Skip to content

Latest commit

 

History

History
126 lines (88 loc) · 4.56 KB

README.md

File metadata and controls

126 lines (88 loc) · 4.56 KB

My personal operating system based on Fedora Linux

Be sure to have knowledge of Silverblue or Kinoite before trying this !

This is using BlueBuild and the power of Github ! The current base image is Bazzite but it could change.

This is my attempt to have a fully descriptive operating system without the hassle of NixOS.

Atomic

From Project Atomic

a set of packages [[...]] pulled together with rpm-ostree to create a filesystem tree that can be deployed, and updated, as an atomic unit. This means that the entire base OS is updated simultaneously, and (just as with Docker containers) can be rolled back if needed.

Flavor

This is currently a KDE desktop for my computers (laptop and desktop). In the future it should contain Hyprland.

Boot and run

I try to incorporate all I need into the image itself.

Fork and make your own !

  1. Just follow those instructions to setup Github for automated builds with Actions.
  2. Copy what you want from here !

Recipe

The recipe.yml is an abstraction layer of Universal Blue's Containerfiles.

This configuration is split as follow :

  • Files (copy)
  • Rpm-ostree (packages install)
  • Flatpak (flatpak install/remove)
  • Systemd (manage services)
  • Scripts (run scripts and snippets)
  • Chezmoi (fetch your dotfiles and system configuration)
  • Fonts (install NerdFonts and GoogleFonts)

TODO: [] Distrobox premade containers [] Fix my dotfiles repository and enable it here [] Hardening [] on_first_run create VMs [] on_first_run create users and groups

After install

I hope you have encrypted your drive !

  1. Enroll TPM keys as LUKS

    • ujust setup-luks-tpm-unlock A) to remove or reinstall :
    • sudo sh /usr/libexec/luks-disable-tpm2-autounlock
  2. SecureBoot

  • unjust enroll-secure-boot-key

TODO :

[] CHEZMOI [] FingerPrint [ ] Ansible [] users [] dotfiles [] sysconfig [] Distrobox [] Custom images [] QEMU [] Windows [] Waydroid [] Backup/Restore [] Install applications

ublue-kde-workstation

See the BlueBuild docs for quick setup instructions for setting up your own repository based on this template.

After setup, it is recommended you update this README to describe your custom image.

Installation

Warning
This is an experimental feature, try at your own discretion.

To rebase an existing atomic Fedora installation to the latest build:

  • First rebase to the unsigned image, to get the proper signing keys and policies installed:
    rpm-ostree rebase ostree-unverified-registry:ghcr.io/johnr14/ublue-kde-workstation:latest
    
  • Reboot to complete the rebase:
    systemctl reboot
    
  • Then rebase to the signed image, like so:
    rpm-ostree rebase ostree-image-signed:docker://ghcr.io/johnr14/ublue-kde-workstation:latest
    
  • Reboot again to complete the installation
    systemctl reboot
    

The latest tag will automatically point to the latest build. That build will still always use the Fedora version specified in recipe.yml, so you won't get accidentally updated to the next major version.

ISO

This template includes a simple Github Action to build and release an ISO of your image.

To run the action, simply edit the boot_menu.yml by changing all the references to startingpoint to your repository. This should trigger the action automatically.

The Action currently uses ublue-os/isogenerator-old and works in a similar manner to the official Universal Blue ISO. If you have any issues, you should first check the documentation page on installation. The ISO is a netinstaller and should always pull the latest version of your image.

Note that this release-iso action is not a replacement for a full-blown release automation like release-please.

Verification

These images are signed with Sigstore's cosign. You can verify the signature by downloading the cosign.pub file from this repo and running the following command:

cosign verify --key cosign.pub ghcr.io/blue-build/legacy-template