Whonix Host may not be too far away. In theory.
We’re close to with “hardened debian” (new name still needed).
We already have a raw image creation during build process. Was asking myself, what’s so hard about (perhaps compressing and) uploading it? Once uploaded, users can write it onto an USB drive. (Perhaps using
Installation of Tails is also a multiple step process:
Burn image to USB:
- Tails linux: https://tails.boum.org/install/linux/usb/index.en.html
- Tails Windows: https://tails.boum.org/install/linux/usb/index.en.html
- Tails Mac: https://tails.boum.org/install/mac/usb/index.en.html
(These tools might not work for Whonix since Whonix would produce a raw image rather than iso image. Dunno if that makes a difference for these tools.)
Disk size issues: We don’t know how big the target device is. A 16 GB stick (we only need perhaps 4 GB) or 1000 GB USB hard drive. We have
--vmsize but what size do we select for default download users? I remember netrunner-odroid has a script “on boot, expand my parition to maximum size of this boot drive”.
Once “hardened debian” (new name still needed) is writeable to disks using that instructions it’s not far to install a virtualizer by default and to copy the VM images over and set them up by default. Just one more build step.
- no installer
- no full disk encryption - or … 
 Imagine one installed Debian using Debian installer without encryption. How could one encrypt the system with re-installation?
Disadvantages: Host operating system opens a can of worms. Hardware support to only mention one issue.