Maybe i am not alone with this problem:
The problem
I do stuff in my qubes and test out things. Of course i would like to keep track of changes with something like git.
Some qubes do not have a netvm, so a classical external git repo is out of the question.
How do you manage versioned stufff over all your qubes?
Solutions?
One can create one git qube and selectively allow access to the git over this simple thing.
But is this a good idea to begin with?
One could restrict qubes with tags, but some might be untrusted and therefore considered actively hostile against the git server.
So seperate accounts for each qube would be the best, but this is a massive management nightmare.
Having one git repo only locally per qube seems even more secure, but also as a much larger nightmare. Maybe this dragon can be tamed with a script in dom0 that is periodically searching all qubes for git repos and copies them to a special git-holding-qube?
I want to solve this in a reasonably secure fashion while still keeping usability acceptable™ and offfering easy transfer of repos, favorably a WUI and it should be somhow compatible with backup and restore stuff.
Maybe somebody else have solved this already, so if you know something, i would love to read your thoughts or click on arbitrary links