From 0261e2bbe1f89d15d4a6b7bec29a6f6ba75fbfe0 Mon Sep 17 00:00:00 2001
From: Casper <me@skylarcloud.xyz>
Date: Mon, 23 Dec 2024 11:24:25 -0700
Subject: added Whonix split-browser

---
 web/create-web-qubes.top           |   5 +-
 web/install-split-browser-disp.sls |   9 ++++
 web/install-split-browser.sls      |   9 ++++
 web/qvm-app.sls                    | 104 ++++++++++++++-----------------------
 web/qvm-tmpl.sls                   |   5 ++
 web/tmpl-pkgs.sls                  |  30 +----------
 web/tmpl-split-pkgs.sls            |  13 -----
 7 files changed, 68 insertions(+), 107 deletions(-)
 create mode 100644 web/install-split-browser-disp.sls
 create mode 100644 web/install-split-browser.sls
 delete mode 100644 web/tmpl-split-pkgs.sls

(limited to 'web')

diff --git a/web/create-web-qubes.top b/web/create-web-qubes.top
index 7d134e9..57f4ec0 100644
--- a/web/create-web-qubes.top
+++ b/web/create-web-qubes.top
@@ -4,6 +4,9 @@ user:
     - web.qvm-app # Creates web-dvm, split-web
   tmpl-web:
     - web.tmpl-pkgs # Installs tmpl-web pkgs
+    - web.install-split-browser-disp
     - web.tmpl-configure-split-firefox # Configures split-browser for FF
+  tmpl-whonix-ws:
+    - web.install-split-browser-disp
   tmpl-split-web:
-    - web.tmpl-split-pkgs # Installs tmpl-split-web pkgs
+    - web.install-split-browser # Installs tmpl-split-web pkgs
diff --git a/web/install-split-browser-disp.sls b/web/install-split-browser-disp.sls
new file mode 100644
index 0000000..f67e9cd
--- /dev/null
+++ b/web/install-split-browser-disp.sls
@@ -0,0 +1,9 @@
+browser--install-contrib-repo:
+  pkg.installed:
+    - pkgs:
+      - qubes-repo-contrib
+
+browser--install-split-browser-disp:
+  pkg.installed:
+    - pkgs:
+      - qubes-split-browser-disp
diff --git a/web/install-split-browser.sls b/web/install-split-browser.sls
new file mode 100644
index 0000000..a9bbf73
--- /dev/null
+++ b/web/install-split-browser.sls
@@ -0,0 +1,9 @@
+split-browser--install-contrib-repo:
+  pkg.installed:
+    - pkgs:
+      - qubes-repo-contrib
+
+split-browser--install-split-browser:
+  pkg.installed:
+    - pkgs:
+      - qubes-split-browser
diff --git a/web/qvm-app.sls b/web/qvm-app.sls
index 6d49a07..d05fd2e 100644
--- a/web/qvm-app.sls
+++ b/web/qvm-app.sls
@@ -1,4 +1,6 @@
-web--create-web-qube:
+# General-use Firefox qubes
+
+split-web--create-web-qube:
   qvm.vm:
     - name: web-dvm
     - present:
@@ -12,23 +14,20 @@ web--create-web-qube:
     - require:
       - qvm: web--create-template
 
-web-features_dvm:
+split-web-features_dvm:
   qvm.features:
     - name: web-dvm
     - disable:
       - service.cups
       - service.cups-browsed
       - service.tinyproxy
-    - set:
-      - menu-items: xfce4-terminal.desktop
-      - appmenus-dispvm: True
 
 split-web--create-qube:
   qvm.vm:
     - name: split-web
     - present:
       - template: tmpl-split-web
-      - label: gray
+      - label: black
     - prefs:
       - default-dispvm: web-dvm
       - netvm: none
@@ -38,64 +37,41 @@ split-web--create-qube:
     - require:
         - web--create-split-template
 
-# web--create-vps-admin-qube:
-#   qvm.vm:
-#     - name: web-vps-admin
-#     - present:
-#       - template: tmpl-web
-#       - label: blue
-#     - features:
-#       - set:
-#         - menu-items: librewolf.desktop
-#     - require:
-#       - qvm: web--create-template
-
-# web--create-home-admin-qube:
-#   qvm.vm:
-#     - name: web-home-admin
-#     - present:
-#       - template: tmpl-web
-#       - label: blue
-#     - features:
-#       - set:
-#         - menu-items: librewolf.desktop
-#     - require:
-#       - qvm: web--create-template
+# Split Whonix browsing qubes
 
-# web--create-banking-qube:
-#   qvm.vm:
-#     - name: web-banking
-#     - present:
-#       - template: tmpl-web
-#       - label: blue
-#     - features:
-#       - set:
-#         - menu-items: librewolf.desktop
-#     - require:
-#       - qvm: web--create-template
+split-tor--create-browsing-qube:
+  qvm.vm:
+    - name: split-tor-dvm
+    - present:
+      - template: tmpl-whonix-ws
+      - label: purple
+    - prefs:
+      - template_for_dispvms: True
+    - features:
+      - set:
+        - menu-items: xfce4-terminal
+    - require:
+      - qvm: split-tor--create-template
 
-# web--create-work-qube:
-#   qvm.vm:
-#     - name: web-work
-#     - present:
-#       - template: tmpl-web
-#       - label: blue
-#       - mem: 6000
-#       - vcpus: 4
-#     - features:
-#       - set:
-#         - menu-items: librewolf.desktop
-#     - require:
-#       - qvm: web--create-template
+split-tor-features_dvm:
+  qvm.features:
+    - name: split-tor-dvm
+    - disable:
+      - service.cups
+      - service.cups-browsed
+      - service.tinyproxy
 
-# web--create-shopping-qube:
-#   qvm.vm:
-#     - name: web-shopping
-#     - present:
-#       - template: tmpl-web
-#       - label: blue
-#     - features:
-#       - set:
-#         - menu-items: librewolf.desktop
-#     - require:
-#       - qvm: web--create-template
+split-tor--create-qube:
+  qvm.vm:
+    - name: split-tor
+    - present:
+      - template: tmpl-split-web
+      - label: black
+    - prefs:
+      - default-dispvm: split-tor-dvm
+      - netvm: none
+    - features:
+      - set:
+        - menu-items: split-browser.desktop split-browser-safest.desktop xterm.desktop
+    - require:
+        - web--create-split-template
diff --git a/web/qvm-tmpl.sls b/web/qvm-tmpl.sls
index 4aa9730..160bb43 100644
--- a/web/qvm-tmpl.sls
+++ b/web/qvm-tmpl.sls
@@ -3,6 +3,11 @@ web--create-template:
     - name: tmpl-web
     - source: debian-12-minimal
 
+split-tor--create-template:
+  qvm.clone:
+    - name: tmpl-whonix-ws
+    - source: whonix-workstation-17
+
 web--create-split-template:
   qvm.clone:
     - name: tmpl-split-web
diff --git a/web/tmpl-pkgs.sls b/web/tmpl-pkgs.sls
index 245d7ee..d65d1cd 100644
--- a/web/tmpl-pkgs.sls
+++ b/web/tmpl-pkgs.sls
@@ -1,9 +1,4 @@
-web--tmpl-split-browser-pkgs:
-  pkg.installed:
-    - pkgs:
-      - qubes-repo-contrib
-
-web--tmpl-pkgs:
+browser---minimal-tmpl-pkgs:
   pkg.installed:
     - pkgs:
       - qubes-core-agent-passwordless-root
@@ -11,27 +6,4 @@ web--tmpl-pkgs:
       - qubes-core-agent-networking
       - qubes-core-agent-thunar
       - pulseaudio-qubes
-      - qubes-split-browser-disp
       - firefox-esr
-
-# {% if grains['os_family']|lower == 'debian' %}
-
-# extrepo:
-#   pkg.installed
-
-# 'http_proxy=http://127.0.0.1:8082 https_proxy=http://127.0.0.1:8082 extrepo enable librewolf':
-#   cmd.run
-
-# {% else %}
-
-# 'dnf config-manager --add-repo https://rpm.librewolf.net/librewolf-repo.repo':
-#   cmd.run
-
-# {% endif %}
-
-# librewolf-updated:
-#   pkg.uptodate:
-#     - refresh: True
-
-# librewolf:
-#   pkg.installed
diff --git a/web/tmpl-split-pkgs.sls b/web/tmpl-split-pkgs.sls
deleted file mode 100644
index 9903014..0000000
--- a/web/tmpl-split-pkgs.sls
+++ /dev/null
@@ -1,13 +0,0 @@
-split-web--contrib-repo:
-  pkg.installed:
-    - pkgs:
-      - qubes-repo-contrib
-
-split-web--pkgs:
-  pkg.installed:
-    - pkgs:
-      - qubes-split-browser
-      # - qubes-core-agent-passwordless-root
-      # - qubes-mgmt-salt-vm-connector
-      # - qubes-core-agent-thunar
-      # - qubes-desktop-linux-common
-- 
cgit v1.2.3