Playing with qubes

I’ve decided to write some of the setup I use.

The layout would contains :

  1. Building light qubes os installer and 4Kn debian template.
  2. Detached header and encrypted boot.
  3. Setting up dom0 and vm.
  4. Running dom0 and DispVM in tmpfs.

In this thread it would only talking about building light qubes (dom0 only) and
make a 4Kn debian template.

What you need is :
Fedora AppVM to run qubes-builder, you can use fc34 / fc35.
2 or more vcpu, 6gb or more ram
30gb private storage.

Every command below is issued in your builder vm.

How to :
-Qubes Key

[] gpg2 --import /usr/share/qubes/qubes-master-key.asc
[] gpg2 --edit-key qubes
[] trust
[] 5
[] q
[] wget https://keys.qubes-os.org/keys/qubes-developers-keys.asc
[] gpg2 --import qubes-developers-keys.asc

-Qubes Builder

[] git clone https://github.com/QubesOS/qubes-builder.git qubes-builder
[] cd qubes-builder
[] git tag -v git describe # add ` between git describe
[] cat >>builder.conf<< EOF

# vim: ft=make

VERBOSE ?= 2

BACKEND_VMM ?= xen

GIT_BASEURL ?= https://github.com
GIT_PREFIX ?= QubesOS/qubes-

RELEASE ?= 4.1

DIST_DOM0 ?= fc32
DISTS_VM ?= bullseye+minimal

COMPONENTS = \
    installer-qubes-os \
    linux-yum \
    builder-rpm \
    builder-debian \
    linux-template-builder 

BUILDER_PLUGINS ?= builder-rpm builder-debian

USE_QUBES_REPO_VERSION = 4.1
USE_QUBES_REPO_TESTING = 1
ISO_USE_KERNEL_LATEST = 1
ISO_VERSION = 5111341

INSTALLER_KICKSTART=/home/user/qubes-src/installer-qubes-os/conf/travis-iso-full.ks
EOF

[] make get-sources
[] make install-deps

-Delete fedora, whonix, and debian build

[] sed -i ‘/@whonix/d’ qubes-src/installer-qubes-os/conf/qubes-kickstart.cfg
[] sed -i ‘/@debian/d’ qubes-src/installer-qubes-os/conf/qubes-kickstart.cfg
[] sed -i ‘/@fedora/d’ qubes-src/installer-qubes-os/conf/qubes-kickstart.cfg

-Build debian 4Kn template

[] cd qubes-src/linux-template-builder
[] curl https://github.com/51lieal/qubes-linux-template-builder/commit/e656f59a18e15e58ec68a2e94fd47bc5da8efca2.patch | git apply v
[] cd ~/qubes-builder
[] make template

-Build Qubes

[] make remount
[] make iso

-Mount drive to /mnt and copy template & iso

[] sudo cp /iso/*.iso /mnt

[] sudo cp qubes-src/installer-qubes-os/rpm/noarch/*.rpm /mnt

That’s it how you build light qubes-os-installer and 4Kn debian template.

Please no question about the next step in here, so we can make a Q&A in the right post, qubes-builder related is okay. Lets wait in the couple days for the next step.

2 Likes

Awesome work! Do you have a more self-explanatory title suggestion for this project?

Maybe something relating to the use-case where one would need this? Or just a combination these:

1 Like