From bcb65a2f1aac1f08aa2dd3f3e3e4d84374ff8d9c Mon Sep 17 00:00:00 2001 From: Ben Grande Date: Mon, 18 Dec 2023 15:31:27 +0000 Subject: [PATCH] feat: usb client --- salt/usb/README.md | 36 ++++++++++++++++++++++++++++++++ salt/usb/clone.sls | 8 ++++++++ salt/usb/clone.top | 10 +++++++++ salt/usb/configure-dvm.sls | 12 +++++++++++ salt/usb/configure-dvm.top | 10 +++++++++ salt/usb/create.sls | 42 ++++++++++++++++++++++++++++++++++++++ salt/usb/create.top | 10 +++++++++ salt/usb/init.top | 14 +++++++++++++ salt/usb/install.sls | 12 +++++++++++ salt/usb/install.top | 9 ++++++++ 10 files changed, 163 insertions(+) create mode 100644 salt/usb/README.md create mode 100644 salt/usb/clone.sls create mode 100644 salt/usb/clone.top create mode 100644 salt/usb/configure-dvm.sls create mode 100644 salt/usb/configure-dvm.top create mode 100644 salt/usb/create.sls create mode 100644 salt/usb/create.top create mode 100644 salt/usb/init.top create mode 100644 salt/usb/install.sls create mode 100644 salt/usb/install.top diff --git a/salt/usb/README.md b/salt/usb/README.md new file mode 100644 index 0000000..5897e0d --- /dev/null +++ b/salt/usb/README.md @@ -0,0 +1,36 @@ +# usb + +USB client in Qubes OS. + +## Table of Contents + +* [Description](#description) +* [Installation](#installation) +* [Usage](#usage) + +## Description + +A Template for DispVMs will be created and named "dvm-usb", from this qube, +you can base disposable qubes, geared towards USB client usage. + +## Installation + +- Top: +```sh +qubesctl top.enable usb +qubesctl --targets=tpl-usb state.apply +qubesctl top.disable usb +``` + +- State: + +```sh +qubesctl state.apply usb.create +qubesctl --skip-dom0 --targets=tpl-usb state.apply usb.install +``` + + +## Usage + +You will use the Template for DispVMs "dvm-usb" to create disposable qubes to +connect USB devices to. diff --git a/salt/usb/clone.sls b/salt/usb/clone.sls new file mode 100644 index 0000000..0554d7f --- /dev/null +++ b/salt/usb/clone.sls @@ -0,0 +1,8 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{% from 'utils/macros/clone-template.sls' import clone_template -%} +{{ clone_template('debian-minimal', sls_path) }} diff --git a/salt/usb/clone.top b/salt/usb/clone.top new file mode 100644 index 0000000..d70b0a0 --- /dev/null +++ b/salt/usb/clone.top @@ -0,0 +1,10 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'dom0': + - match: nodegroup + - usb.clone diff --git a/salt/usb/configure-dvm.sls b/salt/usb/configure-dvm.sls new file mode 100644 index 0000000..f7e6864 --- /dev/null +++ b/salt/usb/configure-dvm.sls @@ -0,0 +1,12 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{% if grains['nodename'] != 'dom0' -%} + +include: + - dev.home-cleanup + +{% endif -%} diff --git a/salt/usb/configure-dvm.top b/salt/usb/configure-dvm.top new file mode 100644 index 0000000..267686b --- /dev/null +++ b/salt/usb/configure-dvm.top @@ -0,0 +1,10 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + '*': + - match: nodegroup + - usb.configure-dvm diff --git a/salt/usb/create.sls b/salt/usb/create.sls new file mode 100644 index 0000000..7fc1725 --- /dev/null +++ b/salt/usb/create.sls @@ -0,0 +1,42 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{%- from "qvm/template.jinja" import load -%} + +include: + - .clone + +{% load_yaml as defaults -%} +name: dvm-{{ slsdotpath }} +force: True +require: +- sls: {{ slsdotpath }}.clone +present: +- template: tpl-{{ slsdotpath }} +- label: red +prefs: +- template: tpl-{{ slsdotpath }} +- label: red +- netvm: "" +- memory: 300 +- maxmem: 500 +- vcpus: 1 +- autostart: False +- template_for_dispvms: True +- include_in_backups: False +features: +- enable: + - appmenus-dispvm +- disable: + - service.cups + - service.cups-browsed + - service.tinyproxy +{%- endload %} +{{ load(defaults) }} + +"{{ slsdotpath }}-extend-private-volume": + cmd.run: + - name: qvm-volume extend dvm-{{ slsdotpath }}:private 15Gi diff --git a/salt/usb/create.top b/salt/usb/create.top new file mode 100644 index 0000000..09a5cf8 --- /dev/null +++ b/salt/usb/create.top @@ -0,0 +1,10 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'dom0': + - match: nodegroup + - usb.create diff --git a/salt/usb/init.top b/salt/usb/init.top new file mode 100644 index 0000000..1f1b7bf --- /dev/null +++ b/salt/usb/init.top @@ -0,0 +1,14 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'dom0': + - match: nodegroup + - usb.create + 'tpl-usb': + - usb.install + 'dvm-usb': + - usb.configur-dvm diff --git a/salt/usb/install.sls b/salt/usb/install.sls new file mode 100644 index 0000000..3a4ca03 --- /dev/null +++ b/salt/usb/install.sls @@ -0,0 +1,12 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +{% if grains['nodename'] != 'dom0' -%} + +include: + - sys-usb.install-client + +{% endif -%} diff --git a/salt/usb/install.top b/salt/usb/install.top new file mode 100644 index 0000000..a5807f0 --- /dev/null +++ b/salt/usb/install.top @@ -0,0 +1,9 @@ +{# +SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. + +SPDX-License-Identifier: AGPL-3.0-or-later +#} + +base: + 'tpl-usb': + - usb.install