Commit 697aa9a5 authored by Clark's avatar Clark
Browse files

Added most of the Qubes VMs. Long way to go aesthetically

parent e31cc9ea
......@@ -117,16 +117,152 @@ backgroundColor AliceBlue
borderColor #53485C
}
skinparam class {
backgroundColor AliceBlue
}
' Define the network components
allow_mixing
rectangle System_Wrapper {
rectangle << System >> {
entity dom0
entity "default-mgmt-dvm" as default_mgmt_dvm {
{static} template <f30>
}
entity "sys-net" as sys_net {
{static} template <f30>
}
entity "sys-usb" as sys_usb {
{static} template <f30>
}
entity "sys-firewall" as sys_firewall {
{static} template <f30>
}
entity "sys-vpn" as sys_vpn {
{static} template < ???? >
}
entity "sys-whonix" as sys_whonix {
{static} template <w15-gw>
}
}
}
rectangle UserSpace_Wrapper {
rectangle << UserSpace >> {
class "bytecache-dev" as bytecache_dev {
{static} template <d10-ws>
{static} network <sys-vpn>
}
class "bytecache-email" as bytecache_email {
{static} template <d10-email>
{static} network <sys-vpn>
}
class "bytecache-matrix" as bytecache_matrix {
{static} template <d10-social>
{static} network <sys-vpn>
}
class "bytecache-user" as bytecache_user {
{static} template <w15-ws>
{static} network <sys-vpn>
}
class "bytecache-gpg-vault" as bytecache_gpg_vault {
{static} template < ???? >
}
class "bytecache-ssh-vault" as bytecache_ssh_vault {
{static} template <f30-ssh-vault>
}
class "anon-whonix" as anon_whonix {
{static} template <w15-ws>
{static} network <sys-vpn>
}
enum "u18-dev-dvm" as ubuntu_dvm {
{static} template <u18-dev>
{static} network <sys-vpn>
}
enum "d10-ws-dvm" as debian_ws_dvm {
{static} template <d10-ws>
{static} network <sys-vpn>
}
enum "f30-dvm" as fedora_dvm {
{static} template <f30>
{static} network <sys-vpn>
}
class "untrusted" as untruster {
{static} template <d10-ws>
{static} network <sys-vpn>
}
enum "w15-ws-dvm" as whonix_ws_dvm {
{static} template <w15-ws>
{static} network <sys-vpn>
}
class "work-email" as work_email {
{static} template <d10>
{static} network <sys-vpn>
}
class "work-dev" as work_dev {
{static} template <u18-dev>
{static} network <sys-vpn>
}
class "work-audit-gold-image" as work_audit_gold_image {
{static} template <u18-dev>
{static} network <sys-vpn>
}
class "work-social" as work_social {
{static} template <d10-social>
{method} #Zoom
{method} #Slack
}
class "work-gpg-vault" as work_gpg_vault {
{static} template < ???? >
}
class "work-ssh-vault" as work_ssh_vault {
{static} template <f30-ssh-vault>
}
class "backup-vault" as backup_vault {
{static} template <f30>
}
class "pw-vault" as pw_vault {
{static} template <f30>
}
}
}
rectangle Template_Wrapper {
cloud << Templates >> {
rectangle << Debian >> {
......@@ -135,6 +271,11 @@ interface "d10" as debian
abstract "d10-ws" as debian_ws {
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#emacs Emacs]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#rust Rust]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#python-3 Python3]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#r R]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#gdb GDB]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#radare-2 Radare 2]]
}
abstract "d10-email" as debian_email {
......@@ -150,53 +291,82 @@ abstract "d10-social" as debian_social {
}
rectangle << Ubuntu >> {
interface "u18" as ubuntu
abstract "u18-dev" as ubuntu_dev {
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#emacs Emacs]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#ethereum Ethereum]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#rust Rust]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#python-3 Python3]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#r R]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#gdb GDB]]
{method} +[[https://blog.bytecache.io/Self-hosted/Workstation.html#radare-2 Radare 2]]
}
}
rectangle Windows_Wrapper {
rectangle << Windows >> {
interface "w10" as windows
}
}
rectangle << Fedora >> {
interface "f30" as fedora
abstract "f30-ssh-vault" as fedora_ssh_vault {
{static} qubes-rpc qubes.SshAgent
{field} qubes-rpc qubes.SshAgent
}
}
rectangle Whonix_Wrapper {
rectangle << Whonix >> {
interface "w15-gw" as whonix_gw
interface "w15-ws" as whonix_ws
}
rectangle << Ubuntu >> {
interface "u18" as ubuntu
}
rectangle << Windows >> {
interface "w10" as windows
}
}
cloud LAN
' Define component connections
'skinparam linetype polyline
'left to right direction
debian <.. debian_ws : cloned
debian <.. debian_email : cloned
debian <.. debian_social : cloned
sys_net -- sys_firewall
sys_firewall -- sys_vpn
sys_firewall -- sys_whonix
'sys_vpn -- work_email
'sys_vpn -- work_dev
'sys_vpn -- work_audit_gold_image
'sys_vpn -- work_social
'sys_vpn -- bytecache_dev
'sys_whonix -- whonix_ws_dvm
'sys_whonix -- bytecache_email
'sys_whonix -- bytecache_matrix
'sys_whonix -- bytecache_user
debian <.. debian_ws
debian <.. debian_email
debian <.. debian_social
fedora <.. fedora_ssh_vault
fedora <. fedora_ssh_vault : cloned
ubuntu <.. ubuntu_dev
#+end_src
#+RESULTS[785088829eb12787be73e2b4f807c6ecbc24301f]:
#+RESULTS[b16e217697ed9a822b93a6db4a96d2253e7cddcf]:
[[file:img/Qubes-VM-architecture.svg]]
* TODO Enforce VPN Routing -> Move this to a NetVM (Qubes)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment