From 81f5417313a7286e776235ee82e43b57e2b359eb Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Fri, 20 Dec 2024 17:27:47 -0800 Subject: [PATCH 1/4] qubes split gpg/ssh setup --- qubes/.config/qubes/appvm/rw/config/gpg-split-domain | 1 + .../qubes/appvm/rw/config/qubes-bind-dirs.d/50_user.conf | 2 ++ qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.Gpg | 1 + qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.SshAgent | 1 + 4 files changed, 5 insertions(+) create mode 100644 qubes/.config/qubes/appvm/rw/config/gpg-split-domain create mode 100644 qubes/.config/qubes/appvm/rw/config/qubes-bind-dirs.d/50_user.conf create mode 100644 qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.Gpg create mode 100644 qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.SshAgent diff --git a/qubes/.config/qubes/appvm/rw/config/gpg-split-domain b/qubes/.config/qubes/appvm/rw/config/gpg-split-domain new file mode 100644 index 0000000..4c0870e --- /dev/null +++ b/qubes/.config/qubes/appvm/rw/config/gpg-split-domain @@ -0,0 +1 @@ +vault diff --git a/qubes/.config/qubes/appvm/rw/config/qubes-bind-dirs.d/50_user.conf b/qubes/.config/qubes/appvm/rw/config/qubes-bind-dirs.d/50_user.conf new file mode 100644 index 0000000..3804081 --- /dev/null +++ b/qubes/.config/qubes/appvm/rw/config/qubes-bind-dirs.d/50_user.conf @@ -0,0 +1,2 @@ +binds+=('/var/lib/docker') +binds+=('/var/lib/containerd') diff --git a/qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.Gpg b/qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.Gpg new file mode 100644 index 0000000..9f6f953 --- /dev/null +++ b/qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.Gpg @@ -0,0 +1 @@ +@anyvm @anyvm ask default_target=vault diff --git a/qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.SshAgent b/qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.SshAgent new file mode 100644 index 0000000..9f6f953 --- /dev/null +++ b/qubes/.config/qubes/dom0/etc/qubes-rpc/policy/qubes.SshAgent @@ -0,0 +1 @@ +@anyvm @anyvm ask default_target=vault From cbe349674fa0f8c11bdae4f6994b21ae02e81469 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Fri, 20 Dec 2024 17:29:48 -0800 Subject: [PATCH 2/4] xprofile config --- X/.Xresources | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 X/.Xresources diff --git a/X/.Xresources b/X/.Xresources new file mode 100644 index 0000000..732b4a5 --- /dev/null +++ b/X/.Xresources @@ -0,0 +1,47 @@ +*background: #002b36 +*foreground: #657b83 +!!*fading: 40 +*fadeColor: #002b36 +*cursorColor: #93a1a1 +*pointerColorBackground: #586e75 +*pointerColorForeground: #93a1a1 + +!! black dark/light +*color0: #073642 +*color8: #002b36 + +!! red dark/light +*color1: #dc322f +*color9: #cb4b16 + +!! green dark/light +*color2: #859900 +*color10: #586e75 + +!! yellow dark/light +*color3: #b58900 +*color11: #657b83 + +!! blue dark/light +*color4: #268bd2 +*color12: #839496 + +!! magenta dark/light +*color5: #d33682 +*color13: #6c71c4 + +!! cyan dark/light +*color6: #2aa198 +*color14: #93a1a1 + +!! white dark/light +*color7: #eee8d5 +*color15: #fdf6e3 + +!! HiDPI +Xft.autohint: 0 +Xft.lcdfilter: lcddefault +Xft.hintstyle: hintfull +Xft.hinting: 1 +Xft.antialias: 1 +Xft.rgba: rgb From f6a4c570639f7940f4dfcdfa5a21354729eb71fb Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Fri, 20 Dec 2024 17:30:27 -0800 Subject: [PATCH 3/4] gitconfig qubes --- git/.gitconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git/.gitconfig b/git/.gitconfig index 29c79e3..f53ed6c 100644 --- a/git/.gitconfig +++ b/git/.gitconfig @@ -14,7 +14,7 @@ decorate = true abbrevCommit = true [gpg] - program = .local/bin/git-gpg + program = qubes-gpg-client-wrapper [init] defaultBranch = main [remote "origin"] From fb3eab0aac3b645c164c07d7c316a413a39ee9b6 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Fri, 20 Dec 2024 17:32:06 -0800 Subject: [PATCH 4/4] zsh qubes conf --- zsh/.zshenv | 6 ------ 1 file changed, 6 deletions(-) diff --git a/zsh/.zshenv b/zsh/.zshenv index 3899432..85ca501 100644 --- a/zsh/.zshenv +++ b/zsh/.zshenv @@ -7,18 +7,12 @@ export LC_CTYPE="en_US.UTF-8" # Apply QubesOS specific configuration if command -v qubesdb-read &> /dev/null; then - export QUBES_GPG_DOMAIN="vault"; export SSH_AUTH_SOCK="/home/${USER}/.SSH_AGENT_${QUBES_GPG_DOMAIN}"; - git config --global gpg.program qubes-gpg-client-wrapper; -else - # Always use gpg2 - [[ -f /usr/bin/gpg2 ]] && alias gpg="/usr/bin/gpg2" fi alias vi="nvim" alias vim="nvim" -path=("$PYENV_ROOT/bin" $path) path=("$HOME/.local/bin" $path) path=($^path(N)) # remove paths that don't exist