So is this possible to do with a flashdrive for boot and one for header?
Hello.
So far, Iāve gotten to the point where I entered
tar -C /boot --acls --xattrs --one-file-system -cf /tmp/boot.tar
But every time I tried it, I got this output
tar: Cowardly refusing to create an empty archive
Try 'tar --help' or 'tar --usage' for more information.
Iām sure I followed the instructions, so far, to the letter so where could I have gone wrong?
Not sure how this is going to effect your guides yet (need to dig into it more deeply), but there are big changes coming in grub, though unfortunately qubes 4.1.2 only has grub 2.4.
LUKS2 has been added to grub, though they are still waiting on Argon2i/d, it is in the AUR version.
(Continue in next post, since new users can only include two linksā¦)
Also: āGrub gained detached header support on 8th June 2022 with commit 1deb5214.ā
(Continue in next postā¦)
āAs of this notice the current Grub version 2.06 predates this change, however the Arch Linux Grub package is based of the master branch and therefore includes this support. Other distributions may have to wait for the next Grub release.ā
the problem is not in the grub, main problem is in anaconda.
you can manually pick argon2i/d in the 4.1.
Hey. Has anyone been able to run this kind of installation recently?
Qubes installation GUI has changed a lot since the original posting of this thread and it seems 51lieal has gone radio silent.
I contacted him personally last year to ask for help for a particular setup involving a detached encrypted boot and header along with a single OS drive and a two-disk RAID to store the vm-pool. Sadly, Iāve been too busy with a lot of stuff to actually go through with the thing.
I recently tried taking a stab at this.
Hereās the first of the scripts.
Script a
#!/bin/bash
# Check lsblk first then change the variables according to the listed devices' directories
RT="/dev/sdb" # M.2 SSD
VM1="/dev/sda" # SATA SSD 1
VM2="/dev/sdc" # SATA SSD 2
FD="/dev/sde" # USB Flash Drive
EF="/dev/sde1"
BT="/dev/sde2"
# Rescan Drive
partprobe $RT
partprobe $FD
partprobe $VM1
partprobe $VM2
# Create boot, EFI, and LUKS partitions for USB Flash Drive (FD)
sgdisk -n 0:0:+600MiB -t 0:ef02 $FD
sgdisk -n 0:0:+2GiB -t 0:ef00 $FD
sgdisk -n 0:0:+16MiB -t 0:8309 $FD
sgdisk -n 0:0:+16MiB -t 0:8309 $FD
sgdisk -n 0:0:+16MiB -t 0:8309 $FD
partprobe $FD
mkfs.vfat $EF
mkfs.xfs -f $BT
# Encrypt root partition
cryptsetup -c serpent-xts-plain64 -h ripemd160 -s 512 -y -i 60000 --use-random --pbkdf argon2id luksFormat $RT #M.2 SSD
cryptsetup -c twofish-xts-plain64 -h whirlpool -s 512 -y -i 60000 --use-random --pbkdf argon2id luksFormat $VM1 # SATA SSD 1
cryptsetup -c twofish-xts-plain64 -h whirlpool -s 512 -y -i 60000 --use-random --pbkdf argon2id luksFormat $VM2 # SATA SSD 2
# Open root device
cryptsetup luksOpen $RT luks-root #M.2 SSD
cryptsetup luksOpen $VM1 luks-vm1 # SATA SSD 1
cryptsetup luksOpen $VM2 luks-vm2 # SATA SSD 2
# Create PV
pvcreate /dev/mapper/luks-root #M.2 SSD
pvcreate /dev/mapper/luks-vm1 # SATA SSD 1
pvcreate /dev/mapper/luks-vm2 # SATA SSD 2
# Create VG
vgcreate qubes_dom0 /dev/mapper/luks-root #M.2 SSD
vgcreate qubes_domU /dev/mapper/luks-vm1 /dev/mapper/luks-vm2 # SATA SSD 1 & 2, prepare to make RAID array
# Create LV
lvcreate -n swap -L 16G qubes_dom0 #Create (encrypted) SWAP partition in root
lvcreate -T -L 64G qubes_dom0/root-pool
lvcreate -V32G -T qubes_dom0/root-pool -n root
# According to 51lieal, if the root exceeds 32GB, it will extend the partition to 64GB (as defined above)
lvcreate -m 1 --type raid1 -L 100G --nosync -n vm qubes_domU # Create RAID1 array
# Format Partition
mkfs.xfs /dev/qubes_domU/vm
mkswap /dev/qubes_dom0/swap
After running script a, Iām supposed to go back to the GUI to finish the installation. The install, as 51lieal and I discussed, would involve the logical volume manager however I was unable to set any mount points for the partitions created in /sdb (my main OS drive) so I tried to contact him. No reply so far.
So I wonder if anybody else here can help me.
Thanks.