qusal
Table of Contents
Description
Qusal - Salt Formulas for Qubes OS R4.1.
Qusal' goal:
- All global preferences customized to use qubes based on minimal templates;
- All service templates with only the necessary programs installed;
- Focus on tasks and usability
Each project is in a separate directory, but they may interact with other projects.
User policies should always be set on /etc/qubes/policy.d/30-user.policy as this file will take precedence over the packaged policy.
Qubes global settings (qubes-prefs) that will be managed:
clockvm : disp-sys-net or sys-net default_audiovm : dom0 # TODO default_dispvm : reader default_netvm : sys-pihole or sys-firewall or disp-sys-firewall management_dispvm : dvm-mgmt updatevm : sys-pihole or sys-firewall or disp-sys-firewall
Installation
Clone this repository:
git clone https://github.com/ben-grande/qusal.git ~/qusal
git clone ssh://git@github.com/ben-grande/qusal.git ~/qusal
Copy this repository from some qube to Dom0 from Dom0:
mkdir -p ~/QubesIncoming/QUBE
qvm-run -p <QUBE> tar -cC </PATH/TO> qusal | tar -xvC ~/QubesIncoming/QUBE qusal
Example copying repository from the dev qube to Dom0 by running in Dom0:
mkdir -p ~/QubesIncoming/dev
qvm-run -p <QUBE> tar -cC /home/user qusal | tar -xvC ~/QubesIncoming/QUBE qusal
Copy the files to the Salt directories:
cd qusal
./setup.sh
The RPM packaging is not ready, help wanted for automatic generation.
Format
File naming
- Every State file
.slsmust have a Top file.top. This ensures that every state can be applied with top. - Every project must have a
init.top, it facilitates applying every state by enabling a single top file. - State file naming should be common between the projects, it helps understand the project as if it was any other.
- Files names and state IDs should use
-as separator, not_.
Readme
- Every project should have a README.md with at least the following sections: Table of Contents, Description, Installation, Access Control (if changed Qrexec policy), Usage.
Qube naming
- Qube name format:
- TemplateVM:
tpl-NAME - StandaloneVM:
NAME - AppVM:
NAME - DispVM:
disp-NAME - DispVM Template (AppVM):
dvm-NAME - Service qubes (not a class):
sys-NAME
- Label:
- Black (Ultimately trusted): You must trust Dom0, Templates, Vaults, Management qubes, these qubes control your system and hold valuable information. Examples: dom0, tpl-ssh, vault, default-mgmt-dvm.
- Gray (Fully trusted): Trusted storage with extra RPC services that allow certain operations to be made by the client and executed on the server. Examples: sys-cacher, sys-git, sys-pgp, sys-ssh-agent.
- Purple, Blue, Green, Yellow (Relatively trusted per domain): Can be set per user discretion, normally separated per domain (work, clients, personal).
- Orange (Slightly trusted) Controls the flow of data to the client, normally a firewall. Examples: sys-firewall, sys-vpn, sys-pihole.
- Red (Untrusted): Holds untrusted data (PCI devices, untrusted programs, disposables for opening untrusted files or web pages). Examples: sys-net, sys-usb, disp-sys-usb, disp-browser.
Qrexec
- Don't use
*for source and destination, use@anyvminstead - Target qube for policies must be
@default. It allows for the real target to be set by Dom0 via thetarget=redirection parameter, instead of having to modify the client to target a different server viaqrexec-client-vm. - Target qube for client script must default to
@default, but other targets must be allowed via parameters.
Copyright
Each project has a README.md containing the license name and credits to the copyright owners.