"Stop treating Qubes OS VMs like pets, start treating them like cattle" - an admin philosophy
Designed to make Qubes OS easily accessible to Linux beginners
Please read the documentation carefully before using kuhbs in production. Please always read the code of everything you download into dom0.
kuhbs is developed by Blunix GmbH. We provide Consulting for Qubes OS and are ready to assist you in evaluating and implementing Qubes OS for your business.
Demo video: www.youtube.com/watch?v=D1rxqgLOXjc
kuhbs aims to make it easy for new Qubes OS users to install software.
It is an auto-provisioning script for Qubes OS written in BASH and provides an easy to use infrastructure as code approach for Qubes OS. It lets you "simply install firefox" and takes care of the Qubes OS related configuration. It also offers backups, upgrade management, integration into i3wm and a list of helper tools. kuhbs code contains lots of comments and is meant to be read and understood.
A kuhb is a logical collection of Qubes OS VM's and their configuration. If you want to "install firefox", you would create a kuhb "firefox", which would create a TemplateVM "tpl-firefox" with the apt package "firefox" installed, an AppVM "app-firefox" with plugins installed below "/home/user/.mozilla", and a launcher to create Unnamed DisposableVMs that actually launch firefox. You create one kuhb for each application or usecase that you want to run on Qubes OS - for example a kuhb for an airgap for taking notes, one kuhb for surfing with firefox and chrome installed, another for "private", one for coding and so on.
kuhb's with a ' is more than one kuhb, for example the kuhb firefox, airgap, email, signal-chat, ...
kuh is a VM, or a "qube" in Qubes OS terms, which is part of a kuhb, for example a TemplateVM or an AppVM. "Kuh" is also the german word for cow. The name kuhbs is inspired by the quote "don't treat servers like pets, treat them like cattle". bs stands for BASH script, obviously ;)
To quote unman, a Qubes OS developer, from his website qubes.3isec.org/tasks.html: "There's a long standing issue that Qubes users face: installing software and setting up new qubes. New users in particular find this difficult to deal with."
kuhbs helps new Qubes OS users install new software easily and securely. It provides colorized output that explicitly shows all commands executed in dom0 to create the desired VMs (like qvm-create, qvm-prefs, qvm-start and so on). Creating the configuration, called a "kuhb", to install and use a new application like firefox or a complex firewall VM, is designed to be simple to understand.
In order to "just install and run firefox" on Qubes OS, there is a complex list of qvm- commands to run and other things to do and configure. kuhbs is a CLI based tool that automates the creation and management of Qubes OS VMs. kuhbs provides an easy way of configuring all relevant aspects of a VM and provides an easy to use infrastructure as code approach for Qubes OS.
If you want to automate the setup of Qubes OS, you can use the build in Saltstack, which is very complicated to explain to someone new to Saltstack and Qubes OS and generally uneasy to use. There is an Ansible implemention for Qubes OS that wraps qvm- commands but its also incomplete. Writing kuhbs in BASH seemed logical as the tasks required are mostly executing qvm- commands.
Please mouse-over on "Documentation" in the top bar to see the documentation chapters, ordered from top to bottom.