test

README.md

@@ -27,36 +27,27 @@ projects.
 User policies should always be set on /etc/qubes/policy.d/30-user.policy as
 this file will take precedence over the packaged policy.
 
-Qubes global settings (qubes-prefs) that will be managed:
-
-clockvm           : disp-sys-net or sys-net
-default_audiovm   : dom0  # TODO
-default_dispvm    : reader
-default_netvm     : sys-pihole or sys-firewall or disp-sys-firewall
-management_dispvm : dvm-mgmt
-updatevm          : sys-pihole or sys-firewall or disp-sys-firewall
-
 ## Installation
 
 Clone this repository:
-```shell
+```sh
 git clone https://github.com/ben-grande/qusal.git ~/qusal
 git clone ssh://git@github.com/ben-grande/qusal.git ~/qusal
 ```
 
 Copy this repository from some qube to Dom0 from Dom0:
-```shell
+```sh
 mkdir -p ~/QubesIncoming/QUBE
 qvm-run -p <QUBE> tar -cC </PATH/TO> qusal | tar -xvC ~/QubesIncoming/QUBE qusal
 ```
 Example copying repository from the `dev` qube to Dom0 by running in Dom0:
-```shell
+```sh
 mkdir -p ~/QubesIncoming/dev
 qvm-run -p dev tar -cC /home/user qusal | tar -xvC ~/QubesIncoming/dev qusal
 ```
 
 Copy the files to the Salt directories:
-```shell
+```sh
 cd qusal
 ./setup.sh
 ```
@@ -64,6 +55,15 @@ cd qusal
 Qusal is now installed. Please read the README.md of each project for further
 information on how to install the desired package.
 
+Qubes global settings (qubes-prefs) that will be managed:
+
+- **clockvm**: disp-sys-net, sys-net
+- **default_audiovmm**: dom0  # TODO
+- **default_dispvm**: reader
+- **default_netvm**: sys-pihole, sys-firewall or disp-sys-firewall
+- **management_dispvm**: dvm-mgmt
+- **updatevm**: sys-pihole, sys-firewall or disp-sys-firewall
+
 ## Format
 
 ### File naming

TODO.md

@@ -12,6 +12,7 @@
 
 ## Medium Priority
 
+- repos: migrate debian .list to .sources
 - sys-usb:
   - multiple PCI assignment to different qubes fails due to ext_module_qvm.py
     bug

qusal/dotfiles/README.md

@@ -22,12 +22,12 @@ Configuration and scripts targeting:
   - Drop-in configuration files
   - Tested on Qubes OS Dom0, Debian, Fedora
 - Tasks:
- - GUI: x11, gtk
- - SCM: git, tig, git-shell
- - Keys: gpg, ssh
- - Networking: curl, urlview, wget, w3m
- - Productivity: tmux, vim
- - Shell: sh, bash, zsh, less, dircolors
+  - GUI: x11, gtk
+  - SCM: git, tig, git-shell
+  - Keys: gpg, ssh
+  - Networking: curl, urlview, wget, w3m
+  - Productivity: tmux, vim
+  - Shell: sh, bash, zsh, less, dircolors
 
 ## Installation
 
@@ -63,14 +63,14 @@ configuration is implemented by including a local file per application.
 
 Supported programs and the expected file names in `$HOME`:
 
-- bash: `.bashrc.local`
-- git:  `.gitconfig.local`
-- sh:   `.profile.local`, `.shrc.local`
-- ssh:  `.ssh/config.d/*.conf`, `.ssh/known_hosts.d/*.host`
-- tmux: `.tmux.conf.local`
-- vim:  `.vimrc.local`
-- x11:  `.xprofile.local`
-- zsh:  `.zshrc.local`
+- **bash**: .bashrc.local
+- **git**:  .gitconfig.local
+- **sh**:   .profile.local, .shrc.local
+- **ssh**:  .ssh/config.d/*.conf, .ssh/known_hosts.d/*.host
+- **tmux**: .tmux.conf.local
+- **vim**:  .vimrc.local
+- **x11**:  .xprofile.local
+- **zsh**:  .zshrc.local
 
 ## Copyright
 

qusal/dotfiles/files/git/.config/git/config

@@ -19,8 +19,7 @@
 	rl = remote -v
 	cf = config --file "$HOME/.gitconfig.local"
 	; Helpers
-	aliases = !git config --get-regexp 'alias.*' | colrm 1 6 | sed 's/[ ]/ = /'
-	aliases-get = "!f() { git config --get alias.$1;}; f"
+	aliases = "!sh -c 'if test -n \"$1\"; then git config --get alias.$1; else git config --get-regexp \"alias.*\" | colrm 1 6 | sed \"s/[ ]/ = /\"; fi'" -
 	; Patch with subject prefix containing repository name and output
 	; directory has the child directories the repository and branch name.
 	fp = "!sh -c '\

qusal/qubes-builder/README.md

@@ -59,17 +59,10 @@ Extra services added are `qubes.Gpg`, `qubes.Gpg2`, `qusal.GitInit`,
 Out of these services, if an argument `+qubes-builder` can be specified to
 limit the scope, the action is `allowed`, else the action is to `ask`.
 
-Consult documentation for each service separately on their appropriate
-project:
-
-- `qusal.Git*`: sys-git
-- `qusal.SshAgent`: sys-ssh-agent
-- `qubes.*`: upstream documentation
-
 ## Usage
 
-When using the `qubes` executor, set the `dispvm` option to either `dom0` or
-`dvm-qubes-builder` in `builder.yml`:
+When using the Qubes Executor, configure the builder.yml `dispvm` option to
+either `dom0` or `dvm-qubes-builder`:
 ```yaml
 executor:
   type: qubes
@@ -77,8 +70,8 @@ executor:
     dispvm: "dom0"
     #dispvm: "dvm-qubes-builder"
 ```
-Setting the `dispvm` to `dom0` works because it will use the `default_dispvm`
-preference of `qubes-builder`, which is `dvm-qubes-builder`.
+Setting the Disposable VM  to Dom0 works because it will use the
+`default_dispvm` preference of `qubes-builder`, which is `dvm-qubes-builder`.
 
 There are no further modifications needed to comply with this package. Consult
 upstream documentation on how to use the Qubes OS Builder.

qusal/remmina/README.md

@@ -11,7 +11,8 @@
 Remmina Remote Desktop Client in Qubes OS.
 
 Creates a disposable template named "dvm-remmina". From it, you can create
-disposables for Remmina usage for SSH, VNC, SPICE, HTTP(S), X2Go and more.
+disposables for Remmina usage for SSH, VNC, SPICE, HTTP(S), X2Go and more. If
+you prefer to use an app qube, a qube named "remmina" will also be created.
 
 ## Installation
 

qusal/signal/README.md

@@ -10,6 +10,8 @@
 
 Signal messaging app on Qubes OS.
 
+Install Signal Desktop and creates an app qube named "signal".
+
 ## Installation
 
 - Top:

qusal/sys-cacher/README.md

@@ -64,7 +64,7 @@ of sys-cacher.
 
 ### Non-TemplateVMs integration
 
-Attention: this method will allow for a client qube to bypass the qubes
+**Attention**: this method will allow for a client qube to bypass the qubes
 firewall and connect to a remote via the updates proxy.
 
 By default, only templates will use the proxy to update, if you want to cache

qusal/sys-git/README.md

@@ -40,7 +40,7 @@ implementation:
 | Push  | True | True  | False | True |
 | Init  | True | False | False | False |
 | Validates Git communication | False | False | True | False |
-| Verify tag signature | False | False | True | False |
+| Verifies tag signature | False | False | True | False |
 
 ## Installation
 
@@ -154,7 +154,7 @@ You can then use that repository as usual, making commits.
 
 Push to the server and set it as the default upstream:
 ```sh
-git push -u sg master
+git push -u sg main
 ```
 
 Following pushes will be simpler:

qusal/sys-pgp/README.md

@@ -48,12 +48,15 @@ qvm-features dev service.split-gpg2-client
 _Default policy_: `any qube` can `ask` via the `@default` target if you allow
 it to use split-gpg in `sys-pgp`.
 
-Allow the `work` qubes to access `sys-pgp`, but no other qubes from using the
-Gpg RPC service:
+Allow the `work` qubes to access `sys-pgp`, but not other qubes:
 ```qrexecpolicy
 qubes.Gpg2 * work   sys-pgp  ask default_target=sys-pgp
 qubes.Gpg2 * work   @default ask target=sys-pgp default_target=sys-pgp
 qubes.Gpg2 * @anyvm @anyvm   deny
+
+qubes.Gpg * work   sys-pgp  ask default_target=sys-pgp
+qubes.Gpg * work   @default ask target=sys-pgp default_target=sys-pgp
+qubes.Gpg * @anyvm @anyvm   deny
 ```
 
 ## Usage

qusal/sys-pihole/README.md

@@ -57,9 +57,14 @@ Pi-hole will be installed with these default settings:
 - Steven Black's Unified Hosts List is included
 - Query logging is enabled to show everything.
 
-You can change these settings via the admin interface: http://localhost/admin.
-The default Admin Webpage login password is: `UpSNQsy4`
-You should change this on first use, by running: `pihole -a -p`
+You can change these settings via the admin interface:
+- URL: http://localhost/admin
+- default password: `UpSNQsy4`
+
+You should change this password on first use by running:
+```sh
+pihole -a -p
+```
 
 ## Copyright
 

qusal/sys-ssh-agent/README.md

@@ -246,4 +246,8 @@ Host work
 
 ## Copyright
 
-License: GPLv2+
+License: GPLv3+
+
+Credits:
+
+- [Unman](https://github.com/unman/qubes-ssh-agent)

qusal/templates/debian-minimal/README.md

@@ -1,9 +1,10 @@
-# Debian Minimal Template
+# debian-minimal
 
 ## Table of Contents
 
 * [Description](#description)
 * [Installation](#installation)
+* [Copyright](#copyright)
 
 ## Description
 
@@ -22,3 +23,7 @@ qubesctl top.disable templates.debian-minimal
 qubesctl state.apply templates.debian-minimal.create
 qubesctl --skip-dom0 --targets=debian-12-minimal state.apply templates.debian-minimal.install
 ```
+
+## Copyright
+
+License: GPLv2+

qusal/templates/debian/README.md

@@ -1,9 +1,10 @@
-# Debian Template
+# debian
 
 ## Table of Contents
 
 * [Description](#description)
 * [Installation](#installation)
+* [Copyright](#copyright)
 
 ## Description
 
@@ -22,3 +23,7 @@ qubesctl top.disable templates.debian
 qubesctl state.apply templates.debian.create
 qubesctl --skip-dom0 --targets=debian-12 state.apply templates.debian.install
 ```
+
+## Copyright
+
+License: GPLv2+

qusal/templates/fedora-minimal/README.md

@@ -1,9 +1,10 @@
-# Fedora Minimal Template
+# fedora-minimal
 
 ## Table of Contents
 
 * [Description](#description)
 * [Installation](#installation)
+* [Copyright](#copyright)
 
 ## Description
 
@@ -22,3 +23,7 @@ qubesctl top.disable templates.fedora-minimal
 qubesctl state.apply templates.fedora-minimal.create
 qubesctl --skip-dom0 --targets=fedora-38-minimal state.apply templates.fedora-minimal.install
 ```
+
+## Copyright
+
+License: GPLv2+

qusal/templates/fedora/README.md

@@ -1,9 +1,10 @@
-# Fedora Template
+# fedora
 
 ## Table of Contents
 
 * [Description](#description)
 * [Installation](#installation)
+* [Copyright](#copyright)
 
 ## Description
 
@@ -22,3 +23,7 @@ qubesctl top.disable templates.fedora
 qubesctl state.apply templates.fedora.create
 qubesctl --skip-dom0 --targets=fedora-38 state.apply templates.fedora.install
 ```
+
+## Copyright
+
+License: GPLv2+

qusal/templates/whonix/README.md

@@ -1,9 +1,10 @@
-# Whonix
+# whonix
 
 ## Table of Contents
 
 * [Description](#description)
 * [Installation](#installation)
+* [Copyright](#copyright)
 
 ## Description
 
@@ -25,3 +26,6 @@ qubesctl state.apply templates.whonix.create
 qubesctl state.apply qvm.anon-whonix
 qubesctl state.apply qvm.whonix-ws-dvm
 ```
+## Copyright
+
+License: GPLv2+

qusal/terraform/README.md

@@ -10,6 +10,8 @@
 
 Terraform installation in Qubes OS.
 
+Install Terraform and use it on the "terraform" app qube.
+
 ## Installation
 
 - Top:

qusal/utils/tools/builder/README.md

@@ -0,0 +1,29 @@
+# builder
+
+## Table of Contents
+
+* [Description](#description)
+* [Installation](#installation)
+* [Copyright](#copyright)
+
+## Description
+
+Build tools for packaging on Qubes OS.
+
+This is not necessary for qubes-builder, it is just a set of useful tools for
+building packages in UNIX distributions.
+
+## Installation
+
+Install builder tools on templates:
+```sh
+qubesctl --skip-dom0 --targets=TEMPLATEVMS state.apply utils.tools.builder.core
+```
+Install documentation tools on templates:
+```sh
+qubesctl --skip-dom0 --targets=TEMPLATEVMS state.apply utils.tools.builder.doc
+```
+
+## Copyright
+
+License: GPLv2+

qusal/utils/tools/zsh/README.md

@@ -1,25 +1,33 @@
-# Dev
+# zsh
 
 ## Table of Contents
 
 * [Description](#description)
 * [Installation](#installation)
+* [Copyright](#copyright)
 
 ## Description
 
-Install and configure Zsh.
+Zsh installation for Qubes OS.
+
+Install Zsh, setup it to be the user shell and touch ~/.zshrc to avoid
+warnings.
 
 ## Installation
 
 - Top
 ```sh
-qubesctl top.enable zsh
+qubesctl top.enable utils.tools.zsh
 qubesctl --targets=TARGET state.apply
-qubesctl top.disable zsh
+qubesctl top.disable utils.tools.zsh
 ```
 
 - State
 ```sh
-qubesctl --skip-dom0 --targets=TEMPLATEVMS state.apply zsh.install,zsh.change-shell,zsh.touch-zshrc
-qubesctl --skip-dom0 --targets=APPVMS state.apply zsh.touch-zshrc
+qubesctl --skip-dom0 --targets=TEMPLATEVMS state.apply utils.tools.zsh.change-shell
+qubesctl --skip-dom0 --targets=APPVMS state.apply utils.tools.zsh.touch-zshrc
 ```
+
+## Copyright
+
+License: GPLv2+