Difference between revisions of "Qubes"

From Legoktm
(→‎VMs: update)
(→‎dom0: copy paste)
Line 46: Line 46:
   
 
== dom0 ==
 
== dom0 ==
  +
In <code>/etc/qubes/guid.conf</code>:
  +
<pre>
  +
secure_copy_sequence = "Mod4-c";
  +
secure_paste_sequence = "Mod4-v";
  +
</pre>
  +
 
<code>/usr/local/bin/vault</code>, mapped to ctrl+shift+x
 
<code>/usr/local/bin/vault</code>, mapped to ctrl+shift+x
 
<pre>
 
<pre>

Revision as of 06:38, 31 March 2021

VMs

  • DD (km-d10-dev)
  • media (km-f33)
    • flatpak: handbrake, kdenlive, picard
  • personal (km-f33)
    • flatpak: Signal, xournalpp, hexchat, runelite, dolphinemu
  • fopf (km-f33)
  • school (km-f33)
  • dev (km-f33-dev)
  • gpg (km-f33)
    • no network
  • vault (km-f33-vault)
    • no network
  • vault-gpg (fedora-33)
    • no network
  • sys-riseup-vpn (km-d10-leap)

Template VMs

  • km-d10-dev: fork:
    • devscripts git-buildpackage dput-ng command-not-found gitk git-cola gir1.2-vte-2.91 (reportbug-gtk dep) webext-ublock-origin webext-https-everywhere dh-php php-dev lintian-brush lintian (from backports) dh-buildinfo apache2-dev ack
  • fedora-33: upstream
  • km-f33: fork:
    • enabled rpmfusion
    • fuse-exfat exfat-utils chromium ffmpeg vlc inkscape pcsc-tools mozilla-privacy-badger hugin filezilla shotwell youtube-dl libreoffice libgnome-keyring tree ack nano mozilla-https-everywhere mozilla-ublock-origin nextcloud-client-nautilus quassel-client mosh mono-core mono-devel mono-locale-extras mediainfo curl transmission-gtk
  • km-f33-dev:
    • enabled codium, pycharm-community, rpmfusion
    • quassel-client mozilla-https-everywhere mozilla-ublock-origin python3 python3.5 python3.6 python3.8 python3.9 python3.10 composer php npm tox fish pipenv git-cola gitk podman nano tree ack jq mosh mozilla-privacy-badger ffmpeg php-apcu ruby bind-utils devscripts poetry twine sqlite pycharm-community codium golang toolbox fpaste openssl-devel g++ vlc sqlite-devel php-gmp chromium redis mariadb-devel colordiff
  • km-f33-vault: (fork of minimal)
    • nano keepassxc qubes-gpg-split pinentry-gtk

Config

  • /etc/qubes-rpc/policy/qubes.InputKeyboard
    • sys-usb dom0 ask,default_target=dom0
  • /etc/qubes-rpc/policy/qubes.InputTablet
    • sys-usb dom0 allow
  • /etc/qubes-rpc/policy/qubes.Gpg
    • DD gpg allow
    • dev gpg allow
    • personal gpg allow
  • /etc/qubes-rpc/policy/qubes.GpgImportKey
    • DD gpg allow
    • dev gpg allow
    • personal gpg allow

dom0

In /etc/qubes/guid.conf:

secure_copy_sequence = "Mod4-c";
secure_paste_sequence = "Mod4-v";

/usr/local/bin/vault, mapped to ctrl+shift+x

#!/bin/sh
exec qvm-run vault keepassxc

Clock format: %a %F %r

Redshift, following https://www.bryceguinta.me/install-configure-and-autostart-redshift-on-qubes-40.html