We actually ended up using Whonix KVM and placing images to:

Please kindly consider jointing the related discussion improving compression of Whonix image downloads:
https://forums.whonix.org/t/improving-compression-of-whonix-image-downloads/7086

To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).

There's been research showing that trying to hide CPU information in a virtualizer is futile.

In T714#15381, @Algernon wrote:

It will still depend on the user looking out for this indicator. Easiest is probably something like notify-send with a high duration time so a user will see it and click it away. Could be made part of whonixcheck or maybe use whonixcheck itself instead.

I opened a small pull request for grub-live. Also the alternative version ro-mode-init lives at https://github.com/Algernon-01/ro-mode-init

virt-sparsify solution dropped because needs booting the image with qemu-system (not clean, to much unknown consequences, see attached ouptut).

It will still depend on the user looking out for this indicator. Easiest is probably something like notify-send with a high duration time so a user will see it and click it away. Could be made part of whonixcheck or maybe use whonixcheck itself instead.

What would be useful is some sort of indication on the desktop that system is running in live mode vs persistent mode.

Merged.

ip=frommedia needs to be added to the kernel command line otherwise the network interfaces won't be configured in live mode. I uploaded the changes to the repo.

Sure, I'll add instructions for the installation and some general remarks around live mode to the Whonix live wiki entry.

Added to https://github.com/Whonix/Whonix/tree/master/packages, build, and uploaded to Whonix (14) developers repository.

Test wise installed the package.

Hmm, odd it did not work for you. I tested it with the whonix build script and also the upgrade from 13 to 14 with the local packages repo. Both produced the correct GRUB menu with all options.
What did you do, just copying 11_linux to /etc/grub.d/ and running update-grub I guess?

Fixed.

In T714#14865, @Algernon wrote:

Made the file somewhat smaller:
https://github.com/Algernon-01/grub-live/commit/c8f8a24dbac305cdbbff0d2d53d14b699cc4a2b4

Perfect!

Made the file somewhat smaller:
https://github.com/Algernon-01/grub-live/commit/c8f8a24dbac305cdbbff0d2d53d14b699cc4a2b4

/etc/grub.d/11_linux_live is still a lot code duplication.

Should boot=live union=overlay plainroot be injected at line https://github.com/adrelanos/grub-live/blob/master/etc/grub.d/11_linux_live#L353 as well?

In T714#14861, @Algernon wrote:

Changes for initramfs-tools based live system:

https://github.com/Whonix/anon-meta-packages/pull/7

Changes for initramfs-tools based live system:

Most of them don't seem to interact with the normal boot process, right?

Algernon (Algernon):> Packages would be: live-boot, live-config-systemd,

live-config-initramfs-tools, live-tools.

Packages would be: live-boot, live-config-systemd, live-config-initramfs-tools, live-tools.
I'm wondering if then there really needs to be an extra package for the other files. Currently only the apparmor config for the new home and alias as well as the grub config file would be in there. I think the apparmor related edits could also be merged with the files in the apparmor-profile-anondist. There are some packages for grub but they all have a quite specific name. So either make a dedicated grub-live package or make the live patch package as before or merge the grub config file somewhere else.

In T714#14808, @Algernon wrote:

As stated here: https://forums.whonix.org/t/replacing-initramfs-tools-with-dracut-for-live-systems/4487
there is still option 5 if you feel uncomfortable with dracut in general.

As stated here: https://forums.whonix.org/t/replacing-initramfs-tools-with-dracut-for-live-systems/4487
there is still option 5 if you feel uncomfortable with dracut in general.
A "normal" live system with overlayfs should be possible without patches. We would mostly need to pull in some debian live packages.
Copying the whole filesystem to RAM would not work without patches. Of course there is no possibility to use device mapper though maybe most end users won't care about that.
Some minor edits to the grub config file and apparmor stuff would be required.

For reference: