Please allow me to leave this here for all the lost souls finding this thread in an attempt to install signal:
#!/bin/bash
min_template=debian-11-minimal
signal_template=deb-11-signal
# clone
qvm-clone $min_template $signal_template
# install networking, curl, notification daemon & nautilus
qvm-run --pass-io -u root $signal_template "apt install --no-install-recommends qubes-core-agent-passwordless-root qubes-core-agent-networking curl xfce4-notifyd nautilus qubes-core-agent-nautilus zenity -y"
# add signal key & repo
qvm-run --pass-io -u root $signal_template "curl --proxy http://127.0.0.1:8082/ -s https://updates.signal.org/desktop/apt/keys.asc | apt-key add -"
qvm-run --pass-io -u root $signal_template 'echo "deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main" | tee -a /etc/apt/sources.list.d/signal-xenial.list'
# update & install signal
qvm-run --pass-io -u root $signal_template "apt update && apt full-upgrade -y && apt install --no-install-recommends signal-desktop -y && poweroff"
This will obviously also work with a debian-10, debian-10-minimal or a debian-11 template. The notification daemon is required, otherwise signal will hang the first time you get a message and the focus was away from the app. Nautilus is not required but obviously useful when handling files.