2014-12-29 12:46:16 +01:00
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# The Qubes OS Project, https://www.qubes-os.org/
|
2014-12-29 12:46:16 +01:00
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# Copyright (C) 2010-2015 Joanna Rutkowska <joanna@invisiblethingslab.com>
|
|
|
|
# Copyright (C) 2014-2015 Wojtek Porczyk <woju@invisiblethingslab.com>
|
2014-12-29 12:46:16 +01:00
|
|
|
#
|
2017-10-12 00:11:50 +02:00
|
|
|
# This library is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
|
|
# License as published by the Free Software Foundation; either
|
|
|
|
# version 2.1 of the License, or (at your option) any later version.
|
2014-12-29 12:46:16 +01:00
|
|
|
#
|
2017-10-12 00:11:50 +02:00
|
|
|
# This library is distributed in the hope that it will be useful,
|
2014-12-29 12:46:16 +01:00
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2017-10-12 00:11:50 +02:00
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
# Lesser General Public License for more details.
|
2014-12-29 12:46:16 +01:00
|
|
|
#
|
2017-10-12 00:11:50 +02:00
|
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
|
|
# License along with this library; if not, see <https://www.gnu.org/licenses/>.
|
2014-12-29 12:46:16 +01:00
|
|
|
#
|
|
|
|
|
2016-03-03 01:05:23 +01:00
|
|
|
#
|
|
|
|
# THIS FILE SHOULD BE CONFIGURED PER PRODUCT
|
|
|
|
# or better, once first custom product arrives,
|
|
|
|
# make a real /etc/qubes/master.conf or whatever
|
|
|
|
#
|
|
|
|
|
2015-10-05 23:46:25 +02:00
|
|
|
'''Constants which can be configured in one place'''
|
|
|
|
|
2016-06-02 22:02:06 +02:00
|
|
|
import os.path
|
|
|
|
|
2015-01-19 17:06:30 +01:00
|
|
|
qubes_base_dir = "/var/lib/qubes"
|
2014-12-29 12:46:16 +01:00
|
|
|
system_path = {
|
|
|
|
'qubes_guid_path': '/usr/bin/qubes-guid',
|
|
|
|
'qrexec_daemon_path': '/usr/lib/qubes/qrexec-daemon',
|
|
|
|
'qrexec_client_path': '/usr/lib/qubes/qrexec-client',
|
|
|
|
'qubesdb_daemon_path': '/usr/sbin/qubesdb-daemon',
|
|
|
|
|
|
|
|
# Relative to qubes_base_dir
|
|
|
|
'qubes_appvms_dir': 'appvms',
|
|
|
|
'qubes_templates_dir': 'vm-templates',
|
|
|
|
'qubes_servicevms_dir': 'servicevms',
|
|
|
|
'qubes_store_filename': 'qubes.xml',
|
|
|
|
'qubes_kernels_base_dir': 'vm-kernels',
|
|
|
|
|
|
|
|
# qubes_icon_dir is obsolete
|
|
|
|
# use QIcon.fromTheme() where applicable
|
|
|
|
'qubes_icon_dir': '/usr/share/icons/hicolor/128x128/devices',
|
|
|
|
|
|
|
|
'qrexec_policy_dir': '/etc/qubes-rpc/policy',
|
|
|
|
|
|
|
|
'config_template_pv': '/usr/share/qubes/vm-template.xml',
|
|
|
|
}
|
|
|
|
|
|
|
|
vm_files = {
|
|
|
|
'root_img': 'root.img',
|
|
|
|
'rootcow_img': 'root-cow.img',
|
|
|
|
'volatile_img': 'volatile.img',
|
|
|
|
'clean_volatile_img': 'clean-volatile.img.tar',
|
|
|
|
'private_img': 'private.img',
|
|
|
|
'kernels_subdir': 'kernels',
|
|
|
|
'firewall_conf': 'firewall.xml',
|
|
|
|
'whitelisted_appmenus': 'whitelisted-appmenus.list',
|
|
|
|
'updates_stat_file': 'updates.stat',
|
|
|
|
}
|
|
|
|
|
|
|
|
defaults = {
|
|
|
|
'libvirt_uri': 'xen:///',
|
|
|
|
'memory': 400,
|
2017-06-01 03:51:24 +02:00
|
|
|
'hvm_memory': 400,
|
2014-12-29 12:46:16 +01:00
|
|
|
'kernelopts': "nopat",
|
2016-03-03 01:05:23 +01:00
|
|
|
'kernelopts_pcidevs': "nopat iommu=soft swiotlb=8192",
|
2019-02-25 04:59:46 +01:00
|
|
|
'kernelopts_common': ('root=/dev/mapper/dmroot ro nomodeset console=hvc0 '
|
|
|
|
'rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 '),
|
2014-12-29 12:46:16 +01:00
|
|
|
|
|
|
|
'dom0_update_check_interval': 6*3600,
|
|
|
|
|
|
|
|
'private_img_size': 2*1024*1024*1024,
|
|
|
|
'root_img_size': 10*1024*1024*1024,
|
|
|
|
|
2016-04-01 16:43:59 +02:00
|
|
|
'pool_configs': {
|
2018-09-12 01:50:26 +02:00
|
|
|
# create file(-reflink) pool even when the default one is LVM
|
2016-11-02 06:34:10 +01:00
|
|
|
'varlibqubes': {'dir_path': qubes_base_dir,
|
|
|
|
'name': 'varlibqubes'},
|
2016-04-01 16:43:59 +02:00
|
|
|
'linux-kernel': {
|
|
|
|
'dir_path': os.path.join(qubes_base_dir,
|
|
|
|
system_path['qubes_kernels_base_dir']),
|
|
|
|
'driver': 'linux-kernel',
|
|
|
|
'name': 'linux-kernel'
|
|
|
|
}
|
|
|
|
},
|
2014-12-29 12:46:16 +01:00
|
|
|
|
|
|
|
# how long (in sec) to wait for VMs to shutdown,
|
|
|
|
# before killing them (when used qvm-run with --wait option),
|
|
|
|
'shutdown_counter_max': 60,
|
|
|
|
|
|
|
|
'vm_default_netmask': "255.255.255.0",
|
|
|
|
|
2016-11-02 23:32:51 +01:00
|
|
|
'appvm_label': 'red',
|
|
|
|
'template_label': 'black',
|
|
|
|
'servicevm_label': 'red',
|
2014-12-29 12:46:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
max_qid = 254
|
2016-06-02 17:20:13 +02:00
|
|
|
max_dispid = 10000
|
2017-03-13 15:13:20 +01:00
|
|
|
#: built-in standard labels, if creating new one, allocate them above this
|
|
|
|
# number, at least until label index is removed from API
|
|
|
|
max_default_label = 8
|
2017-07-20 03:07:46 +02:00
|
|
|
|
|
|
|
#: profiles for admin.backup.* calls
|
|
|
|
backup_profile_dir = '/etc/qubes/backup'
|
2017-12-01 03:24:34 +01:00
|
|
|
|
|
|
|
#: site-local prefix for all VMs
|
|
|
|
qubes_ipv6_prefix = 'fd09:24ef:4179:0000'
|