Re: [qubes-users] Salt management questions
Please consult https://www.qubes-os.org/news/2017/06/27/qubes-admin-api/ https://www.qubes-os.org/news/2017/10/03/core3/ for more information about admin possibilities and how they’re supposed to work. There are simple demo examples as well. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c72a555c-8f94-48a8-9c4c-71c06a1407f2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Salt management questions
On Mon, 2018-02-12 at 17:04 +0100, Johannes Graumann wrote: > On Wed, 2018-02-07 at 15:27 +0100, Johannes Graumann wrote: > > Gentlepeople, > > > > For a while I have been managing a qubes setup using a dedicated > > management VM and ansible via https://github.com/Rudd-O/ansible-qub > > es > > . > > As auditing that code is beyond me and as salt is integral to > > qubes, > > I > > was wondering whether that layout is currently possible using the > > salt > > management stack, in other words: can the management stack > > (currently) > > be used with a vm as the master to the entire system including > > dom0? > > > > Sincerely, Joh > > > > I understand this may be IT-people-level stuff ..., but can anyone > hint > at whether this is already possible and or where to look? > > Joh > Here https://www.qubes-os.org/news/2015/12/14/mgmt-stack/, Marek Marczykowski-Górecki sais (referring to the core rewrite back then ongoing for 4.)): + Then, based on this functionality, we will be able to create a + Management VM, which will allow secure, centralized management of + Qubes OS installations in an organization or company. But to do it + securely, we need to first finish some major rework of Qubes core + management code (“core3”), which is planned for Qubes 4.0. Then it + will be possible to implement Management VM in a way so that it will + have no access to user data, only ability to manage configuration of + (selected) VMs. This is exactly what I want - plus limited tor/net connectivity to track/backup my salt infrastructure in a gpg-encrypted git repo ... Are we there yet? Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1518641808.1064.495.camel%40graumannschaft.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Salt management questions
On Wed, 2018-02-07 at 15:27 +0100, Johannes Graumann wrote: > Gentlepeople, > > For a while I have been managing a qubes setup using a dedicated > management VM and ansible via https://github.com/Rudd-O/ansible-qubes > . > As auditing that code is beyond me and as salt is integral to qubes, > I > was wondering whether that layout is currently possible using the > salt > management stack, in other words: can the management stack > (currently) > be used with a vm as the master to the entire system including dom0? > > Sincerely, Joh > I understand this may be IT-people-level stuff ..., but can anyone hint at whether this is already possible and or where to look? Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1518451493.11154.3.camel%40graumannschaft.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Salt management questions
Gentlepeople, For a while I have been managing a qubes setup using a dedicated management VM and ansible via https://github.com/Rudd-O/ansible-qubes. As auditing that code is beyond me and as salt is integral to qubes, I was wondering whether that layout is currently possible using the salt management stack, in other words: can the management stack (currently) be used with a vm as the master to the entire system including dom0? Sincerely, Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1518013657.2002.46.camel%40graumannschaft.org. For more options, visit https://groups.google.com/d/optout.