Solution for building qubes-os.org website locally on Fedora 38/39/40 #237
Conversation
Add missing gem
After much trial and error with the currently presented solution, which does not work without additional measures, and even then either works badly, requiring a download of different components every time the VM starts and has inconsistent results, or requires installing Ruby anyway. But if we're already installing Ruby to fix issues with the main solution, why not just use Ruby as the main solution? I've tested this and it works reliably, with better performance than the podman solution, doesn't require podman and podman-compose, which pull far more dependencies on a standard qubes Fedora template than Ruby does (e.g. ~250 MB vs. ~30 MB additional installed size), and seems more robust. If anything, this PR should be accepted so that new users trying to get the offline web page to work don't have to experiment and research for 5 hours like I did to first discover the issues, diagnose them and then get a working solution; the fact that the main solution presented right now does not even mention the issues is unacceptable.
|
If so desired I could also add this to the Makefile, e.g. similarly to the solution in #207 The user can then either call Let me know if that is preferred. |
UndeadDevel
changed the title
UndeadDevel
changed the title
|
Adding an entry to the makefile is a good idea, maybe even for the setup step too, like |
Add rootless and rootless-setup targets
reflect changes to Makefile
Done. Tested on updated Fedora-38-based AppVM and StandaloneVM. |
Adds instructions for Debian-based qubes and updates message about which qubes this was tested on (namely all major templates of Qubes 4.2).
search more specifically in .local to avoid problems
|
@marmarek I've now tested this on fresh templates of |
|
Okay I've now retested this with As expected, the podman solution, which is still the only solution advertised on the README page doesn't work with the new Fedora-39 templates, which means the only official solution doesn't work with any of the officially supported templates (I've tested all the others last year). The solution of this PR, however, works flawlessly. I also signed with my own PGP key now instead of the GitHub one. Please merge. Test failure is not due to this PR: |
|
PipelineRefresh Hmm...doesn't work; I was trying to make it run the integration tests again...looks like I was using the wrong keyword. Is the failed test the problem or is there another reason why this is still not merged? I've tested it on all standard QubesOS templates successfully and it's kind of embarrassing that the official solution on the landing page of this repo hasn't worked for years...I can't be the only one who wasted hours trying to get it to work. |
|
PipelineRetry |
1 similar comment
|
PipelineRetry |
There is an access list who can issue commands... |
I suspected...well the failure is the same as in all the other doc PRs (not due to this PR): |
|
On Thu, Apr 18, 2024 at 02:31:43AM -0700, UndeadDevel wrote:
I suspected...well the failure is the same as in all the other doc PRs (not due to this PR):
Fixed both of these errors
|
Nice! It might be worth running PipelineRetry on all the PRs with integration check failed status in qubes-doc, as most are sitting there waiting for review, so there likely won't be more commits to trigger a new check. |
Add info about fedora-40 templates successfully tested.
|
Tested both Since this is probably now the most thoroughly tested PR in this repo and the first templates I tested (fedora-38 ones) are now EOL, thus making that effort a total waste, and no reason has been given why this is not getting merged, the latest Fedora templates will be the last I'll have tested for this PR. |
UndeadDevel
changed the title
|
I tried to follow the instructions of the main branch on Debian 12 and it failed, following this PR helped me. I don't know if it's relevant (because I didn't try exactly theses rootless instructions in the first place) but I got this error:
Replacing |
There was a problem hiding this comment.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Approved as of f0ad5c73070e5141a94bc5bb2f53e7481bb2ea9f
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEnYWYU8Ll1fIX9iss8yiUvpaEk4oFAmZuQn8ACgkQ8yiUvpaE
k4q03xAAnBNaphhqW/5s+sBDY2NjjUrvWV1D8lgn4d7p92xp/70U2GSRlVkTx6z6
peuO4DOtcNV2FVdE1ovOjLcLCoJXaph4qtEGoqS7dvpcajjalW47zVscD78bwc0u
1cej1I0IOl/puS+MzNBxc8BYb7Rhe+LUELx0J8mtlsBEZ1pCbT5MBPwvPCIX1Hr1
m1IzkXH7EULQS/fy6JpqZp5A9nZDWjBYxm2WPN9drKCx64UJaxWMFMBkskCcfVGr
wFO7URJi8KazD9y9RlWCeQJuL07GEbFvv5KOWAn92xt5eXLJYxoUANPKkUfa0NYO
wUxeP/OApWJVaik1b5WTtX8pHi16yNBdFPqWwUVVNPaEI0Ts/MikdPt3Llj94XUe
XR319j9Ce48n7TwPeOr45a6f0ZfCYm48OfHrJR3BV/N7tVkdu2PbbFNMZfTwBleY
NbQvlwXvWppnaVVgUsMb4E/CHWtZwGldWRtbSeqm0n6aByd78neTl6KJVPkGC7+t
/rZldjBcZSKDjBDZYt8hDEwRLUaeqqs8N8E7Qn0H6+5K/R7UAnYpblSSpsCqy/3L
onPVsOvSHdzvmIYaR5XH9i9Ub1hzxEW8U+qAprJEAKF+1igp5sjoAa4Ur3XtVeKa
kr8JxovJRghhAdObJdAKnlc7bVce/qI1+IYl0r+4qqG+B6M/UEs=
=LPtk
-----END PGP SIGNATURE-----
andrewdavidwong
changed the title
The currently presented solution does not work without additional measures taken, and even then either works badly, requiring a download of different components every time the VM starts and has inconsistent results, or requires installing Ruby in addition to podman and podman-compose.
But if we're already installing Ruby to fix issues with the main solution, why not just use Ruby as the main solution? I've tested this and it works reliably, with better performance than the podman solution, without requiring podman or podman-compose, which pull far more dependencies than Ruby does (e.g. ~250 MB vs. ~30 MB additional installed size on a standard qubes Fedora template), and seems more robust.
To sum up:
sudowhen launching the server (of interest for those who use VM hardening measures)