Up to you.
I will just echo what other people have already said in this thread and say itâs a great idea, I love it, but it needs official backing from the Qubes team whos signing keys we all already trust, therefore the chain of trust can be extended without having to put the burden on users to audit and understand the code they are running in dom0 to install liteqube. Most people just donât have time for that.
At that stage, it might as well get upstreamed into QubesOS proper, perhaps as a 2nd version to install as a âliteâ version (perhaps similar to Lubuntu?)
@arkenoi maybe you could try get some funding for the project to turn it into something proper?
1 Like
Well, I documented almost everything. The accusation âit runs a lot in dom0â is a myth (at least for now when we do not even have widgets), there is a bunch of harmless notification services on dom0 end mostly, and thatâs it. Will publish on github soon.
The install script is very simple, too.
Will try to get some EU grant, letâs see how it goes.
2 Likes
Well, pushed the update to GitHub - arkenoi/liteqube: Liteqube - put Qubes OS on a diet
will prepare the release tomorrow, meanwhile feel free to look, test and tell me what you think
3 Likes
What is actually the point of Liteqube? Like if I would just switch to minimal templates and remove stuff I donât need from them? What difference it would make?
1 Like
Protected boot, readonly root, secrets not spread across qubes, easy installation so you do not need to experiment. Come on, itâs all in README. I keep answering the same questions again and again: âwhy not just minimal templatesâ, âwe do not trust complex scripts in dom0â.
2 Likes
This is a good answer. You need to set up a tl;dr somewhere based on this
1 Like
I am willing to try this thing out when you will release 1.0 version. And I think more people will be willing to try this out when you will release it as an iso, not post installation script
I personally even know on what hardware (for my case) to this is on
1 Like
I did! It is in README. Will try to emphasize it somehow 
2 Likes
1.0 will mostly focus on moving installation process to some at least semi-declarative with correct rollbacks. Functionality change would be minimal (widgets maybe)
2 Likes
The Readme is a good read ⌠and⌠it has âMbâ instead of âGbâ in a few places, referring to RAM.
2 Likes
Ha! Those are typos from Alex Barinov era and I did not notice them til now :)) will fix.
Most important, I documented whole RPC thing.
2 Likes
Bug report:
On a fresh install of R4.3.0, while trying to install liteqube-0.97, while running ./install.sh in 1.Base, I get:
./install.sh: line 108: [: missing ]'`
Line 108 reads:
if [ x"${VM_CORE_CREATED}" = x"true" && -e "/dev/mapper/${VM_GROUP}--${VM_LVM}--root" ] ; then
⌠so itâs unclear what happened. Checked the previous âtest constructsâ and they all seem to have properly matched brackets (â[â and â]â).
1 Like
Ah, mystery solved: you cannot have â&&â inside the [âŚ] test.
You have to either:
- use â-aâ (and) instead of â&&â, or
- separate the two tests : [ test1 ] && [ test2 ] .
2 Likes
So⌠same thing happens on line 110. This fixes the install.sh script :
$ diff install_bad.sh install.sh
108c108
< if [ x"${VM_CORE_CREATED}" = x"true" && -e "/dev/mapper/${VM_GROUP}--${VM_LVM}--root" ] ; then
---
> if [ x"${VM_CORE_CREATED}" = x"true" ] && [ -e "/dev/mapper/${VM_GROUP}--${VM_LVM}--root" ] ; then
110c110
< if [ x"${ROOT_DISK_MB}" != x"" && x"${ROOT_DISK_MB}" != x"0" ] ; then
---
> if [ x"${ROOT_DISK_MB}" != x"" ] && [ x"${ROOT_DISK_MB}" != x"0" ] ; then
Later EDIT:
Ok, I gave up on 0.97.
âStep 2.Networkingâ install.sh also throws errors, first of which caused by the script referencing a file âliteqube-0.97/2.Network/default.first/dom0/etc/qubes-rpc/policy/liteqube.SignalTorâ which does not exist. Actually, the whole âpolicyâ directory doesnât exist in that path.
2 Likes
Probably my install wasnât clean enough. More motivation to do better rollbacks. Will make an update soon. Sorry for inconvenience, it was last minute commit before travel.
2 Likes
please try the repo clone. 1-3 should definitely work now. the rest i will clean up in the next couple of days.
i did not pay proper attention to all this because i am moving it to ansible in parallel, my bad.
2 Likes