diff --git a/Containerfile b/Containerfile index 0786b547..31f3e95f 100644 --- a/Containerfile +++ b/Containerfile @@ -3,50 +3,47 @@ ARG SOURCE_IMAGE="${SOURCE_IMAGE:-silverblue}" ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/${SOURCE_IMAGE}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}" -FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS nokmods +FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS main ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}" COPY github-release-install.sh \ - nokmods-install.sh \ - nokmods-post-install.sh \ - nokmods-packages.json \ + install.sh \ + post-install.sh \ + packages.sh \ + packages.json \ /tmp/ COPY --from=ghcr.io/ublue-os/config:latest /rpms /tmp/rpms RUN wget https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-$(rpm -E %fedora)/ublue-os-staging-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_ublue-os_staging.repo && \ wget https://copr.fedorainfracloud.org/coprs/kylegospo/oversteer/repo/fedora-$(rpm -E %fedora)/kylegospo-oversteer-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo_oversteer.repo && \ - /tmp/nokmods-install.sh && \ - /tmp/nokmods-post-install.sh && \ + /tmp/install.sh && \ + /tmp/post-install.sh && \ ## bootc wget https://copr.fedorainfracloud.org/coprs/rhcontainerbot/bootc/repo/fedora-"${FEDORA_MAJOR_VERSION}"/bootc-"${FEDORA_MAJOR_VERSION}".repo -O /etc/yum.repos.d/bootc.repo && \ rpm-ostree install bootc && \ rm -f /etc/yum.repos.d/bootc.repo && \ rm -f /etc/yum.repos.d/_copr_ublue-os_staging.repo && \ rm -f /etc/yum.repos.d/_copr_kylegospo_oversteer.repo && \ - rm -rf /tmp/* /var/* - -RUN ostree container commit && \ + rm -rf /tmp/* /var/* && \ + ostree container commit && \ mkdir -p /var/tmp && chmod -R 1777 /var/tmp -FROM nokmods AS main +FROM main AS legacy ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}" -COPY main-install.sh /tmp/main-install.sh -COPY main-sys_files /tmp/modprobe +COPY legacy-install.sh /tmp/legacy-install.sh +COPY legacy-sys_files /tmp/legacy COPY --from=ghcr.io/ublue-os/akmods:main-${FEDORA_MAJOR_VERSION} /rpms /tmp/akmods-rpms -# Exclude kmods from Fedora 39 and future main images -RUN if [[ ${FEDORA_MAJOR_VERSION} -le 38 ]]; then \ - cp -rf /tmp/modprobe/* / && \ - /tmp/main-install.sh \ - ; fi && \ - rm -rf /tmp/* /var/* - -RUN ostree container commit && \ +# Only "legacy (Fedora 38 and older) get kmods in Universal Blue "main" +# legacy-install.sh will error if running in Fedora 39 or newer. +RUN /tmp/legacy-install.sh && \ + rm -rf /tmp/* /var/* && \ + ostree container commit && \ mkdir -p /var/tmp && chmod -R 1777 /var/tmp diff --git a/install.sh b/install.sh new file mode 100755 index 00000000..8450713a --- /dev/null +++ b/install.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +set -ouex pipefail + +RELEASE="$(rpm -E %fedora)" + +wget -P /tmp/rpms \ + https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-${RELEASE}.noarch.rpm \ + https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-${RELEASE}.noarch.rpm + +rpm-ostree install \ + /tmp/rpms/*.rpm \ + fedora-repos-archive + +# force use of single rpmfusion mirror +sed -i.bak 's%^metalink=%#metalink=%' /etc/yum.repos.d/rpmfusion-*.repo +sed -i 's%^#baseurl=http://download1.rpmfusion.org%baseurl=http://mirrors.ocf.berkeley.edu/rpmfusion%' /etc/yum.repos.d/rpmfusion-*.repo +# after F39 launches, bump to 40 +if [[ "${FEDORA_MAJOR_VERSION}" -ge 39 ]]; then + sed -i 's%free/fedora/releases%free/fedora/development%' /etc/yum.repos.d/rpmfusion-*.repo +fi + +# run common packages script +/tmp/packages.sh + +## install packages direct from github +/tmp/github-release-install.sh sigstore/cosign x86_64 + +# reset forced use of single rpmfusion mirror +rename -v .repo.bak .repo /etc/yum.repos.d/rpmfusion-*repo.bak diff --git a/main-install.sh b/legacy-install.sh similarity index 58% rename from main-install.sh rename to legacy-install.sh index 27d10c70..42df1ec4 100755 --- a/main-install.sh +++ b/legacy-install.sh @@ -2,6 +2,20 @@ set -ouex pipefail +echo "DEPRECATED: Universal Blue will not include kmods in *-main images for Fedora ${FEDORA_MAJOR_VERSION} and newer." + +# Only run if FEDORA_MAJOR_VERSION is less than 39 +if [[ ${FEDORA_MAJOR_VERSION} -gt 38 ]]; then \ + exit 1 +fi + +# proceed with rest of script without further version checks + + +# copy legacy (akmods) related files into image filesystem +cp -rf /tmp/legacy/* / + + rpm-ostree install /tmp/akmods-rpms/ublue-os/ublue-os-akmods-addons*.rpm for REPO in $(rpm -ql ublue-os-akmods-addons|grep ^"/etc"|grep repo$); do echo "akmods: enable default entry: ${REPO}" @@ -16,18 +30,15 @@ if [[ "${FEDORA_MAJOR_VERSION}" -ge 39 ]]; then sed -i 's%free/fedora/releases%free/fedora/development%' /etc/yum.repos.d/rpmfusion-*.repo fi -# Only run if FEDORA_MAJOR_VERSION is not 39 -if grep -qv "39" <<< $FEDORA_MAJOR_VERSION; then - rpm-ostree install \ - kernel-devel-matched \ - kernel-tools \ - /tmp/akmods-rpms/kmods/*xpadneo*.rpm \ - /tmp/akmods-rpms/kmods/*xpad-noone*.rpm \ - /tmp/akmods-rpms/kmods/*xone*.rpm \ - /tmp/akmods-rpms/kmods/*openrazer*.rpm \ - /tmp/akmods-rpms/kmods/*v4l2loopback*.rpm \ - /tmp/akmods-rpms/kmods/*wl*.rpm -fi +rpm-ostree install \ + kernel-devel-matched \ + kernel-tools \ + /tmp/akmods-rpms/kmods/*xpadneo*.rpm \ + /tmp/akmods-rpms/kmods/*xpad-noone*.rpm \ + /tmp/akmods-rpms/kmods/*xone*.rpm \ + /tmp/akmods-rpms/kmods/*openrazer*.rpm \ + /tmp/akmods-rpms/kmods/*v4l2loopback*.rpm \ + /tmp/akmods-rpms/kmods/*wl*.rpm for REPO in $(rpm -ql ublue-os-akmods-addons|grep ^"/etc"|grep repo$); do echo "akmods: disable per defaults: ${REPO}" diff --git a/main-sys_files/usr/etc/modprobe.d/broadcom-wl-blacklist.conf b/legacy-sys_files/usr/etc/modprobe.d/broadcom-wl-blacklist.conf similarity index 100% rename from main-sys_files/usr/etc/modprobe.d/broadcom-wl-blacklist.conf rename to legacy-sys_files/usr/etc/modprobe.d/broadcom-wl-blacklist.conf diff --git a/main-sys_files/usr/etc/modprobe.d/default-disable-broadcom-wl.conf b/legacy-sys_files/usr/etc/modprobe.d/default-disable-broadcom-wl.conf similarity index 100% rename from main-sys_files/usr/etc/modprobe.d/default-disable-broadcom-wl.conf rename to legacy-sys_files/usr/etc/modprobe.d/default-disable-broadcom-wl.conf diff --git a/nokmods-packages.json b/packages.json similarity index 100% rename from nokmods-packages.json rename to packages.json diff --git a/nokmods-install.sh b/packages.sh similarity index 51% rename from nokmods-install.sh rename to packages.sh index 78bbc045..0c444c38 100755 --- a/nokmods-install.sh +++ b/packages.sh @@ -4,42 +4,28 @@ set -ouex pipefail RELEASE="$(rpm -E %fedora)" +# build list of all packages requested for inclusion INCLUDED_PACKAGES=($(jq -r "[(.all.include | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[]), \ (select(.\"$FEDORA_MAJOR_VERSION\" != null).\"$FEDORA_MAJOR_VERSION\".include | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[])] \ - | sort | unique[]" /tmp/nokmods-packages.json)) + | sort | unique[]" /tmp/packages.json)) + +# build list of all packages requested for exclusion EXCLUDED_PACKAGES=($(jq -r "[(.all.exclude | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[]), \ (select(.\"$FEDORA_MAJOR_VERSION\" != null).\"$FEDORA_MAJOR_VERSION\".exclude | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[])] \ - | sort | unique[]" /tmp/nokmods-packages.json)) + | sort | unique[]" /tmp/packages.json)) +# ensure exclusion list only contains packages already present on image if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then EXCLUDED_PACKAGES=($(rpm -qa --queryformat='%{NAME} ' ${EXCLUDED_PACKAGES[@]})) fi -wget -P /tmp/rpms \ - https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-${RELEASE}.noarch.rpm \ - https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-${RELEASE}.noarch.rpm - -rpm-ostree install \ - /tmp/rpms/*.rpm \ - fedora-repos-archive - -# force use of single rpmfusion mirror -sed -i.bak 's%^metalink=%#metalink=%' /etc/yum.repos.d/rpmfusion-*.repo -sed -i 's%^#baseurl=http://download1.rpmfusion.org%baseurl=http://mirrors.ocf.berkeley.edu/rpmfusion%' /etc/yum.repos.d/rpmfusion-*.repo -# after F39 launches, bump to 40 -if [[ "${FEDORA_MAJOR_VERSION}" -ge 39 ]]; then - sed -i 's%free/fedora/releases%free/fedora/development%' /etc/yum.repos.d/rpmfusion-*.repo -fi - +# simple case to install where no packages need excluding if [[ "${#INCLUDED_PACKAGES[@]}" -gt 0 && "${#EXCLUDED_PACKAGES[@]}" -eq 0 ]]; then rpm-ostree install \ ${INCLUDED_PACKAGES[@]} -elif [[ "${#INCLUDED_PACKAGES[@]}" -eq 0 && "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then - rpm-ostree override remove \ - ${EXCLUDED_PACKAGES[@]} - +# install/excluded packages both at same time elif [[ "${#INCLUDED_PACKAGES[@]}" -gt 0 && "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then rpm-ostree override remove \ ${EXCLUDED_PACKAGES[@]} \ @@ -50,8 +36,18 @@ else fi -## install packages direct from github -/tmp/github-release-install.sh sigstore/cosign x86_64 +# check if any excluded packages are still present +# (this can happen if an included package pulls in a dependency) +EXCLUDED_PACKAGES=($(jq -r "[(.all.exclude | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[]), \ + (select(.\"$FEDORA_MAJOR_VERSION\" != null).\"$FEDORA_MAJOR_VERSION\".exclude | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[])] \ + | sort | unique[]" /tmp/packages.json)) + +if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then + EXCLUDED_PACKAGES=($(rpm -qa --queryformat='%{NAME} ' ${EXCLUDED_PACKAGES[@]})) +fi -# reset forced use of single rpmfusion mirror -rename -v .repo.bak .repo /etc/yum.repos.d/rpmfusion-*repo.bak +# remove any excluded packages which are still present on image +if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then + rpm-ostree override remove \ + ${EXCLUDED_PACKAGES[@]} +fi diff --git a/nokmods-post-install.sh b/post-install.sh similarity index 100% rename from nokmods-post-install.sh rename to post-install.sh