diff --git a/Containerfile b/Containerfile index 434da937c8a..495bb74b110 100644 --- a/Containerfile +++ b/Containerfile @@ -73,20 +73,21 @@ ARG PACKAGE_LIST="bluefin-dx" # dx specific files come from the dx directory in this repo COPY dx/usr /usr COPY dx/etc/yum.repos.d/ /etc/yum.repos.d/ -COPY workarounds.sh /tmp/workarounds.sh -COPY packages.json /tmp/packages.json -COPY build.sh /tmp/build.sh -COPY image-info.sh /tmp/image-info.sh +COPY workarounds.sh \ + packages.json \ + build.sh \ + image-info.sh \ + /tmp # Apply IP Forwarding before installing Docker to prevent messing with LXC networking RUN sysctl -p -RUN wget https://copr.fedorainfracloud.org/coprs/ganto/lxc4/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo -RUN wget https://copr.fedorainfracloud.org/coprs/bobslept/nerd-fonts/repo/fedora-"${FEDORA_MAJOR_VERSION}"/bobslept-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/bobslept-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo +RUN wget https://copr.fedorainfracloud.org/coprs/ganto/lxc4/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo && \ + wget https://copr.fedorainfracloud.org/coprs/bobslept/nerd-fonts/repo/fedora-"${FEDORA_MAJOR_VERSION}"/bobslept-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/bobslept-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo # Handle packages via packages.json -RUN /tmp/build.sh -RUN /tmp/image-info.sh +RUN /tmp/build.sh && \ + /tmp/image-info.sh RUN wget https://github.com/docker/compose/releases/latest/download/docker-compose-linux-x86_64 -O /tmp/docker-compose && \ install -c -m 0755 /tmp/docker-compose /usr/bin @@ -97,33 +98,38 @@ COPY --from=cgr.dev/chainguard/ko:latest /usr/bin/ko /usr/bin/ko COPY --from=cgr.dev/chainguard/minio-client:latest /usr/bin/mc /usr/bin/mc COPY --from=cgr.dev/chainguard/kubectl:latest /usr/bin/kubectl /usr/bin/kubectl -RUN curl -Lo ./kind "https://github.com/kubernetes-sigs/kind/releases/latest/download/kind-$(uname)-amd64" -RUN chmod +x ./kind -RUN mv ./kind /usr/bin/kind +RUN curl -Lo ./kind "https://github.com/kubernetes-sigs/kind/releases/latest/download/kind-$(uname)-amd64" && \ + chmod +x ./kind && \ + mv ./kind /usr/bin/kind # Install DevPod RUN rpm-ostree install $(curl https://api.github.com/repos/loft-sh/devpod/releases/latest | jq -r '.assets[] | select(.name| test(".*x86_64.rpm$")).browser_download_url') && \ - wget https://github.com/loft-sh/devpod/releases/latest/download/devpod-linux-amd64 -O /tmp/devpod && \ - install -c -m 0755 /tmp/devpod /usr/bin + wget https://github.com/loft-sh/devpod/releases/latest/download/devpod-linux-amd64 -O /tmp/devpod && \ + install -c -m 0755 /tmp/devpod /usr/bin # Install kns/kctx and add completions for Bash RUN wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubectx -O /usr/bin/kubectx && \ wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubens -O /usr/bin/kubens && \ chmod +x /usr/bin/kubectx /usr/bin/kubens -RUN systemctl enable podman.socket -RUN systemctl disable pmie.service -RUN systemctl disable pmlogger.service +# Install FlatHub OOTB, set up services +RUN mkdir -p /usr/etc/flatpak/remotes.d && \ + wget -q https://dl.flathub.org/repo/flathub.flatpakrepo -P /usr/etc/flatpak/remotes.d && \ + systemctl enable podman.socket && \ + systemctl enable ublue-hardware-setup.service && \ + systemctl enable ublue-flatpak-manager.service && \ + systemctl --global enable ublue-user-setup.service && \ + systemctl disable pmie.service && \ + systemctl disable pmlogger.service RUN /tmp/workarounds.sh # Clean up repos, everything is on the image so we don't need them -RUN rm -f /etc/yum.repos.d/bobslept-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo -RUN rm -f /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo -RUN rm -f /etc/yum.repos.d/vscode.repo -RUN rm -f /etc/yum.repos.d/docker-ce.repo -RUN rm -f /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:phracek:PyCharm.repo -RUN rm -f /etc/yum.repos.d/fedora-cisco-openh264.repo - -RUN rm -rf /tmp/* /var/* -RUN ostree container commit +RUN rm -f /etc/yum.repos.d/bobslept-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo && \ + rm -f /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo && \ + rm -f /etc/yum.repos.d/vscode.repo && \ + rm -f /etc/yum.repos.d/docker-ce.repo && \ + rm -f /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:phracek:PyCharm.repo && \ + rm -f /etc/yum.repos.d/fedora-cisco-openh264.repo && \ + rm -rf /tmp/* /var/* && \ + ostree container commit diff --git a/usr/bin/ublue-flatpak-manager b/usr/bin/ublue-flatpak-manager new file mode 100755 index 00000000000..230520d6583 --- /dev/null +++ b/usr/bin/ublue-flatpak-manager @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +# Script Version +VER=1 +VER_FILE="/etc/ublue/flatpak_manager_version" +VER_RAN=$(cat $VER_FILE) + +# Run script if updated +if [[ -f $VER_FILE && $VER = $VER_RAN ]]; then + echo "Flatpak manager v$VER has already ran. Exiting..." + exit 0 +fi + +# Opt out of and remove Fedora's flatpak repo +if grep -qz 'fedora' <<< $(flatpak remotes); then + /usr/lib/fedora-third-party/fedora-third-party-opt-out + /usr/bin/fedora-third-party disable + flatpak remote-delete fedora --force +fi + +# Lists of flatpaks +FLATPAK_LIST=$(flatpak list --columns=application) +INSTALL_LIST=$(cat /usr/etc/flatpak/install) +REMOVE_LIST=$(cat /usr/etc/flatpak/remove) + +# Install flatpaks in list +if [[ -n $INSTALL_LIST ]]; then + for flatpak in $INSTALL_LIST; do + if grep -qvz $flatpak <<< $FLATPAK_LIST; then + flatpak install --system --noninteractive flathub $flatpak + fi + done +fi + +# Remove flatpaks in list +if [[ -n $REMOVE_LIST ]]; then + for flatpak in $REMOVE_LIST; do + if grep -qz $flatpak <<< $FLATPAK_LIST; then + flatpak remove --system --noninteractive $flatpak + fi + done +fi + +mkdir -p /etc/ublue +echo $VER > $VER_FILE diff --git a/usr/bin/ublue-hardware-setup b/usr/bin/ublue-hardware-setup new file mode 100755 index 00000000000..a49437c055b --- /dev/null +++ b/usr/bin/ublue-hardware-setup @@ -0,0 +1,104 @@ +#!/usr/bin/env bash + +IMAGE_INFO="/usr/share/ublue-os/image-info.json" +IMAGE_NAME=$(jq -r '."image-name"' < $IMAGE_INFO) +IMAGE_FLAVOR=$(jq -r '."image-flavor"' < $IMAGE_INFO) + +# SCRIPT VERSION +HWS_VER=1 +HWS_VER_FILE="/etc/ublue/hws_version" +HWS_VER_RAN=$(cat $HWS_VER_FILE) + +# IMAGE IDENTIFIERS +KNOWN_IMAGE_NAME_FILE="/etc/ublue/image_name" +KNOWN_IMAGE_NAME=$(cat $KNOWN_IMAGE_NAME_FILE) +KNOWN_IMAGE_FLAVOR_FILE="/etc/ublue/image_flavor" +KNOWN_IMAGE_FLAVOR=$(cat $KNOWN_IMAGE_FLAVOR_FILE) + +# Run script if updated +if [[ -f $HWS_VER_FILE && $HWS_VER = $HWS_VER_RAN ]]; then + if [[ -f $KNOWN_IMAGE_NAME_FILE && -f $KNOWN_IMAGE_FLAVOR_FILE ]]; then + # Run script if image has been rebased + if [[ $IMAGE_NAME = $KNOWN_IMAGE_NAME && $IMAGE_FLAVOR = $KNOWN_IMAGE_FLAVOR ]]; then + echo "Hardware setup has already run. Exiting..." + exit 0 + fi + fi +fi + +# GLOBAL +SYS_ID="$(cat /sys/devices/virtual/dmi/id/product_name)" +GPU_ID=$(lspci -k | grep -A 3 -E "(VGA|3D)") +KARGS=$(rpm-ostree kargs) +NEEDED_KARGS="" +echo "Current kargs: $KARGS" +mkdir -p /etc/ublue + +if grep -qz "Kernel driver in use: radeon" <<< $GPU_ID; then + echo "Legacy AMD hardware detected, enabling CIK and SI support in AMDGPU" + if [[ ! $KARGS =~ "radeon.si_support" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=radeon.si_support=0" + fi + + if [[ ! $KARGS =~ "radeon.cik_support" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=radeon.cik_support=0" + fi + + if [[ ! $KARGS =~ "amdgpu.si_support" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=amdgpu.si_support=1" + fi + + if [[ ! $KARGS =~ "amdgpu.cik_support" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=amdgpu.cik_support=1" + fi +fi + +if [[ $IMAGE_FLAVOR = "nvidia" ]]; then + echo "Checking for needed karg changes (Nvidia)" + + if [[ ! $KARGS =~ "rd.driver.blacklist" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=rd.driver.blacklist=nouveau" + fi + + if [[ ! $KARGS =~ "modprobe.blacklist" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=modprobe.blacklist=nouveau" + fi + + if [[ ! $KARGS =~ "nvidia-drm.modeset" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=nvidia-drm.modeset=1" + fi +else + echo "Checking for needed karg changes" + + if [[ $KARGS =~ "rd.driver.blacklist" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --delete=rd.driver.blacklist=nouveau" + fi + + if [[ $KARGS =~ "modprobe.blacklist" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --delete=modprobe.blacklist=nouveau" + fi + + if [[ $KARGS =~ "nvidia-drm.modeset" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --delete=nvidia-drm.modeset=1" + fi +fi + +if [[ $KARGS =~ "nomodeset" ]]; then + echo "Removing nomodeset" + NEEDED_KARGS="$NEEDED_KARGS --delete=nomodeset" +fi + +if [[ ! $KARGS =~ "rd.luks.options" ]]; then + NEEDED_KARGS="$NEEDED_KARGS --append=rd.luks.options=discard" +fi + +if [[ -n "$NEEDED_KARGS" ]]; then + echo "Found needed karg changes, applying the following: $NEEDED_KARGS" + rpm-ostree kargs ${NEEDED_KARGS} --reboot || exit 1 +else + echo "No karg changes needed" +fi + +echo $HWS_VER > $HWS_VER_FILE +echo $IMAGE_NAME > $KNOWN_IMAGE_NAME_FILE +echo $IMAGE_FLAVOR > $KNOWN_IMAGE_FLAVOR_FILE diff --git a/usr/bin/ublue-user-setup b/usr/bin/ublue-user-setup new file mode 100755 index 00000000000..d45b51aa46a --- /dev/null +++ b/usr/bin/ublue-user-setup @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +# SCRIPT VERSION +USER_SETUP_VER=1 +USER_SETUP_VER_FILE="$HOME/.ublue-configured" +USER_SETUP_VER_RAN=$(cat $USER_SETUP_VER_FILE) + +# Run script if updated +if [[ -f $USER_SETUP_VER_FILE && $USER_SETUP_VER = $USER_SETUP_VER_RAN ]]; then + echo "User setup has already run. Exiting..." + exit 0 +fi + +IMAGE_INFO="/usr/share/ublue-os/image-info.json" +IMAGE_NAME=$(jq -r '."image-name"' < $IMAGE_INFO) + +# Enable NTP +timedatectl set-ntp true + +# Setup Flathub +if grep -qz 'fedora' <<< $(flatpak remotes); then + flatpak remote-delete --user fedora --force +fi +flatpak remote-add --if-not-exists --user flathub /etc/flatpak/remotes.d/flathub.flatpakrepo + +# Prevent future executions +echo "Writing state file" +echo $USER_SETUP_VER > $USER_SETUP_VER_FILE diff --git a/usr/etc/flatpak/install b/usr/etc/flatpak/install new file mode 100644 index 00000000000..3c0127728a2 --- /dev/null +++ b/usr/etc/flatpak/install @@ -0,0 +1,18 @@ +org.mozilla.firefox +com.mattjakeman.ExtensionManager +io.missioncenter.MissionCenter +org.gnome.Calculator +org.gnome.Calendar +org.gnome.Characters +org.gnome.Contacts +org.gnome.Evince +org.gnome.Logs +org.gnome.Loupe +org.gnome.Maps +org.gnome.NautilusPreviewer +org.gnome.TextEditor +org.gnome.Weather +org.gnome.baobab +org.gnome.Totem +org.gnome.clocks +org.gnome.font-viewer diff --git a/usr/etc/flatpak/remove b/usr/etc/flatpak/remove new file mode 100644 index 00000000000..f5a7d95bb56 --- /dev/null +++ b/usr/etc/flatpak/remove @@ -0,0 +1 @@ +org.gnome.Cheese diff --git a/usr/etc/yafti.yml b/usr/etc/yafti.yml index 898c46eb4fe..7292c288f80 100644 --- a/usr/etc/yafti.yml +++ b/usr/etc/yafti.yml @@ -9,20 +9,6 @@ screens: icon: "/path/to/icon" description: | Pick some applications to get started - can-we-modify-your-flatpaks: - source: yafti.screen.consent - values: - title: Welcome, Traveler - condition: - run: flatpak remotes --system | grep fedora - description: | - WARNING: This will modify your Flatpaks if you are rebasing! If you do not want to do this exit the installer. - actions: - - run: /usr/lib/fedora-third-party/fedora-third-party-opt-out - - run: /usr/bin/fedora-third-party disable - - run: flatpak remote-delete fedora --force - - run: flatpak remove --system --noninteractive --all - - run: flatpak remote-add --if-not-exists --user flathub https://flathub.org/repo/flathub.flatpakrepo install-required-packages: source: yafti.screen.package values: diff --git a/usr/lib/systemd/system/ublue-flatpak-manager.service b/usr/lib/systemd/system/ublue-flatpak-manager.service new file mode 100644 index 00000000000..cbc7f43ca93 --- /dev/null +++ b/usr/lib/systemd/system/ublue-flatpak-manager.service @@ -0,0 +1,13 @@ +[Unit] +Description=Manage system flatpaks +Documentation=https://github.com/ublue-os/endlish-oesque/issues/10 +Wants=network-online.target +After=network-online.target ublue-hardware-setup.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ublue-flatpak-manager +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/usr/lib/systemd/system/ublue-hardware-setup.service b/usr/lib/systemd/system/ublue-hardware-setup.service new file mode 100644 index 00000000000..5100318d767 --- /dev/null +++ b/usr/lib/systemd/system/ublue-hardware-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Configure system for current hardware +After=rpm-ostreed.service +Before=systemd-user-sessions.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ublue-hardware-setup + +[Install] +WantedBy=multi-user.target diff --git a/usr/lib/systemd/user/ublue-user-setup.service b/usr/lib/systemd/user/ublue-user-setup.service new file mode 100644 index 00000000000..c26590a0055 --- /dev/null +++ b/usr/lib/systemd/user/ublue-user-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Configure system for current user +Requires=xdg-desktop-autostart.target + +[Service] +Type=simple +ExecStart=/usr/bin/ublue-user-setup + +[Install] +WantedBy=default.target