My virtual machines topology on Qubes OS looks like this (without going too much in details)
Thanks to Qubes OS, using this is not a nightmare.
- 3 VM per client (web ui, development, administration) + 2 VM per VPN
- 1 VM for my web browser (that resets every start)
- 2 VM for emails (I use 2 emails providers)
- 1 VM for each communication app (matrix, xmpp, whatever)
- 1 VM for handling the audio device
- 1 VM for the network device
- 2 VM for each VPN (clients VPNs, home VPN, infra VPN...)
- 1 VM offline for data storage
- 1 VM offline for secret storage (ssh, gpg, password databases)
- 1 VM for development
- more or less 1 VM for each program I run from there :D
I have 2 VMs per VPN as one holds the VPN and another one is holding the firewall rules under it, so if the VPN is compromised the rules below and upper will not be affected.
below rules affect the VM using the VPN, upper rules affects the VM with the VPN to restrict it only to the VPN destination
https://bsd.network/@solene/113491825693767715
@solene Qubes looks interesting, however it looks like it would be a bit heavy as a daily driver for my computer 👀
@solene Very similar to how I used to run Qubes OS for ~10 years, before I accidentally overprovisioned storage and had to spend a few days on trying to restore what data I could. Beware of LVM […]
@solene Qubes OS seems complicated. How hard is it to learn and use?
It sounds like it would take up a lot of hardware resources. How powerful a computer does it need?
────
────