Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Qubes: RPM Packaging #431

Closed
Tracked by #412
deeplow opened this issue May 29, 2023 · 5 comments · Fixed by #543
Closed
Tracked by #412

Qubes: RPM Packaging #431

deeplow opened this issue May 29, 2023 · 5 comments · Fixed by #543
Assignees
@apyrgio
Labels
P:Qubes QubesOS integration
Milestone
0.5.0

Comments

@deeplow
Copy link
Contributor

deeplow commented May 29, 2023
edited by apyrgio
Loading

Package Dangerzone for Qubes OS in a way that satisfies the following requirements:

Related discussions:
@deeplow deeplow added the P:Qubes QubesOS integration label May 29, 2023
@deeplow deeplow mentioned this issue May 29, 2023
Closed
7 tasks
@deeplow deeplow changed the title Qubes Integ: Packaging Qubes Integ: Packaging ("easy" installation) May 29, 2023
@eloquence
Copy link
Member

What we discussed today as goals for the 0.5.0 release:

  • We'll ship dedicated RPM and, as a stretch goal, DEB packages for Qubes via packages.freedom.press. These will be much smaller than our standard packages since we do not need to ship a container image.
  • Installation will require manual steps, likely including:
    • configuration of the packages.freedom.press repository in the desired template
    • creation of a networkless disposable VM template
    • configuration of RPC policies

For now, we're not focusing on providing a dom0 installer or script, but we'll discuss more with both the Qubes team & the SecureDrop team how we want to approach provisioning in the long run.

Please let me know if that's an accurate summary or if I'm missing anything!

@deeplow
Copy link
Contributor Author

deeplow commented Jun 2, 2023

Please let me know if that's an accurate summary or if I'm missing anything!

I think it is :)

This was referenced Jun 7, 2023
Closed
Closed
@apyrgio apyrgio added this to the 0.5.0 milestone Jun 13, 2023
@apyrgio apyrgio changed the title Qubes Integ: Packaging ("easy" installation) Qubes: Packaging ("easy" installation) Jun 14, 2023
@apyrgio apyrgio changed the title Qubes: Packaging ("easy" installation) Qubes: Packaging Jun 14, 2023
@apyrgio apyrgio mentioned this issue Jun 14, 2023
Closed
@apyrgio apyrgio changed the title Qubes: Packaging Qubes: RPM Packaging Aug 23, 2023
@apyrgio apyrgio mentioned this issue Aug 23, 2023
Open
@deeplow deeplow mentioned this issue Aug 23, 2023
Closed
@apyrgio apyrgio self-assigned this Aug 28, 2023
@apyrgio
Copy link
Contributor

apyrgio commented Sep 6, 2023
edited
Loading

Install the necessary Tesseract OCR data

I have tested adding Requires: tesseract-langpack-* in the RPM spec for Dangerzone, but it turns out that, while the package can be created, installation fails with:

Error: 
 Problem: conflicting requests
  - nothing provides tesseract-langpack-* needed by dangerzone-qubes-0.4.2-1.fc38.x86_64 from @commandline

Unfortunately, Fedora does not offer the equivalent virtual package of tesseract-ocr-all in Debian, so we're left with three options:

  1. Enumerate all the tesseract language packages (123 as of writing this) within the RPM spec file.

    • We may be able to script this by taking advantage of our ocr-languages.json file, but I haven't tested it yet.

  2. Ask the user in our installation instructions to install dangerzone-qubes tesseract-langpack-*, allowing them to substitute tesseract-langpack-* with any language pack that they plan to use.

  3. Make the Tesseract language models for the first 10 most spoken languages in the world a direct dependency. These languages are:

    • English
    • Chinese (Mandarin)
    • Hindi
    • Spanish
    • French
    • Arabic (Standard)
    • Bengali
    • Portuguese
    • Russian
    • Urdu

    (Source: https://www.statista.com/statistics/266808/the-most-spoken-languages-worldwide/)

    They are spoken by ~5.37 billion people (66.7% of the total world population). For reference this is where Qubes users were located in 2020:

    Qubes user map

    (Source: https://www.qubes-os.org/news/2020/11/26/qubes-survey-results/)

    We can have a note in our installation instructions, for Qubes users that are not covered by these languages, that they can install them in their fedora-38-dz template directly with dnf install -y tesseract-langpack-<lang>.

I'm leaning towards (3), because that's where we want to ultimately go with Dangerzone (#465, #448, #488). What do other people think?

Edit: @eloquence and @deeplow prefer option (1), so we will go with that.

@apyrgio
Copy link
Contributor

apyrgio commented Sep 6, 2023

Installation instructions

Since template VMs don't have network attached, it would have been tricky installing Dangerzone, since we need to download keys, configuration, and the actual packages.

Thankfully, our existing commands:

sudo dnf config-manager --add-repo=https://packages.freedom.press/yum-tools-prod/dangerzone/dangerzone.repo
sudo dnf install dangerzone

all pass through the updates proxy.

apyrgio added a commit that referenced this issue Sep 7, 2023
@apyrgio
install: Add Tesseract models as package reqs
75662cc 
Add Tesseract models for the 10 most spoken languages as package
requirements for Qubes. For containers, this problem is already solved
since we install all Tesseract models.

If a user is not covered by the installed models, they can install
extras on their own. We will add a note for this in subsequent commits.

Refs #431
apyrgio added a commit that referenced this issue Sep 7, 2023
@apyrgio
Add installation instructions for Qubes
5226912 
Add instructions for installing Dangerzone on Qubes from our official
repos. These instructions are adapted from the build instructions, but
have been greatly simplified because we don't need some of the qubes
that the development environment needs.

Closes #431
@apyrgio apyrgio mentioned this issue Sep 7, 2023
Merged
@eloquence
Copy link
Member

Enumerate all the tesseract language packages (123 as of writing this) within the RPM spec file.

As discussed in team meeting, that would be my vote for now. We'll want to a more robust approach to languages across platforms, with a lean default configuration and optional downloading ideally triggered via the UI. But I'd prefer to avoid doing something bespoke just for Qubes right now, also in terms of "principle of least surprise".

@apyrgio apyrgio mentioned this issue Sep 11, 2023
Closed
apyrgio added a commit that referenced this issue Sep 25, 2023
@apyrgio
install: Add Tesseract models as package reqs
22a58d8 
Add Tesseract models for the 10 most spoken languages as package
requirements for Qubes. For containers, this problem is already solved
since we install all Tesseract models.

If a user is not covered by the installed models, they can install
extras on their own. We will add a note for this in subsequent commits.

Refs #431
@deeplow deeplow mentioned this issue Nov 8, 2023
Open
@apyrgio apyrgio mentioned this issue Nov 23, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@apyrgio apyrgio

Labels
P:Qubes QubesOS integration
Projects
None yet
Milestone
0.5.0
Development

Successfully merging a pull request may close this issue.

Add installation instructions for Qubes freedomofpress/dangerzone
3 participants
@eloquence @apyrgio @deeplow