Skip to content

Commit

Permalink
update firefox policies, fix appimagelauncher
Browse files Browse the repository at this point in the history
  • Loading branch information
b- committed Oct 14, 2023
1 parent 3877731 commit e295cd8
Show file tree
Hide file tree
Showing 2 changed files with 88 additions and 74 deletions.
152 changes: 79 additions & 73 deletions Containerfile
Original file line number Diff line number Diff line change
Expand Up @@ -27,77 +27,82 @@ COPY image-info.sh /tmp/image-info.sh
# Copy ublue-update.toml to tmp first, to avoid being overwritten.
COPY usr/etc/ublue-update/ublue-update.toml /tmp/ublue-update.toml


# Add ublue kmods, add needed negativo17 repo and then immediately disable due to incompatibility with RPMFusion
COPY --from=ghcr.io/ublue-os/akmods:${AKMODS_FLAVOR}-${FEDORA_MAJOR_VERSION} /rpms /tmp/akmods-rpms
RUN sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo && \
wget https://negativo17.org/repos/fedora-multimedia.repo -O /etc/yum.repos.d/negativo17-fedora-multimedia.repo && \
if [[ "${FEDORA_MAJOR_VERSION}" -ge "39" ]]; then \
RUN sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo &&
wget https://negativo17.org/repos/fedora-multimedia.repo -O /etc/yum.repos.d/negativo17-fedora-multimedia.repo &&
if [[ "${FEDORA_MAJOR_VERSION}" -ge "39" ]]; then
rpm-ostree install \
/tmp/akmods-rpms/kmods/*xpadneo*.rpm \
/tmp/akmods-rpms/kmods/*xpad-noone*.rpm \
/tmp/akmods-rpms/kmods/*xone*.rpm \
/tmp/akmods-rpms/kmods/*openrazer*.rpm \
/tmp/akmods-rpms/kmods/*v4l2loopback*.rpm \
/tmp/akmods-rpms/kmods/*wl*.rpm \
; else \
;
else
rpm-ostree install \
/tmp/akmods-rpms/kmods/*evdi*.rpm \
; fi && \
sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/negativo17-fedora-multimedia.repo && \
mkdir -p /etc/akmods-rpms/ && \
;
fi &&
sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/negativo17-fedora-multimedia.repo &&
mkdir -p /etc/akmods-rpms/ &&
mv /tmp/akmods-rpms/kmods/*steamdeck*.rpm /etc/akmods-rpms/steamdeck.rpm

# GNOME VRR
RUN wget https://copr.fedorainfracloud.org/coprs/kylegospo/gnome-vrr/repo/fedora-"${FEDORA_MAJOR_VERSION}"/kylegospo-gnome-vrr-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/_copr_kylegospo-gnome-vrr.repo && \
if [ ${FEDORA_MAJOR_VERSION} -lt 39 ]; then \
RUN wget https://copr.fedorainfracloud.org/coprs/kylegospo/gnome-vrr/repo/fedora-"${FEDORA_MAJOR_VERSION}"/kylegospo-gnome-vrr-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/_copr_kylegospo-gnome-vrr.repo &&
if [ ${FEDORA_MAJOR_VERSION} -lt 39 ]; then
rpm-ostree override replace --experimental --from repo=copr:copr.fedorainfracloud.org:kylegospo:gnome-vrr mutter mutter-common gnome-control-center gnome-control-center-filesystem xorg-x11-server-Xwayland \
; else \
;
else
rpm-ostree override replace --experimental --from repo=copr:copr.fedorainfracloud.org:kylegospo:gnome-vrr mutter mutter-common gnome-control-center gnome-control-center-filesystem \
; fi && \
;
fi &&
rm -f /etc/yum.repos.d/_copr_kylegospo-gnome-vrr.repo

# Starship Shell Prompt
RUN curl -Lo /tmp/starship.tar.gz "https://github.com/starship/starship/releases/latest/download/starship-x86_64-unknown-linux-gnu.tar.gz" && \
tar -xzf /tmp/starship.tar.gz -C /tmp && \
install -c -m 0755 /tmp/starship /usr/bin && \
echo 'eval "$(starship init bash)"' >> /etc/bashrc

RUN wget https://copr.fedorainfracloud.org/coprs/ublue-os/bling/repo/fedora-$(rpm -E %fedora)/ublue-os-bling-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_ublue-os-bling.repo && \
wget https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo && \
/tmp/build.sh && \
/tmp/image-info.sh && \
pip install --prefix=/usr yafti && \
mkdir -p /usr/etc/flatpak/remotes.d && \
wget -q https://dl.flathub.org/repo/flathub.flatpakrepo -P /usr/etc/flatpak/remotes.d && \
cp /tmp/ublue-update.toml /usr/etc/ublue-update/ublue-update.toml && \
systemctl enable rpm-ostree-countme.service && \
systemctl enable tailscaled.service && \
systemctl enable dconf-update.service && \
if [ ${FEDORA_MAJOR_VERSION} -gt 38 ]; then \
RUN curl -Lo /tmp/starship.tar.gz "https://github.com/starship/starship/releases/latest/download/starship-x86_64-unknown-linux-gnu.tar.gz" &&
tar -xzf /tmp/starship.tar.gz -C /tmp &&
install -c -m 0755 /tmp/starship /usr/bin &&
echo 'eval "$(starship init bash)"' >>/etc/bashrc

RUN wget https://copr.fedorainfracloud.org/coprs/ublue-os/bling/repo/fedora-$(rpm -E %fedora)/ublue-os-bling-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_ublue-os-bling.repo &&
wget https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo &&
/tmp/build.sh &&
/tmp/image-info.sh &&
pip install --prefix=/usr yafti &&
mkdir -p /usr/etc/flatpak/remotes.d &&
wget -q https://dl.flathub.org/repo/flathub.flatpakrepo -P /usr/etc/flatpak/remotes.d &&
cp /tmp/ublue-update.toml /usr/etc/ublue-update/ublue-update.toml &&
systemctl enable rpm-ostree-countme.service &&
systemctl enable tailscaled.service &&
systemctl enable dconf-update.service &&
if [ ${FEDORA_MAJOR_VERSION} -gt 38 ]; then
systemctl enable ublue-update.timer \
; else \
;
else
systemctl disable ublue-update.timer \
; fi && \
systemctl enable ublue-system-setup.service && \
systemctl enable ublue-system-flatpak-manager.service && \
systemctl --global enable ublue-user-flatpak-manager.service && \
systemctl --global enable ublue-user-setup.service && \
fc-cache -f /usr/share/fonts/ubuntu && \
fc-cache -f /usr/share/fonts/inter && \
find /tmp/just -iname '*.just' -exec printf "\n\n" \; -exec cat {} \; >> /usr/share/ublue-os/just/60-custom.just && \
rm -f /etc/yum.repos.d/tailscale.repo && \
rm -f /etc/yum.repos.d/_copr_ublue-os-bling.repo && \
rm -f /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo && \
rm -f /usr/share/applications/fish.desktop && \
rm -f /usr/share/applications/htop.desktop && \
rm -f /usr/share/applications/nvtop.desktop && \
sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/user.conf && \
sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/system.conf && \
sed -i '/^PRETTY_NAME/s/Silverblue/Bluefin/' /usr/lib/os-release && \
rm -rf /tmp/* /var/* && \
ostree container commit && \
mkdir -p /var/tmp && \
;
fi &&
systemctl enable ublue-system-setup.service &&
systemctl enable ublue-system-flatpak-manager.service &&
systemctl --global enable ublue-user-flatpak-manager.service &&
systemctl --global enable ublue-user-setup.service &&
fc-cache -f /usr/share/fonts/ubuntu &&
fc-cache -f /usr/share/fonts/inter &&
find /tmp/just -iname '*.just' -exec printf "\n\n" \; -exec cat {} \; >>/usr/share/ublue-os/just/60-custom.just &&
rm -f /etc/yum.repos.d/tailscale.repo &&
rm -f /etc/yum.repos.d/_copr_ublue-os-bling.repo &&
rm -f /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo &&
rm -f /usr/share/applications/fish.desktop &&
rm -f /usr/share/applications/htop.desktop &&
rm -f /usr/share/applications/nvtop.desktop &&
sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/user.conf &&
sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/system.conf &&
sed -i '/^PRETTY_NAME/s/Silverblue/Bluefin/' /usr/lib/os-release &&
rm -rf /tmp/* /var/* &&
ostree container commit &&
mkdir -p /var/tmp &&
chmod -R 1777 /var/tmp

## bluefin-dx developer edition image section
Expand All @@ -114,22 +119,22 @@ ARG PACKAGE_LIST="bluefin-dx"
COPY dx/usr /usr
COPY dx/etc/yum.repos.d/ /etc/yum.repos.d/
COPY workarounds.sh \
packages.json \
build.sh \
image-info.sh \
packages.json \
build.sh \
image-info.sh \
/tmp

# Apply IP Forwarding before installing Docker to prevent messing with LXC networking
RUN sysctl -p

RUN wget https://copr.fedorainfracloud.org/coprs/ganto/lxc4/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo && \
RUN wget https://copr.fedorainfracloud.org/coprs/ganto/lxc4/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo &&
wget https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo

# Handle packages via packages.json
RUN /tmp/build.sh && \
RUN /tmp/build.sh &&
/tmp/image-info.sh

RUN wget https://github.com/docker/compose/releases/latest/download/docker-compose-linux-x86_64 -O /tmp/docker-compose && \
RUN wget https://github.com/docker/compose/releases/latest/download/docker-compose-linux-x86_64 -O /tmp/docker-compose &&
install -c -m 0755 /tmp/docker-compose /usr/bin

COPY --from=cgr.dev/chainguard/flux:latest /usr/bin/flux /usr/bin/flux
Expand All @@ -138,23 +143,23 @@ COPY --from=cgr.dev/chainguard/ko:latest /usr/bin/ko /usr/bin/ko
COPY --from=cgr.dev/chainguard/minio-client:latest /usr/bin/mc /usr/bin/mc
COPY --from=cgr.dev/chainguard/kubectl:latest /usr/bin/kubectl /usr/bin/kubectl

RUN curl -Lo ./kind "https://github.com/kubernetes-sigs/kind/releases/latest/download/kind-$(uname)-amd64" && \
chmod +x ./kind && \
RUN curl -Lo ./kind "https://github.com/kubernetes-sigs/kind/releases/latest/download/kind-$(uname)-amd64" &&
chmod +x ./kind &&
mv ./kind /usr/bin/kind

# Install DevPod
RUN rpm-ostree install $(curl https://api.github.com/repos/loft-sh/devpod/releases/latest | jq -r '.assets[] | select(.name| test(".*x86_64.rpm$")).browser_download_url') && \
wget https://github.com/loft-sh/devpod/releases/latest/download/devpod-linux-amd64 -O /tmp/devpod && \
RUN rpm-ostree install $(curl https://api.github.com/repos/loft-sh/devpod/releases/latest | jq -r '.assets[] | select(.name| test(".*x86_64.rpm$")).browser_download_url') &&
wget https://github.com/loft-sh/devpod/releases/latest/download/devpod-linux-amd64 -O /tmp/devpod &&
install -c -m 0755 /tmp/devpod /usr/bin

# Install kns/kctx and add completions for Bash
RUN wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubectx -O /usr/bin/kubectx && \
wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubens -O /usr/bin/kubens && \
RUN wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubectx -O /usr/bin/kubectx &&
wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubens -O /usr/bin/kubens &&
chmod +x /usr/bin/kubectx /usr/bin/kubens

# Set up services
RUN systemctl enable podman.socket && \
systemctl disable pmie.service && \
RUN systemctl enable podman.socket &&
systemctl disable pmie.service &&
systemctl disable pmlogger.service

### BEGIN bri
Expand All @@ -174,18 +179,19 @@ RUN /tmp/1password.sh
### add Google Chrome
RUN /tmp/google-chrome.sh

### END bri

### add appimagelauncher
RUN rpm-ostree install "https://github.com/TheAssassin/AppImageLauncher/releases/download/continuous/appimagelauncher-2.2.0-gha111.d9d4c73.x86_64.rpm"

### END bri

RUN /tmp/workarounds.sh

# Clean up repos, everything is on the image so we don't need them
RUN rm -f /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo && \
rm -f /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo && \
rm -f /etc/yum.repos.d/vscode.repo && \
rm -f /etc/yum.repos.d/docker-ce.repo && \
rm -f /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:phracek:PyCharm.repo && \
rm -f /etc/yum.repos.d/fedora-cisco-openh264.repo && \
rm -rf /tmp/* /var/* && \
RUN rm -f /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo &&
rm -f /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo &&
rm -f /etc/yum.repos.d/vscode.repo &&
rm -f /etc/yum.repos.d/docker-ce.repo &&
rm -f /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:phracek:PyCharm.repo &&
rm -f /etc/yum.repos.d/fedora-cisco-openh264.repo &&
rm -rf /tmp/* /var/* &&
ostree container commit
10 changes: 9 additions & 1 deletion usr/lib64/firefox/distribution/policies.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
{
"policies": {
"DisablePocket": true
"DisablePocket": true,
"FirefoxHome": {
"SponsoredTopSites": false,
"Highlights": false,
"Pocket": false,
"SponsoredPocket": false,
"Snippets": false,
"Locked": false
}
}
}

0 comments on commit e295cd8

Please sign in to comment.