From e6c2a93146627830f4868b38d2cc8fd7c4fbc73f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Fri, 27 Nov 2015 23:02:38 +0100
Subject: [PATCH] firstboot: add an option to route "all" the traffic through
 Tor

---
 firstboot/modules/qubes_setup.py | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/firstboot/modules/qubes_setup.py b/firstboot/modules/qubes_setup.py
index 74a010b..d41e95f 100644
--- a/firstboot/modules/qubes_setup.py
+++ b/firstboot/modules/qubes_setup.py
@@ -242,7 +242,10 @@ class moduleClass(Module):
 
     def configure_network(self):
         self.show_stage('Setting up networking')
-        self.run_in_thread(self.do_configure_network)
+        self.run_in_thread(
+            self.do_configure_network,
+            'sys-whonix' if self.choice_whonix_default.get_selected() else
+            'sys-firewall')
 
     def configure_default_dvm(self):
         self.show_stage(_("Creating default DisposableVM"))
@@ -258,10 +261,12 @@ class moduleClass(Module):
             subprocess.call(['qvm-kill', '{}-dvm'.format(self.default_template)])
             raise
 
-    def do_configure_network(self):
+    def do_configure_network(self, default_netvm):
         self.run_command(['/usr/bin/qvm-prefs', '--force-root', '--set', 'sys-firewall', 'netvm', 'sys-net'])
-        self.run_command(['/usr/bin/qubes-prefs', '--set', 'default-netvm', 'sys-firewall'])
-        self.run_command(['/usr/bin/qvm-pci', '--add-class', 'sys-net', 'net'])
+        self.run_command(['/usr/bin/qubes-prefs', '--set', 'default-netvm',
+                          default_netvm])
+        self.run_command(['/usr/bin/qubes-prefs', '--set', 'updatevm',
+                          default_netvm])
         self.run_command(['/usr/sbin/service', 'qubes-netvm', 'start'])
 
     def do_configure_template(self, template):
@@ -302,6 +307,12 @@ class moduleClass(Module):
             extra_check=lambda: is_package_installed('qubes-template-whonix-gw')
                 and is_package_installed('qubes-template-whonix-ws'))
 
+        self.choice_whonix_default = QubesChoice(
+            _('Route applications and updates through Tor anonymity network '
+                '[experimental]'),
+            (),
+            depend=self.choice_whonix)
+
         self.check_advanced = gtk.CheckButton(
             _('Do not configure anything (for advanced users)'))
         self.check_advanced.connect('toggled',