#+title: README #+OPTIONS: num:nil toc:nil * Installation ** Setup salt user-dirs #+begin_src bash # In dom0 sudo qubesctl state.sls qubes.user-dirs #+end_src I sometimes run into the issue described here on a new install: https://github.com/QubesOS/qubes-issues/issues/8491. The solution that works consistantly for me is: #+begin_src bash # In dom0 ln -s /srv/salt/qubes/user-dirs.top /srv/salt/_tops/base/user-dirs.top #+end_src ** Clone my repo Open a terminal in some networked app qube (with git installed!), and clone my repository: #+begin_src bash # In dispXXXX git clone https://git.skylarcloud.xyz/salt-repo.git #+end_src ** Move it to dom0 First, we'll turn the repo into an archive with tar: #+begin_src bash # In dispXXXX tar -cf /tmp/salt-archive.tar salt-repo #+end_src Then, in dom0: #+begin_src bash # in dom0 # Pulls the content of the archive from dispXXXX to dom0 sudo qvm-run --pass-io dispXXXX 'cat /tmp/salt-archive.tar' > /tmp/salt-archive.tar # Unpack the archive sudo cd /tmp && tar -xf salt-archive.tar # Delete the default /srv/user_salt directory # Make sure you haven't put anything important there sudo rm -fr /srv/user_salt # Move the repo to /srv/user_salt sudo mv /tmp/salt-repo /srv/user_salt #+end_src ** Change your username There's a variable in //wm/wm-setup.sls/ that you should change to match your username. That file needs to write files to your home directory in dom0, and needs the username for those paths. ** Apply the configuration There are many directories with .sls and .top files inside of them. You can enable a feature and apply it with just a couple commands: #+begin_src bash # In dom0 sudo qubesctl top.enable wm.wm-setup # This enables the top file at /srv/user_salt/wm/wm-setup.top sudo qubesctl state.apply # Applies dom0 states sudo qubesctl --targets=tmpl-XXXX # Applies dom0 states and states for tmpl-XXXX #+end_src The first topfile you should enable is 3isec, some networked qubes will be configured to use sys-mullvad * Features ** 3isec Sets up the 3isec repository and graphical installer. I use this for sys-mullvad. ** Chromium Creates /tmpl-chromium/ and /web-yt/. I usually avoid Chromium, but YouTube performs better on it than Librewolf, so I use it for that. Blueman is installed in /tmpl-chromium/ so it's easy to pass your bluetooth controller to /web-yt/ and listen with bluetooth headphones. ** Emacs Creates /tmpl-emacs/ and two app qubes, /emacs-org/ and /emacs-salt/, with Doom Emacs' dependencies. I do all of my personal organization in Emacs org-mode, and /emacs-salt/ is for editing my saltstack configuration. It also places two scripts in dom0, //usr/bin/fetch-salt-from-emacs/ and //usr/bin/push-salt-to-emacs/. Run these as root in dom0 to easily move your repo back and forth as you please. ** Email Creates /tmpl-email/ and two app qubes, /email-personal/ and /email-work/, with Thunderbird. Networked over /sys-mullvad/ ** IRC Creates /tmpl-irc/ and /irc/ with Hexchat installed, for chatting on IRC over Tor. ** SSH Creates /tmpl-ssh/ and /ssh-vps/, simple qubes to ssh into my VPS with. ** Torrenting Creates /tmpl-torrenting/ and /bitz/ with qBitTorrent installed, for torrenting over /sys-mullvad/. ** Web Creates /tmpl-web/ and a few /web-XXX/ qubes, with Librewolf and networked over /sys-mullvad/. ** WM This does many things to set up a convenient i3 environment. - Installs a few packages in dom0 - Moves my i3 config into place - Prioritizes xfce4-terminal and st in //usr/bin/qubes-i3-sensible-terminal/ - Moves my xrandr screenlayout in place - Moves my nitrogen wallpaper files in place - Enables tap-to-click and natural scrolling - Replaces dmenu with rofi