Can you share the bash script? I am also looking for some automation
I’m glad you find cacher useful. KDE is,of course, excellent in Qubes.
Rather than go through each individually, I could ship a batch file to
disable the service.
I do this myself,but the topic is still being hashed over here in the
Forum, how best to deal with updates in qubes with the cacher installed.
I’ve added some new packages to provide:
a central sys-git to hold repositories - policy file controls access by
qube and repository;
a template with software useful for text to speech use;
a split monero wallet;
syncthing - this includes a syncthing qube with net access, and a qrexec
service to run syncthing from other qubes,including those with no netvm.
More details are available in the Qubes Task Manager.
Sources is available on github
It would be more useful if this topic were kept for installation
problems of the Task Manager, and suggestions for packages to be
included, or contributions.
Issues with individual packages are best dealt with in a topic under a
clear title in User Support.
I’ve been (unsuccessfully) trying to create a sys-git for quite a while. Have you gotten around to publishing the process in your notes?
Generally you create a simple systemd service like this, to start the
agent,and load the key
[Unit] Description=SSH agent [Service] Type=oneshot Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK ExecStart=/usr/bin/ssh-add [key] [Install] WantedBy=default.target
You’ll need to adapt this to the socket value you use for the agent - you
can see this in (e.g)
work.agent.sh - and I haven’t tested it in any
It wont do where you have passwords on the keys.
I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
No. It’s a little niche for the notes, and it’s basically documented here
All the work is done by qubes.Git and git-qrexec, which I’ve
generalised, and slightly adapted to allow for granular policy control.
My contribution is minimal.
I had to change this slightly to (note the
ExecStart => ExecStartPost):
[Unit] Description=SSH agent [Service] Type=oneshot Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK ExecStartPost=/usr/bin/ssh-add [key] [Install] WantedBy=default.target
Works like a charm. Thanks!
For anyone who was as confused as me, certain of these setups assume that you have already set up the cacher. Once I did that they worked fine, but before that they failed. So try that if you’re having problems with them!
Can you tell me for which you found this?
All of the template repo salting is conditional on there being a
“cacher” qube - otherwise the repo definitions should be left as they are.
If you found this not to be the case, then it’s a bug that needs to be
fixed. (Although I advocate for using a caching proxy, I don’t intend
to enforce it.)
i forget which repo, but yes it happen to me too.
Thanks - it looks as if it is the Pihole and Share packages that are
affected - this is wrong.
I’ll fix it.
4 posts were split to a new topic: Salting I2P
so happy you did this
perpare for r4.2 repo? so we dont need to change releasever.
6 posts were merged into an existing topic: Salting I2P
Not sure if it’s just me, but I’m getting 404 when trying to download the RPM from https://qubes.3isec.org/3isec-qubes-task-manager-0.1-1.x86_64.rpm. Is that still the way to install the tool? (I’ve already installed the keys) Or can it just be installed via dnf in dom0 now? (shiver up my spine)
if you had type the unman repo in dom0, and save key under /etc/pki…
you can just run `sudo qubes-dom0-update 3isec-qubes-task-manager’
This is a great idea to include the qubes-app-split-browser!
I would really like it we had this for Firefox with arkenfox integrated into the Qube and a cron job/script to update arkenfox every day or at each boot.