How to Create Qubes OS VMs on the Command Line

While it is relatively easy to create VMs using the Qubes Manager GUI, personally I prefer to use the command line.

This tutorial on how to create Qubes OS VMs on the command line is generally aimed at beginners that want to learn how to efficiently script the creation of new Qubes VMs. It explains the different types or classes of VMs, how the volumes work and how to use the command line tools qvm-create, qvm-clone, qvm-prefs, qubes-prefs, qvm-run and qvm-volume to manage the different VMs.

Ohhh f*ck, is this good! Thank you very much for this link!!!

On a quick read, it is a good pulling together of material from the docs.

Some things I noticed that were wrong or missing:

1. It’s bizarrely wrong to say that there is not terminal emulator in a
   minimal template - debian-12-minimal has xterm and uxterm pre-installed.
2. When creating a qube from a template, it’s correct that some prefs
   are not carried across from the template. Name and IP are unique. The
   remainder come from whatever is set in global defaults. I dont think
   this was stated.
3. When creating a qube from a template, /home in the template is not
   copied in to qubes, as stated. But the contents of /etc/skel in the
   template are used to populate /home/user in the qube. This means that
   you can put user preferences, local installed programs, etc in
   /etc/skel, and every qube created from that template will have the
   same preferences/programs pre-installed.
4. qvm-create has a --property option which allows you to specify
   preferences at creation time, rather than running qvm-create followed
   by qvm-prefs
5. Many uses of deprecated terms, like TemplateVM, disposableVM, DispVM,
   etc. The correct terms are in the glossary,
   and should be used for simplicity.

While you can use command line to create and provision qubes, for more
complex work, it’s suggested that you use salt. There is a guide here on
the Forum , and an introduction in the docs

Wow this is better than I expected xD

Hold your horses, I plan on much more Qubes blogposts xD

This one was just something simple to start with lol.

1-5 THANK YOU for looking at it so deeply! I will definitely fix that today! HIGHLY appreciated :))))

I’ve been using Qubes (on and off) for quite a few years (I started around qubes 3.1 or so I think).

I’m a bit at war with salt… I actually run a IT company and in the beginning we did everything with salt so I’m very very familiar with it. I wrote about 80 formulas back in the day and managed a couple hundret debian servers with it. We switched to ansible about 5y ago.

I konw the Salt from 3.2 and 4.0 and have just looked at it again. I honestly just don’t like it.

I actually also fully (100%, including restoring backups) automate my qubes setup. As in my qubes setup is like copy scripts to dom0, press ENTER, watch things happen and terminals open and close, and after like 20 min all VMs exist (starting from a fresh install). But I do that in bash, because salt is driving me crazy. Its a religion thing I think

There is also a py lib thats badly maintained to manage qubes, as well as some ansible modules…
Both I didn’t like.

1. It’s bizarrely wrong to say that there is not terminal emulator in a
   minimal template - debian-12-minimal has xterm and uxterm pre-installed.

fixed

2. When creating a qube from a template, it’s correct that some prefs
   are not carried across from the template. Name and IP are unique. The
   remainder come from whatever is set in global defaults. I dont think
   this was stated.

fixed, added a note to qubes-prefs

3. When creating a qube from a template, /home in the template is not
   copied in to qubes, as stated. But the contents of /etc/skel in the
   template are used to populate /home/user in the qube. This means that
   you can put user preferences, local installed programs, etc in
   /etc/skel, and every qube created from that template will have the
   same preferences/programs pre-installed.

fixed, added that AppVMs get their /home contents from TemplateBasedVMs /etc/skel dir.

4. qvm-create has a --property option which allows you to specify
   preferences at creation time, rather than running qvm-create followed
   by qvm-prefs

fixed, in order to not have to rewrite everything, and also because I think it would make qvm-create commands rather long and uneasy to read, I kept the article as is and just added a note about it.

5. Many uses of deprecated terms, like TemplateVM, disposableVM, DispVM,
   etc. The correct terms are in the glossary,
   and should be used for simplicity.

I did change DisposableVM to DispVM. When I use qvm-ls on my 4.2 install, it still shows me TemplateVM as type, and I think i’ll stick with that as long as thats the case, as it would otherwise be confusing to people who are new to qubes, but I did add a note about it and the link you provided.

Thank you VERY MUCH again. Your input is REALLY helpful!

I hadn’t realised that you were the author of that blog.
Thanks for taking my comments in such a good spirit.

I have to say that I like Salt, and find it (relatively) easy to use in
Qubes, even for complex use cases. I used to use scripts, but found them
unwieldy after a while. I find salt helps to provide a clearer and more easily
understandable self documenting system. But each to their own.

I think you should mention that /usr/local.orig from template will be copied to /usr/local in app qube as well:

thank you!! I added that information as well as a link to the doc

Thanks for taking my comments in such a good spirit.

Of course, its free proof-reading I’m VERY happy about that!!
I plan on writing a number of additional qubes blogposts soon, so that is very welcome.

salt

yeah I understand your picture. I was half way into investing time into ansible to make that more pretty and usable for qubes, but I lack the time