mirror of
https://github.com/ben-grande/qusal.git
synced 2025-02-03 10:49:58 -05:00
a564b3a703
Ideally, it would be a Qrexec socket service, but it doesn't handle DNS, only accepting IPs. The dev qube is now non-networked and network, especially to remote git repositories can be acquired via the proxy that is going to be installed in every netvm.
ansible
Ansible environment in Qubes OS.
Table of Contents
Description
Install Ansible and use it on the "ansible" app qube.
Installation
- Top
sudo qubesctl top.enable ansible
sudo qubesctl --targets=tpl-ansible,ansible,ansible-minion state.apply
sudo qubesctl top.disable ansible
- State
sudo qubesctl state.apply ansible.create
sudo qubesctl --skip-dom0 --targets=tpl-ansible state.apply ansible.install
sudo qubesctl --skip-dom0 --targets=ansible state.apply ansible.configure,zsh.touch-zshrc
sudo qubesctl --skip-dom0 --targets=ansible-minion state.apply ansible.configure-minion,zsh.touch-zshrc
Usage
Configure the control node ansible:
ssh-keygen -t ed25519 -N "" -f ~/.ssh/id_ansible
qvm-copy ~/.ssh/id_ansible.pub
Select ansible-minion as the target qube for the copy operation.
Configure the minion ansible-minion:
mkdir -m 0700 ~/.ssh
cat ~/QubesIncoming/ansible/id_ansible.pub >> ~/.ssh/authorized_keys
From the control node ansible, test connection to the minion
ansible-minion:
ssh minion