first, is there any chance we can get the kvm images on the whonix.org server? for documentation purposes, using gitlab requires a lot more steps and is a bit of a pain in the ass. ideally, when kicksecure is ready for deployment, it would be great if the kvm images were either included with the distro or installable via apt-get.
as for some of the other issues that i considered not newb friendly involving kvm, i’'ve been able to offer some scripts around the issue that can be run on the host. if i get them to something user friendly enough, would it be worth including with the whonix kvm tarballs? i’ve found a fairly simple way to script shrinking the qcow2 sizes after updates. also, while it’s still rough at the moment, i think i may be able to offer a user friendly script to snapshot the workstation in a way that still allows for a writethrough persistent disk. just exploring how to make it bash complete friendly with the tab key. currently playing with creating filenames based on date/time.
some other observations i’ve had are as follows.
1, with whonix in read-only disk mode and using live boot, it may be worth adding a script function that is autocalled to make “live mode” the default boot option after the first boot and, hopefully, update and dist-upgrade.
2, include an update script that will boot the whonix individual whonix images in read/write mode for update purposes, which will then reset the images to read-only mode after shutdown. steps could be added to use zerofill and other steps to shrink the disk sizes in between. i am playing with this at the moment.
right. but would it not make sense to the whonix kvm files in the repo for kicksecure? it could make set up fairly simple and cut github out of the picture. for example, all the xml loading and tweaking could be handled by the installer, rather than being done manually. could basically bundle it to install all the required kvm/virsh dependencies. there’s probably issues i’m overlooking (updates for example). simply looking for a good way to remove github, since downloading the files via the cli has become more and more cumbersome with them.
the more i’ve played with some of the ideas mentioned here, the more it is appearing that i am over thinking solutions to minor problems. some of the scripting i’ve been experimenting this has become more involved than simply explaining to a user how to do something. even the sourceforge/cli issue (which i mistakenly referred to as github earlier) appears workable.
