diff options
| author | Casper <me@skylarcloud.xyz> | 2024-12-23 10:30:47 -0700 |
|---|---|---|
| committer | Casper <me@skylarcloud.xyz> | 2024-12-23 10:30:47 -0700 |
| commit | a6b6ddbdbe56a103374f7600c3c36f55adbad710 (patch) | |
| tree | cb2bed1d01c87e4e4a4b0bce8b91e1b59c82bf14 /README.md | |
| parent | c4562c5bb241ad8f5dcadd51ba429ca635293ada (diff) | |
implemented split-browser for web qubes
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..996e888 --- /dev/null +++ b/README.md @@ -0,0 +1,107 @@ +# Installation + +## Setup salt user-dirs + + # In dom0 + sudo qubesctl state.sls qubes.user-dirs + +I sometimes run into the issue described here on a new install: <https://github.com/QubesOS/qubes-issues/issues/8491>. The solution that works consistantly for me is: + + # In dom0 + ln -s /srv/salt/qubes/user-dirs.top /srv/salt/_tops/base/user-dirs.top + +## Clone my repo + +Open a terminal in some networked app qube (with git installed!), and clone my repository: + + # In dispXXXX + git clone https://git.skylarcloud.xyz/salt-repo.git + +## Move it to dom0 + +First, we'll turn the repo into an archive with tar: + + # In dispXXXX + tar -cf /tmp/salt-archive.tar salt-repo + +Then, in dom0: + + # in dom0 + # Pulls the content of the archive from dispXXXX to dom0 + sudo qvm-run --pass-io dispXXXX 'cat /tmp/salt-archive.tar' > /tmp/salt-archive.tar + + # Unpack the archive + sudo cd /tmp && tar -xf salt-archive.tar + + # Delete the default /srv/user_salt directory + # Make sure you haven't put anything important there + sudo rm -fr /srv/user_salt + + # Move the repo to /srv/user_salt + sudo mv /tmp/salt-repo /srv/user_salt + +## Change your username + +There's a variable in */wm/wm-setup.sls* that you should change to match your username. That file needs to write files to your home directory in dom0, and needs the username for those paths. + +## Apply the configuration + +There are many directories with .sls and .top files inside of them. You can enable a feature and apply it with just a couple commands: + + # In dom0 + sudo qubesctl top.enable wm.wm-setup # This enables the top file at /srv/user_salt/wm/wm-setup.top + sudo qubesctl state.apply # Applies dom0 states + sudo qubesctl --targets=tmpl-XXXX # Applies dom0 states and states for tmpl-XXXX + +# Features + +## 3isec + +Sets up the 3isec repository and graphical installer. This has lots of handy states I use for various utilities. + +## Chromium + +Creates *tmpl-chromium* and *web-yt*. I usually avoid Chromium, but YouTube performs better on it than Librewolf, so I use it for that site. + +Blueman is installed in *tmpl-chromium* so it’s easy to pass your bluetooth controller to *web-yt* and listen with bluetooth headphones. + +## Emacs + +Creates *tmpl-emacs* and two app qubes, *emacs-org* and *emacs-salt*, with Doom Emacs’ dependencies. I do all of my personal organization in Emacs org-mode, and *emacs-salt* is for editing my saltstack configuration. + +It also places two scripts in dom0, */usr/bin/fetch-salt-from-emacs* and */usr/bin/push-salt-to-emacs*. Run these as root in dom0 to easily move your repo back and forth as you please. + +## Email + +Creates *tmpl-email* and two app qubes, *email-personal* and *email-work*, with Thunderbird. + +## IRC + +Creates *tmpl-irc* and *irc* with Hexchat installed, for chatting on IRC over Tor. + +## SSH + +Creates *tmpl-ssh* and *ssh-vps*, simple qubes I use to ssh into my VPS with. + +## Torrenting + +Creates *tmpl-torrenting* and *bitz* with qBitTorrent installed, for torrenting. Route this qube's traffic through a VPN if you plan on downloading anything frowned upon in your jurisdicion (copyrighted movies for example). + +## Web + +This uses the *split-browser* package to securely store bookmarks and logins for use in disposable qubes. It creates *tmpl-web*, *web-dvm*, *tmpl-split-web*, and *split-web*, then sets them up for use with *split-browser*. + +Instructions on its use are here: https://github.com/rustybird/qubes-app-split-browser + +Other than *split-browser*, Firefox has no modifications. If you want to configure it permanently, for now you'll need to open it in *web-dvm*, make your configurations (themes, extensions, settings), then new disposables will inherit those modifications. + +## WM + +This does many things to set up a convenient i3 environment. + +- Installs a few packages in dom0 +- Moves my i3 config into place +- Prioritizes xfce4-terminal and st in */usr/bin/qubes-i3-sensible-terminal* +- Enables tap-to-click and natural scrolling +- Replaces dmenu with rofi + |