Not quite sure what you are trying to achieve, but you are going about
it wrong.
What you can do is set up a qube with your settings, then mark that
qube as a template_for_dispvms. Then a disposableVM can start with the
settings already there.
I use this to run a “split mail” set up, where the receiver and sender
are running in disposableVMs, and the mail client is running in a
minimal, offline qube.
sounds nice. to understand you right, you setup an AppVM with mail client configured to access the email server (hoster), then use that AppVM as a template for disposableVMs? Sounds nice. But i dont get the split part. Or do you have one template for imap and one template for smtp and based on that disposable VMs ?
thanks 
There are two ways of working with Tor and VPN. Qubes makes it somewhat
easier to try out both.
Tor over VPN:
qube->tor->Vpn_qube->sys-firewall->sys-net
This hides the fact that you are using Tor from anyone watching your
external IP - all they will see is traffic going to your VPN provider.
(They may be able to guess you are using Tor by traffic analysis though.)
Your VPN provider will see the Tor traffic.
You trust the VPN provider to do the right thing.
If anyone were to break Tor then the trail would lead back to the VPN.
VPN over Tor:
qube->Vpn_qube->tor->sys-firewall->sys-net
This hides the fact that you are using the VPN from anyone watching your
external IP - all they will see is Tor traffic.
Your VPN provider will see traffic coming from a Tor exit node.
If anyone were to break Tor then they would see encrypted traffic at the
exit node heading to and from the VPN provider.
You trust the VPN provider to do the right thing: in this case the VPN
sees everything you do.
There is a huge warning about trying to do this - it’s in the Tor
FAQ.
You can read more at
1 Like
Briefly, I have 3 qubes:
- fetcher - configured with getmail. template_for_dispvms
- mutt qube - no netvm - where I read and write mails. Based on a minimal
Debian template. Any attachments are opened in offline disposableVMs. - sender - configured with msmtp. template_for_dispvms
So fetching and sending are done from network connected disposable
qubes. The work is done in a minimal qube that is offline.
There’s a more detailed note at GitHub - unman/notes under
SplitMutt.md
It sounds like work, but the initial fetching, transmission in to mutt inbox,
and the syncing outgoing to sender, and sending are just two keyboard
shortcuts. After the initial set-up the process is transparent, just the
way it should be.
2 Likes
In fact. The Tor over VPN thing leaks your real ip to the VPN provider.
I guess i did understand the topic wrong. I thought the topic creator was about hidding the real ip from the vpn provider. Because he doesn’t trust the vpn provider. Next thing was the ubuntu template based vpn server and the "hosting " on own machine. Which doesn’t make any sense.
you didn’t got that fully 
but first on your example: Yes you only can choose 1 option.
But all those qube > qube > qube > qube scenarios means the following:
your appvm (for tor) choose sys-whonix
V
sys-whonix choose sys-firewall
V
sys-firewall choose sys-net
V
and sys-net simply has internet…
Nope! If you need tor, you should choose sys-whonix, but then IN sys-whonix you have to choose sys-firewall!
And in sys-firewall, there always should be sys-net choosen!
And for the clearnet: your appvm should choose sys-firewall, while IN sys-firewall is sys-net always choosen.
Now it should be clear
1 Like
This is way cool, the big dogs out teaching.
THANKS GUYS!!
So Chris Titus talks about building a vps “Ubuntu” server. I really don’t know how credible he is. But like I said I am still researching this. I know a lot of you guys here have tons of Linux exp, so I am sure you will point out the “snake oil”…
and this guy here. I am not discrediting anyone just looking at legit options… looks good
1 Like
There is no problem with this channel or the video (i did not watch it but setting up a normal vpn server isn’t that complicated, securing it is another thing 
)
But i did understand that you would like to setup your own VPN ubuntu server on your own Qubes OS machine. And that does not make any sense. The idea of a VPN is creating an encrypted tunnel between you and a server located anywhere in the world and ideally (or not depends on what you want) all your traffic goes through that tunnel. So when you visit a website for example, the hoster only sees the IP of the VPN Server. Which brings me to your idea. It is of course kind of possible to host your own VPN Server on your machine and connect to it with a proxy vm. But aside from learning how to setup it doesn’t make any sense because it is all based in your home network so when you go to a website the hoster will see your normal IP adress. Maybe you should look up some basic network tutorial videos or books, to get an understanding how routing and networks work before trying to setup your own vpn server.
thank you “The gardener” your breakdown explains what I was looking for. To everyone also thank you for your instructions and explanations it helped me out as well.
The two videos I posted was to show you “dispouser5134” what I was coming across trying to understand networking. The last video "qubes tutorial 4"from “switch to Linux” explains how to “I guess you could call a filter/trap” and pass the rest of the internet over to another appvm browser.
@TheGardner
Well I did the layout you explained for both tor and clearnet and for some reason I have no internet access. I go to “sys-net” in networking drop down it has “none/current” selected. I go through the tabs and it states networking disable go back to basic and select networking. Wherdo I go from here cuz and I still have yellow triangles on some of the networking for things. Even templates even though I have changed them to none in networking.
I go in to sys-net settings I look at “firewall rules” and it states…
This qube has networking disabled (basic->Networking) - networking will be disabled. If you want to use firewall, please enable networking.
I go back to basic hit networking drop down and only have these choices…
default-(sys-firewall)
sys-firewall
ays-net
sys-usb
sys-whonix
(none) (current) and this is where sys-net has chosen.
So then I click sys-firewall for networking and get… ERROR:Basic tab: loops in network are unsupported.
So no internet connection right now for anything.
nvm, I found my issues and fixed them.
Wow… did dom0 update and a chit ton of stuff came across… salts, hypervisor, kernel stuff and found and dixed my tor issue.
life is good now!!!
Alright, then I’ll drop my answer then.
, all of you guys were a big help! As far as I am concerned issue has been addressed. Have a great week everyone.