I want a development environment that can
- Run Jetbrain’s PyCharm IDE
- Install python libraries with Anaconda (
conda install numpy...) - Push commits to github
- Build and read Sphinx documentation
I want to avoid:
- Jetbrain’s telemetry
- Compromised libraries from Anaconda stealing data from me
- Someone impersonates me and interacts with my github repositories.
I am thinking about:
- Qube A: PyCharm, firefox, anaconda, no internet, git. Qube A is the development environment. qvm-copy the code to Qube C.
- Qube B: anaconda, internet. Qubes B would manage anaconda environments and qvm-copy them to Qube A. The firewall only allows downloading python libraries with anaconda.
- Qube C: xterm, git, qubes-gpg-split, internet. Qube C enables git push. The firewall only allows pushing commits to github. Qube C also has the ssh key for pushing to github.
- Qube C-gpg. This qube is for split-gpg with subkey
Is there a better way?