Git-Mirrors/shaker
1
0
Fork 0
mirror of https://github.com/unman/shaker.git synced 2025-02-18 13:44:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

qubes-ssh SSH server over qrexec for file sharing

Browse Source
This commit is contained in:
unman 2021-02-05 14:25:27 +00:00
parent 35b50d2d12
commit 10129a224c
No known key found for this signature in database
GPG Key ID: FDD1B8244731B36C
8 changed files with 118 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
share/clone.sls Normal file
View File

@ -0,0 +1,9 @@
include:
- template-debian-10-minimal
qvm-clone-id:
qvm.clone:
- require:
- sls: template-debian-10-minimal
- name: template-share
- source: debian-10-minimal

4
share/clone.top Normal file
View File

@ -0,0 +1,4 @@
base:
dom0:
- match: nodegroup
- share.clone

21
share/configure.sls Normal file
View File

@ -0,0 +1,21 @@
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
/rw/config/rc.local:
file.append:
- text: |
systemctl unmask ssh
systemctl start ssh
Setup:
cmd.run:
- name: 'mkdir /home/user/.ssh'
- runas: user
- creates: /home/user/.ssh
Create_share:
cmd.run:
- name: |
mkdir /home/tx
chmod 777 /home/tx
- runas: root
- creates: /home/tx

5
share/configure.top Normal file
View File

@ -0,0 +1,5 @@
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
base:
share:
- share.configure

32
share/create.sls Normal file
View File

@ -0,0 +1,32 @@
include:
- share.clone
qvm-present-id:
qvm.present:
- name: share
- template: template-share
- label: gray
qvm-prefs-id:
qvm.prefs:
- name: share
- netvm: none
- memory: 400
- maxmem: 800
- vcpus: 2
qvm-features-id:
qvm.features:
- name: share
- disable:
- service.cups
- service.cups-browsed
'qvm-volume extend share:private 40G' :
cmd.run
update_file:
file.prepend:
- name: '/etc/qubes-rpc/policy/qubes.sshfs'
- text: '@anyvm @anyvm ask,default_target=share'

4
share/create.top Normal file
View File

@ -0,0 +1,4 @@
base:
dom0:
- match: nodegroup
- share.create

38
share/install.sls Normal file
View File

@ -0,0 +1,38 @@
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
/etc/apt/sources.list:
file.replace:
- pattern: 'https:'
- repl: 'http://HTTPS/'
- flags: [ 'IGNORECASE', 'MULTILINE' ]
/etc/apt/sources.list.d/qubes-r4.list:
file.replace:
- pattern: 'https:'
- repl: 'http://HTTPS/'
- flags: [ 'IGNORECASE', 'MULTILINE' ]
allow-testing:
file.uncomment:
- name: /etc/apt/sources.list.d/qubes-r4.list
- regex: ^deb\s.*qubes-os.org.*-testing
- backup: false
installed:
pkg.installed:
- pkgs:
- openssh-server
- socat
disable:
cmd.run:
- name: |
systemctl stop ssh
systemctl disable ssh
systemctl mask ssh
/etc/qubes-rpc/qubes.ssh:
file.append:
- text: |
#!/bin/sh
exec socat STDIO TCP:localhost:22

5
share/install.top Normal file
View File

@ -0,0 +1,5 @@
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
base:
template-share:
- share.install