In case user configured Wireguard but there are no clients connected,
network hooks are never run and no domains can be resolved from the
sys-wireguard qube itself, therefore using Qrexec services to resolve
DNS in sys-wireguard hooks doesn't work and depended on connected
clients.
If Wireguard systemd service wasn't run, the nameserver will be empty
and that is not a problem.
In case user hasn't configured the Wireguard configuration correctly,
drop all connections.
Only way to have a unified markdown syntax is to enforce the wanted
syntax by linting the files. Don't rely on the many markdown syntaxes,
be consistent.
- git-send-email was implemented for a future RPC service for SMTP that
was never created and can have some risks. As dev has no networking by
default and the service was never created, removing it;
- git and gnupg already present in the included states;
- remove commented code; and
- move separate salt state to default installation as it only contains a
single package that is not troublesome.
It was after sys-cacher for it's packages to be cached, but
fedora-minimal is targeted during sys-cacher installation, making
sys-cacher and any other formula that targets fedora-minimal fail.
Fixes: https://github.com/ben-grande/qusal/issues/69
Document qusal.ConnectTCP in dev's Access Control as it defaults to deny
and causes confusion to users why it doesn't work by default. This is
an exception of the rule that a formula cannot document the RPC service
of another formula to avoid duplication.
- Document preferred method for socket use depending on use case;
- Fix Github web-flow key;
- Standardize naming of services;
- Use sys-ssh in ansible formula;
- Start services conditionally with Qubes Service and evaluated by
systemd ConditionPathExists= instead of installing on a per qube basis
with rc.local scripts;
- Change Qusal services to "qusal-" prefix instead of "qubes-" prefix.
Fixes: https://github.com/ben-grande/qusal/issues/80
Fixes: https://github.com/ben-grande/qusal/issues/79