From 7e245d0be9d9b88098d82260de6f41ca6036b0d5 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sat, 24 Feb 2018 17:47:32 +0000 Subject: [PATCH 1/8] Create building-whonix-template.md --- building/building-whonix-template.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 building/building-whonix-template.md diff --git a/building/building-whonix-template.md b/building/building-whonix-template.md new file mode 100644 index 00000000..a1b5a5f8 --- /dev/null +++ b/building/building-whonix-template.md @@ -0,0 +1,9 @@ +--- +layout: doc +title: Building Whonix Templates +permalink: /doc/building-whonix-template/ +redirect_from: +- /en/doc/building-whonix-template/ +--- + +## Building Whonix Templates From 04d842d8a32a431d31d7487540ac9d965ae1fc88 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sat, 24 Feb 2018 18:38:06 +0000 Subject: [PATCH 2/8] initial doc --- building/building-whonix-template.md | 37 ++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/building/building-whonix-template.md b/building/building-whonix-template.md index a1b5a5f8..e9c4404e 100644 --- a/building/building-whonix-template.md +++ b/building/building-whonix-template.md @@ -7,3 +7,40 @@ redirect_from: --- ## Building Whonix Templates + +The Whonix templates are easily downloaded and installed by following this [procedure](doc/whonix/install/). +However, they are integrated into `qubes-builder` so they are easy to build yourself if you prefer. +Note that you will need to create `anon-whonix` yourself if you do so, but see [this issue](qubes-issues/issues/3601). + +First, create the [Build Environment](doc/qubes-r3-building/) (follow the build environment section only). + +Next, configure the builder: + +~~~ +cd ~/qubes-builder +./setup +# Select Yes to add Qubes Master Signing Key +# Select Yes to add Qubes OS Signing Key +# Select 3.2 or 4.0 for version +# Stable +# Yes (we want to build only templates) +# Select builder-fedora, builder-debian, template-whonix, mgmt-salt (builder will complain if you don't include builder-fedora, but we don't actually use it) +# Choose Yes to add adrelanos@riseup.net third party key +# Yes (to download) +# Select whonix-gateway, whonix-workstation (for the currently shipping templates) +~~~ + +Continue the build process with: + +~~~ +make install-deps +make get-sources +~~~ + +Finally, use: + +~~~ +make qubes-vm +make template +~~~ + From 6835884ff04a75ead30377a32380086fbcaf36b2 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sat, 24 Feb 2018 18:40:18 +0000 Subject: [PATCH 3/8] update link name --- building/building-whonix-template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/building/building-whonix-template.md b/building/building-whonix-template.md index e9c4404e..6ddd225c 100644 --- a/building/building-whonix-template.md +++ b/building/building-whonix-template.md @@ -8,7 +8,7 @@ redirect_from: ## Building Whonix Templates -The Whonix templates are easily downloaded and installed by following this [procedure](doc/whonix/install/). +The Whonix templates are easily downloaded and installed by following the [procedure here](doc/whonix/install/). However, they are integrated into `qubes-builder` so they are easy to build yourself if you prefer. Note that you will need to create `anon-whonix` yourself if you do so, but see [this issue](qubes-issues/issues/3601). From 58a7dddb9078991336298cdc35914fafad1f05e0 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sat, 24 Feb 2018 18:44:09 +0000 Subject: [PATCH 4/8] don't use full email address --- building/building-whonix-template.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/building/building-whonix-template.md b/building/building-whonix-template.md index 6ddd225c..43f956d3 100644 --- a/building/building-whonix-template.md +++ b/building/building-whonix-template.md @@ -10,7 +10,7 @@ redirect_from: The Whonix templates are easily downloaded and installed by following the [procedure here](doc/whonix/install/). However, they are integrated into `qubes-builder` so they are easy to build yourself if you prefer. -Note that you will need to create `anon-whonix` yourself if you do so, but see [this issue](qubes-issues/issues/3601). +Note that you will need to create `anon-whonix` manually if you do so, but see [this issue](qubes-issues/issues/3601). First, create the [Build Environment](doc/qubes-r3-building/) (follow the build environment section only). @@ -25,7 +25,7 @@ cd ~/qubes-builder # Stable # Yes (we want to build only templates) # Select builder-fedora, builder-debian, template-whonix, mgmt-salt (builder will complain if you don't include builder-fedora, but we don't actually use it) -# Choose Yes to add adrelanos@riseup.net third party key +# Choose Yes to add adrelanos's third party key # Yes (to download) # Select whonix-gateway, whonix-workstation (for the currently shipping templates) ~~~ From e3cfe7a6cb519431c5f2b16823934aae1e2a9d96 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sun, 25 Feb 2018 17:23:36 +0000 Subject: [PATCH 5/8] add building-whonix-template --- doc.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc.md b/doc.md index a1ed41bb..b61b06c9 100644 --- a/doc.md +++ b/doc.md @@ -265,6 +265,7 @@ Building * [Building Qubes Templates](https://github.com/QubesOS/qubes-template-configs) * [Building a TemplateVM based on a new OS (ArchLinux example)](/doc/building-non-fedora-template/) * [Building the Archlinux Template](/doc/building-archlinux-template/) + * [Building the Whonix Templates](//doc/building-whonix-template/) * [How to compile kernels for dom0](https://groups.google.com/d/topic/qubes-users/yBeUJPwKwHM/discussion) Releases From ed4771b98d6ae46ae41446094afb2bb3d825fcb0 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sun, 25 Feb 2018 17:24:24 +0000 Subject: [PATCH 6/8] remove duplicate "/" --- doc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc.md b/doc.md index b61b06c9..4310fe91 100644 --- a/doc.md +++ b/doc.md @@ -265,7 +265,7 @@ Building * [Building Qubes Templates](https://github.com/QubesOS/qubes-template-configs) * [Building a TemplateVM based on a new OS (ArchLinux example)](/doc/building-non-fedora-template/) * [Building the Archlinux Template](/doc/building-archlinux-template/) - * [Building the Whonix Templates](//doc/building-whonix-template/) + * [Building the Whonix Templates](/doc/building-whonix-template/) * [How to compile kernels for dom0](https://groups.google.com/d/topic/qubes-users/yBeUJPwKwHM/discussion) Releases From 76a379b3b42d14132bc4ab6dc61139dae809a6c4 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Sun, 25 Feb 2018 20:02:57 +0000 Subject: [PATCH 7/8] finalize steps --- building/building-whonix-template.md | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/building/building-whonix-template.md b/building/building-whonix-template.md index 43f956d3..2c250359 100644 --- a/building/building-whonix-template.md +++ b/building/building-whonix-template.md @@ -8,11 +8,14 @@ redirect_from: ## Building Whonix Templates -The Whonix templates are easily downloaded and installed by following the [procedure here](doc/whonix/install/). -However, they are integrated into `qubes-builder` so they are easy to build yourself if you prefer. -Note that you will need to create `anon-whonix` manually if you do so, but see [this issue](qubes-issues/issues/3601). +The Whonix templates are easily downloaded and installed by following the [procedure here](/doc/whonix/install/). +However, they are integrated into `qubes-builder` so they are straight-forward to build yourself if you prefer. -First, create the [Build Environment](doc/qubes-r3-building/) (follow the build environment section only). +Many other Qubes templates can also be built by following this procedure. +Simply choose the appropriate builder(s) and template(s) you wish to build in the `./setup` procedure below. +Always include the `mgmt-salt` builder. + +First, set up the [Build Environment](/doc/qubes-r3-building/#build-environment) (follow the build environment section only). Next, configure the builder: @@ -24,9 +27,9 @@ cd ~/qubes-builder # Select 3.2 or 4.0 for version # Stable # Yes (we want to build only templates) -# Select builder-fedora, builder-debian, template-whonix, mgmt-salt (builder will complain if you don't include builder-fedora, but we don't actually use it) +# Select builder-fedora, builder-debian, template-whonix, mgmt-salt (setup won't let you continue if you don't include builder-fedora, but we don't actually use it) # Choose Yes to add adrelanos's third party key -# Yes (to download) +# Yes (to download sources) # Select whonix-gateway, whonix-workstation (for the currently shipping templates) ~~~ @@ -44,3 +47,16 @@ make qubes-vm make template ~~~ +Once the build is complete, the install packages for your newly built templates will be located in `/qubes-builder/qubes-src/linux-template-builder/rpm/noarch`. +Copy them from there to dom0 and install: + +~~~ +qvm-run --pass-io 'cat ~/qubes-builder/qubes-src/linux-template-builder/rpm/noarch/qubes-template-whonix-gw-4.0.0-201802250036.noarch.rpm' > ~/qubes-template-whonix-gw-4.0.0-201802250036.noarch.rpm +qvm-run --pass-io 'cat ~/qubes-builder/qubes-src/linux-template-builder/rpm/noarch/qubes-template-whonix-ws-4.0.0-201802250145.noarch.rpm' > ~/qubes-template-whonix-ws-4.0.0-201802250145.noarch.rpm +sudo dnf install qubes-template-whonix-gw-4.0.0-201802250036.noarch.rpm +sudo dnf install qubes-template-whonix-ws-4.0.0-201802250145.noarch.rpm +~~~ + +And you are done! + + From f93944708a80e59816394c312dc72828abf74288 Mon Sep 17 00:00:00 2001 From: awokd <34515595+awokd@users.noreply.github.com> Date: Mon, 19 Mar 2018 09:30:51 +0000 Subject: [PATCH 8/8] add step for WHONIX_TBB_VERSION --- building/building-whonix-template.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/building/building-whonix-template.md b/building/building-whonix-template.md index 2c250359..694e149a 100644 --- a/building/building-whonix-template.md +++ b/building/building-whonix-template.md @@ -40,6 +40,28 @@ make install-deps make get-sources ~~~ +You will often need to edit/update `qubes-src/template-whonix/builder.conf` at this stage to specify the currently shipping Tor Browser version. +Open it in your favorite editor, then look for "Extra Whonix Build Options" and add/edit the `WHONIX_TBB_VERSION` variable to specify the current version. +For example: + +``` +################################################################################ +# Extra Whonix Build Options +################################################################################ + +# Whonix repository. +WHONIX_APT_REPOSITORY_OPTS ?= stable +#WHONIX_APT_REPOSITORY_OPTS = off + +# Use turbo mode to build template +BUILDER_TURBO_MODE ?= 1 + +# Enable Tor by default (0: disable; 1: enable) +WHONIX_ENABLE_TOR ?= 0 + +WHONIX_TBB_VERSION ?= 7.5.2 +``` + Finally, use: ~~~