diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 92c44a8..bc2eeea 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -6,6 +6,10 @@ version: 2 updates: - package-ecosystem: "github-actions" - directory: "/" + directory: "**/*" + schedule: + interval: "weekly" + - package-ecosystem: "gitsubmodule" + directory: "**/*" schedule: interval: "weekly" diff --git a/.github/workflows/build-40.yaml b/.github/workflows/build-40.yaml index 4c5f283..d75b996 100644 --- a/.github/workflows/build-40.yaml +++ b/.github/workflows/build-40.yaml @@ -1,18 +1,94 @@ -name: ublue bootc 40 +name: Build + on: pull_request: - merge_group: - schedule: - - cron: '5 15 * * *' # 3pm-ish UTC everyday (timed against official fedora container pushes) - workflow_dispatch: push: branches: - main + schedule: + # Weekly on Monday at 00:00 + - cron: '0 0 * * 1' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref || github.run_id }} + cancel-in-progress: true jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yaml - secrets: inherit - with: - fedora_version: 40 + build-atomic: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + id-token: write + env: + IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/${{ matrix.images }}-bootc + FEDORA_VERSION: 40 + strategy: + fail-fast: false + matrix: + images: + - base + - budgie + - cinnamon + - deepin + - silverblue + - kinoite + - lxqt + - mate + - sway + - xfce + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + submodules: true + + - name: Maximize build space + uses: ublue-os/remove-unwanted-software@v7 + + - name: Install Just + uses: extractions/setup-just@v1 + + - name: Update podman + run: | + # from https://askubuntu.com/questions/1414446/whats-the-recommended-way-of-installing-podman-4-in-ubuntu-22-04 + ubuntu_version='22.04' + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" + echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel-kubic-libcontainers-unstable.list + curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + sudo apt update + sudo apt install -y podman + + - name: Build Image + run: | + just build-atomic ${{ matrix.images }} + podman tag localhost/fedora-bootc-atomic-${{ matrix.images }}:latest ${{ env.IMAGE_NAME }}:${{ env.FEDORA_VERSION }} + podman tag localhost/fedora-bootc-atomic-${{ matrix.images }}:latest ${{ env.IMAGE_NAME }}:${{ github.sha }} + + - name: Run Image + run: podman run --rm -it ${{ env.IMAGE_NAME }}:${{ github.sha }} bootc --help + + - name: Push Image + if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || github.event_name == 'schedule' + uses: redhat-actions/push-to-registry@v2 + with: + tags: | + ${{ env.IMAGE_NAME }}:latest + ${{ env.IMAGE_NAME }}:${{ github.sha }} + ${{ env.IMAGE_NAME }}:${{ env.FEDORA_VERSION }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Sign container + - uses: sigstore/cosign-installer@v3.6.0 + if: github.event_name != 'pull_request' + + - name: Sign container image + if: github.event_name != 'pull_request' + run: | + cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ env.IMAGE_NAME }}@${{ github.sha }} + env: + TAGS: ${{ steps.build_image.outputs.digest }} + COSIGN_EXPERIMENTAL: false + COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} diff --git a/.github/workflows/reusable-build.yaml b/.github/workflows/reusable-build.yaml deleted file mode 100644 index efdd5c9..0000000 --- a/.github/workflows/reusable-build.yaml +++ /dev/null @@ -1,211 +0,0 @@ -name: build-ublue -on: - workflow_call: - inputs: - fedora_version: - description: 'The Fedora release version: 39, 40, 41 etc' - required: true - type: string -env: - IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} - -concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.fedora_version }} - cancel-in-progress: true - -jobs: - build_ublue: - name: main - runs-on: ubuntu-24.04 - permissions: - contents: read - packages: write - id-token: write - strategy: - fail-fast: false - matrix: - fedora_version: - - ${{ inputs.fedora_version }} - image_name: - - base - - silverblue - - kinoite - - steps: - # Checkout GitHub repository - - name: Checkout Push to Registry action - uses: actions/checkout@v4 - - - name: Matrix Variables - shell: bash - run: | - echo "IMAGE_NAME=${{ matrix.image_name }}-bootc" >> $GITHUB_ENV - - - name: Generate tags - id: generate-tags - shell: bash - run: | - # Generate a timestamp for creating an image version history - TIMESTAMP="$(date +%Y%m%d)" - VARIANT="${{ matrix.fedora_version }}" - - if [[ "${{ matrix.fedora_version }}" -eq "40" ]]; then - IS_LATEST_VERSION=true - IS_STABLE_VERSION=true - IS_GTS_VERSION=false - elif [[ "${{ matrix.fedora_version }}" -eq "41" ]]; then - IS_LATEST_VERSION=false - IS_STABLE_VERSION=false - IS_GTS_VERSION=false - fi - - COMMIT_TAGS=() - BUILD_TAGS=() - - # Have tags for tracking builds during pull request - SHA_SHORT="${GITHUB_SHA::7}" - COMMIT_TAGS+=("pr-${{ github.event.number }}-${VARIANT}") - COMMIT_TAGS+=("${SHA_SHORT}-${VARIANT}") - - if [[ "${IS_LATEST_VERSION}" == "true" ]] && \ - [[ "${IS_STABLE_VERSION}" == "true" ]]; then - COMMIT_TAGS+=("pr-${{ github.event.number }}") - COMMIT_TAGS+=("${SHA_SHORT}") - fi - - BUILD_TAGS=("${VARIANT}") - - # Append matching timestamp tags to keep a version history - for TAG in "${BUILD_TAGS[@]}"; do - BUILD_TAGS+=("${TAG}-${TIMESTAMP}") - done - - if [[ "${IS_LATEST_VERSION}" == "true" ]] && \ - [[ "${IS_STABLE_VERSION}" == "true" ]]; then - BUILD_TAGS+=("${TIMESTAMP}") - BUILD_TAGS+=("latest") - elif [[ "${IS_GTS_VERSION}" == "true" ]]; then - BUILD_TAGS+=("gts-${TIMESTAMP}") - BUILD_TAGS+=("gts") - fi - - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - echo "Generated the following commit tags: " - for TAG in "${COMMIT_TAGS[@]}"; do - echo "${TAG}" - done - alias_tags=("${COMMIT_TAGS[@]}") - else - alias_tags=("${BUILD_TAGS[@]}") - fi - - echo "Generated the following build tags: " - for TAG in "${BUILD_TAGS[@]}"; do - echo "${TAG}" - done - - echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT - - # in addition to existing tag logic, add docker/metadata friendly tags - METADATA_TAGS=$( - for TAG in "${alias_tags[@]}"; do - echo "${TAG}" - done) - echo "METADATA_TAGS<> $GITHUB_ENV - echo "$METADATA_TAGS" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - - name: Get current version - id: labels - uses: Wandalen/wretry.action@v3.5.0 - with: - attempt_limit: 3 - attempt_delay: 15000 - command: | - set -eo pipefail - ver=$(skopeo inspect docker://quay.io/fedora/fedora-bootc:${{ matrix.fedora_version }} | jq -r '.Labels["org.opencontainers.image.version"]') - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV - - # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. - # https://github.com/macbre/push-to-ghcr/issues/12 - - name: Lowercase Registry - id: registry_case - uses: ASzc/change-string-case-action@v6 - with: - string: ${{ env.IMAGE_REGISTRY }} - - # Generate image metadata - - name: Image Metadata - uses: docker/metadata-action@v5 - id: meta - with: - images: | - ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }} - labels: | - org.opencontainers.image.title=${{ env.IMAGE_NAME }} - org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }} - org.opencontainers.image.description=A base Universal Blue ${{ matrix.image_name }}-bootc image with batteries included - io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md - io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4 - tags: | - ${{ env.METADATA_TAGS }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - if: github.event_name != 'pull_request' - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - # Build/push image using docker buildx action - - name: Build and Push Image - id: build_image - uses: docker/build-push-action@v6 - with: - push: ${{ github.event_name != 'pull_request' }} - context: . - file: ./Containerfile - platforms: linux/x86_64 - build-args: | - IMAGE_NAME=${{ matrix.image_name }} - FEDORA_VERSION=${{ matrix.fedora_version }} - FEDORA_EDITION=${{ matrix.image_name }} - labels: ${{ steps.meta.outputs.labels }} - tags: ${{ steps.meta.outputs.tags }} - - # Sign container - - uses: sigstore/cosign-installer@v3.6.0 - if: github.event_name != 'pull_request' - - - name: Sign container image - if: github.event_name != 'pull_request' - run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS} - env: - TAGS: ${{ steps.build_image.outputs.digest }} - COSIGN_EXPERIMENTAL: false - COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} - - - name: Echo outputs - if: github.event_name != 'pull_request' - run: | - echo "${{ toJSON(steps.push.outputs) }}" - - check: - name: Check all ${{ inputs.fedora_version }} builds successful - if: ${{ !cancelled() }} - runs-on: ubuntu-latest - needs: [build_ublue] - steps: - - name: Exit on failure - if: ${{ needs.build_ublue.result == 'failure' }} - shell: bash - run: exit 1 - - name: Exit - shell: bash - run: exit 0 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d6f6793 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +fedora-comps/ +.osbuild/output/** diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..2becfc4 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "base-images"] + path = base-images + url = https://gitlab.com/fedora/bootc/base-images diff --git a/.osbuild/config.toml b/.osbuild/config.toml new file mode 100644 index 0000000..514719f --- /dev/null +++ b/.osbuild/config.toml @@ -0,0 +1,5 @@ +[[customizations.user]] +name = "alice" +password = "bob" +key = "ssh-rsa AAA ... user@email.com" +groups = ["wheel"] diff --git a/Containerfile b/Containerfile index ec64da4..5a196ac 100644 --- a/Containerfile +++ b/Containerfile @@ -1,15 +1,17 @@ -ARG BASE_IMAGE="quay.io/fedora/fedora-bootc" -ARG FEDORA_VERSION="${FEDORA_VERSION:-40}" -ARG FEDORA_EDITION="${FEDORA_EDITION:-silverblue}" +FROM quay.io/fedora/fedora:40 as repos -FROM ${BASE_IMAGE}:${FEDORA_VERSION} +FROM quay.io/centos-bootc/bootc-image-builder:latest as builder +ARG MANIFEST=fedora-bootc-full.yaml -ARG FEDORA_VERSION -ARG FEDORA_EDITION +COPY --from=repos /etc/dnf/vars /etc/dnf/vars +COPY --from=repos /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-* /etc/pki/rpm-gpg -COPY scripts/ /tmp/scripts -COPY packages.json /tmp/packages.json +COPY . /src +WORKDIR /src +RUN rm -vf /src/*.repo +COPY --from=repos /etc/yum.repos.d/*.repo /src +RUN --mount=type=cache,target=/workdir --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared rpm-ostree compose image \ + --image-config fedora-bootc-config.json --cachedir=/workdir --format=ociarchive --initialize ${MANIFEST} /buildcontext/out.ociarchive -RUN chmod +x /tmp/scripts/*.sh /tmp/scripts/_${FEDORA_EDITION}/*.sh && \ - /tmp/scripts/setup.sh --version ${FEDORA_VERSION} --desktop ${FEDORA_EDITION} && \ - /tmp/scripts/cleanup.sh --version ${FEDORA_VERSION} --desktop ${FEDORA_EDITION} +FROM oci-archive:./out.ociarchive +RUN --mount=type=bind,from=builder,src=.,target=/var/tmp --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared rm /buildcontext/out.ociarchive diff --git a/base-images b/base-images new file mode 160000 index 0000000..8b55112 --- /dev/null +++ b/base-images @@ -0,0 +1 @@ +Subproject commit 8b551127e609dbd0a71077d261d133e0ec57b930 diff --git a/comps-sync-exclude-list.yml b/comps-sync-exclude-list.yml new file mode 100644 index 0000000..266aebd --- /dev/null +++ b/comps-sync-exclude-list.yml @@ -0,0 +1,300 @@ +# This file has a list of packages to skip from comps that we don't want + +# Entirely skip all packages in those groups for the common set of packages +exclude_list_groups: + - libreoffice + - gnome-desktop + - container-management + - base-x + - arm-tools + +# Always exclude packages matching those regexp: +# - PackageKit is spread across various groups +# - We can not include openh264. See https://fedoraproject.org/wiki/OpenH264 +exclude_list_all_regexp: + - "PackageKit.*" + - "gstreamer1-plugin-openh264" + - "mozilla-openh264" + - "openh264" + # No idea where Plymouth has gone, but it's no longer in the repos + - plymouth + - plymouth-system-theme + +# Common exclude list for all ostree desktop versions +exclude_list: + core: + # # We use rpm-ostree for the host + # - dnf + # - dnf-plugins-core + # - dnf5 + # - dnf5-plugins + - yum + # Not sure why this is there at all + - dracut-config-rescue + # Eh...you can install this in a priv container + - parted + # https://bugzilla.redhat.com/show_bug.cgi?id=1452348 + - grubby + # Colin says we also don't need grubby-deprecated + - grubby-deprecated + # Why? + - ncurses + workstation-product: + # # We use rpm-ostree for the host + # - dnf + # - dnf-plugins-core + # - dnf5 + # - dnf5-plugins + # - deltarpm + # - python3-dnf-plugin-system-upgrade + # - python3-dnf-plugins-core + # We use fedora-release-silverblue instead + - fedora-release-workstation + # Really not worth listing explicitly + - filesystem + - mailcap + # This seems like some weird legacy thing, it also + # drags in usermode, which should also be deprecated + # and blocks a /usr/sbin + /usr/bin unification. + - setuptool + # This probably doesn't need to be default + - ppp + # We removed cronie a while ago, should nuke these too + - crontabs + - at + # This drags in a huge dependency set of dnf bits + - abrt-cli + - abrt-desktop + - abrt-java-connector + # Requires libreoffice + - unoconv + # Will change to git-core as git pulls in Perl + - git + # Apps + - evolution + - evolution-ews + - evolution-help + - mediawriter + - rhythmbox + # This is ancient now, and IMO has been superceded by cgroups + # Also it breaks with --unified-core. + - psacct + # Random tools: container + - jwhois + - net-tools + - nmap-ncat + - rdist + - tcpdump + - telnet + - traceroute + # filesystem tools, again priv container + - dosfstools + - symlinks + # Misc + - dos2unix + # Gnome specific + - desktop-backgrounds-gnome + - gnome-shell-extension-background-logo + - pinentry-gnome3 + # Excluded here for all desktops and manually re-added in Silverblue manifest + - qadwaitadecorations-qt5 + # X11 specific + - xorg-x11-drv-libinput + networkmanager-submodules: + # Let's use the builtin one by default + - dhcp-client + printing: + # We don't use PackageKit + - cups-pk-helper + # For now... + - ghostscript + +# Desktop environment specific exclude lists +desktop_exclude_list: + gnome-desktop: + # Non-critical apps -> Flatpak + - baobab + - cheese + - snapshot + - evince + - evince-djvu + - evince-nautilus + - file-roller + - file-roller-nautilus + - gnome-boxes + - gnome-calculator + - gnome-calendar + - gnome-characters + - gnome-clocks + - gnome-connections + - gnome-contacts + - gnome-documents + - gnome-font-viewer + - gnome-logs + - gnome-maps + - gnome-photos + - gnome-screenshot + - gnome-text-editor + - gnome-weather + - jwhois + - loupe + - rdist + - sane-backends-drivers-scanners + - simple-scan + - sushi + - symlinks + - tcpdump + - telnet + - totem + - totem-nautilus + - traceroute + budgie-desktop: + # Incompatible with ostree for various reasons + - abrt-desktop + - cups-pk-helper + - dnfdragora + # Remove uncommon NetworkManager plugins + - NetworkManager-fortisslvpn-gnome + - NetworkManager-iodine-gnome + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-sstp-gnome + - NetworkManager-strongswan-gnome + budgie-desktop-apps: + # Non-critical apps -> Flatpak + - atril + - eom + - gnome-calculator + - parole + - rhythmbox + kde-desktop: + # Incompatible with ostree for various reasons + - abrt-desktop + - cups-pk-helper + - dnfdragora + - plasma-pk-updates + # Misc + - ksshaskpass + - kwebkitpart + # Remove some NetworkManager plugins that pull-in lesser used VPN packages + - plasma-nm-l2tp + - plasma-nm-openswan + - plasma-nm-pptp + # Remove initial-setup from Kinoite + # See: https://fedoraproject.org/wiki/Changes/KDERemoveInitialSetup + - initial-setup-gui + xfce-desktop: + # Incompatible with ostree for various reasons + - abrt-desktop + - dnfdragora-updater + # Non-critical apps -> Flatpak + - fros-recordmydesktop + - tumbler + # Misc + - alsa-utils + - firewall-config + - openssh-askpass + - vim-enhanced + # Remove uncommon NetworkManager plugins + - NetworkManager-fortisslvpn-gnome + - NetworkManager-iodine-gnome + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-sstp-gnome + - NetworkManager-strongswan-gnome + xfce-apps: + # Non-critical apps -> Flatpak + - claws-mail + - catfish + - claws-mail-plugins-archive + - claws-mail-plugins-att-remover + - claws-mail-plugins-attachwarner + - claws-mail-plugins-fetchinfo + - claws-mail-plugins-mailmbox + - claws-mail-plugins-newmail + - claws-mail-plugins-notification + - claws-mail-plugins-pgp + - claws-mail-plugins-rssyl + - claws-mail-plugins-smime + - claws-mail-plugins-spam-report + - claws-mail-plugins-tnef + - claws-mail-plugins-vcalendar + - geany + - pidgin + - seahorse + - transmission + lxqt-desktop: + # Incompatible with ostree for various reasons + - dnfdragora-updater + # X11 is going away with Plasma 6 + - sddm-x11 + deepin-desktop: + # Incompatible with ostree for various reasons + - dnfdragora-updater + mate-desktop: + # Incompatible with ostree for various reasons + - abrt-desktop + - abrt-java-connector + - dnfdragora-updater + # Non-critical apps -> Flatpak + - blivet-gui + - filezilla + - gnome-disk-utility + - gnome-logs + - gnote + - gparted + - hexchat + - p7zip + - p7zip-plugins + - simple-scan + - thunderbird + - transmission-gtk + - vim-enhanced + - xfburn + - yelp + # Non critical NetworkManager plugins + - NetworkManager-iodine-gnome + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-ovs + - NetworkManager-sstp-gnome + - NetworkManager-strongswan-gnome + - NetworkManager-team + # Already in the common set + - wireplumber + swaywm-extended: + # Non-critical apps -> Flatpak + - mpv + cinnamon-desktop: + # Incompatible with ostree for various reasons + - abrt-desktop + - abrt-java-connector + - dnfdragora-updater + # Non-critical apps -> Flatpak & toolbox + - eom + - gnome-calculator + - gucharmap + - hexchat + - mpv + - pidgin + - sane-backends-drivers-scanners + - shotwell + - simple-scan + - thunderbird + - tmux + - tmux-powerline + - transmission + - vim-powerline + - xed + - xfburn + - xreader + # Not default to cinnamon + - paper-icon-theme + # Non critical NetworkManager plugins + - NetworkManager-iodine-gnome + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-ovs + - NetworkManager-sstp-gnome + - NetworkManager-strongswan-gnome + - NetworkManager-team diff --git a/desktops/base/fedora-common-ostree.yaml b/desktops/base/fedora-common-ostree.yaml new file mode 100644 index 0000000..30597d8 --- /dev/null +++ b/desktops/base/fedora-common-ostree.yaml @@ -0,0 +1,138 @@ +# Default to `bash` in our container, the same as other containers we ship. +container-cmd: + - /usr/bin/bash + +include: + - packages-common-ostree.yaml + # See: https://gitlab.com/fedora/ostree/sig/-/issues/1 + # - bootupd.yaml + +packages: + # Ensure that we have a kernel. Kernel packages are not in any comps group + - kernel + - kernel-modules + - kernel-modules-extra + # Do not include "full" Git as it brings in Perl + - git-core + # Explicitely add Git docs + - git-core-doc + - lvm2 + # Required for compatibility with old bootloaders until we have bootupd + # See https://github.com/fedora-silverblue/issue-tracker/issues/120 + - ostree-grub2 + # Required until we've completed the move to systemd-sysusers + # See: https://github.com/fedora-silverblue/issue-tracker/issues/362 + - nss-altfiles + # Container management + - buildah + - podman + - skopeo + # Keep slirp4netns for rootless containers until it's fully deprecated in podman + # See: https://github.com/fedora-silverblue/issue-tracker/issues/547 + - slirp4netns + # See: https://github.com/fedora-silverblue/issue-tracker/issues/503 + - systemd-container + # Provides terminal tools like clear, reset, tput, and tset + - ncurses + # Flatpak support + - flatpak + - xdg-desktop-portal + # HFS filesystem tools for Apple hardware + # See https://github.com/projectatomic/rpm-ostree/issues/1380 + - hfsplus-tools + # Contains default ostree remote config to be used on client's + # system for fetching ostree update + - fedora-repos-ostree + # the archive repo for more reliable package layering + # https://github.com/coreos/fedora-coreos-tracker/issues/400 + - fedora-repos-archive + # Always include at least full English language support by default + # https://gitlab.com/fedora/ostree/sig/-/issues/14 + - langpacks-en + +selinux: true +documentation: true +boot-location: modules +etc-group-members: + - wheel +tmp-is-dir: true + +ignore-removed-users: + - root +ignore-removed-groups: + - root +check-passwd: + type: file + filename: ./files/passwd +check-groups: + type: file + filename: ./files/group + +default_target: graphical.target + +packages-aarch64: + - grub2-efi + - efibootmgr + - shim +packages-ppc64le: + - grub2 +packages-x86_64: + - grub2-efi-ia32 + - grub2-efi-x64 + - grub2-pc + - efibootmgr + - shim-ia32 + - shim-x64 + +# Make sure the following are not pulled in when Recommended by other packages +exclude-packages: + - PackageKit + # We can not include openh264. See https://fedoraproject.org/wiki/OpenH264 + - gstreamer1-plugin-openh264 + - mozilla-openh264 + - openh264 + # # Always exclude dnf when pulled in as a dependency + # - dnf + # - dnf-plugins-core + # - dnf5 + # - dnf5-plugins + # https://github.com/fedora-silverblue/issue-tracker/issues/517 + - grubby + - sdubby + +postprocess: + - | + #!/usr/bin/env bash + set -xeuo pipefail + + # Work around https://bugzilla.redhat.com/show_bug.cgi?id=1265295 + # From https://github.com/coreos/fedora-coreos-config/blob/testing-devel/overlay.d/05core/usr/lib/systemd/journald.conf.d/10-coreos-persistent.conf + install -dm0755 /usr/lib/systemd/journald.conf.d/ + echo -e "[Journal]\nStorage=persistent" > /usr/lib/systemd/journald.conf.d/10-persistent.conf + + # See: https://src.fedoraproject.org/rpms/glibc/pull-request/4 + # Basically that program handles deleting old shared library directories + # mid-transaction, which never applies to rpm-ostree. This is structured as a + # loop/glob to avoid hardcoding (or trying to match) the architecture. + for x in /usr/sbin/glibc_post_upgrade.*; do + if test -f ${x}; then + ln -srf /usr/bin/true ${x} + fi + done + + # Remove loader directory causing issues in Anaconda in unified core mode + # Will be obsolete once we start using bootupd + rm -rf /usr/lib/ostree-boot/loader + + # Undo RPM scripts enabling units; we want the presets to be canonical + # https://github.com/projectatomic/rpm-ostree/issues/1803 + rm -rf /etc/systemd/system/* + systemctl preset-all + rm -rf /etc/systemd/user/* + systemctl --user --global preset-all + + # Fix triggerin for samba-client in cups package (not supported by rpm-ostree yet) + # https://github.com/fedora-silverblue/issue-tracker/issues/532 + ln -snf /usr/libexec/samba/cups_backend_smb /usr/lib/cups/backend/smb + +postprocess-script: "postprocess.sh" diff --git a/desktops/base/files/group b/desktops/base/files/group new file mode 100644 index 0000000..2f92833 --- /dev/null +++ b/desktops/base/files/group @@ -0,0 +1,50 @@ +root:x:0: +bin:x:1: +daemon:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mem:x:8: +kmem:x:9: +wheel:x:10: +cdrom:x:11: +mail:x:12: +man:x:15: +dialout:x:18: +floppy:x:19: +games:x:20: +tape:x:33: +video:x:39: +ftp:x:50: +lock:x:54: +audio:x:63: +nobody:x:99: +users:x:100: +utmp:x:22: +utempter:x:35: +ssh_keys:x:999: +systemd-journal:x:190: +dbus:x:81: +polkitd:x:998: +etcd:x:997: +dip:x:40: +cgred:x:996: +tss:x:59: +avahi-autoipd:x:170: +rpc:x:32: +sssd:x:993: +dockerroot:x:986: +rpcuser:x:29: +nfsnobody:x:65534: +kube:x:994: +sshd:x:74: +chrony:x:992: +tcpdump:x:72: +input:x:104: +systemd-timesync:x:991: +systemd-network:x:990: +systemd-resolve:x:989: +systemd-bus-proxy:x:988: +cockpit-ws:x:987: diff --git a/desktops/base/files/passwd b/desktops/base/files/passwd new file mode 100644 index 0000000..2cb1b68 --- /dev/null +++ b/desktops/base/files/passwd @@ -0,0 +1,32 @@ +root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/bin:/usr/sbin/nologin +daemon:x:2:2:daemon:/sbin:/usr/sbin/nologin +adm:x:3:4:adm:/var/adm:/usr/sbin/nologin +lp:x:4:7:lp:/var/spool/lpd:/usr/sbin/nologin +sync:x:5:0:sync:/sbin:/bin/sync +shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown +halt:x:7:0:halt:/sbin:/sbin/halt +mail:x:8:12:mail:/var/spool/mail:/usr/sbin/nologin +operator:x:11:0:operator:/root:/usr/sbin/nologin +games:x:12:100:games:/usr/games:/usr/sbin/nologin +ftp:x:14:50:FTP User:/var/ftp:/usr/sbin/nologin +nobody:x:99:99:Nobody:/:/usr/sbin/nologin +dbus:x:81:81:System message bus:/:/usr/sbin/nologin +polkitd:x:999:998:User for polkitd:/:/usr/sbin/nologin +etcd:x:998:997:etcd user:/var/lib/etcd:/usr/sbin/nologin +tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/usr/sbin/nologin +avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/usr/sbin/nologin +rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/usr/sbin/nologin +sssd:x:995:993:User for sssd:/:/usr/sbin/nologin +dockerroot:x:997:986:Docker User:/var/lib/docker:/usr/sbin/nologin +rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/usr/sbin/nologin +nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/usr/sbin/nologin +kube:x:996:994:Kubernetes user:/:/usr/sbin/nologin +sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/usr/sbin/nologin +chrony:x:994:992::/var/lib/chrony:/usr/sbin/nologin +tcpdump:x:72:72::/:/usr/sbin/nologin +systemd-timesync:x:993:991:systemd Time Synchronization:/:/sbin/nologin +systemd-network:x:991:990:systemd Network Management:/:/sbin/nologin +systemd-resolve:x:990:989:systemd Resolver:/:/sbin/nologin +systemd-bus-proxy:x:989:988:systemd Bus Proxy:/:/sbin/nologin +cockpit-ws:x:988:987:User for cockpit-ws:/:/sbin/nologin diff --git a/desktops/base/manifest.yaml b/desktops/base/manifest.yaml new file mode 100644 index 0000000..82246a0 --- /dev/null +++ b/desktops/base/manifest.yaml @@ -0,0 +1,2 @@ +include: + - ./packages-common-ostree.yaml diff --git a/desktops/base/packages-common-ostree.yaml b/desktops/base/packages-common-ostree.yaml new file mode 100644 index 0000000..3cea21d --- /dev/null +++ b/desktops/base/packages-common-ostree.yaml @@ -0,0 +1,222 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - NetworkManager + - NetworkManager-bluetooth + - NetworkManager-config-connectivity-fedora + - NetworkManager-wifi + - NetworkManager-wwan + - acl + - adcli + - alsa-ucm + - alsa-utils + - amd-gpu-firmware + - at-spi2-atk + - at-spi2-core + - atheros-firmware + - attr + - audit + - b43-fwcutter + - b43-openfwwf + - basesystem + - bash + - bash-color-prompt + - bash-completion + - bc + - bind-utils + - bluez-cups + - brcmfmac-firmware + - brltty + - btrfs-progs + - bzip2 + - chrony + - cifs-utils + - colord + - compsize + - coreutils + - cpio + - cryptsetup + - cups + - cups-browsed + - cups-filters + - curl + - cyrus-sasl-plain + - default-editor + - default-fonts-cjk-mono + - default-fonts-cjk-sans + - default-fonts-cjk-serif + - default-fonts-core-emoji + - default-fonts-core-math + - default-fonts-core-mono + - default-fonts-core-sans + - default-fonts-core-serif + - default-fonts-other-mono + - default-fonts-other-sans + - default-fonts-other-serif + - deltarpm + - dhcp-client + - dnf + - dnf-plugins-core + - dnsmasq + - e2fsprogs + - ethtool + - exfatprogs + - fedora-bookmarks + - fedora-chromium-config + - fedora-flathub-remote + - fedora-workstation-backgrounds + - fedora-workstation-repositories + - file + - filesystem + - firefox + - firewalld + - fpaste + - freeipa-client + - fros-gnome + - fwupd + - gamemode + - glibc + - glibc-all-langpacks + - gnupg2 + - gstreamer1-plugin-libav + - gstreamer1-plugins-bad-free + - gstreamer1-plugins-good + - gstreamer1-plugins-ugly-free + - gutenprint + - gutenprint-cups + - hostname + - hplip + - hunspell + - ibus-anthy + - ibus-gtk3 + - ibus-gtk4 + - ibus-hangul + - ibus-libpinyin + - ibus-libzhuyin + - ibus-m17n + - ibus-typing-booster + - intel-gpu-firmware + - iproute + - iptables-nft + - iptstate + - iputils + - iwlegacy-firmware + - iwlwifi-dvm-firmware + - iwlwifi-mvm-firmware + - kbd + - less + - libertas-firmware + - libglvnd-gles + - libsss_autofs + - libsss_sudo + - linux-firmware + - logrotate + - lrzsz + - lsof + - man-db + - man-pages + - mdadm + - mpage + - mt7xxx-firmware + - mtr + - nfs-utils + - nss-altfiles + - nss-mdns + - ntfs-3g + - ntfsprogs + - nvidia-gpu-firmware + - nxpwireless-firmware + - oddjob-mkhomedir + - opensc + - openssh-clients + - openssh-server + - orca + - ostree-grub2 + - pam_afs_session + - paps + - passwdqc + - pciutils + - pinfo + - pipewire-alsa + - pipewire-gstreamer + - pipewire-pulseaudio + - pipewire-utils + - plocate + - policycoreutils + - policycoreutils-python-utils + - procps-ng + - psmisc + - python3-dnf-plugins-core + - qemu-guest-agent + - qt5-qtbase + - qt5-qtbase-gui + - qt5-qtdeclarative + - qt5-qtxmlpatterns + - quota + - realmd + - realtek-firmware + - rootfiles + - rpm + - rpm-ostree + - rsync + - samba-client + - samba-common-tools + - samba-winbind + - selinux-policy-targeted + - setup + - shadow-utils + - sos + - speech-dispatcher + - spice-vdagent + - spice-webdavd + - sssd-ad + - sssd-common + - sssd-ipa + - sssd-kcm + - sssd-nfs-idmap + - sudo + - system-config-printer-udev + - systemd + - systemd-oomd-defaults + - systemd-resolved + - systemd-udev + - tar + - time + - tiwilink-firmware + - toolbox + - tree + - unzip + - uresourced + - usb_modeswitch + - usbutils + - util-linux + - vim-minimal + - wget2-wget + - which + - whois + - wireplumber + - words + - wpa_supplicant + - zip + - zram-generator-defaults +packages-x86_64: + - alsa-sof-firmware + - amd-ucode-firmware + - cirrus-audio-firmware + - hyperv-daemons + - intel-audio-firmware + - libva-intel-media-driver + - mcelog + - microcode_ctl + - open-vm-tools-desktop + - thermald + - virtualbox-guest-additions +packages-aarch64: + - hyperv-daemons + - open-vm-tools-desktop + - pd-mapper + - qcom-firmware + - qrtr + - rmtfs +packages-ppc64le: + - lsvpd + - powerpc-utils diff --git a/desktops/base/postprocess.sh b/desktops/base/postprocess.sh new file mode 100644 index 0000000..c788ada --- /dev/null +++ b/desktops/base/postprocess.sh @@ -0,0 +1,153 @@ +#!/usr/bin/env bash +set -xeuo pipefail + +# Setup unit & script for readonly sysroot migration: +# - https://fedoraproject.org/wiki/Changes/Silverblue_Kinoite_readonly_sysroot +# - https://bugzilla.redhat.com/show_bug.cgi?id=2060976 + +cat > /usr/lib/systemd/system/fedora-silverblue-readonly-sysroot.service <<'EOF' +[Unit] +Description=Fedora Silverblue Read-Only Sysroot Migration +Documentation=https://fedoraproject.org/wiki/Changes/Silverblue_Kinoite_readonly_sysroot +ConditionPathExists=!/var/lib/.fedora_silverblue_readonly_sysroot +RequiresMountsFor=/sysroot /boot +ConditionPathIsReadWrite=/sysroot + +[Service] +Type=oneshot +ExecStart=/usr/libexec/fedora-silverblue-readonly-sysroot +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target +EOF + +chmod 644 /usr/lib/systemd/system/fedora-silverblue-readonly-sysroot.service + +cat > /usr/libexec/fedora-silverblue-readonly-sysroot <<'EOF' +#!/bin/bash + +# Update an existing system to use a read only sysroot +# See https://fedoraproject.org/wiki/Changes/Silverblue_Kinoite_readonly_sysroot +# and https://bugzilla.redhat.com/show_bug.cgi?id=2060976 + +set -euo pipefail + +main() { + # Used to condition execution of this unit at the systemd level + local -r stamp_file="/var/lib/.fedora_silverblue_readonly_sysroot" + + if [[ -f "${stamp_file}" ]]; then + exit 0 + fi + + local -r ostree_sysroot_readonly="$(ostree config --repo=/sysroot/ostree/repo get "sysroot.readonly" &> /dev/null || echo "false")" + if [[ "${ostree_sysroot_readonly}" == "true" ]]; then + # Nothing to do + touch "${stamp_file}" + exit 0 + fi + + local -r boot_entries="$(ls -A /boot/loader/entries/ | wc -l)" + + # Ensure that we can read BLS entries to avoid touching systems where /boot + # is not mounted + if [[ "${boot_entries}" -eq 0 ]]; then + echo "No BLS entry found: Maybe /boot is not mounted?" 1>&2 + echo "This is unexpected thus no migration will be performed" 1>&2 + touch "${stamp_file}" + exit 0 + fi + + # Check if any existing deployment is still missing the rw karg + local rw_kargs_found=0 + local count=0 + for f in "/boot/loader/entries/"*; do + count="$(grep -c "^options .* rw" "${f}" || true)" + if [[ "${count}" -ge 1 ]]; then + rw_kargs_found=$((rw_kargs_found + 1)) + fi + done + + # Some deployments are still missing the rw karg. Let's try to update them + if [[ "${boot_entries}" -ne "${rw_kargs_found}" ]]; then + ostree admin kargs edit-in-place --append-if-missing=rw || \ + echo "Failed to edit kargs in place with ostree" 1>&2 + fi + + # Re-check if any existing deployment is still missing the rw karg + rw_kargs_found=0 + count=0 + for f in "/boot/loader/entries/"*; do + count="$(grep -c "^options .* rw" "${f}" || true)" + if [[ "${count}" -ge 1 ]]; then + rw_kargs_found=$((rw_kargs_found + 1)) + fi + done + unset count + + # If all deployments are good, then we can set the sysroot.readonly option + # in the ostree repo config + if [[ "${boot_entries}" -eq "${rw_kargs_found}" ]]; then + echo "Setting up the sysroot.readonly option in the ostree repo config" + ostree config --repo=/sysroot/ostree/repo set "sysroot.readonly" "true" + touch "${stamp_file}" + exit 0 + fi + + # If anything else before failed, we will retry on next boot + echo "Will retry next boot" 1>&2 + exit 0 +} + +main "${@}" +EOF + +chmod 755 /usr/libexec/fedora-silverblue-readonly-sysroot + +# Enable the corresponding unit +systemctl enable fedora-silverblue-readonly-sysroot.service + +### + +# Workaround for Python timestamp mismatch +# See: https://github.com/ostreedev/ostree/issues/1469 + +echo ' +import os +import re + +MIN_MAGIC = 3390 # The first magic number supporting PEP 552 +ZERO = bytes((0, 0, 0, 0)) + +def pyc_set_zero_mtime(pyc_path): + with open(pyc_path, "r+b") as f: + w = f.read(4) + if len(w) < 4: + return 0 + + magic = (w[0] + (w[1] << 8) + (w[2] << 16) + (w[3] << 24)) & 0xFFFF + if magic < MIN_MAGIC: + invalidation = ZERO + else: + invalidation = f.read(4) + if len(invalidation) < 4: + return 0 + + if invalidation == ZERO: + f.write(ZERO) + return 1 + return 0 + +if __name__ == "__main__": + REGEX = re.compile(r".*/__pycache__/[^/]+\.cpython-.*(\.opt-1|\.opt-2)?\.pyc$") + count = 0 + + for root, dirs, files in os.walk("/usr"): + for file in files: + path = os.path.join(root, file) + if REGEX.match(path): + count += pyc_set_zero_mtime(path) + + print(f"Processed {count} pyc files") +' | python diff --git a/desktops/budgie/manifest.yaml b/desktops/budgie/manifest.yaml new file mode 100644 index 0000000..9fa30a9 --- /dev/null +++ b/desktops/budgie/manifest.yaml @@ -0,0 +1,22 @@ +ref: fedora/${releasever}/${basearch}/budgie +rojig: + name: fedora-budgie + summary: "Fedora Budgie Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-budgie.yaml + +packages: + - fedora-release-budgie-atomic + # Make sure that GNOME Software's rpm-ostree plugin is always installed + - gnome-software-rpm-ostree + +# Make sure the following are not pulled in when Recommended by other packages +exclude-packages: + # Not needed in Budgie Desktop + - tracker + - tracker-miners + # Exclude GNOME Software's langpack plugin to avoid layering langpacks on Silverblue + - gnome-software-fedora-langpacks diff --git a/desktops/budgie/packages-desktop-budgie.yaml b/desktops/budgie/packages-desktop-budgie.yaml new file mode 100644 index 0000000..432a454 --- /dev/null +++ b/desktops/budgie/packages-desktop-budgie.yaml @@ -0,0 +1,70 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - ModemManager + - NetworkManager-adsl + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-ssh-gnome + - NetworkManager-vpnc-gnome + - NetworkManager-wwan + - budgie-backgrounds + - budgie-control-center + - budgie-desktop + - budgie-desktop-defaults + - budgie-desktop-view + - budgie-screensaver + - dconf + - firefox + - fprintd-pam + - gedit + - glib-networking + - glx-utils + - gnome-bluetooth + - gnome-color-manager + - gnome-disk-utility + - gnome-keyring-pam + - gnome-settings-daemon + - gnome-software + - gnome-system-monitor + - gnome-terminal + - gvfs-afc + - gvfs-afp + - gvfs-archive + - gvfs-fuse + - gvfs-goa + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-smb + - lightdm + - mesa-dri-drivers + - mesa-vulkan-drivers + - nemo + - nemo-fileroller + - nemo-seahorse + - network-manager-applet + - polkit + - seahorse + - slick-greeter + - xdg-desktop-portal + - xdg-desktop-portal-gtk + - xdg-user-dirs-gtk + - xorg-x11-drv-amdgpu + - xorg-x11-drv-ati + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-nouveau + - xorg-x11-drv-qxl + - xorg-x11-drv-wacom + - xorg-x11-server-Xorg + - xorg-x11-xauth + - xorg-x11-xinit +packages-x86_64: + - xorg-x11-drv-intel + - xorg-x11-drv-openchrome + - xorg-x11-drv-vesa + - xorg-x11-drv-vmware +packages-aarch64: + - xorg-x11-drv-armsoc diff --git a/desktops/cinnamon/manifest.yaml b/desktops/cinnamon/manifest.yaml new file mode 100644 index 0000000..c0f950b --- /dev/null +++ b/desktops/cinnamon/manifest.yaml @@ -0,0 +1,15 @@ +ref: fedora/${releasever}/${basearch}/cinnamon +rojig: + name: fedora-cinnamon + summary: "Fedora Cinnamon Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-cinnamon.yaml + +packages: + # Portals for Flatpak + - xdg-desktop-portal-gtk + # Include GUI to manage updates & Flatpaks + - gnome-software diff --git a/desktops/cinnamon/packages-desktop-cinnamon.yaml b/desktops/cinnamon/packages-desktop-cinnamon.yaml new file mode 100644 index 0000000..27230e5 --- /dev/null +++ b/desktops/cinnamon/packages-desktop-cinnamon.yaml @@ -0,0 +1,67 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-vpnc-gnome + - NetworkManager-wifi + - NetworkManager-wwan + - blueman + - cinnamon + - cinnamon-control-center + - cinnamon-screensaver + - firefox + - firewall-config + - glx-utils + - gnome-disk-utility + - gnome-screenshot + - gnome-system-monitor + - gnome-terminal + - gstreamer1-plugins-ugly-free + - gvfs-archive + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-smb + - imsettings-gsettings + - initial-setup-gui + - mesa-dri-drivers + - mesa-vulkan-drivers + - metacity + - nemo-fileroller + - nemo-image-converter + - nemo-preview + - nm-connection-editor + - pipewire-alsa + - pipewire-pulseaudio + - powerline + - qgnomeplatform-qt5 + - redshift-gtk + - setroubleshoot + - slick-greeter + - slick-greeter-cinnamon + - system-config-printer + - totem-video-thumbnailer + - wireplumber + - xawtv + - xdg-user-dirs-gtk + - xorg-x11-drv-amdgpu + - xorg-x11-drv-ati + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-nouveau + - xorg-x11-drv-qxl + - xorg-x11-drv-wacom + - xorg-x11-server-Xorg + - xorg-x11-xauth + - xorg-x11-xinit +packages-x86_64: + - xorg-x11-drv-intel + - xorg-x11-drv-openchrome + - xorg-x11-drv-vesa + - xorg-x11-drv-vmware +packages-aarch64: + - xorg-x11-drv-armsoc diff --git a/desktops/deepin/manifest.yaml b/desktops/deepin/manifest.yaml new file mode 100644 index 0000000..dc06935 --- /dev/null +++ b/desktops/deepin/manifest.yaml @@ -0,0 +1,16 @@ +ref: fedora/${releasever}/${basearch}/deepin +rojig: + name: fedora-deepin + summary: "Fedora Deepin Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-deepin.yaml + +packages: + # Generic release package for desktop variants + - fedora-release + - fedora-release-ostree-desktop + # GUI to manage updates & Flatpaks + - gnome-software diff --git a/desktops/deepin/packages-desktop-deepin.yaml b/desktops/deepin/packages-desktop-deepin.yaml new file mode 100644 index 0000000..fd3d0f9 --- /dev/null +++ b/desktops/deepin/packages-desktop-deepin.yaml @@ -0,0 +1,36 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - deepin-calculator + - deepin-calendar + - deepin-desktop + - deepin-editor + - deepin-file-manager + - deepin-icon-theme + - deepin-image-viewer + - deepin-picker + - deepin-screenshot + - deepin-system-monitor + - firewall-config + - glx-utils + - mesa-dri-drivers + - mesa-vulkan-drivers + - xorg-x11-drv-amdgpu + - xorg-x11-drv-ati + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-nouveau + - xorg-x11-drv-qxl + - xorg-x11-drv-wacom + - xorg-x11-server-Xorg + - xorg-x11-xauth + - xorg-x11-xinit +packages-x86_64: + - chromium + - xorg-x11-drv-intel + - xorg-x11-drv-openchrome + - xorg-x11-drv-vesa + - xorg-x11-drv-vmware +packages-aarch64: + - chromium + - xorg-x11-drv-armsoc diff --git a/desktops/kinoite/manifest.yaml b/desktops/kinoite/manifest.yaml new file mode 100644 index 0000000..37801fa --- /dev/null +++ b/desktops/kinoite/manifest.yaml @@ -0,0 +1,54 @@ +ref: fedora/${releasever}/${basearch}/kinoite +rojig: + name: fedora-kinoite + summary: "Fedora Kinoite Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-kinoite.yaml + +packages: + - fedora-release-kinoite + # Install some minor optional tools for KInfoCenter + - vulkan-tools + - xdpyinfo + # Includes a KIO & KCM (can not be Flatpak'ed), used by Dolphin and Gwenview + # See https://pagure.io/fedora-kde/SIG/issue/291 + - kamera + # Make sure that previous Anaconda dependencies are kept in the image + # See: https://pagure.io/fedora-kde/SIG/issue/243 + - bcache-tools + - dmraid + - mobile-broadband-provider-info + # Make sure that modem support is installed + - NetworkManager-ppp + # Install gdb to make getting backtraces work with DrKonqi + # The dnf dependency is excluded in the common manifest + - gdb + # Testing https://pagure.io/fedora-kde/SIG/issue/109 + - kdenetwork-filesharing + - samba-usershares + + +# Make sure the following are not pulled in when Recommended by other packages +exclude-packages: + - plasma-discover-offline-updates + - plasma-discover-packagekit + - plasma-pk-updates + # Manually excluded as recommended by gtk3 (and likely gtk4 in the future) + # See https://pagure.io/fedora-kde/SIG/issue/124 + - tracker + - tracker-miners + # Ensure we do not include X11 support + - plasma-x11 + - plasma-workspace-x11 + +# Kinoite specific workarounds and configuration +postprocess: + - | + #!/bin/bash + set -xeuo pipefail + + # Enable auto updates in Discover + echo -e "[Global]\nUseUnattendedUpdates=true\n" > /etc/xdg/PlasmaDiscoverUpdates diff --git a/desktops/kinoite/packages-desktop-kinoite.yaml b/desktops/kinoite/packages-desktop-kinoite.yaml new file mode 100644 index 0000000..7b14bf9 --- /dev/null +++ b/desktops/kinoite/packages-desktop-kinoite.yaml @@ -0,0 +1,91 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - NetworkManager-config-connectivity-fedora + - adwaita-gtk2-theme + - akonadi-server + - akonadi-server-mysql + - ark + - audiocd-kio + - bluedevil + - breeze-icon-theme + - colord-kde + - dolphin + - ffmpegthumbs + - filelight + - firewall-config + - flatpak-kcm + - fprintd-pam + - glibc-all-langpacks + - gnome-keyring-pam + - kaccounts-integration-qt6 + - kcharselect + - kde-connect + - kde-gtk-config + - kde-inotify-survey + - kde-partitionmanager + - kde-settings-pulseaudio + - kdebugsettings + - kdegraphics-thumbnailers + - kdeplasma-addons + - kdialog + - kdnssd + - kf6-baloo-file + - kfind + - kinfocenter + - kio-admin + - kjournald + - kmenuedit + - konsole + - krfb + - kscreen + - kscreenlocker + - kwalletmanager5 + - kwin + - kwrite + - libappindicator-gtk3 + - mesa-dri-drivers + - mesa-vulkan-drivers + - pam-kwallet + - phonon-qt6-backend-vlc + - pinentry-qt + - plasma-breeze + - plasma-desktop + - plasma-desktop-doc + - plasma-discover + - plasma-discover-notifier + - plasma-disks + - plasma-drkonqi + - plasma-nm + - plasma-nm-openvpn + - plasma-nm-vpnc + - plasma-pa + - plasma-print-manager + - plasma-systemmonitor + - plasma-thunderbolt + - plasma-vault + - plasma-welcome + - plasma-workspace + - plasma-workspace-geolocation + - plasma-workspace-wallpapers + - plasma-workspace-wayland + - polkit-kde + - sddm + - sddm-breeze + - sddm-kcm + - sddm-wayland-plasma + - signon-kwallet-extension + - spectacle + - systemd-oomd-defaults + - udisks2 + - vlc-plugin-gstreamer + - xwaylandvideobridge +packages-x86_64: + - kaccounts-providers + - khelpcenter + - kio-gdrive + - plasma-nm-openconnect +packages-aarch64: + - kaccounts-providers + - khelpcenter + - kio-gdrive + - plasma-nm-openconnect diff --git a/desktops/lxqt/manifest.yaml b/desktops/lxqt/manifest.yaml new file mode 100644 index 0000000..a71b494 --- /dev/null +++ b/desktops/lxqt/manifest.yaml @@ -0,0 +1,20 @@ +ref: fedora/${releasever}/${basearch}/lxqt +rojig: + name: fedora-lxqt + summary: "Fedora LXQt Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-lxqt.yaml + +packages: + # Generic release package for desktop variants + - fedora-release + - fedora-release-ostree-desktop + - libqtxdg + - kvantum + - kwin-wayland + - plasma-systemsettings + # Portals for Flatpak + - xdg-desktop-portal-kde diff --git a/desktops/lxqt/packages-desktop-lxqt.yaml b/desktops/lxqt/packages-desktop-lxqt.yaml new file mode 100644 index 0000000..28e5734 --- /dev/null +++ b/desktops/lxqt/packages-desktop-lxqt.yaml @@ -0,0 +1,39 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - breeze-cursor-theme + - breeze-gtk + - breeze-icon-theme + - firewall-config + - initial-setup-gui + - lxqt-about + - lxqt-archiver + - lxqt-config + - lxqt-globalkeys + - lxqt-notificationd + - lxqt-openssh-askpass + - lxqt-panel + - lxqt-policykit + - lxqt-powermanagement + - lxqt-qtplugin + - lxqt-runner + - lxqt-session + - lxqt-themes + - lxqt-themes-fedora + - mesa-dri-drivers + - mesa-vulkan-drivers + - network-manager-applet + - nm-connection-editor + - notification-daemon + - obconf + - openbox + - pcmanfm-qt + - perl-File-MimeInfo + - qterminal + - sddm + - sddm-themes + - upower + - xdg-user-dirs +packages-x86_64: + - falkon +packages-aarch64: + - falkon diff --git a/desktops/mate/manifest.yaml b/desktops/mate/manifest.yaml new file mode 100644 index 0000000..8450719 --- /dev/null +++ b/desktops/mate/manifest.yaml @@ -0,0 +1,18 @@ +ref: fedora/${releasever}/${basearch}/mate +rojig: + name: fedora-mate + summary: "Fedora Mate Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-mate.yaml + +packages: + # Generic release sub package for desktop variants + - fedora-release-ostree-desktop + # Portals for Flatpak + - xdg-desktop-portal-gtk + +exclude-packages: + - python3-unbound diff --git a/desktops/mate/packages-desktop-mate.yaml b/desktops/mate/packages-desktop-mate.yaml new file mode 100644 index 0000000..f04ec87 --- /dev/null +++ b/desktops/mate/packages-desktop-mate.yaml @@ -0,0 +1,120 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - NetworkManager-adsl + - NetworkManager-bluetooth + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-ssh-gnome + - NetworkManager-vpnc-gnome + - NetworkManager-wifi + - NetworkManager-wwan + - atril + - atril-caja + - atril-thumbnailer + - blueman + - caja + - caja-actions + - caja-image-converter + - caja-open-terminal + - caja-sendto + - caja-wallpaper + - caja-xattr-tags + - dconf-editor + - engrampa + - eom + - f38-backgrounds-base + - f38-backgrounds-extras-base + - f38-backgrounds-extras-mate + - f38-backgrounds-mate + - fedora-release-matecompiz + - firefox + - firewall-config + - glx-utils + - gnome-epub-thumbnailer + - gnome-themes-extra + - gstreamer1-plugins-ugly-free + - gtk2-engines + - gucharmap + - gvfs-afc + - gvfs-afp + - gvfs-archive + - gvfs-fuse + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-nfs + - gvfs-smb + - initial-setup-gui + - libmatekbd + - libmatemixer + - libmateweather + - libsecret + - lightdm + - lm_sensors + - marco + - mate-applets + - mate-backgrounds + - mate-calc + - mate-control-center + - mate-desktop + - mate-dictionary + - mate-disk-usage-analyzer + - mate-icon-theme + - mate-media + - mate-menus + - mate-menus-preferences-category-menu + - mate-notification-daemon + - mate-panel + - mate-polkit + - mate-power-manager + - mate-screensaver + - mate-screenshot + - mate-search-tool + - mate-session-manager + - mate-settings-daemon + - mate-system-log + - mate-system-monitor + - mate-terminal + - mate-themes + - mate-user-admin + - mate-user-guide + - mesa-dri-drivers + - mesa-vulkan-drivers + - mozo + - network-manager-applet + - nm-connection-editor + - parole + - pavucontrol + - pipewire-alsa + - pipewire-pulseaudio + - pluma + - seahorse + - seahorse-caja + - setroubleshoot + - slick-greeter-mate + - system-config-language + - system-config-printer + - system-config-printer-applet + - usermode-gtk + - xdg-user-dirs-gtk + - xmodmap + - xorg-x11-drv-amdgpu + - xorg-x11-drv-ati + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-nouveau + - xorg-x11-drv-qxl + - xorg-x11-drv-wacom + - xorg-x11-server-Xorg + - xorg-x11-xauth + - xorg-x11-xinit + - xrdb +packages-x86_64: + - xorg-x11-drv-intel + - xorg-x11-drv-openchrome + - xorg-x11-drv-vesa + - xorg-x11-drv-vmware +packages-aarch64: + - xorg-x11-drv-armsoc diff --git a/desktops/silverblue/manifest.yaml b/desktops/silverblue/manifest.yaml new file mode 100644 index 0000000..c0491d4 --- /dev/null +++ b/desktops/silverblue/manifest.yaml @@ -0,0 +1,34 @@ +ref: fedora/${releasever}/${basearch}/silverblue +rojig: + name: fedora-silverblue + summary: "Fedora Silverblue Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-silverblue.yaml + +packages: + - fedora-release-silverblue + - desktop-backgrounds-gnome + - gnome-shell-extension-background-logo + - pinentry-gnome3 + # Included for now to have layered Qt5 applications use a constistent style + # Manually included here as it is excluded from the workstation-product group + - qadwaitadecorations-qt5 + # Include evince-thumbnailer otherwise PDF thumbnails won't work in Nautilus + # https://github.com/fedora-silverblue/issue-tracker/issues/98 + - evince-thumbnailer + # Include evince-previewer otherwise print previews are broken in Evince + # https://github.com/fedora-silverblue/issue-tracker/issues/122 + - evince-previewer + # Include totem-video-thumbnailer for video thumbnailing in Nautilus + # https://pagure.io/fedora-workstation/issue/168 + - totem-video-thumbnailer + # Make sure that GNOME Software's rpm-ostree plugin is always installed + - gnome-software-rpm-ostree + +# Make sure the following are not pulled in when Recommended by other packages +exclude-packages: + # Exclude GNOME Software's langpack plugin to avoid layering langpacks on Silverblue + - gnome-software-fedora-langpacks diff --git a/desktops/silverblue/packages-desktop-silverblue.yaml b/desktops/silverblue/packages-desktop-silverblue.yaml new file mode 100644 index 0000000..8ae5d45 --- /dev/null +++ b/desktops/silverblue/packages-desktop-silverblue.yaml @@ -0,0 +1,80 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - ModemManager + - NetworkManager-adsl + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-ppp + - NetworkManager-pptp-gnome + - NetworkManager-ssh-gnome + - NetworkManager-vpnc-gnome + - NetworkManager-wwan + - adobe-source-code-pro-fonts + - avahi + - dconf + - fprintd-pam + - gdm + - glib-networking + - glx-utils + - gnome-backgrounds + - gnome-bluetooth + - gnome-browser-connector + - gnome-classic-session + - gnome-classic-session-xsession + - gnome-color-manager + - gnome-control-center + - gnome-disk-utility + - gnome-initial-setup + - gnome-remote-desktop + - gnome-session-wayland-session + - gnome-session-xsession + - gnome-settings-daemon + - gnome-shell + - gnome-software + - gnome-system-monitor + - gnome-terminal + - gnome-terminal-nautilus + - gnome-user-docs + - gnome-user-share + - gvfs-afc + - gvfs-afp + - gvfs-archive + - gvfs-fuse + - gvfs-goa + - gvfs-gphoto2 + - gvfs-mtp + - gvfs-smb + - librsvg2 + - libsane-hpaio + - mesa-dri-drivers + - mesa-libEGL + - mesa-vulkan-drivers + - nautilus + - polkit + - rygel + - systemd-oomd-defaults + - tracker + - tracker-miners + - xdg-desktop-portal + - xdg-desktop-portal-gnome + - xdg-desktop-portal-gtk + - xdg-user-dirs-gtk + - xorg-x11-drv-amdgpu + - xorg-x11-drv-ati + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-nouveau + - xorg-x11-drv-qxl + - xorg-x11-drv-wacom + - xorg-x11-server-Xorg + - xorg-x11-xauth + - xorg-x11-xinit + - yelp +packages-x86_64: + - xorg-x11-drv-intel + - xorg-x11-drv-openchrome + - xorg-x11-drv-vesa + - xorg-x11-drv-vmware +packages-aarch64: + - xorg-x11-drv-armsoc diff --git a/desktops/sway/manifest.yaml b/desktops/sway/manifest.yaml new file mode 100644 index 0000000..1e94b13 --- /dev/null +++ b/desktops/sway/manifest.yaml @@ -0,0 +1,22 @@ +ref: fedora/${releasever}/${basearch}/sway +rojig: + name: fedora-sway + summary: "Fedora Sway Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-sway.yaml + +packages: + - fedora-release-sway-atomic + # explicitly list some defaults + - firefox + +exclude-packages: + # already excluded in comps-sync-exclude-list + - PackageKit-glib + - grubby + # nothing in the tree would use these + - tracker + - tracker-miners diff --git a/desktops/sway/packages-desktop-sway.yaml b/desktops/sway/packages-desktop-sway.yaml new file mode 100644 index 0000000..646e85b --- /dev/null +++ b/desktops/sway/packages-desktop-sway.yaml @@ -0,0 +1,50 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - NetworkManager-l2tp-gnome + - NetworkManager-libreswan-gnome + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-pptp-gnome + - NetworkManager-sstp-gnome + - NetworkManager-vpnc-gnome + - Thunar + - blueman + - bolt + - dunst + - foot + - fprintd-pam + - gnome-keyring-pam + - gnome-themes-extra + - grim + - gvfs + - gvfs-smb + - imv + - kanshi + - lxqt-policykit + - mesa-dri-drivers + - mesa-vulkan-drivers + - network-manager-applet + - pavucontrol + - pinentry-gnome3 + - playerctl + - polkit + - pulseaudio-utils + - sddm + - sddm-wayland-sway + - slurp + - sway + - sway-config-fedora + - swaybg + - swayidle + - swaylock + - system-config-printer + - thunar-archive-plugin + - waybar + - wev + - wl-clipboard + - wlr-randr + - wlsunset + - xarchiver + - xdg-desktop-portal-gtk + - xdg-desktop-portal-wlr + - xorg-x11-server-Xwayland diff --git a/desktops/xfce/manifest.yaml b/desktops/xfce/manifest.yaml new file mode 100644 index 0000000..c9cb7b8 --- /dev/null +++ b/desktops/xfce/manifest.yaml @@ -0,0 +1,16 @@ +ref: fedora/${releasever}/${basearch}/xfce +rojig: + name: fedora-xfce + summary: "Fedora Xfce Atomic" + license: MIT + +include: + - ../base/manifest.yaml + - ./packages-desktop-xfce.yaml + +packages: + - fedora-release-xfce + # Generic release sub package for desktop variants + - fedora-release-ostree-desktop + # Portals for Flatpak + - xdg-desktop-portal-gtk diff --git a/desktops/xfce/packages-desktop-xfce.yaml b/desktops/xfce/packages-desktop-xfce.yaml new file mode 100644 index 0000000..1a00d7d --- /dev/null +++ b/desktops/xfce/packages-desktop-xfce.yaml @@ -0,0 +1,96 @@ +# DO NOT EDIT! This content is generated from comps-sync.py +packages: + - NetworkManager-openconnect-gnome + - NetworkManager-openvpn-gnome + - NetworkManager-pptp-gnome + - NetworkManager-ssh-gnome + - NetworkManager-vpnc-gnome + - Thunar + - adwaita-gtk2-theme + - adwaita-icon-theme + - atril + - blueman + - desktop-backgrounds-compat + - firefox + - galculator + - glx-utils + - gnome-keyring-pam + - gparted + - greybird-dark-theme + - greybird-light-theme + - greybird-xfce4-notifyd-theme + - greybird-xfwm4-theme + - gtk-xfce-engine + - gvfs + - gvfs-archive + - gvfs-mtp + - initial-setup-gui + - lightdm-gtk + - mesa-dri-drivers + - mesa-vulkan-drivers + - mint-y-theme + - mousepad + - network-manager-applet + - nm-connection-editor + - ristretto + - thunar-archive-plugin + - thunar-media-tags-plugin + - thunar-volman + - xarchiver + - xdg-user-dirs-gtk + - xfce4-about + - xfce4-appfinder + - xfce4-battery-plugin + - xfce4-clipman-plugin + - xfce4-cpugraph-plugin + - xfce4-datetime-plugin + - xfce4-dict-plugin + - xfce4-diskperf-plugin + - xfce4-eyes-plugin + - xfce4-fsguard-plugin + - xfce4-genmon-plugin + - xfce4-mailwatch-plugin + - xfce4-mount-plugin + - xfce4-netload-plugin + - xfce4-panel + - xfce4-panel-profiles + - xfce4-places-plugin + - xfce4-power-manager + - xfce4-pulseaudio-plugin + - xfce4-screensaver + - xfce4-screenshooter-plugin + - xfce4-sensors-plugin + - xfce4-session + - xfce4-settings + - xfce4-systemload-plugin + - xfce4-taskmanager + - xfce4-terminal + - xfce4-time-out-plugin + - xfce4-verve-plugin + - xfce4-weather-plugin + - xfce4-whiskermenu-plugin + - xfce4-xkb-plugin + - xfconf + - xfdashboard + - xfdashboard-themes + - xfdesktop + - xfwm4 + - xfwm4-themes + - xorg-x11-drv-amdgpu + - xorg-x11-drv-ati + - xorg-x11-drv-evdev + - xorg-x11-drv-fbdev + - xorg-x11-drv-libinput + - xorg-x11-drv-nouveau + - xorg-x11-drv-qxl + - xorg-x11-drv-wacom + - xorg-x11-server-Xorg + - xorg-x11-xauth + - xorg-x11-xinit +packages-x86_64: + - xorg-x11-drv-intel + - xorg-x11-drv-openchrome + - xorg-x11-drv-vesa + - xorg-x11-drv-vmware +packages-aarch64: + - xorg-x11-drv-armsoc diff --git a/fedora-bootc-atomic-base.yaml b/fedora-bootc-atomic-base.yaml new file mode 100644 index 0000000..f965658 --- /dev/null +++ b/fedora-bootc-atomic-base.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-base + summary: Fedora Bootable Atomic Base + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/base/manifest.yaml diff --git a/fedora-bootc-atomic-budgie.yaml b/fedora-bootc-atomic-budgie.yaml new file mode 100644 index 0000000..41b6d53 --- /dev/null +++ b/fedora-bootc-atomic-budgie.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-budgie + summary: Fedora Bootable Atomic Budgie + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/budgie/manifest.yaml diff --git a/fedora-bootc-atomic-cinnamon.yaml b/fedora-bootc-atomic-cinnamon.yaml new file mode 100644 index 0000000..1c7758a --- /dev/null +++ b/fedora-bootc-atomic-cinnamon.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-cinnamon + summary: Fedora Bootable Atomic Cinnamon + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/cinnamon/manifest.yaml diff --git a/fedora-bootc-atomic-deepin.yaml b/fedora-bootc-atomic-deepin.yaml new file mode 100644 index 0000000..00666c6 --- /dev/null +++ b/fedora-bootc-atomic-deepin.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-deepin + summary: Fedora Bootable Atomic Deepin + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/deepin/manifest.yaml diff --git a/fedora-bootc-atomic-kinoite.yaml b/fedora-bootc-atomic-kinoite.yaml new file mode 100644 index 0000000..d708230 --- /dev/null +++ b/fedora-bootc-atomic-kinoite.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-kinoite + summary: Fedora Bootable Atomic Kinoite + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/kinoite/manifest.yaml diff --git a/fedora-bootc-atomic-lxqt.yaml b/fedora-bootc-atomic-lxqt.yaml new file mode 100644 index 0000000..c2efa1c --- /dev/null +++ b/fedora-bootc-atomic-lxqt.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-lxqt + summary: Fedora Bootable Atomic LXQt + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/lxqt/manifest.yaml diff --git a/fedora-bootc-atomic-mate.yaml b/fedora-bootc-atomic-mate.yaml new file mode 100644 index 0000000..86ff49b --- /dev/null +++ b/fedora-bootc-atomic-mate.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-mate + summary: Fedora Bootable Atomic MATE + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/mate/manifest.yaml diff --git a/fedora-bootc-atomic-silverblue.yaml b/fedora-bootc-atomic-silverblue.yaml new file mode 100644 index 0000000..2c7ef08 --- /dev/null +++ b/fedora-bootc-atomic-silverblue.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-silverblue + summary: Fedora Bootable Atomic Silverblue + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/silverblue/manifest.yaml diff --git a/fedora-bootc-atomic-sway.yaml b/fedora-bootc-atomic-sway.yaml new file mode 100644 index 0000000..df9b673 --- /dev/null +++ b/fedora-bootc-atomic-sway.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-sway + summary: Fedora Bootable Atomic Sway + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/sway/manifest.yaml diff --git a/fedora-bootc-atomic-xfce.yaml b/fedora-bootc-atomic-xfce.yaml new file mode 100644 index 0000000..423b24d --- /dev/null +++ b/fedora-bootc-atomic-xfce.yaml @@ -0,0 +1,16 @@ +releasever: 40 +variables: + distro: "fedora" + +repos: + - fedora + - updates + +metadata: + name: fedora-bootc-atomic-xfce + summary: Fedora Bootable Atomic XFCE + +include: + - base-images/tier-0/kernel.yaml + - base-images/tier-0/manifest.yaml + - desktops/xfce/manifest.yaml diff --git a/fedora-bootc-config.json b/fedora-bootc-config.json new file mode 100644 index 0000000..6437ea1 --- /dev/null +++ b/fedora-bootc-config.json @@ -0,0 +1,12 @@ +{ + "Labels": { + "containers.bootc": "1", + "bootc.diskimage-builder": "quay.io/centos-bootc/bootc-image-builder", + "redhat.id": "fedora", + "redhat.version-id": "40" + }, + "StopSignal": "SIGRTMIN+3", + "Env": [ + "container=oci" + ] +} diff --git a/justfile b/justfile new file mode 100644 index 0000000..4b25520 --- /dev/null +++ b/justfile @@ -0,0 +1,64 @@ +comps-sync: + #!/usr/bin/env bash + pushd ./scripts/comps-sync + podman build \ + -t localhost/comps-sync \ + . + popd + rm -rf fedora-comps + git clone https://pagure.io/fedora-comps.git + version=$(jq -r '.Labels."redhat.version-id"' fedora-bootc-config.json) + echo "Version: $version" + podman run \ + --rm \ + -v $(pwd):/mnt:Z \ + localhost/comps-sync \ + /app/comps-sync.py \ + /mnt/fedora-comps/comps-f${version}.xml.in --save + +build-minimal: + podman build \ + --security-opt label=disable \ + --cap-add=all \ + --device /dev/fuse \ + --no-cache \ + --build-arg MANIFEST=./fedora-bootc-minimal.yaml \ + -t localhost/fedora-bootc-minimal \ + . + +build-full: + podman build \ + --security-opt label=disable \ + --cap-add=all \ + --device /dev/fuse \ + --no-cache \ + --build-arg MANIFEST=./fedora-bootc-full.yaml \ + -t localhost/fedora-bootc-full \ + . + +build-atomic desktop: + podman build \ + --security-opt label=disable \ + --cap-add=all \ + --device /dev/fuse \ + --build-arg MANIFEST=./fedora-bootc-atomic-{{desktop}}.yaml \ + -t localhost/fedora-bootc-atomic-{{desktop}} \ + . + +build-atomic-qcow desktop: + #!/usr/bin/env bash + pushd .osbuild + mkdir -p output + sudo podman run \ + --rm \ + -it \ + --privileged \ + --pull=newer \ + --security-opt label=type:unconfined_t \ + -v $(pwd)/config.toml:/config.toml \ + -v $(pwd)/output:/output -v /var/lib/containers/storage:/var/lib/containers/storage \ + quay.io/centos-bootc/bootc-image-builder:latest \ + --type qcow2 --rootfs ext4 \ + --local localhost/fedora-bootc-atomic-{{desktop}}:latest + popd + sudo chown -R $(whoami):$(whoami) .osbuild/output diff --git a/scripts/_base/001-desktop-environment.sh b/scripts/_base/001-desktop-environment.sh deleted file mode 100644 index 73c4c96..0000000 --- a/scripts/_base/001-desktop-environment.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -excludes=() - -# Make excludes a comma-separated string -excludes=$(IFS=, ; echo "${excludes[*]}") - -# Install the base-graphical meta-package -dnf install -y @base-graphical \ - --exclude "${excludes}" diff --git a/scripts/_base/002-repos.sh b/scripts/_base/002-repos.sh deleted file mode 100644 index aafbd60..0000000 --- a/scripts/_base/002-repos.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -# Setup RPMFusion repositories -rpm-ostree install \ - https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \ - https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm - -rpm-ostree install \ - rpmfusion-nonfree-release \ - rpmfusion-free-release \ - --uninstall=rpmfusion-free-release-$(rpm -E %fedora)-1.noarch \ - --uninstall=rpmfusion-nonfree-release-$(rpm -E %fedora)-1.noarch - -sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/fedora-cisco-openh264.repo - -cat << EOF > /etc/yum.repos.d/kylegospo-oversteer.repo -[copr:copr.fedorainfracloud.org:kylegospo:oversteer] -name=Copr repo for oversteer owned by kylegospo -baseurl=https://download.copr.fedorainfracloud.org/results/kylegospo/oversteer/fedora-\$releasever-\$basearch/ -type=rpm-md -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://download.copr.fedorainfracloud.org/results/kylegospo/oversteer/pubkey.gpg -repo_gpgcheck=0 -enabled=1 -enabled_metadata=1 -EOF - -cat << EOF > /etc/yum.repos.d/ublue-os-staging.repo -[copr:copr.fedorainfracloud.org:ublue-os:staging] -name=Copr repo for staging owned by ublue-os -baseurl=https://download.copr.fedorainfracloud.org/results/ublue-os/staging/fedora-\$releasever-\$basearch/ -type=rpm-md -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://download.copr.fedorainfracloud.org/results/ublue-os/staging/pubkey.gpg -repo_gpgcheck=0 -enabled=1 -enabled_metadata=1 -EOF diff --git a/scripts/_base/003-packages.sh b/scripts/_base/003-packages.sh deleted file mode 100644 index e0be341..0000000 --- a/scripts/_base/003-packages.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -DESKTOP_ENVIRONMENT="" -FEDORA_VERSION="" - -while [[ $# -gt 0 ]]; do - case "$1" in - --desktop) - DESKTOP_ENVIRONMENT="$2" - shift 2 - ;; - --version) - FEDORA_VERSION="$2" - shift 2 - ;; - *) - echo "Unknown argument: $1" - exit 1 - ;; - esac -done - -if [[ -z "$DESKTOP_ENVIRONMENT" ]]; then - echo "--desktop flag is required" - exit 1 -fi - -if [[ -z "$FEDORA_VERSION" ]]; then - echo "--version flag is required" - exit 1 -fi - -echo "Installing packages for $DESKTOP_ENVIRONMENT" - -# build list of all packages requested for inclusion -INCLUDED_PACKAGES=($(jq -r "[(.all.include | (.all, select(.\"$DESKTOP_ENVIRONMENT\" != null).\"$DESKTOP_ENVIRONMENT\")[]), \ - (select(.\"$FEDORA_VERSION\" != null).\"$FEDORA_VERSION\".include | (.all, select(.\"$DESKTOP_ENVIRONMENT\" != null).\"$DESKTOP_ENVIRONMENT\")[])] \ - | sort | unique[]" /tmp/packages.json)) - -# build list of all packages requested for exclusion -EXCLUDED_PACKAGES=($(jq -r "[(.all.exclude | (.all, select(.\"$DESKTOP_ENVIRONMENT\" != null).\"$DESKTOP_ENVIRONMENT\")[]), \ - (select(.\"$FEDORA_VERSION\" != null).\"$FEDORA_VERSION\".exclude | (.all, select(.\"$DESKTOP_ENVIRONMENT\" != null).\"$DESKTOP_ENVIRONMENT\")[])] \ - | sort | unique[]" /tmp/packages.json)) - - -# ensure exclusion list only contains packages already present on image -if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then - EXCLUDED_PACKAGES=($(rpm -qa --queryformat='%{NAME} ' ${EXCLUDED_PACKAGES[@]})) -fi - -if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then - dnf remove -y ${EXCLUDED_PACKAGES[@]} -fi - -if [[ "${#INCLUDED_PACKAGES[@]}" -gt 0 ]]; then - dnf install -y ${INCLUDED_PACKAGES[@]} -fi - -# check if any excluded packages are still present -# (this can happen if an included package pulls in a dependency) -EXCLUDED_PACKAGES=($(jq -r "[(.all.exclude | (.all, select(.\"$DESKTOP_ENVIRONMENT\" != null).\"$DESKTOP_ENVIRONMENT\")[]), \ - (select(.\"$FEDORA_VERSION\" != null).\"$FEDORA_VERSION\".exclude | (.all, select(.\"$DESKTOP_ENVIRONMENT\" != null).\"$DESKTOP_ENVIRONMENT\")[])] \ - | sort | unique[]" /tmp/packages.json)) - -if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then - EXCLUDED_PACKAGES=($(rpm -qa --queryformat='%{NAME} ' ${EXCLUDED_PACKAGES[@]})) -fi - -# remove any excluded packages which are still present on image -if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then - dnf remove -y ${EXCLUDED_PACKAGES[@]} -fi diff --git a/scripts/_kinoite/001-desktop-environment.sh b/scripts/_kinoite/001-desktop-environment.sh deleted file mode 100644 index 550f112..0000000 --- a/scripts/_kinoite/001-desktop-environment.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -# Install the desktop environment -dnf install -y @kde-desktop diff --git a/scripts/_silverblue/001-desktop-environment.sh b/scripts/_silverblue/001-desktop-environment.sh deleted file mode 100644 index 37d31c2..0000000 --- a/scripts/_silverblue/001-desktop-environment.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -# Install the desktop environment -excludes=( - "baobab" - "cheese" - "evince" - "evince-djvu" - "evince-nautilus" - "file-roller" - "file-roller-nautilus" - "gnome-boxes" - "gnome-calculator" - "gnome-calendar" - "gnome-characters" - "gnome-clocks" - "gnome-connections" - "gnome-contacts" - "gnome-documents" - "gnome-font-viewer" - "gnome-logs" - "gnome-maps" - "gnome-photos" - "gnome-screenshot" - "gnome-text-editor" - "gnome-weather" - "jwhois" - "loupe" - "rdist" - "sane-backends-drivers-scanners" - "simple-scan" - "snapshot" - "sushi" - "symlinks" - "tcpdump" - "telnet" - "totem" - "totem-nautilus" - "traceroute" - - "PackageKit*" -) - -dnf install -y @gnome-desktop --exclude "${excludes[*]}" --skip-broken -systemctl enable gdm.service diff --git a/scripts/cleanup.sh b/scripts/cleanup.sh deleted file mode 100644 index bd1e2b1..0000000 --- a/scripts/cleanup.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -# Clear directories -rm -rf /tmp/* - -# Cleanup DNF -dnf clean all - -# Generate initramfs -mkdir -p /var/tmp -KERNEL_SUFFIX="" -QUALIFIED_KERNEL="$(rpm -qa | grep -P 'kernel-(|'"$KERNEL_SUFFIX"'-)(\d+\.\d+\.\d+)' | sed -E 's/kernel-(|'"$KERNEL_SUFFIX"'-)//')" -dracut --kver "$QUALIFIED_KERNEL" --reproducible -vf "/lib/modules/$QUALIFIED_KERNEL/initramfs.img" - -# Disable RPM repos -sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/rpmfusion-{free,nonfree}{,-updates,-updates-testing}.repo -sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/{kylegospo-oversteer,ublue-os-staging}.repo diff --git a/scripts/comps-sync/Containerfile b/scripts/comps-sync/Containerfile new file mode 100644 index 0000000..2f3df2c --- /dev/null +++ b/scripts/comps-sync/Containerfile @@ -0,0 +1,12 @@ +# FROM python:3.10 + +FROM fedora:40 + +RUN dnf install -y python3 python3-pip +RUN dnf install -y rpm-ostree +WORKDIR /app +COPY . . +RUN pip install -r requirements.txt +RUN chmod +x comps-sync.py +WORKDIR /mnt +CMD ["python", "/app/comps-sync.py"] diff --git a/scripts/comps-sync/comps-sync.py b/scripts/comps-sync/comps-sync.py new file mode 100644 index 0000000..fdc5111 --- /dev/null +++ b/scripts/comps-sync/comps-sync.py @@ -0,0 +1,223 @@ +#!/usr/bin/python3 + +''' +Usage: ./comps-sync.py [--save] /path/to/comps-f41.xml.in + +Filter and sync packages from comps groups into rpm-ostree manifests. The sync +will remove packages from the manifests which are not mentioned in comps and +add missing packages from comps to the manifests. + +Use --save to write the changes and always exit with a 0 return code. +Otherwise, exit with a non zero return code if any changes are needed. +''' + +import argparse +import re +import sys +import yaml +import libcomps + +ARCHES = ("x86_64", "aarch64", "ppc64le") + +def fatal(msg): + '''Print the error message and exit.''' + print(msg, file = sys.stderr) + sys.exit(1) + +def format_pkgtype(pkgtype): + '''Return a printable string from a libcomps package type.''' + if pkgtype == libcomps.PACKAGE_TYPE_DEFAULT: + return 'default' + if pkgtype == libcomps.PACKAGE_TYPE_MANDATORY: + return 'mandatory' + assert False + +def write_manifest(fpath, pkgs, include=None): + '''Write the package list in a manifest.''' + with open(fpath, 'w', encoding='UTF-8') as f: + f.write("# DO NOT EDIT! This content is generated from comps-sync.py\n") + if include is not None: + f.write(f'include: {include}\n') + f.write("packages:\n") + for pkg in sorted(pkgs['all']): + f.write(f' - {pkg}\n') + for arch in ARCHES: + if pkgs[arch]: + f.write(f"packages-{arch}:\n") + for pkg in sorted(pkgs[arch]): + f.write(f' - {pkg}\n') + print(f'Wrote {fpath}') + +def is_exclude_listed(pkgname, exclude_list_regexp): + '''Check if pkgname is in the exclude list.''' + for br in exclude_list_regexp: + if br.match(pkgname): + return True + return False + +def load_packages_from_manifest(manifest_path): + '''Load the list of packages from an rpm-ostree manifest file.''' + with open(manifest_path, encoding='UTF-8') as f: + manifest = yaml.safe_load(f) + print(f'Loaded {manifest_path}') + manifest_packages = {} + manifest_packages['all'] = set(manifest['packages']) + for arch in ARCHES: + if f'packages-{arch}' in manifest: + manifest_packages[arch] = set(manifest[f'packages-{arch}']) + else: + manifest_packages[arch] = set() + return manifest_packages + +def load_packages_from_comps_group(comps_group_packages, comps, groupname, exclude_list, exclude_list_regexp): + '''Load packages from a comps group, storing the group, type and arches.''' + for arch in ARCHES: + filtered = comps.arch_filter([arch]) + group = filtered.groups_match(id=groupname)[0] + for pkg in group.packages: + pkgname = pkg.name + if pkg.type not in (libcomps.PACKAGE_TYPE_DEFAULT, + libcomps.PACKAGE_TYPE_MANDATORY): + continue + if pkgname in exclude_list or is_exclude_listed(pkgname, exclude_list_regexp): + continue + pkgdata = comps_group_packages.get(pkgname) + if pkgdata is None: + comps_group_packages[pkgname] = pkgdata = (pkg.type, set([groupname]), set([arch])) + if (pkgdata[0] == libcomps.PACKAGE_TYPE_DEFAULT and + pkg.type == libcomps.PACKAGE_TYPE_MANDATORY): + comps_group_packages[pkgname] = pkgdata = (pkg.type, pkgdata[1], pkgdata[2]) + pkgdata[1].add(groupname) + pkgdata[2].add(arch) + return comps_group_packages + +def compare_comps_manifest_package_lists(comps_group_pkgs, manifest_packages): + '''Compare the list of packages in the comps and the manifests and return the difference.''' + # Look for packages in the manifest but not in the comps + comps_unknown = set() + for arch in manifest_packages: + for pkg in manifest_packages[arch]: + if arch == "all": + if pkg in comps_group_pkgs and set(comps_group_pkgs[pkg][2]) == set(ARCHES): + continue + else: + if pkg in comps_group_pkgs and arch in comps_group_pkgs[pkg][2]: + continue + comps_unknown.add((pkg, arch)) + + # Look for packages in comps but not in the manifest + pkgs_added = {} + for (pkg, pkgdata) in comps_group_pkgs.items(): + if set(ARCHES) == set(pkgdata[2]): + if pkg not in manifest_packages['all']: + pkgs_added[pkg] = pkgdata + else: + for arch in pkgdata[2]: + if pkg not in manifest_packages[arch]: + if pkg not in pkgs_added: + pkgs_added[pkg] = (pkgdata[0], pkgdata[1], set([arch])) + else: + pkgs_added[pkg][2].add(arch) + + return comps_unknown, pkgs_added + +def update_manifests_from_groups(comps, groups, path, desktop, save, comps_exclude_list, comps_exclude_list_all): + manifest_packages = load_packages_from_manifest(path) + + comps_group_pkgs = {} + for group in groups: + exclude_list = comps_exclude_list.get(group, set()) + comps_group_pkgs = load_packages_from_comps_group(comps_group_pkgs, comps, group, exclude_list, comps_exclude_list_all) + + (comps_unknown, pkgs_added) = compare_comps_manifest_package_lists(comps_group_pkgs, manifest_packages) + + n_manifest_new = len(comps_unknown) + n_comps_new = len(pkgs_added) + + if desktop == "common": + print(f'Syncing common packages:\t+{n_comps_new}, -{n_manifest_new}') + else: + print(f'Syncing packages for {desktop}:\t+{n_comps_new}, -{n_manifest_new}') + if n_manifest_new != 0: + for (pkg, arch) in sorted(comps_unknown, key = lambda x: x[0]): + manifest_packages[arch].remove(pkg) + print(f' - {pkg} (arches: {arch})') + if n_comps_new != 0: + for pkg in sorted(pkgs_added): + (req, groups, arches) = pkgs_added[pkg] + if set(ARCHES) == arches: + manifest_packages['all'].add(pkg) + print(' + {} ({}, groups: {}, arches: all)'.format(pkg, format_pkgtype(req), ', '.join(groups))) + else: + for arch in arches: + manifest_packages[arch].add(pkg) + print(' + {} ({}, groups: {}, arches: {})'.format(pkg, format_pkgtype(req), ', '.join(groups), ', '.join(arches))) + + if (n_manifest_new > 0 or n_comps_new > 0): + if save: + write_manifest(path, manifest_packages) + return 1 + return 0 + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("--save", help="Write changes to manifests", action='store_true') + parser.add_argument("src", help="Source path") + + args = parser.parse_args() + + with open('comps-sync-exclude-list.yml', encoding='UTF-8') as f: + doc = yaml.safe_load(f) + comps_exclude_list = doc['exclude_list'] + comps_exclude_list_groups = doc['exclude_list_groups'] + comps_desktop_exclude_list = doc['desktop_exclude_list'] + comps_exclude_list_all = [re.compile(x) for x in doc['exclude_list_all_regexp']] + + # Parse comps, and build up a set of all packages so we can find packages not + # listed in comps *at all*, beyond just the workstation environment. + comps = libcomps.Comps() + comps.fromxml_f(args.src) + + # Parse the workstation-product environment to get the list of comps groups to + # get packages from. + groups = [] + for gid in comps.environments['workstation-product-environment'].group_ids: + if gid.name in comps_exclude_list_groups: + continue + groups.append(gid.name) + for gid in comps.environments['workstation-product-environment'].option_ids: + if gid.name in comps_exclude_list_groups: + continue + groups.append(gid.name) + + # Always include the packages from the workstation-ostree-support group + groups.append('workstation-ostree-support') + + # Return code indicates if changes have or would have been done + ret = 0 + + ret += update_manifests_from_groups(comps, groups, './desktops/base/packages-common-ostree.yaml', "common", args.save, comps_exclude_list, comps_exclude_list_all) + + # List of comps groups used for each desktop + desktops_comps_groups = { + "silverblue": ["gnome-desktop", "base-x"], + "kinoite": ["kde-desktop", "base-graphical"], + "xfce": ["xfce-desktop", "xfce-apps", "xfce-extra-plugins", "base-x"], + "lxqt": ["lxqt-desktop", "base-graphical"], + "deepin": ["deepin-desktop", "base-x"], + "mate": ["mate-desktop", "base-x"], + "sway": ["swaywm", "swaywm-extended", "base-graphical"], + "cinnamon": ["cinnamon-desktop", "base-x"], + "budgie": ["budgie-desktop", "budgie-desktop-apps", "base-x"] + } + + # Generate treefiles for all desktops + for desktop, groups in desktops_comps_groups.items(): + print() + ret += update_manifests_from_groups(comps, groups, f'./desktops/{desktop}/packages-desktop-{desktop}.yaml', desktop, args.save, comps_desktop_exclude_list, comps_exclude_list_all) + + if not args.save and ret != 0: + sys.exit(1) + +if __name__ == "__main__": + main() diff --git a/scripts/comps-sync/requirements.txt b/scripts/comps-sync/requirements.txt new file mode 100644 index 0000000..204d86e --- /dev/null +++ b/scripts/comps-sync/requirements.txt @@ -0,0 +1,3 @@ +argparse +libcomps +pyyaml diff --git a/scripts/setup.sh b/scripts/setup.sh deleted file mode 100644 index 1fc0869..0000000 --- a/scripts/setup.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/env bash - -set -euox pipefail - -DESKTOP_ENVIRONMENT="" -FEDORA_VERSION="" - -while [[ $# -gt 0 ]]; do - case "$1" in - --desktop) - DESKTOP_ENVIRONMENT="$2" - shift 2 - ;; - --version) - FEDORA_VERSION="$2" - shift 2 - ;; - *) - echo "Unknown argument: $1" - exit 1 - ;; - esac -done - -if [[ -z "$DESKTOP_ENVIRONMENT" ]]; then - echo "--desktop flag is required" - exit 1 -fi - -if [[ -z "$FEDORA_VERSION" ]]; then - echo "--version flag is required" - exit 1 -fi - -for script in /tmp/scripts/_base/*.sh; do - if [[ -f "$script" ]]; then - echo "Running $script" - bash "$script" --version "$FEDORA_VERSION" --desktop $DESKTOP_ENVIRONMENT - fi -done - -# If the image is BASE, then we don't need to run the same scripts again -if [[ "$DESKTOP_ENVIRONMENT" == "base" ]]; then - exit 0 -fi - -for script in /tmp/scripts/_$DESKTOP_ENVIRONMENT/*.sh; do - if [[ -f "$script" ]]; then - echo "Running $script" - bash "$script" --version "$FEDORA_VERSION" - fi -done