I think that’s a good idea. How would one go around documenting the required packages on a debian/fedora system? Does apt/dnf offer such a table view?
You mean somethimg like this?
Yeah, this was my inspiration. But now, I am looking for a place to store this is a more structured way. Maybe a kind of table. I would skip the customized base line template since this will be very individual but the other elementary qubes (network, usb…) and the “application” qubes could be documented in a predefined table or matrix.
If I find some supporter I would like to ask the community to add and maintain / verify the packages over time.
i.e. if you know how to make minimal template for Signal you should be able to clone it for Session, Threema, Element… with that we extend the list easily and new mini tpl users get a good structure to start with.
2 Likes
Ok, maybe I overlooked something. Is there a wiki option here? Do I have permission to enable it?
Under each post there is a button with three dots, when you click it the options expand. Then click the wrench and see if there is a “make wiki” option. Once that’s enabled everyone can edit that post.
So you could start a new thread, make the first post a wiki and start documenting. That’s how e.g. the community-recommended list works.
As an example, I made this post a wiki … so you should be able to edit it.
Edit: I edited this… BOO!
I’ve checked just now, @Sven, and there is no option for make wiki on or in relation to the three dots after each post (expanded a few, no wrench either) and your post has an addition to the post which comes from what you did (little icon next to the area your post depicts the time since your post was made & an icon plus the text Edit beneath where a person would presumably modify your post) but it’s unclear how any of us would achieve that. Maybe you see things differently because of your status?
I just created one for you here: Mini-templates Required Packages (Wiki)
Let me know if you have any issues.
1 Like
Question about apt-cacher:
For an automated minimal template script I wonder where to set the apt-cacher setup and configuration.
Doing all templates first and then at the very end setup the apt-cacher and do the sed command in all templates (one-by-one)?
Or make the apt-cacher installation at the very beginning of the script? But then how to deal with the baseline (customized) template? How to install and update the packages of baseline template?
In other words, what is your installation order of your automated script when you run it on a fresh and empty Qubes installation?
(one more)
I am looking for a scriptable solution to automate the Application selection.
If I run my template creation process and afterward my AppVM I still have to add the program to the Selected List (Q > Qubes > Qubes Settings > Application Tab > select and move > confirm with OK). I could not find a qvm- command for this and the App menu shortcut troubleshooting | Qubes OS did not show a solution for the selection (only for the application list).
1 Like
Here’s my take - I install the caching proxy on install, and immediately
reconfigure the templates.
That way any cloned templates are ready to work with the cacher.
The fact I do this with salt is immaterial - I did the same when working
with scripts.
The only time you have to hit a new template is if it is freshly
installed. I have a salt state for that but you can keep a script to do
it with qvm-run.
When I comment in the Forum or in the mailing lists I speak for myself.
1 Like
My current setup is (for a fresh and empty installation).
install debian-11-minimal
clone minimal template and modify (=deb-11-m-base)
clone and create new templates
and AppVMs
create and config apt-cacher
search for all (mini) templates
and loop the sed command for all (mini) templates
A. Can this opt-in setting
At the moment, only checking for visible windows is supported - when a VM has no visible windows for more than 15 minutes, it’s going to be shut down. The mechanism is opt-in - enable
shutdown-idleservice in qube settings to use it.
be automated with a script or do I have to set this manually one-by-one for all AppVM and templates?
B. It looks hardcoded to 15 mins
TIMEOUT_SECONDS = 15 * 60
any workaround to make this user defined without coding the python source?
(in brief: all you need is a Python module supporting a couple methods)
… would be nice to have it adjustable like the firewall setting “Allow full access for: x min”
Orange my KeePassXC based on my minimal template.
Black based on a regular Debian 11 template.
How can I change the font and size of the window menu (Database, Entries …)?
… it also looks like the scaling factor is not properly set since the icon and font within the window looks a bit bigger.
My customizing code for my (minimal) base template:
# === GUI and program customization and defaults ===
set-dark-theme () # https://forum.qubes-os.org/t/guide-xfce-global-dark-mode-in-qubes-4-0-4-1/10757
{
local TARGET_FOLDER="/usr/share"
local SOURCE_FOLDER="/home/user/QubesIncoming"
qvm-copy-to-vm ${1} /usr/share/themes/Arc-Dark*
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${TARGET_FOLDER}/themes/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mkdir ${TARGET_FOLDER}/themes/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mv ${SOURCE_FOLDER}/dom0/* ${TARGET_FOLDER}/themes/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${SOURCE_FOLDER}"
qvm-copy-to-vm ${1} /usr/share/icons/Adwaita*
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${TARGET_FOLDER}/icons/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mkdir ${TARGET_FOLDER}/icons/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mv ${SOURCE_FOLDER}/dom0/* ${TARGET_FOLDER}/icons/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${SOURCE_FOLDER}"
qvm-copy-to-vm ${1} /usr/share/fonts/dejavu*
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${TARGET_FOLDER}/fonts/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mkdir ${TARGET_FOLDER}/fonts/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mv ${SOURCE_FOLDER}/dom0/* ${TARGET_FOLDER}/fonts/"
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${SOURCE_FOLDER}"
}
set-gtk-qt-settings ()
{
local PROGRAM="qt5-style-plugins gtk2-engines-murrine gnome-themes-standard"
qvm-apt-install ${1}
local TARGET_FOLDER="/etc/skel"
local SOURCE_FOLDER="/home/user/QubesIncoming"
qvm-copy-to-vm ${1} "${SCRIPT_DIR}/files/gtk/.gtkrc-2.0"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mv ${SOURCE_FOLDER}/dom0/.gtkrc-2.0 ${TARGET_FOLDER}"
qvm-copy-to-vm ${1} "${SCRIPT_DIR}/files/gtk/settings.ini"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mkdir -p ${TARGET_FOLDER}/.config/gtk-3.0"
qvm-run --no-gui --pass-io --quiet --user root ${1} "mv ${SOURCE_FOLDER}/dom0/settings.ini ${TARGET_FOLDER}/.config/gtk-3.0"
qvm-run --no-gui --pass-io --quiet --user root ${1} "rm --recursive --force ${SOURCE_FOLDER}"
qvm-run --no-gui --pass-io --quiet --user root ${1} 'echo "QT_QPA_PLATFORMTHEME=gtk2" >> /etc/environment'
qvm-run --no-gui --pass-io --quiet --user root ${1} 'echo "QT_SCALE_FACTOR=1" >> /etc/environment'
}
2 Likes
@Sven
Thanks for you guide, as that what pushed me to start creating some of my templates using a script and debian minimal.
I have a question regarding opening links in a default disposable VM, as that what I’m trying to achieve for my email qube, without success for now.
Just want to confirm if the next steps are sufficient or there is something I’m missing:
- copy the qvm-open-in-vm-desktop.desktop file (with the content you posted) to /etc/skel/.local/share/applications of the template vm;
- added a line “xdg-settings set default-web-browser qvm-open-in-vm-desktop.desktop” into the /etc/skel/.bashrc of the template vm;
- restart the template;
- create an AppVM based on the template.
In my case I have to switch from minimal template to regular debian-11 (because of tutanota AppImage, that not starts using minimal). So, when I click on a link in my tutanota app, it opens in Firefox in the same qube, and no dom0 dialog box as you mention in your setup.
Appreciate all your efforts to teach us using Qubes the right way
Thanks
I was planning to try this, however it seems quite inefficient to clone a template N times in order to install N programs, then on each update write to SSD N times the same information + the clone-specific one. To my mind, minimalism should also consider resource efficiency. It is also not clear why one needs to copy icons and themes to a base template which will also be used for sys-* qubes (which run headless).
Is there a more efficient approach?
I’ve copied the theme and icons to the base template so that even the network manager (sys-net) follows the theming of my whole system.
Note that what you read here is just an example showing my personal preference at that time. Obviously your choices might differ.
There is nothing here that demands a one app per qube approach. You can look at your use case and partition in a way that is meaningful to you. Even if you’d just have a system qube template and an app template you might safe lots of space compared with the full Debian template.
This might be app specific. What happens if you run xdg-open https://forum.qubes-os.org from your terminal?