What is the best way to install custom unofficial templates on QubesOS?
86 views
Skip to first unread message
onelov...@tuta.io
May 14, 2020, 5:03:34 PM5/14/20
to qubes...@googlegroups.com
Hello, Qubes Devel Community.
If i use Qubes as template builder. What is the best way to build them?
I mean non apt and dnf templates, non systemd. something exotic like s6/runinit, linux from scratch, nova hypervisor, s4 or hybrid bsd/linux, guixsd template.
- Download ISO
- Create empty HVM, attach it
- Establish network connection
- Disk partitioning
- Wget tarball
- Chrooting
- Copy kernel config from Debian or Fedora template
- Install base system
- Build qubes-meta-packages
- Configure package manager through proxy for template.
Is that enought for custom linux template in PVH mode? (they remind me of containers, very convenient)
I see many repo on github something like this
But i dont understand how to use it with Qubes Builder or its unfinished. What does mean "WIP" ?:)
--
Securely sent with Tutanota. Get your own encrypted, ad-free mailbox:
Marek Marczykowski-Górecki
May 14, 2020, 6:02:19 PM5/14/20
to onelov...@tuta.io, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, May 14, 2020 at 11:03:32PM +0200, onelovecisco via qubes-devel wrote:
> Hello, Qubes Devel Community.
>
> If i use Qubes as template builder. What is the best way to build them?
> I mean non apt and dnf templates, non systemd. something exotic like s6/runinit, linux from scratch, nova hypervisor, s4 or hybrid bsd/linux, guixsd template.
> Download ISO
> Create empty HVM, attach it
> Establish network connection
> Disk partitioning
> Wget tarball
> Chrooting
> Copy kernel config from Debian or Fedora template
> Install base system
> Build qubes-meta-packages
> Configure package manager through proxy for template.
> Is that enought for custom linux template in PVH mode? (they remind me of containers, very convenient)
> I see many repo on github something like this
> https://github.com/jmitchell/qubes-builder-nixos
> But i dont understand how to use it with Qubes Builder or its unfinished. What does mean "WIP" ?:)
The process for Linux templates is documented here:
https://www.qubes-os.org/doc/building-non-fedora-template/
The above is about "proper" template, with scripted build, packaging etc.
But if you want to just experiment with things (which I would also
recommend before starting the proper packaging), you can follow steps
you listed: create empty HVM, install system from ISO and configure it
from inside. You will see three disks available:
1. "root" (10GB by default) - this is where you install the system
2. "private (2GB by default) - place for user files, /home etc -
normally mounted as /rw in Qubes templates
3. "volatile" (10GB by default) - temporary files, swap etc - content of
this one is discarded at each VM shutdown
More details here:
https://www.qubes-os.org/doc/template-implementation/
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl69v+EACgkQ24/THMrX
1ywXwgf/eDfedmkHsaO0ikFD8GJIsKgeUmnvKzukvdRKuH6XR7rqWhMm/9UfSAby
JcwRY/eXfO+zatlFhcrfRS0QGlgxj0YBAIVia1tgc8GK/viIzzwPdQue+1gR3PaH
jXpa3OZbYOYwSDLB4MW32VYzTblUTIaq2FiH7ZLcEoDK2RuKxvKr1Ni+7+b7z7Ow
kk8Cyvo3j+3fIKfdcfK+U5H9AVMbTYoDHoCGvcn0T1mzug3+tyiXNbDGW50+o/oY
qbaobNtk5hYhMsgkUc4wxhgimwHCqIWppSEfnK4Gj85HHZ48B9Uhbfi5DaZEHBmI
79zhL6hQlDVeU/7EpzaiZsp68zoQwg==
=XXLE
-----END PGP SIGNATURE-----
Hash: SHA256
On Thu, May 14, 2020 at 11:03:32PM +0200, onelovecisco via qubes-devel wrote:
> Hello, Qubes Devel Community.
>
> If i use Qubes as template builder. What is the best way to build them?
> I mean non apt and dnf templates, non systemd. something exotic like s6/runinit, linux from scratch, nova hypervisor, s4 or hybrid bsd/linux, guixsd template.
> Download ISO
> Create empty HVM, attach it
> Establish network connection
> Disk partitioning
> Wget tarball
> Chrooting
> Copy kernel config from Debian or Fedora template
> Install base system
> Build qubes-meta-packages
> Configure package manager through proxy for template.
> Is that enought for custom linux template in PVH mode? (they remind me of containers, very convenient)
> I see many repo on github something like this
> https://github.com/jmitchell/qubes-builder-nixos
> But i dont understand how to use it with Qubes Builder or its unfinished. What does mean "WIP" ?:)
https://www.qubes-os.org/doc/building-non-fedora-template/
The above is about "proper" template, with scripted build, packaging etc.
But if you want to just experiment with things (which I would also
recommend before starting the proper packaging), you can follow steps
you listed: create empty HVM, install system from ISO and configure it
from inside. You will see three disks available:
1. "root" (10GB by default) - this is where you install the system
2. "private (2GB by default) - place for user files, /home etc -
normally mounted as /rw in Qubes templates
3. "volatile" (10GB by default) - temporary files, swap etc - content of
this one is discarded at each VM shutdown
More details here:
https://www.qubes-os.org/doc/template-implementation/
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl69v+EACgkQ24/THMrX
1ywXwgf/eDfedmkHsaO0ikFD8GJIsKgeUmnvKzukvdRKuH6XR7rqWhMm/9UfSAby
JcwRY/eXfO+zatlFhcrfRS0QGlgxj0YBAIVia1tgc8GK/viIzzwPdQue+1gR3PaH
jXpa3OZbYOYwSDLB4MW32VYzTblUTIaq2FiH7ZLcEoDK2RuKxvKr1Ni+7+b7z7Ow
kk8Cyvo3j+3fIKfdcfK+U5H9AVMbTYoDHoCGvcn0T1mzug3+tyiXNbDGW50+o/oY
qbaobNtk5hYhMsgkUc4wxhgimwHCqIWppSEfnK4Gj85HHZ48B9Uhbfi5DaZEHBmI
79zhL6hQlDVeU/7EpzaiZsp68zoQwg==
=XXLE
-----END PGP SIGNATURE-----
unman
May 15, 2020, 9:26:56 AM5/15/20
to qubes...@googlegroups.com
On Thu, May 14, 2020 at 11:03:32PM +0200, onelovecisco via qubes-devel wrote:
Tutanota - cant you change that sig?
WIP = WorkInProgress
You may want to look at
https://www.qubes-os.org/doc/building-non-fedora-template/ for some
(broad) advice on customising builder scripts.
You can run many OS as HVM templates, even without Qubes Tools. But
I guess you want the tools, and those you'll have to build yourself.
But where's the advantage to Qubes? Will it increase adoption? Increase
security? Usability?
Reply all
Reply to author
Forward
0 new messages