diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d41d98d..ddc647d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,8 +14,8 @@ on: workflow_dispatch: env: - MY_IMAGE_NAME: "ublue-custom" # the name of the image produced by this build - MY_IMAGE_DESC: "My Customized Universal Blue System Image" + MY_IMAGE_NAME: "bazzite-gnome-custom" # the name of the image produced by this build + MY_IMAGE_DESC: "My Customized Bazzite System Image" IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}" # do not edit jobs: diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml new file mode 100644 index 0000000..a0655b9 --- /dev/null +++ b/.github/workflows/build_iso.yml @@ -0,0 +1,141 @@ +name: Build ISOs + +on: + workflow_dispatch: + workflow_call: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-iso + cancel-in-progress: true + +jobs: + build-iso: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + id-token: write + strategy: + fail-fast: false + matrix: + image_name: + - bazzite-gnome-custom + major_version: [40] + steps: + + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + + - name: Checkout Repo + uses: actions/checkout@v4 + + - name: Set Image Tag + id: generate-tag + shell: bash + run: | + TAG="stable" + + if [[ "${{ github.ref_name }}" == "testing" ]]; then + TAG="testing" + fi + + # Would like to implement in the future. This will allow us to support image tags from a PR. + #if [[ github.event.number ]]; then + # TAG="pr-${{ github.event.number }}-${{ matrix.major_version }}" + #fi + + echo "tag=${TAG}" >> $GITHUB_OUTPUT + + - name: Set EXTRA_BOOT_PARAMS + id: generate-extra-params + shell: bash + run: | + EXTRA_BOOT_PARAMS="" + if [[ "${{ matrix.image_name }}" =~ "deck" ]]; then + EXTRA_BOOT_PARAMS="inst.resolution=1280x800" + fi + echo "extra-boot-params=${EXTRA_BOOT_PARAMS}" >> $GITHUB_OUTPUT + + - name: Set Flatpaks Directory Shortname + id: generate-flatpak-dir-shortname + shell: bash + run: | + FLATPAK_DIR_SHORTNAME="installer/kde_flatpaks" + + if [[ "${{ matrix.image_name }}" =~ "gnome" ]]; then + FLATPAK_DIR_SHORTNAME="installer/gnome_flatpaks" + fi + + echo "flatpak-dir-shortname=${FLATPAK_DIR_SHORTNAME}" >> $GITHUB_OUTPUT + + - name: Determine Flatpak Dependencies + id: flatpak_dependencies + shell: bash + run: | + set -ex + image="ghcr.io/ublue-os/${{ matrix.image_name }}:${{ steps.generate-tag.outputs.tag }}" + # Make temp space + TEMP_FLATPAK_INSTALL_DIR=$(mktemp -d -p ${{ github.workspace }} flatpak.XXX) + # Get list of refs from directory + FLATPAK_REFS_DIR=${{ github.workspace }}/${{ steps.generate-flatpak-dir-shortname.outputs.flatpak-dir-shortname }} + FLATPAK_REFS_DIR_LIST=$(cat ${FLATPAK_REFS_DIR}/* | tr '\n' ' ' ) + # Generate install script + cat << EOF > ${TEMP_FLATPAK_INSTALL_DIR}/script.sh + cat /temp_flatpak_install_dir/script.sh + mkdir -p /flatpak/flatpak /flatpak/triggers + mkdir /var/tmp || true + chmod -R 1777 /var/tmp + flatpak config --system --set languages "*" + flatpak remote-add --system flathub https://flathub.org/repo/flathub.flatpakrepo + flatpak install --system -y ${FLATPAK_REFS_DIR_LIST} + ostree refs --repo=\${FLATPAK_SYSTEM_DIR}/repo | grep '^deploy/' | grep -v 'org\.freedesktop\.Platform\.openh264' | sed 's/^deploy\///g' > /output/flatpaks_with_deps + EOF + docker run --rm --privileged \ + --entrypoint bash \ + -e FLATPAK_SYSTEM_DIR=/flatpak/flatpak \ + -e FLATPAK_TRIGGERSDIR=/flatpak/triggers \ + --volume ${FLATPAK_REFS_DIR}:/output \ + --volume ${TEMP_FLATPAK_INSTALL_DIR}:/temp_flatpak_install_dir \ + ${image} /temp_flatpak_install_dir/script.sh + docker rmi ${image} + + - name: Build ISOs + uses: jasonn3/build-container-installer@v1.2.0 + id: build + with: + arch: x86_64 + image_name: ${{ matrix.image_name }} + image_repo: ghcr.io/badbl0cks + variant: 'Kinoite' + version: ${{ matrix.major_version }} + image_tag: ${{ steps.generate-tag.outputs.tag }} + secure_boot_key_url: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' + enrollment_password: 'ublue-os' + iso_name: ${{ matrix.image_name }}-${{ steps.generate-tag.outputs.tag }}.iso + enable_cache_dnf: "false" + enable_cache_skopeo: "false" + flatpak_remote_refs_dir: ${{ steps.generate-flatpak-dir-shortname.outputs.flatpak-dir-shortname }} + enable_flatpak_dependencies: "false" + extra_boot_params: ${{ steps.generate-extra-params.outputs.extra-boot-params }} + + - name: Move ISOs to Upload Directory + id: upload-directory + shell: bash + run: | + ISO_UPLOAD_DIR=${{ github.workspace }}/upload + mkdir ${ISO_UPLOAD_DIR} + mv ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }} ${ISO_UPLOAD_DIR} + mv ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }}-CHECKSUM ${ISO_UPLOAD_DIR} + echo "iso-upload-dir=${ISO_UPLOAD_DIR}" >> $GITHUB_OUTPUT + + - name: Upload ISOs and Checksum to Job Artifacts + #if: github.ref_name == 'testing' + #if: github.event_name == 'pull_request' + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.image_name }}-${{ steps.generate-tag.outputs.tag }}-${{ matrix.major_version}} + path: ${{ steps.upload-directory.outputs.iso-upload-dir }} + if-no-files-found: error + retention-days: 0 + compression-level: 0 + overwrite: true diff --git a/Containerfile b/Containerfile index b4cbcce..c772257 100644 --- a/Containerfile +++ b/Containerfile @@ -15,7 +15,7 @@ # - "base" # # "aurora", "bazzite", "bluefin" or "ucore" may also be used but have different suffixes. -ARG SOURCE_IMAGE="silverblue" +ARG SOURCE_IMAGE="bazzite" ## SOURCE_SUFFIX arg should include a hyphen and the appropriate suffix name # These examples all work for silverblue/kinoite/sericea/onyx/lazurite/vauxite/base @@ -33,10 +33,10 @@ ARG SOURCE_IMAGE="silverblue" # - stable-zfs # - stable-nvidia-zfs # - (and the above with testing rather than stable) -ARG SOURCE_SUFFIX="-main" +ARG SOURCE_SUFFIX="-gnome" ## FEDORA_VERSION arg must be a version built by ublue: eg, 39 or 40 -ARG FEDORA_VERSION="39" +ARG FEDORA_VERSION="40-testing" ### 2. SOURCE IMAGE diff --git a/build.sh b/build.sh index d5fb95d..0039c0e 100755 --- a/build.sh +++ b/build.sh @@ -13,15 +13,30 @@ RELEASE="$(rpm -E %fedora)" # https://mirrors.rpmfusion.org/mirrorlist?path=free/fedora/updates/39/x86_64/repoview/index.html&protocol=https&redirect=1 # this installs a package from fedora repos -rpm-ostree install screen +rpm-ostree install \ + freeipa-client \ + usbguard \ + zsh \ + libvirt \ + virt-manager \ + autofs \ + gstreamer1-plugins-ugly-free \ + gstreamer1-plugins-bad-free \ + gstreamer1-plugins-bad-free-extras \ + gstreamer1-plugins-good \ + gstreamer1-plugins-good-extras \ + gstreamer1-plugins-base \ + gstreamer1-plugins-base-tools \ + wireguard-tools \ + trash-cli # this would install a package from rpmfusion -#RUN rpm-ostree install vlc +#rpm-ostree install vlc #### Change to System Configuration Files # this example modifies default timeouts to prevent slow reboots from services that won't stop -sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/user.conf -sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/system.conf +#sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/user.conf +#sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/system.conf diff --git a/cosign.pub b/cosign.pub new file mode 100644 index 0000000..6ea8a28 --- /dev/null +++ b/cosign.pub @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESCLT/nZpT/cuJudCqEIzoCTJZPs3 +ZdeBil6MG9FMJ7nGgj3+f1pSCAPHORz9WPLLAntu9iMp18rM0pN5fYyZLQ== +-----END PUBLIC KEY-----