Salting I2P

I downloaded, installed and ran qubes-task-manager, everything works great, albeit I had to read the instructions and a few posts here several times before I was successful. I was disappointed to find that not all of the configurations at GitHub - unman/shaker were included in the packages. Specifically the I2P set-up, can’t have everything done for you right :).

But if I am reading this correctly, I should be able to copy the I2P folder from Shaker into my /srv/salt directory and install this via qubesctl? Would this be as simple as running?

qubesctl state.apply i2p/clone
qubesctl state.apply i2p/create
qubesctl state.apply i2p/install

I assume the in.sh file has to be run at some point?
Thanks

Some note on my attempt and eventual success installing i2p:

sudo qubesctl state.apply i2p.clone
sudo qubesctl --skip-dom0 --targets=template-i2pstate.apply i2p.install
sudo qubesctl state.apply i2p.create

Notes: Will not install without having Unman’s Cacher installed. I assume it is something in this part of the install.sls

{% if salt['qvm.exists']('cacher') %}
{% if grains['os_family']|lower == 'debian' %}
{% if grains['nodename']|lower != 'host' %}
{% for repo in salt['file.find']('/etc/apt/sources.list.d/', name='*list') %}
<SNIP>
{% endif %}
{% endif %}
{% endif %}

Without Cacher installed the install fails, but all of the repository links are converted to “http://HTTPS///” anyway.
Even after installing Cacher the install fails, I had to manually convert the link inside i2p.list to use the “http://HTTPS///” format.
So now I have an sys-i2p Qube, I still have to figure out the in.sh…
thinking it will be something similar to:

 /srv/salt/syncthing/in.sh -a -p add sys-i2p tcp 4444
 /srv/salt/syncthing/in.sh -a -p add sys-i2p tcp 7657

and then add a qube with firefox configured to use i2p that connects to sys-i2p

Can someone fork this and replies to another thread -say “salting i2p”
It obviously doesn’t belong here.

1 Like

I’m hoping this ends up in a new thread.

Done.

Getting errors.

qubes-task-gui
Using sys-whonix as UpdateVM to download updates for Dom0; this may take some time...
*** ERROR while receiving updates:
Error canonicalizing /var/tmp/qubes-updates-tmpyl24_z7z.UNTRUSTED/3isec-qubes-sys-vpn-1.1-1.fc32.x86_64.rpm
--> if you want to use packages that were downloaded correctly, use dnf directly now

In [sys-whonix] sh, I get errors:

“Unable to detect release version (use ‘–releasever’ to specify release version)”
It lists repositories, and downloads successfully
then:
"Installing:
3i-sec-qubes-cacher…
3i-sec-qibes-sys-vpn
Get error that they are already downloaded
Then “NO KEY” error:
warning: /var/lib…/3isec-qbes-cacher…rpm: Header… Key ID… NO KEY
“Key imported successfully
Complete!”
The downloaded packages were saved in cache until the next successful transaction.
‘usr/lib/qubes/qrexec-client-vm dom-0 qubes.ReceiveUpdates /usr/lib/qubes/qfile-agent /var/lib/qubes/dom0-updates/pacakages/*rpm’ failed with exit code 1
Fetching update failed with code 1; press Enter to exit
Fetching update failed with code 1

@unman still getting errors.

Your key on github didn’t work. You have to download your key from another source.

Unman, thanks for all your hard work. Because quite a few of those who most need your “Simple Set-up of New Qubes and Software,” will be newbies:

Perhaps someone could prepare a script, or documentation at the beginning of:

https://qubes.3isec.org/tasks.html

as to getting the key installed correctly.

Unman, once again, thanks for all your excellent work.

normal for Whonix? I have no idea.

I’m bothered by this.
The key on github is the same key that you will find on keyservers.
It has the fingerprint that I have published.
What do you mean by “didn’t work”?
Did you check the fingerprint as instructed? What was the result?

1 Like

I’ve already tried to set out instructions and specific details of how to check
the key, copy it to dom0, and instal it in to dom0.
If there’s anything unclear on that page, please let me know, or
suggest changes.
I could provide a package to do this - but trusting the key (and me) is so
important that I think people need to take responsibility for that
themselves.

1 Like

Sorry @Unman I started out installing your Qubes Task Manager, and migrated to using one of your Salts from Shaker, I kind of lost the concept that the original thread was strictly related to the task manager.