particle-os/debian-atomic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

spent some time doing research, reconfigure, and testing. New understanding

Browse source
This commit is contained in:
robojerk 2025-08-17 15:02:27 -07:00
parent ec63937f20
commit f6228e65a5
33 changed files with 5487 additions and 1881 deletions
Download patch file Download diff file Expand all files Collapse all files

122
treefiles/base.yaml
View file

@ -1,92 +1,34 @@
# Debian Atomic Base
# Foundation for all Debian Atomic variants
# Based on base-atomic.yaml patterns
include: common.yaml
# Base reference
ref: debian-atomic/base
# Base packages (minimal set)
packages:
# Core system only - no desktop environment
# These packages are inherited by all variants
# Essential system packages are already in common.yaml
# This file can override or add base-specific packages if needed
# Base-specific configuration
config:
# Base system configuration
base:
type: "foundation"
purpose: "variant_base"
minimal: true
# OSTree configuration
ostree:
ref: debian-atomic/base
repo: /ostree/repo
mode: "bare"
# Boot configuration
boot:
kernel: linux-image-amd64
initramfs: true
grub: true
secure_boot: false # Can be enabled per deployment
# System configuration
system:
timezone: UTC
locale: en_US.UTF-8
keymap: us
hostname: "debian-atomic-base"
# Security configuration
security:
selinux: false # Debian doesn't use SELinux by default
apparmor: true
audit: false
firewall: false
# Performance configuration
performance:
kernel_parameters:
- "vm.swappiness=1"
- "vm.dirty_ratio=15"
- "vm.dirty_background_ratio=5"
- "kernel.printk=3 4 1 3"
- "dev.cpu.dma_latency=0"
- "kernel.sched_rt_runtime_us=-1"
systemd:
timeout: "300s"
kill_mode: "mixed"
restart: "always"
# Base metadata
metadata:
variant: "base"
description: "Debian Atomic Base - Foundation for all variants"
category: "foundation"
target: "system"
purpose: "variant_base"
fedora_equivalent: "base-atomic"
# Features
features:
- "Minimal OSTree System"
- "Core System Packages"
- "Boot Infrastructure"
- "Container Runtime Support"
- "Atomic Updates"
- "Rollback Capability"
- "Variant Inheritance Support"
- "Immutable Foundation"
# Inheritance
inheritance:
provides: "base_system"
required_by: "all_variants"
can_override: "common_packages"
description: Debian Atomic base variant
variant: base
packages:
- systemd
- systemd-sysv
- dbus
- util-linux
- ostree
- ostree-boot
- grub2
- grub-pc
- linux-image-amd64
- initramfs-tools
- bash
- coreutils
- vim
- less
- curl
- wget
- sudo
- passwd
- network-manager
- iwd
- wireguard-tools
- openssh-client
- make
- gcc
- python3
- python3-pip
- podman
- skopeo
- buildah

2
treefiles/common.yaml
View file

@ -63,7 +63,7 @@ packages:
- usbmuxd
- oddjob-mkhomedir
# Bazzite-inspired additions
# Additional packages for enhanced functionality
- linux-headers-amd64
- dkms
- hwloc

185
treefiles/server.yaml
View file

@ -1,171 +1,18 @@
# Debian Atomic Server
# Fedora CoreOS 1:1 parallel for Debian
# Based on coreos.yaml patterns
include: common.yaml
# Variant-specific reference
ref: debian-atomic/server
# Server-specific packages
packages:
# Server Infrastructure
- openssh-server
- nginx
- apache2
- postgresql
- mysql-server
- redis-server
- memcached
# Monitoring and Logging
- prometheus
- grafana
- node-exporter
- cadvisor
- logrotate
- rsyslog
- journald
# Container and Orchestration
- docker.io
- containerd
- kubernetes-client
- helm
- kubectl
- minikube
# Security and Authentication
- fail2ban
- ufw
- apparmor
- apparmor-utils
- auditd
- rkhunter
- chkrootkit
# System Administration
- htop
- iotop
- nethogs
- iftop
- nload
- vnstat
- iostat
# Backup and Storage
- rsync
- duplicity
- borgbackup
- lvm2
- mdadm
- zfs-dkms
- btrfs-tools
# Network Services
- bind9
- dhcpcd5
- hostapd
- iptables-persistent
- nftables
- tcpdump
- wireshark
# Web Development
- php
- php-fpm
- php-mysql
- php-pgsql
- nodejs
- npm
- python3
- python3-pip
# Database Tools
- postgresql-client
- mysql-client
- sqlite3
- redis-tools
# System Monitoring
- nagios-plugins
- zabbix-agent
- collectd
- munin
- icinga2
# Performance Tools
- sysbench
- iperf3
- fio
- stress-ng
- perf-tools-unstable
# Server-specific configuration
config:
# Server environment
server:
type: "general-purpose"
role: "production"
security_level: "high"
# Services configuration
services:
ssh:
enabled: true
port: 22
root_login: false
key_auth: true
firewall:
enabled: true
default_policy: "drop"
allowed_ports: [22, 80, 443, 8080]
monitoring:
enabled: true
metrics_collection: true
log_aggregation: true
backup:
enabled: true
schedule: "daily"
retention: "30_days"
# Performance tuning
performance:
kernel_parameters:
- "vm.swappiness=1"
- "vm.dirty_ratio=15"
- "vm.dirty_background_ratio=5"
- "net.core.rmem_max=16777216"
- "net.core.wmem_max=16777216"
systemd:
timeout: "300s"
kill_mode: "mixed"
restart: "always"
# Variant metadata
metadata:
variant: "server"
description: "Debian Atomic Server - Fedora CoreOS equivalent"
category: "server"
target: "enterprise"
server_type: "general-purpose"
fedora_equivalent: "coreos"
# Features
features:
- "Server Infrastructure"
- "Web Services (Apache/Nginx)"
- "Database Support (PostgreSQL/MySQL)"
- "Container Runtime (Docker/containerd)"
- "Kubernetes Support"
- "Monitoring and Logging"
- "Security Hardening"
- "High Performance Tuning"
- "Backup and Recovery"
- "Atomic Updates"
- "Rollback Capability"
- "Immutable Infrastructure"
description: Debian Atomic server variant
variant: server
packages:
- openssh-server
- nginx
- postgresql-client
- mariadb-client
- redis-tools
- htop
- iotop
- nethogs
- net-tools
- iproute2
- iptables
- git
- docker.io

66
treefiles/tasks.yaml Normal file
View file

@ -0,0 +1,66 @@
# Debian Tasks for Debian Atomic
# This file defines package groups for different variants
tasks:
- name: "debian-atomic-base"
description: "Base system packages"
packages:
- systemd
- systemd-sysv
- dbus
- util-linux
- ostree
- ostree-boot
- grub2
- grub-pc
- linux-image-amd64
- initramfs-tools
- bash
- coreutils
- vim
- less
- curl
- wget
- sudo
- passwd
- network-manager
- iwd
- wireguard-tools
- openssh-client
- make
- gcc
- python3
- python3-pip
- podman
- skopeo
- buildah
- name: "debian-atomic-workstation"
description: "Workstation desktop packages"
packages:
- gnome-core
- gnome-software
- gnome-tweaks
- firefox-esr
- libreoffice
- gedit
- nautilus
- gnome-terminal
- gnome-control-center
- name: "debian-atomic-server"
description: "Server CLI packages"
packages:
- openssh-server
- nginx
- postgresql-client
- mariadb-client
- redis-tools
- htop
- iotop
- nethogs
- net-tools
- iproute2
- iptables
- git
- docker.io

141
treefiles/workstation.yaml
View file

@ -1,131 +1,14 @@
# Debian Atomic Workstation
# Fedora Silverblue 1:1 parallel for Debian
# Based on silverblue.yaml patterns
include: common.yaml
# Variant-specific reference
ref: debian-atomic/workstation
# Workstation-specific packages
packages:
# GNOME Desktop Environment
- gnome
- gnome-shell
- gnome-session
- gnome-control-center
- gnome-tweaks
- gnome-software
# GNOME Applications
- nautilus
- gedit
- gnome-terminal
- gnome-calculator
- gnome-screenshot
- gnome-disk-utility
- gnome-system-monitor
# Office and Productivity
- libreoffice
- libreoffice-gnome
- evolution
- evolution-ews
- gnome-calendar
- gnome-contacts
- gnome-maps
# Web Browser
- firefox-esr
- firefox-esr-l10n-en-us
# Media Applications
- totem
- rhythmbox
- cheese
- shotwell
- gthumb
# Graphics and Design
- gimp
- inkscape
- darktable
- krita
# System Tools
- seahorse
- gnome-boxes
- gnome-characters
- gnome-clocks
- gnome-color-manager
- gnome-font-viewer
- gnome-logs
- gnome-music
- gnome-photos
- gnome-software
- gnome-sound-recorder
- gnome-todo
- gnome-weather
# Additional GNOME Extensions
- gnome-shell-extensions
- gnome-tweaks
# Input Methods
- ibus
- ibus-gtk
- ibus-gtk3
- ibus-gtk4
# Printing Support
- cups
- cups-client
- system-config-printer
- gnome-cups-manager
# Workstation-specific configuration
config:
# Desktop environment
desktop:
environment: "gnome"
session: "gnome"
display_manager: "gdm"
# User experience
user_experience:
auto_login: false
screen_saver: true
power_management: true
notifications: true
# GNOME settings
gnome:
extensions:
- "user-theme@gnome-shell-extensions.gcamp.org"
- "dash-to-dock@micxgx.gmail.com"
- "workspace-indicator@gnome-shell-extensions.gcamp.org"
themes:
- "adwaita"
- "adwaita-dark"
icons:
- "adwaita"
# Variant metadata
metadata:
variant: "workstation"
description: "Debian Atomic Workstation - Fedora Silverblue equivalent"
category: "desktop"
target: "end-user"
desktop_environment: "gnome"
fedora_equivalent: "silverblue"
# Features
features:
- "GNOME Desktop Environment"
- "Office Applications"
- "Media Applications"
- "Graphics Applications"
- "System Administration Tools"
- "Container Runtime Support"
- "Atomic Updates"
- "Rollback Capability"
description: Debian Atomic workstation variant
variant: workstation
packages:
- gnome-core
- gnome-software
- gnome-tweaks
- firefox-esr
- libreoffice
- gedit
- nautilus
- gnome-terminal
- gnome-control-center