shaker/monero.spec

Name:           3isec-qubes-split-monero
Version:       	0.2
Release:        1%{?dist}
Summary:        Create a split monero wallet in Qubes

License:        GPLv3+
SOURCE0:	      monero

%description
This package creates an offline Monero wallet, which connects to a
Monero daemon over qrexec. All traffic from the daemon is forced to run
over Tor.
It follows the method detailed in the Monero docs:
 https://www.getmonero.org/resources/user-guides/cli_wallet_daemon_isolation_qubes_whonix.html

The package creates a qube called monero-wallet-ws to hold the wallet,
and monerod-ws for the monerod daemon. The netvm for this qube is set
to sys-whonix, so traffic should pass over Tor. (monero-wallet-ws has no netvm.)

Traffic between the daemon and the wallet runs over qrexec, controlled
by an entry in the policy file at /etc/qubes/policy/30-user.policy

You can create multiple wallets by cloning the wallet, and adding policy entries.
You can also clone the daemon and connect them to different Tor gateways.

If you remove the package, the salt files will be removed.
The Wallet qube will NOT be removed.


%install
rm -rf %{buildroot}
mkdir -p %{buildroot}/srv/salt
cp -rv %{SOURCE0}/  %{buildroot}/srv/salt

%files
%defattr(-,root,root,-)
/srv/salt/monero/*

%post
if [ $1 -eq 1 ]; then
  qubesctl state.apply monero.create
  qubesctl --skip-dom0 --targets=monerod-ws state.apply monero.configure
  qubesctl --skip-dom0 --targets=monero-wallet-ws state.apply monero.configure_wallet
fi

%postun
if [ $1 -eq 0 ]; then
fi

%changelog
* Mon Feb 20 2023 unman <unman@thirdeyesecurity.org> - 1.02
- Use pillar for cacher to determine repo changes
* Wed Oct 05 2022 unman <unman@thirdeyesecurity.org> - 0.1
- First Build
Monero - typo in spec 2022-10-11 11:09:47 -04:00			`Name: 3isec-qubes-split-monero`
Update spec files for pillar use 2023-02-21 08:52:35 -05:00			`Version: 0.2`
Monero - spec file 2022-10-11 03:44:40 -04:00			`Release: 1%{?dist}`
			`Summary: Create a split monero wallet in Qubes`

			`License: GPLv3+`
			`SOURCE0: monero`

			`%description`
			`This package creates an offline Monero wallet, which connects to a`
			`Monero daemon over qrexec. All traffic from the daemon is forced to run`
			`over Tor.`
			`It follows the method detailed in the Monero docs:`
			`https://www.getmonero.org/resources/user-guides/cli_wallet_daemon_isolation_qubes_whonix.html`

			`The package creates a qube called monero-wallet-ws to hold the wallet,`
			`and monerod-ws for the monerod daemon. The netvm for this qube is set`
Housekeeping. Update spec files 2022-11-14 10:24:20 -05:00			`to sys-whonix, so traffic should pass over Tor. (monero-wallet-ws has no netvm.)`
Monero - spec file 2022-10-11 03:44:40 -04:00
			`Traffic between the daemon and the wallet runs over qrexec, controlled`
			`by an entry in the policy file at /etc/qubes/policy/30-user.policy`

			`You can create multiple wallets by cloning the wallet, and adding policy entries.`
			`You can also clone the daemon and connect them to different Tor gateways.`

			`If you remove the package, the salt files will be removed.`
			`The Wallet qube will NOT be removed.`


			`%install`
			`rm -rf %{buildroot}`
			`mkdir -p %{buildroot}/srv/salt`
			`cp -rv %{SOURCE0}/ %{buildroot}/srv/salt`

			`%files`
			`%defattr(-,root,root,-)`
			`/srv/salt/monero/*`

			`%post`
			`if [ $1 -eq 1 ]; then`
			`qubesctl state.apply monero.create`
			`qubesctl --skip-dom0 --targets=monerod-ws state.apply monero.configure`
			`qubesctl --skip-dom0 --targets=monero-wallet-ws state.apply monero.configure_wallet`
			`fi`

			`%postun`
			`if [ $1 -eq 0 ]; then`
			`fi`

			`%changelog`
Update spec files for pillar use 2023-02-21 08:52:35 -05:00			`* Mon Feb 20 2023 unman <unman@thirdeyesecurity.org> - 1.02`
			`- Use pillar for cacher to determine repo changes`
Monero - spec file 2022-10-11 03:44:40 -04:00			`* Wed Oct 05 2022 unman <unman@thirdeyesecurity.org> - 0.1`
			`- First Build`