetVM (extra firmware)** | If your network devices need extra packages for a network VM | Use the `lspci` command to identify the devices, then find the package that provides necessary firnware and install it. **NetVM (extra firmware)** | If your network devices need extra packages for a network VM | Use the `lspci` command to identify the devices, then find the package that provides necessary firnware and install it.
**Network utilities** | If you need utilities for debugging and analyzing network connections | Install the following packages: `tcpdump` `telnet` `nmap` `nmap-ncat` **Network utilities** | If you need utilities for debugging and analyzing network connections | Install the following packages: `tcpdump` `telnet` `nmap` `nmap-ncat`
**USB** | If you want to use this template as the basis for a [USB](/doc/usb/) qube such as `sys-usb` | Install `qubes-usb-proxy`. To use USB mouse or keyboard install `qubes-input-proxy-sender`. **USB** | If you want to use this template as the basis for a [USB](/doc/usb/) qube such as `sys-usb` | Install `qubes-usb-proxy`. To use USB mouse or keyboard install `qubes-input-proxy-sender`.
@ -155,16 +159,38 @@ Also, there are packages to provide additional services:
- `qubes-snapd-helper`: If you want to use snaps in qubes. - `qubes-snapd-helper`: If you want to use snaps in qubes.
- `qubes-thunderbird`: Additional tools for use in thunderbird. - `qubes-thunderbird`: Additional tools for use in thunderbird.
- `qubes-app-shutdown-idle`: If you want qubes to automatically shutdown when idle. - `qubes-app-shutdown-idle`: If you want qubes to automatically shutdown when idle.
- `qubes-mgmt-\*`: If you want to use salt management on the template and qubes. - `qubes-mgmt-salt-vm-connector`: If you want to use salt management on the template and qubes.
Documentation on all of these can be found in the [docs](/doc) Documentation on all of these can be found in the [docs](/doc)
You could, of course, use qubes-vm-recommended to automatically install many of these, but in that case you are well on the way to a standard Debian template. You could, of course, use qubes-vm-recommended to automatically install many of these, but in that case you are well on the way to a standard Debian template.
### CentOS
As is the case with above-mentioned Minimal Templates, the required packages are to be installed in the running template with the following command (replace `packages` with a space-delimited list of packages to be installed):
[user@your-new-clone ~]$ sudo yum install packages
Use case | Description | Required steps
--- | --- | ---
**Standard utilities** | If you need the commonly used utilities | Install the following packages: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring`
**Networking** | If you want networking | Install `qubes-core-agent-networking` `qubes-core-agent-network-manager` `NetworkManager-wifi` `network-manager-applet` `wireless-tools` `notification-daemon` `gnome-keyring`
**Audio** | If you want sound from your VM... | Install `pulseaudio-qubes`
**FirewallVM** | You can use the minimal template as a template for a [FirewallVM](/doc/firewall/), like `sys-firewall` | Install `qubes-core-agent-networking`. Also install `qubes-core-agent-dom0-updates`(script required to handle `dom0` updates), if you want to use a qube based on the template as an updateVM (normally sys-firewall).
**NetVM** | You can use this template as the basis for a NetVM such as `sys-net` | Install the following packages: `qubes-core-agent-networking`, `qubes-core-agent-network-manager`.
**NetVM (extra firmware)** | If your network devices need extra packages for a network VM | Use the `lspci` command to identify the devices, then find the package that provides necessary firnware and install it.
**Network utilities** | If you need utilities for debugging and analyzing network connections | Install the following packages: `tcpdump` `telnet` `nmap` `nmap-ncat`
**USB** | If you want to use this template as the basis for a [USB](/doc/usb/) qube such as `sys-usb` | Install `qubes-usb-proxy`. To use USB mouse or keyboard install `qubes-input-proxy-sender`.
**VPN** | You can use this template as basis for a [VPN](/doc/vpn/) qube | You may need to install network-manager VPN packages, depending on the VPN technology you'll be using. After creating a machine based on this template, follow the [VPN howto](/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager) to configure it.
**Desktop environment** | To improve desktop experience using additional packages from the `qubes-core-agent` | `qubes-menus` which defines menu layout, `qubes-desktop-linux-common` which contains icons and scripts to improve desktop experience. `qubes-core-agent-nautilus`/`qubes-core-agent-thunar`: packages providing integration with the Nautilus/Thunar file manager (without it, items like "copy to VM/open in disposable VM" will not be shown in Nautilus/Thunar).
**Additional services** | If you need additional Qubes services | Install `qubes-gpg-split` `qubes-pdf-converter` `qubes-img-converter`("Qubes apps" implementing split GPG, trusted PDF and image converter), `qubes-snapd-helper`(if you want to use snaps), `qubes-mgmt-salt-vm-connector`(if you want to use salt management on the template and qubes).
[TemplateVMs]: /doc/templates/ [TemplateVMs]: /doc/templates/
[Fedora]: /doc/templates/fedora/ [Fedora]: /doc/templates/fedora/
[Debian]: /doc/templates/debian/ [Debian]: /doc/templates/debian/
[CentOS]: /doc/templates/centos/
[qubes-users]: /support/#qubes-users [qubes-users]: /support/#qubes-users
[doc-guidelines]: /doc/doc-guidelines/ [doc-guidelines]: /doc/doc-guidelines/
[pref-default]: /faq/#could-you-please-make-my-preference-the-default [pref-default]: /faq/#could-you-please-make-my-preference-the-default

8
user/managing-os/templates.md
View File

@ -43,10 +43,10 @@ We guarantee that the binary updates are compiled from exactly the same source c
* [Fedora] (default) * [Fedora] (default)
* Fedora [Minimal] * Fedora [Minimal]
* Fedora [Xfce]
* [Debian] * [Debian]
* Debian [Minimal] * Debian [Minimal]
## Community ## Community
These templates are supported by the Qubes community. These templates are supported by the Qubes community.
@ -60,7 +60,8 @@ In addition, these templates may be somewhat less stable, since the Qubes develo
* [Whonix] * [Whonix]
* [Ubuntu] * [Ubuntu]
* [Arch Linux] * [Arch Linux]
* [CentOS]
* CentOS [Minimal]
## Installing ## Installing
@ -242,10 +243,12 @@ Note the word "clean" means in this context: the same as their template filesyst
[TemplateBasedVMs]: /doc/glossary/#templatebasedvm [TemplateBasedVMs]: /doc/glossary/#templatebasedvm
[Fedora]: /doc/templates/fedora/ [Fedora]: /doc/templates/fedora/
[Minimal]: /doc/templates/minimal/ [Minimal]: /doc/templates/minimal/
[Xfce]: /doc/templates/fedora-xfce
[Debian]: /doc/templates/debian/ [Debian]: /doc/templates/debian/
[Whonix]: /doc/templates/whonix/ [Whonix]: /doc/templates/whonix/
[Ubuntu]: /doc/templates/ubuntu/ [Ubuntu]: /doc/templates/ubuntu/
[Arch Linux]: /doc/templates/archlinux/ [Arch Linux]: /doc/templates/archlinux/
[CentOS]: /doc/templates/centos/
[Qubes Builder]: /doc/qubes-builder/ [Qubes Builder]: /doc/qubes-builder/
[TemplateVM Implementation]: /doc/template-implementation/ [TemplateVM Implementation]: /doc/template-implementation/
[How to Remove VMs Manually]: /doc/remove-vm-manually/ [How to Remove VMs Manually]: /doc/remove-vm-manually/
@ -259,4 +262,3 @@ Note the word "clean" means in this context: the same as their template filesyst
[uninstall the old TemplateVM]: #uninstalling [uninstall the old TemplateVM]: #uninstalling
[Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms [Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms
[How to Reinstall a TemplateVM]: /doc/reinstall-template/ [How to Reinstall a TemplateVM]: /doc/reinstall-template/