Automated Qubes OS Installation using Kickstart and/or PXE Network Boot

Community Guides
4

@qstateless, just an update on how this is going:

PXE boot on the latest ISO using memdisk

  • Fails using Legacy Boot
    • ISOLINUX: Failed to load ldlinux.c32
  • Have not tried UEFI yet, but that’s next

“Deconstructing” the ISO and serving via NFS

  • Fails
    • xen.gz loaded successfully
    • vmlinuz loaded successfully
    • initrd.img loaded successfully
    • Boots into the Plymouth splash screen
    • Hangs at “Reached target Basic System”
  • Cause of hanging is yet to be determined
  • I assume because the initramfs doesn’t have network modules (this is purely speculation), or because Xen didn’t pass through any network devices

“Deconstructing” the ISO and serving via HTTP

  • Same as serving via NFS

“Deconstructing” the ISO (Qubes.iso → /LiveOS/squashfs.img/LiveOS/rootfs.img) and serving using NFS, but without loading xen.gz

  • Somewhat successful
    • Boots successfully into anaconda installer
    • RPM repos cannot be accessed
    • Booting without Xen isn’t exactly ideal (the installer uses it to check whether the hardware is suitable for Qubes OS)

——-

The plan is to create a sort of sys-pxe Qube that will turn any Qubes OS machine into a PXE boot server. That way, you’d be able to install Qubes OS onto another machine using an existing Qubes OS machine.

There’s still a long way to go on this one. I still have to get it to successfully boot and install…. :smile:

The long-term plan is also:

  • To create a way to customise the install (well, technically there already is a way, I just have to configure it :laughing:)
    • Add/remove custom RPM packages in the installer repo
  • Utilise kickstart your facilitate automated unattended installs
    • User name and password
    • Disk partitioning
    • LUKS encryption
    • Timezone
    • Keyboard and language support
    • Everything else that anaconda can do
    • Just turn on the target machine, connect the Ethernet cable, select “Network Boot”, and go have a coffee while it automatically installs
  • Couple this with Saltstack to allow complete customisation of preconfigured Qubes during first boot setup

See this for more information (full credit to @unman, the living legend):

  • Create a sort of GUI tool that will write up Salt config files for custom Qubes
    • The user has dropdown menus for things like base template, installed software, PCI devices, etc.
    • Maybe one day it might get merged into the dialog box at Q-Menu → Qubes Tools… → Create Qubes VM… (maybe…)

———

Also, if anyone else sees this and can help, please post or DM me :slight_smile: