Skip to content

Instantly share code, notes, and snippets.

View bcduggan's full-sized avatar

Brian Duggan bcduggan

7 followers · 20 following
View GitHub Profile
@bcduggan
bcduggan / automatically-activate-qubes-debian-12-minimal-user-session.md
Last active March 5, 2025 13:46
Automatically activate user session with loginctl in Qubes debian-12-minimal template ([#7689](https://github.com/QubesOS/qubes-issues/issues/7689) workaround)

Automatically activate user session with loginctl in Qubes debian-12-minimal template (#7689 workaround)

debian-12-minimal templates in Qubes don't recognize USB devices by default. They require the qubes-usb-proxy package. But a longstanding issue ((#7689) prevents users from interacting with connected USB devices. Qubes documentation for Debian miminal templates describes manually using loginctl to activate the current user session to resolve this. But it doesn't describe a way to automatically activate the user session.

Until the team resolves #7689, I'm using this method to automatically activate the user session on debian-12-minimal templates. It relies on the rc.local script to execute commands on qube

@bcduggan
bcduggan / instantiate-qubes-rpc-for-systemd-services-with-symlinks.md
Last active March 5, 2025 13:12
Instantiate Qubes RPCs and clients for systemd services with symlinks
@bcduggan
bcduggan / 00-README-git-remote-qubes.md
Last active February 15, 2025 03:33
Qubes RPC service for git remotes

Qubes RPC for git remotes over qrexec

This gist describes a set of configurations to implement a new set of Qubes RPCs, qubes.GitUploadPack and qubes.GitReceivePack. These RPCs allow a client qube to clone, fetch, push, etc from local repositories to repositories on service qubes over qrexec. Qubes policy can control ro (clone, fetch, etc) and rw (push, etc) access per-repository.

The RPCs only allow access to git repositories on the service qube filesystem. They do not connect the client qube to internet git servers or forges.

However, the service qube can mount directories of git repositories to its filesystem from any remote storage service.

Purpose

@bcduggan
bcduggan / qubes-salt-pillar-tags.md
Last active May 30, 2024 04:55
Target Qubes VMs with tags in Salt Pillar data

Target Qubes VMs with tags in Salt Pillar data

Qubes allows users to target VMs in top files using pillar data:

base:
  qubes:type:app:
    - match: pillar
    - a_state
@bcduggan
bcduggan / openpgp-key-transition-statement-5EEBC6DAB95FF8610CBF401156A1C2EEA520ECEB.txt.asc
Created January 22, 2018 14:24
OpenPGP Key Transition Statement 5EEBC6DAB95FF8610CBF401156A1C2EEA520ECEB
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
OpenPGP Key Transition Statement for Brian C. Duggan
I have created a new OpenPGP key and will transition away from my old
key. I have no reason to belive that my old key has been
compromised. However, I have revoked it because the new key supersedes
it. Starting now, I will make all signatures with the new
key. Starting now, please encrypt data that you intend to send to me
@bcduggan
bcduggan / keybase.md
Created November 20, 2016 22:25

Keybase proof

I hereby claim:

  • I am bcduggan on github.
  • I am bcduggan (https://keybase.io/bcduggan) on keybase.
  • I have a public key whose fingerprint is CB26 03A6 423F AB00 1D12 ABCC 99CB D800 8AE8 179B

To claim this, I am signing this object: