On Sunday, March 4, 2018 at 4:46:53 PM UTC+1, brandonm...@gmail.com wrote: > Hi, > > So I'm running Qubes on 2 different machines it's amazing. One thing I have > never been able to figure out though is how to run WordPress to develop > multiple sites. > > I am familiar with Vagrant but it requires Virtualbox however since you can > run HVM's you shouldn't need vVirtualbox. > > Any assistance would be much appreciated. > > Kind Regards,
I'm not entirely sure I understand the question though, maybe it's because of my lack of insight on this kind of development. But isn't what you seek just a matter of making multiple of VM's and run them next to each others? But you already seem aware of this right? So what is the question? As for multiple VM's for development, you can take this a step further and isolate them in their own little Qubes network 'playground or sandbox', so that one or more VM's acts as a server, and the other VM's acts as a clients accessing your server(s), to see how the website behaves on different system environments. I've never gotten around to try this though, nor seen anyone do this separate network in practice, but it should be possible and is one of the things I got on my list to try on Qubes, but that I haven't gotten around to yet. It shouldn't be too hard to do though. It remains uncertain what kind of unknown security attack vectors a separate network has on Qubes, I don't believe much security information has been shared on this kind of Qubes use-case. For example, if it's two completely isolated networks on Qubes, would it make a difference in terms of security? It should be possible to answer, but it's an answer we need from security researchers to answer as it's a deep and complex question. However, you most certainly don't want to allow inter-VN networking on your primary Qubes network though, if you can help it, as even with HVM/PVH removing the older inter-VM PV virt_mode attack exploits, a inter-VM network might still introduce other exploits or make more VM's vulnerable than just the ones you connect together. For example if it can use two VM's to attack sys-net/sys-firewall/sys-whonix/VPN's/etc. which is also an issue (like how the PV exploit happened), so you might want to make a completely separate Qubes network next to each others, with no ties in-between them, whatsoever. If you got another LAN port, all the better, though I'm not sure how far you need to go to maximize security here, this is something you need a security researcher like Joanna or an advanced developer like Marek to answer you. But it's vital you don't open up inter-VM networking on critical or remotely important VM's, and it might also be a bad idea to mix the two networks in general if the sys-firewall/etc. can be attacked from the inside-out, instead of outside-in attacks. Think carefully if you do something like this, and some security aspects of it remains unknown for now. Possibly though, if you completely isolate the two networks, it seems feasible that you can do it without opening a caveat can of worms (in terms of security). The question remains though, at which point is enough isolation, can the networks share the same sys-net? or do they need each their own sys-net with each their own physical pass-through network card/cable? At least if you have the same sys-net, and use two firewalls, then you're still protected by the firewalls between the two or more Qubes networks. Qubes is also if sys-net/sys-firewall will play nice with other firewalls/networks here. Either way, here are some things to dive into if you want to develop this kind of things where you need network to see how it behaves. You might only need one computer to have multiple of isolated servers/clients. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dee08a72-90f6-41c1-9a0e-65bc03933e91%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
