Many people reported problems with the installation command, most of
them had typos, understandable due to the long command. Tar is available
even on minimal templates. Using tar is not more dangerous than using
qfile-unpacker in this case because the project has no signed archives
and passing a directory to dom0 is insecure, considering a git repo, an
attacker could find information in the .git directory or modify files
and add them to git exclude, which won't be noticed when verifying the
commit signature.
In the future, if a signed tarball were to be provided, qvm-run and pipe
would be used instead, making the command even simpler.
Check commit signature and if it fails, check if any signed tags
associated with commit exist from a keyring that can be found only
locally.
For: https://github.com/ben-grande/qusal/issues/105
Only way to have a unified markdown syntax is to enforce the wanted
syntax by linting the files. Don't rely on the many markdown syntaxes,
be consistent.
It was after sys-cacher for it's packages to be cached, but
fedora-minimal is targeted during sys-cacher installation, making
sys-cacher and any other formula that targets fedora-minimal fail.
Fixes: https://github.com/ben-grande/qusal/issues/69
- Document preferred method for socket use depending on use case;
- Fix Github web-flow key;
- Standardize naming of services;
- Use sys-ssh in ansible formula;
- Start services conditionally with Qubes Service and evaluated by
systemd ConditionPathExists= instead of installing on a per qube basis
with rc.local scripts;
- Change Qusal services to "qusal-" prefix instead of "qubes-" prefix.
Fixes: https://github.com/ben-grande/qusal/issues/80
Fixes: https://github.com/ben-grande/qusal/issues/79
- The sys-gui was not implemented;
- Light sys-net, sys-firewall, sys-audio and vault are not essential to
bootstrap other formulas; and
- Joining PCI formulas into one section is easier to find.
Updates happens multiple times, normally 2 to 3, even if we consider a
state without includes. On states with multiple includes, it could
easily get approximately 10 updates being ran. This behavior leads to
unnecessary network bandwidth being spent and more time to run the
installation state. When the connection is slow and not using the
cacher, such as torified connections on Whonix, the installation can
occurs much faster.
Adding external repositories has to be done prior to update to ensure it
is also fetched.
Fixes: https://github.com/ben-grande/qusal/issues/29
The main README is very large, by placing the documents in a separate
directory, we allow the user to choose explicitly what they read, giving
a better reading experience and allows a deeper understanding of the
project.
