Git-Mirrors/qusal
1
0
Fork 0
mirror of https://github.com/ben-grande/qusal.git synced 2024-09-21 09:45:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
b52e4b1b63
qusal/salt/qubes-builder/README.md
Ben Grande b52e4b1b63 fix: strict split-gpg2 service 
Split-gpg V1 allowed for querying public keys, but as split-gpg2 is
running as an agent, public keys are not queried. Allowing connection to
the server to query only public parts of the key exposes the server more
than needed to the client.

All clients now have to hold the public key they need locally in order
to do GPG operations.
2023-12-28 11:47:41 +01:00

81 lines
2.8 KiB
Markdown
Raw Blame History

# qubes-builder
Setup Qubes OS Builder V2 in Qubes OS itself.
## Table of Contents
* [Description](#description)
* [Installation](#installation)
* [Access Control](#access-control)
* [Usage](#usage)
## Description
Setup a Builder qube named "qubes-builder" and a disposable template for Qubes
Executor named "dvm-qubes-builder". It is possible to use any of the available
executors: docker, podman, qubes-executor.
During installation, after cloning the qubes-builderv2 repository, signatures
will be verified and the installation will fail if the signatures couldn't be
verified. Packages necessary for split operations such as split-gpg2, spit-git
and split-ssh-agent will also be installed.
## Installation
The template is based on Fedora Minimal and not Debian Minimal due to the
Qubes Executor lacking some dependencies on Debian such as
[mock](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025460). Even if the
builder qube was Debian based, the executor qube still needs to be a Fedora
template.
A set of trusted keys is placed into the `qubes-builder` to be used to verify
the git repositories during this package installation. The split-gpg2 setup is
not used during installation as it can't restrict access to a certain set of
keys (GNUPGHOME) yet. Spit-gpg2 will be used for GPG operations transparently
when verifying and signing software, don't worry.
- Top
```sh
qubesctl top.enable qubes-builder
qubesctl --targets=tpl-qubes-builder,dvm-qubes-builder,qubes-builder state.apply
qubesctl top.disable qubes-builder
```
- State
<!-- pkg:begin:post-install -->
```sh
qubesctl state.apply qubes-builder.create
qubesctl --skip-dom0 --targets=tpl-qubes-builder state.apply qubes-builder.install
qubesctl --skip-dom0 --targets=dvm-qubes-builder state.apply qubes-builder.configure-qubes-executor
qubesctl --skip-dom0 --targets=qubes-builder state.apply qubes-builder.configure
```
<!-- pkg:end:post-install -->
## Access Control
The policy is based on `qubes-builderv2/rpc/50-qubesbuilder.policy`.
Extra services added are `qubes.Gpg2`, `qusal.GitInit`, `qusal.GitFetch`,
`qusal.GitPush`, `qusal.SshAgent`.
Out of these services, if an argument `+qubes-builder` can be specified to
limit the scope, the action is `allowed`, else the action is to `ask`.
## Usage
The builder qube is named `qubes-builder.`
When using the Qubes Executor, configure the builder.yml `dispvm` option to
either `dom0` or `dvm-qubes-builder`:
```yaml
executor:
type: qubes
options:
dispvm: "dom0"
#dispvm: "dvm-qubes-builder"
```
Setting the Disposable VM to Dom0 works because it will use the
`default_dispvm` preference of `qubes-builder`, which is `dvm-qubes-builder`.
There are no further modifications needed to comply with this package. Consult
upstream documentation on how to use the Qubes OS Builder.
Reference in New Issue View Git Blame Copy Permalink