Where does the default configuration (create personal, untrusted, banking qubes) live?

Would like to build a custom ISO which changes the options on that screen of the installer.

Take a look in anaconda-addon/org_qubes_os_initial_setup
The qubes are created and configured using salt,and the states are
stored on dom0 in /srv/formulas/base/virtual-machines-formula/qvm
The source files are in mgmt-salt-dom0-virtual-machines/qvm

1 Like

Thanks, so if I wanted to customize:

  • extract RPM
  • examine the config
  • replace config with desired
  • build RPM
  • sign RPM
  • add my repo and signing key to the qubes-builder kickstarts
  • qubes-builder: make iso

and I’m going to have to figure out how to pull in my version of qubes-anaconda-addon-4.1.10-1.fc32.noarch.rpm in as a dependency.

Also if I wanted to add some post-install commands, (most likely untarring a .kde directory to /etc/skel), what is the Qubes way to do this? %post in a kickstart or another way?

You don’t need to “extract RPM” because the source is all there.
As you are building your own iso you can just install your own package.
The Qubes way is to salt it - but if you are going full tilt why not
build your own templates incorporating the entries you want?

1 Like

I’m working towards doing all that. Happy to donate…

Donations are always welcome.
PM me.
Anything of general interest should be posted as a guide or a specific
query in user support, so it’s available to other users.

Take a look in anaconda-addon/org_qubes_os_initial_setup

The kickstart file created by anaconda and saved in /root post install looks like this

%addon org_qubes_os_initial_setup
system_vms True
disp_firewallvm_and_usbvm True
disp_netvm False
default_vms False
whonix_vms False
whonix_default False
usbvm True
usbvm_with_netvm False
skip False
allow_usb_mouse False
allow_usb_keyboard False
default_template fedora-36
templates_to_install fedora
%end

Adding that code to a new kickstart doesn’t change the need to interact manually in the installer to perform the qubes initial setup. Trying to make this transparent to the user, wondering what I’m missing thanks.