diff options
| -rw-r--r-- | web/create-web-qubes.top | 5 | ||||
| -rw-r--r-- | web/install-split-browser-disp.sls | 9 | ||||
| -rw-r--r-- | web/install-split-browser.sls | 9 | ||||
| -rw-r--r-- | web/qvm-app.sls | 104 | ||||
| -rw-r--r-- | web/qvm-tmpl.sls | 5 | ||||
| -rw-r--r-- | web/tmpl-pkgs.sls | 30 | ||||
| -rw-r--r-- | web/tmpl-split-pkgs.sls | 13 |
7 files changed, 68 insertions, 107 deletions
diff --git a/web/create-web-qubes.top b/web/create-web-qubes.top index 7d134e9..57f4ec0 100644 --- a/web/create-web-qubes.top +++ b/web/create-web-qubes.top @@ -4,6 +4,9 @@ user: - web.qvm-app # Creates web-dvm, split-web tmpl-web: - web.tmpl-pkgs # Installs tmpl-web pkgs + - web.install-split-browser-disp - web.tmpl-configure-split-firefox # Configures split-browser for FF + tmpl-whonix-ws: + - web.install-split-browser-disp tmpl-split-web: - - web.tmpl-split-pkgs # Installs tmpl-split-web pkgs + - web.install-split-browser # Installs tmpl-split-web pkgs diff --git a/web/install-split-browser-disp.sls b/web/install-split-browser-disp.sls new file mode 100644 index 0000000..f67e9cd --- /dev/null +++ b/web/install-split-browser-disp.sls @@ -0,0 +1,9 @@ +browser--install-contrib-repo: + pkg.installed: + - pkgs: + - qubes-repo-contrib + +browser--install-split-browser-disp: + pkg.installed: + - pkgs: + - qubes-split-browser-disp diff --git a/web/install-split-browser.sls b/web/install-split-browser.sls new file mode 100644 index 0000000..a9bbf73 --- /dev/null +++ b/web/install-split-browser.sls @@ -0,0 +1,9 @@ +split-browser--install-contrib-repo: + pkg.installed: + - pkgs: + - qubes-repo-contrib + +split-browser--install-split-browser: + pkg.installed: + - pkgs: + - qubes-split-browser diff --git a/web/qvm-app.sls b/web/qvm-app.sls index 6d49a07..d05fd2e 100644 --- a/web/qvm-app.sls +++ b/web/qvm-app.sls @@ -1,4 +1,6 @@ -web--create-web-qube: +# General-use Firefox qubes + +split-web--create-web-qube: qvm.vm: - name: web-dvm - present: @@ -12,23 +14,20 @@ web--create-web-qube: - require: - qvm: web--create-template -web-features_dvm: +split-web-features_dvm: qvm.features: - name: web-dvm - disable: - service.cups - service.cups-browsed - service.tinyproxy - - set: - - menu-items: xfce4-terminal.desktop - - appmenus-dispvm: True split-web--create-qube: qvm.vm: - name: split-web - present: - template: tmpl-split-web - - label: gray + - label: black - prefs: - default-dispvm: web-dvm - netvm: none @@ -38,64 +37,41 @@ split-web--create-qube: - require: - web--create-split-template -# web--create-vps-admin-qube: -# qvm.vm: -# - name: web-vps-admin -# - present: -# - template: tmpl-web -# - label: blue -# - features: -# - set: -# - menu-items: librewolf.desktop -# - require: -# - qvm: web--create-template - -# web--create-home-admin-qube: -# qvm.vm: -# - name: web-home-admin -# - present: -# - template: tmpl-web -# - label: blue -# - features: -# - set: -# - menu-items: librewolf.desktop -# - require: -# - qvm: web--create-template +# Split Whonix browsing qubes -# web--create-banking-qube: -# qvm.vm: -# - name: web-banking -# - present: -# - template: tmpl-web -# - label: blue -# - features: -# - set: -# - menu-items: librewolf.desktop -# - require: -# - qvm: web--create-template +split-tor--create-browsing-qube: + qvm.vm: + - name: split-tor-dvm + - present: + - template: tmpl-whonix-ws + - label: purple + - prefs: + - template_for_dispvms: True + - features: + - set: + - menu-items: xfce4-terminal + - require: + - qvm: split-tor--create-template -# web--create-work-qube: -# qvm.vm: -# - name: web-work -# - present: -# - template: tmpl-web -# - label: blue -# - mem: 6000 -# - vcpus: 4 -# - features: -# - set: -# - menu-items: librewolf.desktop -# - require: -# - qvm: web--create-template +split-tor-features_dvm: + qvm.features: + - name: split-tor-dvm + - disable: + - service.cups + - service.cups-browsed + - service.tinyproxy -# web--create-shopping-qube: -# qvm.vm: -# - name: web-shopping -# - present: -# - template: tmpl-web -# - label: blue -# - features: -# - set: -# - menu-items: librewolf.desktop -# - require: -# - qvm: web--create-template +split-tor--create-qube: + qvm.vm: + - name: split-tor + - present: + - template: tmpl-split-web + - label: black + - prefs: + - default-dispvm: split-tor-dvm + - netvm: none + - features: + - set: + - menu-items: split-browser.desktop split-browser-safest.desktop xterm.desktop + - require: + - web--create-split-template diff --git a/web/qvm-tmpl.sls b/web/qvm-tmpl.sls index 4aa9730..160bb43 100644 --- a/web/qvm-tmpl.sls +++ b/web/qvm-tmpl.sls @@ -3,6 +3,11 @@ web--create-template: - name: tmpl-web - source: debian-12-minimal +split-tor--create-template: + qvm.clone: + - name: tmpl-whonix-ws + - source: whonix-workstation-17 + web--create-split-template: qvm.clone: - name: tmpl-split-web diff --git a/web/tmpl-pkgs.sls b/web/tmpl-pkgs.sls index 245d7ee..d65d1cd 100644 --- a/web/tmpl-pkgs.sls +++ b/web/tmpl-pkgs.sls @@ -1,9 +1,4 @@ -web--tmpl-split-browser-pkgs: - pkg.installed: - - pkgs: - - qubes-repo-contrib - -web--tmpl-pkgs: +browser---minimal-tmpl-pkgs: pkg.installed: - pkgs: - qubes-core-agent-passwordless-root @@ -11,27 +6,4 @@ web--tmpl-pkgs: - qubes-core-agent-networking - qubes-core-agent-thunar - pulseaudio-qubes - - qubes-split-browser-disp - firefox-esr - -# {% if grains['os_family']|lower == 'debian' %} - -# extrepo: -# pkg.installed - -# 'http_proxy=http://127.0.0.1:8082 https_proxy=http://127.0.0.1:8082 extrepo enable librewolf': -# cmd.run - -# {% else %} - -# 'dnf config-manager --add-repo https://rpm.librewolf.net/librewolf-repo.repo': -# cmd.run - -# {% endif %} - -# librewolf-updated: -# pkg.uptodate: -# - refresh: True - -# librewolf: -# pkg.installed diff --git a/web/tmpl-split-pkgs.sls b/web/tmpl-split-pkgs.sls deleted file mode 100644 index 9903014..0000000 --- a/web/tmpl-split-pkgs.sls +++ /dev/null @@ -1,13 +0,0 @@ -split-web--contrib-repo: - pkg.installed: - - pkgs: - - qubes-repo-contrib - -split-web--pkgs: - pkg.installed: - - pkgs: - - qubes-split-browser - # - qubes-core-agent-passwordless-root - # - qubes-mgmt-salt-vm-connector - # - qubes-core-agent-thunar - # - qubes-desktop-linux-common |