1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
#+title: README
#+OPTIONS: num:nil toc:nil
* Installation
** Setup salt user-dirs
#+begin_src bash
# In dom0
sudo qubesctl state.sls qubes.user-dirs
#+end_src
I sometimes run into the issue described here on a new install: https://github.com/QubesOS/qubes-issues/issues/8491. The solution that works consistantly for me is:
#+begin_src bash
# In dom0
ln -s /srv/salt/qubes/user-dirs.top /srv/salt/_tops/base/user-dirs.top
#+end_src
** Clone my repo
Open a terminal in some networked app qube (with git installed!), and clone my repository:
#+begin_src bash
# In dispXXXX
git clone https://git.skylarcloud.xyz/salt-repo.git
#+end_src
** Move it to dom0
First, we'll turn the repo into an archive with tar:
#+begin_src bash
# In dispXXXX
tar -cf /tmp/salt-archive.tar salt-repo
#+end_src
Then, in dom0:
#+begin_src bash
# in dom0
# Pulls the content of the archive from dispXXXX to dom0
sudo qvm-run --pass-io dispXXXX 'cat /tmp/salt-archive.tar' > /tmp/salt-archive.tar
# Unpack the archive
sudo cd /tmp && tar -xf salt-archive.tar
# Delete the default /srv/user_salt directory
# Make sure you haven't put anything important there
sudo rm -fr /srv/user_salt
# Move the repo to /srv/user_salt
sudo mv /tmp/salt-repo /srv/user_salt
#+end_src
** Change your username
There's a variable in //wm/wm-setup.sls/ that you should change to match your username. That file needs to write files to your home directory in dom0, and needs the username for those paths.
** Apply the configuration
There are many directories with .sls and .top files inside of them. You can enable a feature and apply it with just a couple commands:
#+begin_src bash
# In dom0
sudo qubesctl top.enable wm.wm-setup # This enables the top file at /srv/user_salt/wm/wm-setup.top
sudo qubesctl state.apply # Applies dom0 states
sudo qubesctl --targets=tmpl-XXXX # Applies dom0 states and states for tmpl-XXXX
#+end_src
The first topfile you should enable is 3isec, some networked qubes will be configured to use sys-mullvad
* Features
** 3isec
Sets up the 3isec repository and graphical installer. I use this for sys-mullvad.
** Chromium
Creates /tmpl-chromium/ and /web-yt/. I usually avoid Chromium, but YouTube performs better on it than Librewolf, so I use it for that.
Blueman is installed in /tmpl-chromium/ so it's easy to pass your bluetooth controller to /web-yt/ and listen with bluetooth headphones.
** Emacs
Creates /tmpl-emacs/ and two app qubes, /emacs-org/ and /emacs-salt/, with Doom Emacs' dependencies. I do all of my personal organization in Emacs org-mode, and /emacs-salt/ is for editing my saltstack configuration.
It also places two scripts in dom0, //usr/bin/fetch-salt-from-emacs/ and //usr/bin/push-salt-to-emacs/. Run these as root in dom0 to easily move your repo back and forth as you please.
** Email
Creates /tmpl-email/ and two app qubes, /email-personal/ and /email-work/, with Thunderbird. Networked over /sys-mullvad/
** IRC
Creates /tmpl-irc/ and /irc/ with Hexchat installed, for chatting on IRC over Tor.
** SSH
Creates /tmpl-ssh/ and /ssh-vps/, simple qubes to ssh into my VPS with.
** Torrenting
Creates /tmpl-torrenting/ and /bitz/ with qBitTorrent installed, for torrenting over /sys-mullvad/.
** Web
Creates /tmpl-web/ and a few /web-XXX/ qubes, with Librewolf and networked over /sys-mullvad/.
** WM
This does many things to set up a convenient i3 environment.
- Installs a few packages in dom0
- Moves my i3 config into place
- Prioritizes xfce4-terminal and st in //usr/bin/qubes-i3-sensible-terminal/
- Moves my xrandr screenlayout in place
- Moves my nitrogen wallpaper files in place
- Enables tap-to-click and natural scrolling
- Replaces dmenu with rofi
|
