Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://bsd.network/users/solene/statuses/113491825693767715">Solène :flan_hacker: (solene@bsd.network)'s status on Saturday, 16-Nov-2024 18:04:51 JST</a><a href="https://bsd.network/@solene" title="solene@bsd.network"><img src="https://gnusocial.jp/avatar/6273-48-20220828132537.webp" width="48" height="48" alt="Solène :flan_hacker:" style="position: absolute; left: 0; top: 0;">Solène :flan_hacker:</a></section><article><p>My virtual machines topology on Qubes OS looks like this (without going too much in details)</p><p>- 3 VM per client (web ui, development, administration) + 2 VM per VPN<br>- 1 VM for my web browser (that resets every start)<br>- 2 VM for emails (I use 2 emails providers)<br>- 1 VM for each communication app (matrix, xmpp, whatever)<br>- 1 VM for handling the audio device<br>- 1 VM for the network device<br>- 2 VM for each VPN (clients VPNs, home VPN, infra VPN...)<br>- 1 VM offline for data storage<br>- 1 VM offline for secret storage (ssh, gpg, password databases)<br>- 1 VM for development<br>- more or less 1 VM for each program I run from there :D</p><p>I have 2 VMs per VPN as one holds the VPN and another one is holding the firewall rules under it, so if the VPN is compromised the rules below and upper will not be affected.</p><p>below rules affect the VM using the VPN, upper rules affects the VM with the VPN to restrict it only to the VPN destination</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4010569#notice-7836266">In conversation</a><time datetime="2024-11-16T18:04:51+09:00" title="Saturday, 16-Nov-2024 18:04:51 JST">about 6 months ago</time> <span>from <span><a href="https://bsd.network/@solene/113491825693767715" rel="external" title="Sent from bsd.network via ActivityPub">bsd.network</a></span></span><a href="https://bsd.network/@solene/113491825693767715">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Solène :flan_hacker: (solene@bsd.network)'s status on Saturday, 16-Nov-2024 18:04:51 JST Solène :flan_hacker:
My virtual machines topology on Qubes OS looks like this (without going too much in details)
- 3 VM per client (web ui, development, administration) + 2 VM per VPN
- 1 VM for my web browser (that resets every start)
- 2 VM for emails (I use 2 emails providers)
- 1 VM for each communication app (matrix, xmpp, whatever)
- 1 VM for handling the audio device
- 1 VM for the network device
- 2 VM for each VPN (clients VPNs, home VPN, infra VPN...)
- 1 VM offline for data storage
- 1 VM offline for secret storage (ssh, gpg, password databases)
- 1 VM for development
- more or less 1 VM for each program I run from there :D
I have 2 VMs per VPN as one holds the VPN and another one is holding the firewall rules under it, so if the VPN is compromised the rules below and upper will not be affected.
below rules affect the VM using the VPN, upper rules affects the VM with the VPN to restrict it only to the VPN destination
In conversationabout 6 months ago from bsd.networkpermalink

Public

Embed Notice

HTML Code

Corresponding Notice