particle-os/deb-bootc-image-builder
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
deb-bootc-image-builder/docs/user-guide.md
robojerk 126ee1a849
Some checks failed
particle-os CI / Test particle-os (push) Failing after 1s
Details
particle-os CI / Integration Test (push) Has been skipped
Details
particle-os CI / Security & Quality (push) Failing after 1s
Details
Test particle-os Basic Functionality / test-basic (push) Failing after 1s
Details
particle-os CI / Build and Release (push) Has been skipped
Details
cleanup
2025-08-27 12:30:24 -07:00

668 lines
15 KiB
Markdown
Raw Blame History

# particle-os User Guide
particle-os is a Debian-native OS image builder that creates bootable images from container images and recipes, similar to ublue-os but with a Debian foundation.
## 🚀 Quick Start
### **Installation**
#### **From Source (Recommended)**
```bash
# Clone the repository
git clone https://github.com/your-username/particle-os.git
cd particle-os
# Build particle-os
cd bib
go build -o particle-os cmd/builder/main.go
cd ..
# Test installation
./bib/particle-os --version
```
#### **System Requirements**
- **OS**: Debian 12+ (Bookworm/Trixie) or Ubuntu 22.04+
- **Go**: 1.21+ for building from source
- **Dependencies**: `qemu-utils`, `podman` or `docker`
- **Storage**: 10GB+ free space for builds
- **RAM**: 4GB+ recommended
### **First Build**
```bash
# Build a simple test image
sudo ./bib/particle-os build recipes/debian-test.yml
# Build with custom output
sudo ./bib/particle-os build --output my-image.img recipes/debian-desktop.yml
# Build in CI/CD mode
sudo ./bib/particle-os build --json --quiet --clean recipes/debian-server.yml
```
## 📚 Understanding particle-os
### **What is particle-os?**
particle-os is a **container-first OS image builder** that:
- 🐳 **Extracts base container images** (Debian, Ubuntu, etc.)
- 🔧 **Applies stages** (packages, users, configuration)
- 🖼️ **Creates bootable images** (raw, qcow2, vmdk, vdi)
- 📋 **Uses declarative recipes** (YAML configuration files)
### **Key Concepts**
#### **1. Container-First Approach**
```bash
# Traditional approach: Build OS from scratch
debian-installer → packages → configuration → image
# particle-os approach: Start with container
container-image → stages → bootable-image
```
#### **2. Declarative Recipes**
```yaml
# recipes/debian-server.yml
name: debian-server
base-image: debian:trixie
stages:
- type: org.osbuild.debian.apt
options:
packages: [nginx, docker.io, openssh-server]
```
#### **3. Stage-Based Processing**
```bash
# Each recipe defines stages that run in sequence:
1. Extract base container
2. Run apt stage (install packages)
3. Run locale stage (configure language)
4. Run users stage (create users)
5. Run QEMU stage (create image)
```
## 🔧 Command Line Interface
### **Global Commands**
```bash
particle-os [GLOBAL_FLAGS] COMMAND [COMMAND_FLAGS]
```
#### **Global Flags**
- `-v, --verbose` - Enable verbose logging
- `-w, --work-dir` - Set custom working directory
- `-h, --help` - Show help
### **Available Commands**
#### **1. Build Command**
```bash
particle-os build [RECIPE_PATH] [FLAGS]
```
**Flags:**
- `-o, --output` - Custom output path
- `-c, --clean` - Clean up work directory after build
- `-j, --json` - Output results in JSON format (CI/CD friendly)
- `-q, --quiet` - Suppress non-essential output
**Examples:**
```bash
# Basic build
particle-os build recipes/debian-desktop.yml
# Build with custom output and cleanup
particle-os build --output server.img --clean recipes/debian-server.yml
# CI/CD mode
particle-os build --json --quiet --clean recipes/debian-gaming.yml
```
#### **2. List Command**
```bash
particle-os list
```
Shows all available recipes with their details.
#### **3. Validate Command**
```bash
particle-os validate [RECIPE_PATH]
```
Validates a recipe file without building.
#### **4. Version Command**
```bash
particle-os version
```
Shows particle-os version information.
#### **5. Container Command**
```bash
particle-os container [CONTAINER_IMAGE] [FLAGS]
```
Build directly from a container image.
## 📋 Recipe System
### **Recipe Structure**
A particle-os recipe is a YAML file that defines:
```yaml
# Basic recipe structure
name: "recipe-name" # Required: Recipe identifier
description: "Description" # Optional: Human-readable description
base-image: "container:tag" # Required: Base container image
image-version: "version" # Optional: Image version
stages: # Required: List of build stages
- type: "stage.type" # Stage type identifier
options: # Stage-specific options
key: "value"
output: # Required: Output configuration
formats: ["raw", "qcow2"] # Output formats
size: "10G" # Image size
path: "output-name" # Output filename
metadata: # Optional: Additional metadata
author: "Your Name"
category: "server"
tags: ["debian", "server"]
```
### **Available Stages**
#### **1. Package Management Stages**
##### **org.osbuild.debian.apt**
```yaml
- type: org.osbuild.debian.apt
options:
packages:
- nginx
- docker.io
- openssh-server
update: true # Run apt update
clean: true # Clean package cache
```
##### **org.osbuild.debian.debootstrap**
```yaml
- type: org.osbuild.debian.debootstrap
options:
suite: trixie # Debian suite
target: /tmp/rootfs # Target directory
```
#### **2. System Configuration Stages**
##### **org.osbuild.debian.locale**
```yaml
- type: org.osbuild.debian.locale
options:
language: en_US.UTF-8
default_locale: en_US.UTF-8
```
##### **org.osbuild.debian.timezone**
```yaml
- type: org.osbuild.debian.timezone
options:
timezone: UTC
```
##### **org.osbuild.debian.users**
```yaml
- type: org.osbuild.debian.users
options:
users:
admin:
password: "$6$rounds=656000$salt$hashedpassword"
shell: /bin/bash
groups: ["sudo", "users"]
uid: 1000
gid: 1000
home: /home/admin
comment: "Administrator User"
default_shell: /bin/bash
default_home: /home
```
#### **3. Image Creation Stages**
##### **org.osbuild.qemu**
```yaml
- type: org.osbuild.qemu
options:
formats: ["raw", "qcow2", "vmdk", "vdi"]
size: "20G"
filename: "debian-server"
```
### **Recipe Examples**
#### **Minimal Server Recipe**
```yaml
# recipes/debian-minimal-server.yml
name: debian-minimal-server
description: Minimal Debian server with essential tools
base-image: debian:trixie-slim
image-version: "13"
stages:
- type: org.osbuild.debian.apt
options:
packages:
- openssh-server
- curl
- wget
- vim
- less
- locales
- ca-certificates
- tzdata
update: true
clean: true
- type: org.osbuild.debian.locale
options:
language: en_US.UTF-8
default_locale: en_US.UTF-8
- type: org.osbuild.debian.timezone
options:
timezone: UTC
- type: org.osbuild.debian.users
options:
users:
admin:
password: "$6$rounds=656000$salt$hashedpassword"
shell: /bin/bash
groups: ["sudo", "users"]
uid: 1000
gid: 1000
home: /home/admin
comment: "Administrator User"
default_shell: /bin/bash
default_home: /home
- type: org.osbuild.qemu
options:
formats: ["raw", "qcow2"]
size: "5G"
filename: "debian-minimal-server"
output:
formats: ["raw", "qcow2"]
size: "5G"
path: "debian-minimal-server"
metadata:
author: "particle-os"
category: "server"
tags: ["minimal", "server", "debian"]
```
#### **Desktop Recipe**
```yaml
# recipes/debian-desktop.yml
name: debian-desktop
description: Debian desktop with GNOME and common applications
base-image: debian:trixie
image-version: "13"
stages:
- type: org.osbuild.debian.apt
options:
packages:
- gnome
- firefox-esr
- libreoffice
- gimp
- vlc
- thunderbird
- file-roller
- gnome-tweaks
update: true
clean: true
- type: org.osbuild.debian.locale
options:
language: en_US.UTF-8
default_locale: en_US.UTF-8
- type: org.osbuild.debian.timezone
options:
timezone: UTC
- type: org.osbuild.debian.users
options:
users:
user:
password: "$6$rounds=656000$salt$hashedpassword"
shell: /bin/bash
groups: ["users", "sudo"]
uid: 1000
gid: 1000
home: /home/user
comment: "Desktop User"
default_shell: /bin/bash
default_home: /home
- type: org.osbuild.qemu
options:
formats: ["raw", "qcow2", "vmdk"]
size: "15G"
filename: "debian-desktop"
output:
formats: ["raw", "qcow2", "vmdk"]
size: "15G"
path: "debian-desktop"
metadata:
author: "particle-os"
category: "desktop"
tags: ["desktop", "gnome", "debian"]
```
## 🚀 Advanced Usage
### **Custom Working Directory**
```bash
# Use custom working directory
particle-os build --work-dir /tmp/my-build recipes/debian-server.yml
# This creates:
# /tmp/my-build/rootfs/ - Extracted container filesystem
# /tmp/my-build/output/ - Generated images
# /tmp/my-build/stages/ - Stage execution logs
```
### **Verbose Logging**
```bash
# Enable detailed logging
particle-os build --verbose recipes/debian-server.yml
# Shows:
# - Container extraction progress
# - Stage execution details
# - File operations
# - Timing information
```
### **CI/CD Integration**
```bash
# Build with CI/CD flags
particle-os build --json --quiet --clean recipes/debian-server.yml
# Output is pure JSON for parsing:
{
"success": true,
"recipe": "debian-server",
"image_path": "/tmp/particle-os-build/output/debian-server.img",
"exit_code": 0
}
```
### **Building from Container Images**
```bash
# Build directly from container
particle-os container debian:trixie --output my-image.img
# This creates a minimal image with just the base container
```
## 🔍 Troubleshooting
### **Common Issues**
#### **1. Permission Denied Errors**
**Problem:**
```bash
chroot: cannot change root directory: Operation not permitted
```
**Solution:**
```bash
# particle-os requires sudo for chroot operations
sudo particle-os build recipes/debian-server.yml
```
#### **2. Container Pull Failures**
**Problem:**
```bash
Error: failed to pull image: network error
```
**Solution:**
```bash
# Check network connectivity
ping deb.debian.org
# Verify container runtime
podman --version
docker --version
# Try with different registry
# Edit recipe to use: base-image: "docker.io/debian:trixie"
```
#### **3. Package Installation Failures**
**Problem:**
```bash
E: Package 'package-name' not found
```
**Solution:**
```bash
# Check package availability
podman run --rm debian:trixie apt search package-name
# Update package lists in recipe
- type: org.osbuild.debian.apt
options:
packages: [package-name]
update: true # This runs apt update first
```
#### **4. Insufficient Disk Space**
**Problem:**
```bash
No space left on device
```
**Solution:**
```bash
# Check available space
df -h
# Clean up old builds
sudo rm -rf /tmp/particle-os-build
# Use custom work directory with more space
particle-os build --work-dir /mnt/large-disk/build recipes/debian-server.yml
```
#### **5. Build Hangs**
**Problem:**
```bash
# Build seems to hang during package installation
```
**Solution:**
```bash
# Check if it's actually working (verbose mode)
particle-os build --verbose recipes/debian-server.yml
# Some operations take time (locale generation, package downloads)
# Use --verbose to see progress
```
### **Debug Mode**
```bash
# Enable debug logging
export PARTICLE_OS_DEBUG=1
particle-os build --verbose recipes/debian-server.yml
# Check work directory contents
ls -la /tmp/particle-os-build/
ls -la /tmp/particle-os-build/rootfs/
ls -la /tmp/particle-os-build/output/
```
### **Log Files**
particle-os creates detailed logs in the work directory:
```bash
# View stage logs
cat /tmp/particle-os-build/stages/*.log
# View container extraction log
cat /tmp/particle-os-build/container-extraction.log
# View final build log
cat /tmp/particle-os-build/build.log
```
## 📊 Performance Optimization
### **Build Time Optimization**
#### **1. Use Slim Base Images**
```yaml
# Faster builds with smaller base images
base-image: debian:trixie-slim # ✅ Fast
base-image: debian:trixie # ❌ Slower
```
#### **2. Minimize Package Count**
```yaml
# Install only essential packages
packages:
- nginx # ✅ Essential
- nginx-extras # ❌ Unnecessary extras
```
#### **3. Parallel Stage Execution**
```yaml
# Stages run sequentially, but you can optimize:
# 1. Group related operations in single stages
# 2. Use efficient package lists
# 3. Minimize file operations
```
### **Storage Optimization**
#### **1. Clean After Builds**
```bash
# Always use --clean flag in CI/CD
particle-os build --clean recipes/debian-server.yml
# Or manually clean
sudo rm -rf /tmp/particle-os-build
```
#### **2. Use Appropriate Image Sizes**
```yaml
# Don't over-allocate space
size: "5G" # ✅ Appropriate for minimal server
size: "50G" # ❌ Excessive for most use cases
```
## 🔒 Security Considerations
### **Password Security**
```yaml
# Use hashed passwords, not plain text
users:
admin:
password: "$6$rounds=656000$salt$hashedpassword" # ✅ Secure
password: "mypassword123" # ❌ Insecure
```
**Generate secure hashes:**
```bash
# Generate password hash
openssl passwd -6 -salt salt mypassword
# Or use Python
python3 -c "import crypt; print(crypt.crypt('mypassword', crypt.mksalt(crypt.METHOD_SHA512)))"
```
### **Base Image Security**
```yaml
# Use specific, trusted base images
base-image: debian:trixie-slim@sha256:abc123... # ✅ Pinned digest
base-image: debian:latest # ❌ Unpinned tag
```
### **Package Security**
```yaml
# Only install necessary packages
packages:
- nginx # ✅ Required
- nginx-doc # ❌ Potentially unnecessary
```
## 🚀 Next Steps
### **What You Can Do Now**
1. **Build your first image** with the test recipe
2. **Create custom recipes** for your specific needs
3. **Integrate with CI/CD** using the provided examples
4. **Optimize builds** for your use case
5. **Contribute recipes** to the community
### **Advanced Topics to Explore**
- **Custom stages** - Create your own build stages
- **Multi-architecture builds** - Build for ARM64, etc.
- **Cloud integration** - Deploy to AWS, GCP, Azure
- **Automated testing** - Test images in virtual machines
- **Distribution** - Share your custom OS images
### **Getting Help**
- **Documentation**: Check this guide and other docs
- **Issues**: Report bugs on GitHub
- **Discussions**: Ask questions in GitHub Discussions
- **Community**: Join the particle-os community
## 📚 Additional Resources
- **[CI/CD Integration Guide](ci-cd-integration.md)** - Complete CI/CD examples
- **[Recipe Examples](recipes/README.md)** - More recipe templates
- **[API Reference](api-reference.md)** - Technical documentation
- **[Contributing Guide](CONTRIBUTING.md)** - How to contribute
---
**Happy building! 🚀**
particle-os makes it easy to create custom Debian-based operating systems. Start with simple recipes and gradually build more complex systems as you learn the platform.
Reference in a new issue View git blame Copy permalink