refactor: moved org-agent to its own repository as a submodule
This commit is contained in:
283
system/access-options.org
Normal file
283
system/access-options.org
Normal file
@@ -0,0 +1,283 @@
|
||||
#+TITLE: Access Options - ~/mind for Owner
|
||||
#+author: Amero Garcia
|
||||
#+created: [2026-03-16 Mon 14:28]
|
||||
#+DATE: 2026-03-06
|
||||
#+FILETAGS: :access:emacs:qubes:ssh
|
||||
|
||||
* Owner Access to ~/mind
|
||||
|
||||
** Context
|
||||
- Owner works on: Emacs on Debian in Qubes OS
|
||||
- Already has SSH access to host
|
||||
- Goal: Read and contribute to ~/mind
|
||||
- Preference: Emacs-native workflow
|
||||
|
||||
---
|
||||
|
||||
* Option 1: SSH + Terminal Emacs (Simplest)
|
||||
|
||||
*Setup:*
|
||||
```bash
|
||||
ssh amr@host
|
||||
emacs ~/mind/ # Terminal emacs on remote
|
||||
```
|
||||
|
||||
*Pros:*
|
||||
- ✅ Already works with existing SSH
|
||||
- ✅ No additional setup
|
||||
- ✅ Full remote access
|
||||
- ✅ Simple and reliable
|
||||
|
||||
*Cons:*
|
||||
- ❌ Terminal Emacs (not graphical)
|
||||
- ❌ Latency for editing
|
||||
- ❌ No local Qubes integration
|
||||
- ❌ Must be online
|
||||
|
||||
*Best for:* Quick edits, occasional access
|
||||
|
||||
---
|
||||
|
||||
* Option 2: Emacs Tramp Mode (Recommended)
|
||||
|
||||
*Setup:*
|
||||
Add to your Emacs config in Qubes:
|
||||
```elisp
|
||||
(setq tramp-default-method "scp")
|
||||
(setq tramp-ssh-controlmaster-options
|
||||
"-o ControlPath=/tmp/ssh-ControlMaster-%%r@%%h:%%p -o ControlMaster=auto -o ControlPersist=yes")
|
||||
|
||||
;; Access via C-x C-f /scp:amr@host:/home/amr/mind/
|
||||
```
|
||||
|
||||
*Usage:*
|
||||
- `C-x C-f /scp:amr@host:/home/amr/mind/`
|
||||
- Edit remote files as if local
|
||||
- Emacs handles SSH transparently
|
||||
|
||||
*Pros:*
|
||||
- ✅ Native Emacs experience
|
||||
- ✅ All your Qubes Emacs config works
|
||||
- ✅ No terminal needed
|
||||
- ✅ Good performance with ControlMaster
|
||||
- ✅ org-roam works over Tramp
|
||||
|
||||
*Cons:*
|
||||
- ⚠️ Needs Tramp configuration
|
||||
- ⚠️ Variable performance over network
|
||||
- ⚠️ Requires SSH key setup
|
||||
|
||||
*Best for:* Daily use, Emacs power users
|
||||
|
||||
---
|
||||
|
||||
* Option 3: Syncthing (Continuous Sync)
|
||||
|
||||
*Setup:*
|
||||
1. Install Syncthing on both machines:
|
||||
```bash
|
||||
# On your Qubes Debian
|
||||
sudo apt install syncthing
|
||||
|
||||
# On my host
|
||||
# Syncthing already in Docker or native
|
||||
```
|
||||
|
||||
2. Share ~/mind folder
|
||||
3. Set up bidirectional sync
|
||||
|
||||
*Pros:*
|
||||
- ✅ Works offline (syncs when online)
|
||||
- ✅ Native file access in Qubes
|
||||
- ✅ Multiple device support
|
||||
- ✅ Versioning/conflict resolution
|
||||
- ✅ Low latency (local files)
|
||||
|
||||
*Cons:*
|
||||
- ⚠️ Sync conflicts possible
|
||||
- ⚠️ Delayed updates
|
||||
- ⚠️ More complex setup
|
||||
- ⚠️ Security considerations (file sync)
|
||||
|
||||
*Best for:* Offline work, multiple devices
|
||||
|
||||
---
|
||||
|
||||
* Option 4: Git-Based Workflow (Version Control)
|
||||
|
||||
*Setup:*
|
||||
```bash
|
||||
# On my host - already git repo
|
||||
cd ~/mind
|
||||
git remote add qubes ssh://you@your-qubes/mind
|
||||
git push qubes main
|
||||
|
||||
# On your Qubes
|
||||
git clone ssh://amr@host/home/amr/mind.git ~/mind
|
||||
```
|
||||
|
||||
*Workflow:*
|
||||
1. Pull changes before editing
|
||||
2. Work on files locally
|
||||
3. Commit and push changes
|
||||
4. I pull changes on my end
|
||||
|
||||
*Pros:*
|
||||
- ✅ Version history
|
||||
- ✅ Offline capable
|
||||
- ✅ Git merge handles conflicts
|
||||
- ✅ Clean workflow
|
||||
- ✅ Review before merge
|
||||
|
||||
*Cons:*
|
||||
- ⚠️ Commit/push/pull overhead
|
||||
- ⚠️ Delayed sync
|
||||
- ⚠️ Merge conflicts possible
|
||||
- ⚠️ Not real-time collaboration
|
||||
|
||||
*Best for:* Structured contributions, review workflow
|
||||
|
||||
---
|
||||
|
||||
* Option 5: Emacs Server + Emacs Client (Advanced)
|
||||
|
||||
*Setup on my host:*
|
||||
```bash
|
||||
emacs --daemon # Start Emacs server
|
||||
cp ~/.emacs.d/server/server ~/.emacs.d/server/server-qubes
|
||||
chmod 600 ~/.emacs.d/server/server-qubes
|
||||
```
|
||||
|
||||
*Access from Qubes:*
|
||||
```bash
|
||||
ssh -L 9999:localhost:9999 amr@host
|
||||
# Then use emacsclient -c -f /path/to/forwarded/server
|
||||
```
|
||||
|
||||
*Or via TRAMP:*
|
||||
```elisp
|
||||
(setq server-use-tcp t)
|
||||
(setq server-host "my-host")
|
||||
(setq server-port 9999)
|
||||
```
|
||||
|
||||
*Pros:*
|
||||
- ✅ Persistent Emacs session
|
||||
- ✅ Shared buffers/state
|
||||
- ✅ Fast after initial load
|
||||
- ✅ Real-time collaboration
|
||||
|
||||
*Cons:*
|
||||
- ❌ Complex setup
|
||||
- ❌ SSH tunnel required
|
||||
- ❌ Emacs version compatibility
|
||||
- ❌ Security risk (Emacs server exposed)
|
||||
|
||||
*Best for:* Power users, real-time collab
|
||||
|
||||
*⚠️ NOT RECOMMENDED* - Security risks exceed benefits
|
||||
|
||||
---
|
||||
|
||||
* Option 6: NFS Export + Qubes Mount (Network Share)
|
||||
|
||||
*Setup:*
|
||||
```bash
|
||||
# On my host - export ~/mind via NFS
|
||||
sudo apt install nfs-kernel-server
|
||||
echo "/home/amr/mind *(rw,sync,no_subtree_check,anonuid=1000,anongid=1000)" >> /etc/exports
|
||||
sudo exportfs -ra
|
||||
|
||||
# In Qubes
|
||||
sudo apt install nfs-common
|
||||
sudo mount my-host:/home/amr/mind ~/mind
|
||||
```
|
||||
|
||||
*Pros:*
|
||||
- ✅ Native filesystem access
|
||||
- ✅ Transparent to Emacs
|
||||
- ✅ Fast local performance
|
||||
|
||||
*Cons:*
|
||||
- ❌ Security risk (NFS over network)
|
||||
- ❌ Complex Qubes networking
|
||||
- ❌ Potential data corruption
|
||||
- ❌ Requires firewall rules
|
||||
|
||||
*⚠️ NOT RECOMMENDED* - Security risk
|
||||
|
||||
---
|
||||
|
||||
* Option 7: rclone + Cloud Storage Bridge
|
||||
|
||||
*Setup:*
|
||||
```bash
|
||||
# Mount ~/mind to S3/Dropbox/etc via rclone
|
||||
rclone mount remote:mind ~/mind \
|
||||
--vfs-cache-mode writes \
|
||||
--vfs-cache-max-size 100M
|
||||
```
|
||||
|
||||
*Pros:*
|
||||
- ✅ Works through Qubes networking
|
||||
- ✅ Cloud redundancy
|
||||
- ✅ Multiple access methods
|
||||
|
||||
*Cons:*
|
||||
- ❌ Cloud dependency
|
||||
- ❌ Cost considerations
|
||||
- ❌ Sync latency
|
||||
- ❌ Privacy concerns
|
||||
|
||||
*⚠️ NOT RECOMMENDED* - Adds unnecessary complexity
|
||||
|
||||
---
|
||||
|
||||
* Recommendation Summary
|
||||
|
||||
| Option | Setup | Security | Performance | Collaboration |
|
||||
|--------|-------|----------|-------------|---------------|
|
||||
| 1. SSH+Terminal | ⭐⭐⭐ | ⭐⭐⭐ | ⭐⭐ | ⭐⭐ |
|
||||
| 2. Tramp | ⭐⭐ | ⭐⭐⭐ | ⭐⭐⭐ | ⭐⭐⭐ |
|
||||
| 3. Syncthing | ⭐⭐ | ⭐⭐ | ⭐⭐⭐ | ⭐⭐ |
|
||||
| 4. Git | ⭐⭐⭐ | ⭐⭐⭐ | ⭐⭐⭐ | ⭐⭐ |
|
||||
| 5. Emacs Server | ⭐ | ⭐ | ⭐⭐⭐ | ⭐⭐⭐ |
|
||||
| 6. NFS | ⭐⭐ | ⭐ | ⭐⭐⭐ | ⭐⭐⭐ |
|
||||
| 7. rclone | ⭐⭐ | ⭐⭐ | ⭐⭐ | ⭐⭐ |
|
||||
|
||||
*Top Recommendations:*
|
||||
|
||||
*🥇 Primary: Option 2 (Tramp)*
|
||||
- Best Emacs integration
|
||||
- Good security
|
||||
- Excellent performance with SSH ControlMaster
|
||||
- Recommended for daily use
|
||||
|
||||
*🥈 Alternative: Option 4 (Git)*
|
||||
- Version control
|
||||
- Offline capable
|
||||
- Clean workflow
|
||||
- Good for structured contributions
|
||||
|
||||
*🥉 Fallback: Option 1 (SSH Terminal)*
|
||||
- Zero setup
|
||||
- Always works
|
||||
- Good for quick edits
|
||||
|
||||
---
|
||||
|
||||
* Implementation Decisions Needed
|
||||
|
||||
*For Noon Meeting:*
|
||||
|
||||
1. Preferred access method (Tramp/Git/Both)
|
||||
2. SSH key exchange (if not already done)
|
||||
3. Permissions level (full write vs. review my commits first)
|
||||
4. Real-time vs. async collaboration preference
|
||||
5. Backup/redundancy requirements
|
||||
|
||||
*Questions:*
|
||||
- Do you already have SSH keys set up?
|
||||
- Want full write access or pull request workflow?
|
||||
- Need offline access (Syncthing)?
|
||||
- Emacs version in Qubes?
|
||||
Reference in New Issue
Block a user