Qubes installation comes with a bunch of VMs.
There are Fedora and Debian templates that must be trusted.
How hard is it to do this: Remove all VMs, keep only the window manager on top of Xen. Then bring your own template, say, latest Debian. From there make a cube for firewall, networking etc. Use Qubes OS as a VM manager,. This way, i don’t need to trust so much code (small TCB).
I am not sure what you meant by “your own template”, but during install you can choose not to install anything. After that you have to provide yourself with everything. Never tried though, so I’m not sure how it looks, but I guess it’s just bare dom0, or similar.
Yes, bare dom0. BYO means download Debian image from Debian website as your template!
But keep in mind that I want Qubes features (not just a proxmox with easy navigation between VMs). For example, if I create a new VM from my own template, the OS files will be read only, and only home changes.
Has anyone done this? Is it difficult to create sys-net, sys-firewall etc?
The templates are done by the same people you already trust for dom0. I don’t understand the trust/security benefits from using your own Debian images.
I agree. I guess she should trusts Qubes devs, but no dev will guarantee template’s distro consistence, unlike for the one in dom0 for which the devs provide full support.
So, she shouldn’t trust Fedora/Whonix/Debian devs, right?
A template might have been compromised, but not dom0. It depends on the context.
In any case, I just want the hypervisor setup with the ability to run my own code afterwards. There are a lot of images and too much code in the Qubes installation.