9c280689d8
- Document preferred method for socket use depending on use case; - Fix Github web-flow key; - Standardize naming of services; - Use sys-ssh in ansible formula; - Start services conditionally with Qubes Service and evaluated by systemd ConditionPathExists= instead of installing on a per qube basis with rc.local scripts; - Change Qusal services to "qusal-" prefix instead of "qubes-" prefix. Fixes: https://github.com/ben-grande/qusal/issues/80 Fixes: https://github.com/ben-grande/qusal/issues/79 |
||
---|---|---|
.. | ||
files/client | ||
clone.sls | ||
clone.top | ||
configure.sls | ||
configure.top | ||
create.sls | ||
create.top | ||
init.top | ||
install.sls | ||
install.top | ||
README.md | ||
version |
mirage-builder
Mirage Builder environment in Qubes OS.
Table of Contents
Description
Setup a builder qube for Mirage Unikernel named "mirage-builder". The tool necessary to build Mirage with docker or directly with Opam will also be installed.
Installation
Mirage Firewall commits and tags are not signed by individuals, but as they are done through the web interface, they have GitHub Web-Flow signature. This is the best verification we can get for Mirage Firewall. If you don't trust the hosting provider however, don't install this package.
- Top:
sudo qubesctl top.enable mirage-builder
sudo qubesctl --targets=tpl-mirage-builder,mirage-builder state.apply
sudo qubesctl top.disable mirage-builder
- State:
sudo qubesctl state.apply mirage-builder.create
sudo qubesctl --skip-dom0 --targets=tpl-mirage-builder state.apply mirage-builder.install
sudo qubesctl --skip-dom0 --targets=mirage-builder state.apply mirage-builder.configure
Usage
The qube mirage-builder
is intended to build Mirage Unikernel. Consult
upstream documentation on how to build qubes-mirage-firewall from
source.
If you plan to build without docker, the hooks and completion scripts are
already being sourced by your shell profile. Because of this, when calling
opam-init
, use it together with the option --no-setup
:
opam init --no-setup