particle-os/particle-os-modules
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/main' into delete-stuff-containerfile

Browse source
This commit is contained in:
fiftydinar 2024-02-25 14:14:55 +01:00
commit d3aff69766
49 changed files with 738 additions and 275 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/build.yml vendored
View file

@ -93,7 +93,7 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
# Sign container
- uses: sigstore/cosign-installer@v3.3.0
- uses: sigstore/cosign-installer@v3.4.0
if: github.event_name != 'pull_request'
- name: Sign container image

16
.github/workflows/rebuild-website.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: rebuild-website
on:
push:
branches:
- main
paths: # only rebuild when related files change
- "**/module.yml"
- modules.json
- README.md
jobs:
rebuild-website:
name: Trigger build hook for website on Netlify
runs-on: ubuntu-22.04
steps:
- run: curl -X POST -d {} https://api.netlify.com/build_hooks/65bf6b0dd164b64659beafd5

13
modules.json Normal file
View file

@ -0,0 +1,13 @@
[
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/akmods/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/bling/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/default-flatpaks/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/files/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/fonts/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/gschema-overrides/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/rpm-ostree/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/script/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/signing/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/systemd/module.yml",
"https://raw.githubusercontent.com/ublue-os/bling/main/modules/yafti/module.yml"
]

5
modules/README.md
View file

@ -1,5 +0,0 @@
# Modules for Startingpoint
Here (check the sidebar if you're on the website) is documentation for every default module for [Startingpoint](https://github.com/ublue-os/startingpoint/). Source code is inside the [bling](https://github.com/ublue-os/bling/) repository, which is intended for hosting more static and shared parts of custom images.
For more information about Startingpoint and modules, refer to the README inside the `config/` directory.

47
modules/akmods/README.md
View file

@ -1,40 +1,39 @@
> [!WARNING]
> Only Universal Blue based images are officially supported.
# `akmods`
> [!WARNING]
> Universal Blue builds with Fedora 38 & below are not supported.
:::caution
Only Universal Blue based images are officially supported. Universal Blue builds with Fedora 38 & below are not supported. Custom kernels are not supported.
:::
> [!WARNING]
> Custom kernels are not supported.
The [`akmods`](https://github.com/ublue-os/akmods) module is a tool used for managing and installing kernel modules built by Universal Blue. It simplifies the installation of kernel modules, improving the capabilities of your system.
# `akmods` Module for Startingpoint
The `akmods` module is a tool used for managing and installing kernel modules. It simplifies the installation of kernel modules, improving the capabilities of your system.
List of all available kernel modules & versions/tags are here:
List of all available kernel modules & versions/tags are here:
https://github.com/ublue-os/akmods
Ublue-os-akmods-addons & ublue-os-nvidia-addons are already included when necessary, so they are not needed to install.
To use the `akmods` module, specify the kernel modules you wish to install in the `install:` section of your recipe/configuration file.
## Example configuration
```yaml
type: akmods
install:
- openrazer
- openrgb
- v4l2loopback
- winesync
```
By default, the `akmods` module installs the `main` akmods for `latest` version of Fedora.
`main` akmods are also compatible with other images except `surface(-nvidia)` & `asus(-nvidia)`.
By default, the `akmods` module installs the `main` akmods for the `latest` version of Fedora.
`main` akmods are also compatible with other images, except `surface(-nvidia)` & `asus(-nvidia)`.
If you want to install akmods for `surface(-nvidia)` or `asus(-nvidia)` images, or for `older version of Fedora`, change this part in the Containerfile:
See available tags here: https://github.com/ublue-os/akmods/#how-its-organized
```
# Change this if you want different version/tag of akmods.
COPY --from=ghcr.io/ublue-os/akmods:main-39 /rpms /tmp/rpms
```
See available tags here: https://github.com/ublue-os/akmods/#how-its-organized
## Known issues
When the upstream base image is failing to build for some time, you will probably notice that this module fails too with this error:
```
Resolving dependencies...done
error: Could not depsolve transaction; 1 problem detected:
Problem: package "version_of_akmod" from @commandline requires "version_of_kernel", but none of the providers can be installed
- conflicting requests
```
Just wait for the base image build to resolve & akmods module will start working again.
If this issue happens for a prolonged period of time, report it to the upstream repo if not already reported or worked on.

3
modules/akmods/akmods.sh
View file

@ -15,6 +15,7 @@ function SET_HIGHER_PRIORITY_AKMODS_REPO {
}
get_yaml_array INSTALL '.install[]' "$1"
SURFACE=$(rpm -qa --queryformat '%{NAME}\n' | awk '$0 == "kernel-surface"')
INSTALL_PATH=("${INSTALL[@]/#/\/tmp/rpms/kmods/*}")
INSTALL_PATH=("${INSTALL_PATH[@]/%/*.rpm}")
@ -23,7 +24,7 @@ INSTALL_STR=$(echo "${INSTALL_PATH[*]}" | tr -d '\n')
if [[ ${#INSTALL[@]} -gt 0 ]]; then
echo "Installing akmods"
echo "Installing: $(echo "${INSTALL[*]}" | tr -d '\n')"
if [[ "$BASE_IMAGE" =~ "surface" ]]; then
if [[ -n "$SURFACE" ]]; then
SET_HIGHER_PRIORITY_AKMODS_REPO
ENABLE_MULTIMEDIA_REPO
rpm-ostree install kernel-surface-devel-matched $INSTALL_STR

10
modules/akmods/module.yml Normal file
View file

@ -0,0 +1,10 @@
name: akmods
shortdesc: The akmods module is a tool used for managing and installing kernel modules built by Universal Blue.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/akmods/README.md
example: |
type: akmods
install:
- openrazer
- openrgb
- v4l2loopback
- winesync

5
modules/bling/50-laptop.conf
View file

@ -68,7 +68,7 @@ CPU_ENERGY_PERF_POLICY_ON_BAT=power
CPU_MIN_PERF_ON_AC=0
CPU_MAX_PERF_ON_AC=100
CPU_MIN_PERF_ON_BAT=0
CPU_MAX_PERF_ON_BAT=30
CPU_MAX_PERF_ON_BAT=70
# Set the CPU "turbo boost" (Intel) or "turbo core" (AMD) feature:
# 0=disable, 1=allow.
@ -131,3 +131,6 @@ PCIE_ASPM_ON_BAT=powersupersave
# Default: "mei_me nouveau radeon", use "" to disable completely.
RUNTIME_PM_DRIVER_DENYLIST=""
# Make sure USB_AUTOSUSPEND is disabled because it is super annoying to use your computer with a not-functioning mouse and keyboard
USB_AUTOSUSPEND=0

20
modules/bling/README.md
View file

@ -1,21 +1,9 @@
# [`bling`](https://github.com/ublue-os/bling) Module for Startingpoint
# `bling`
The `bling` module can be used to pull in small "bling" into your image, stuff that doesn't necessitate being configured at build time.
The `bling` module can be used to pull in small "bling" into your image. Bling is stuff that doesn't necessitate being configured at build time, in the form of configuration files or program installers.
The bling to pull in is declared under `install:`, and the code for installing them is all in simple named scripts under the `installers/` directory. The basic code for the `bling` module is very similar to the code of the `script` module.
## Example configuration
```yaml
type: bling # configure what to pull in from ublue-os/bling
install:
# - ublue-update # https://github.com/ublue-os/ublue-update
# - 1password # install 1Password (stable) and `op` CLI tool
# - dconf-update-service # a service unit that updates the dconf db on boot
# - gnome-vrr # enables gnome-vrr for your image
# - laptop # installs TLP and configures your system for laptop usage
# - flatpaksync # allows synchronization of user-installed flatpaks, see separate documentation section
```
## Submodule documentation
### `flatpaksync` (unmaintained)
@ -29,8 +17,8 @@ Once the submodule is activated, you should create the file `$HOME/.config/flatp
GIT_REPO=<YOUR_REPO>
```
To initialize your Flatpaks from flatpaksync, simply run the `flatpakcheckout` binary to perform the installation and start the synchronization.
To initialize your Flatpaks from flatpaksync, simply run the `flatpakcheckout` command to perform the installation and start the synchronization.
**It is important to note that this submodule will NOT enable Flathub. If your applications come from there, you will need to enable Flathub before running it.**
If you have configured the repository in the `$HOME/.config/flatpaksync/env` file but already have the Flatpaks installed, simply create the `$HOME/.config/flatpaks.user.installed` file to inform the script that the installation is done and start the synchronization.
If you have configured the repository in the `$HOME/.config/flatpaksync/env` file but already have the Flatpaks installed, simply create the `$HOME/.config/flatpaks.user.installed` file to inform the script that the installation is done and start the synchronization.

6
modules/bling/installers/ublue-update.sh
View file

@ -26,6 +26,12 @@ if [[ -f "$RPM_OSTREE_CONFIG" ]]; then
fi
fi
systemctl disable rpm-ostreed-automatic.timer
# Install python3-pip if it's not already installed
if ! rpm -q python3-pip > /dev/null; then
rpm-ostree install python3-pip
fi
# topgrade is REQUIRED by ublue-update to install
pip install --prefix=/usr topgrade
rpm-ostree install ublue-update

12
modules/bling/module.yml Normal file
View file

@ -0,0 +1,12 @@
name: bling
shortdesc: The bling module can be used to pull in small "bling" into your image.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/bling/README.md
example: |
type: bling
install:
# - ublue-update # https://github.com/ublue-os/ublue-update
# - 1password # install 1Password (stable) and `op` CLI tool
# - dconf-update-service # a service unit that updates the dconf db on boot
# - gnome-vrr # enables gnome-vrr for your image
# - laptop # installs TLP and configures your system for laptop usage
# - flatpaksync # allows synchronization of user-installed flatpaks, see separate documentation section

51
modules/default-flatpaks/README.md
View file

@ -1,8 +1,8 @@
# `default-flatpaks` module for startingpoint
# `default-flatpaks`
The `default-flatpaks` module can be used to install or uninstall flatpaks from a configurable remote on every boot. It skips that operation if no changes are detected. This module first removes the Fedora Flatpaks remote and Flatpaks that come pre-installed in Fedora. A Flatpak remote is configured the first time the module is used, but it can be re-configured in subsequent usages of the module. If no Flatpak remote is specified, the module will default to using Flathub.
The `default-flatpaks` module can be used to install or uninstall Flatpaks from a configurable remote on every boot. It skips that operation if no changes are detected. This module first removes the Fedora Flatpaks remote and Flatpaks that come pre-installed in Fedora. A Flatpak remote is configured the first time the module is used, but it can be re-configured in subsequent usages of the module. If no Flatpak remote is specified, the module will default to using Flathub.
Flatpaks can either be installed system-wide or per-user, though per-user flatpaks will be installed for every user on a system. Previously-installed flatpaks can also be removed.
Flatpaks can either be installed system-wide or per-user. Per-user Flatpaks will be installed separately for every user on a system. Previously-installed flatpaks can also be removed.
The module uses the following scripts to handle flatpak setup:
@ -14,47 +14,16 @@ The scripts are run on every boot by these services:
- `/usr/lib/systemd/system/system-flatpak-setup.service`
- `/usr/lib/systemd/user/user-flatpak-setup-service`
`system-flatpak-setup` uninstalls Fedora flatpaks, replaces Fedora repos with your repo choice, checks the flatpak install/remove lists created by the module & performs the install/uninstall operation according to that. `user-flatpak-setup` functions the same for user flatpaks.
`system-flatpak-setup` uninstalls Fedora flatpaks, replaces Fedora repos with your repo choice, checks the Flatpak install/remove lists created by the module & performs the install/uninstall operation according to that. `user-flatpak-setup` does the same thing for user Flatpaks.
This module stores the Flatpak remote configuration and Flatpak install/remove lists in `/etc/flatpak/`. There are two subdirectories, `user` and `system` corresponding with the install level of the Flatpaks and repositories. Each directory has text files containing the IDs of flatpaks to `install` and `remove`, plus a `repo-info.yml` containing the details of the Flatpak repository.
This module stores the Flatpak remote configuration and Flatpak install/remove lists in `/usr/share/bluebuild/default-flatpaks/`. There are two subdirectories, `user` and `system` corresponding with the install level of the Flatpaks and repositories. Each directory has text files containing the IDs of flatpaks to `install` and `remove`, plus a `repo-info.yml` containing the details of the Flatpak repository.
This module also supports disabling & enabling notifications.
## Example configurations
## Local modification
```yaml
type: default-flatpaks
notify: true # Send notification after install/uninstall is finished (true/false)
system:
# If no repo information is specified, Flathub will be used by default
repo-url: https://dl.flathub.org/repo/flathub.flatpakrepo
repo-name: flathub
repo-title: "Flathub (system-wide)" # Optional; this sets the remote's user-facing name in graphical frontends like GNOME Software
install:
- org.gnome.Loupe
- one.ablaze.floorp//lightning # This is an example of flatpak which has multiple branches in selection (flatpak//branch).
# Flatpak runtimes are not supported (like org.winehq.Wine//stable-23.08).
# Only normal flatpak applications are (like Floorp Lightning web browser in this example).
# Multiple install of same flatpaks with different branches is not supported.
remove:
- org.gnome.eog
# A flatpak repo can also be added without having to install flatpaks,
# as long as one of the repo- fields is present
user:
repo-name: flathub
```
If a local user is not satisfied with default Flatpak installations and removals in the image, it is possible for them to make modifications to the default configuration through the configuration files located within this directory:
```yaml
# Assuming that the above example is called first in a recipe,
# a subsequent usage might look like this:
type: default-flatpaks
system:
# If the repo-* fields are omitted, the configured repo will
# use the previous configuration. Otherwise, it defaults to Flathub.
install:
- org.kde.kdenlive
user:
# repo-name will overwrite the previously-configured repo-name for the user remote
repo-name: flathub-user
repo-title: "Flathub (User)
```
`/etc/bluebuild/default-flatpaks/`
Folder structure is the same as talked about above, with `system` & `user` folders, `install` & `remove` files containing explanation on how those should be modified & what they do. The `notifications` file also contains this explanation for turning notifications on or off.

3
modules/default-flatpaks/config/notifications Normal file
View file

@ -0,0 +1,3 @@
# This file contains the image's default configuration for `notifications` used by the the `default-flatpaks` module.
# Possible values: true, false

3
modules/default-flatpaks/config/system/install Normal file
View file

@ -0,0 +1,3 @@
# This file contains the image's default configuration for `system flatpaks install` used by the `default-flatpaks` BlueBuild module.
# This list uses the Flatpak ID format, with one ID per line.

3
modules/default-flatpaks/config/system/remove Normal file
View file

@ -0,0 +1,3 @@
# This file contains the image's default configuration for `system flatpaks removal` used by the `default-flatpaks` BlueBuild module.
# This list uses the Flatpak ID format, with one ID per line.

3
modules/default-flatpaks/config/user/install Normal file
View file

@ -0,0 +1,3 @@
# This file contains the image's default configuration for `user flatpaks install` used by the `default-flatpaks` BlueBuild module.
# This list uses the Flatpak ID format, with one ID per line.

3
modules/default-flatpaks/config/user/remove Normal file
View file

@ -0,0 +1,3 @@
# This file contains the image's default configuration for `user flatpaks removal` used by the `default-flatpaks` BlueBuild module.
# This list uses the Flatpak ID format, with one ID per line.

32
modules/default-flatpaks/default-flatpaks.sh
View file

@ -13,7 +13,7 @@ cp -r "$MODULE_DIRECTORY"/default-flatpaks/user-flatpak-setup.service /usr/lib/s
configure_flatpak_repo () {
CONFIG_FILE=$1
INSTALL_LEVEL=$2
REPO_INFO="/usr/etc/flatpak/$INSTALL_LEVEL/repo-info.yml"
REPO_INFO="/usr/share/bluebuild/default-flatpaks/$INSTALL_LEVEL/repo-info.yml"
get_yaml_array INSTALL ".$INSTALL_LEVEL.install[]" "$CONFIG_FILE"
@ -78,14 +78,13 @@ EOF
configure_lists () {
CONFIG_FILE=$1
INSTALL_LEVEL=$2
INSTALL_LIST="/usr/etc/flatpak/$INSTALL_LEVEL/install"
REMOVE_LIST="/usr/etc/flatpak/$INSTALL_LEVEL/remove"
INSTALL_LIST="/usr/share/bluebuild/default-flatpaks/$INSTALL_LEVEL/install"
REMOVE_LIST="/usr/share/bluebuild/default-flatpaks/$INSTALL_LEVEL/remove"
get_yaml_array INSTALL ".$INSTALL_LEVEL.install[]" "$CONFIG_FILE"
get_yaml_array REMOVE ".$INSTALL_LEVEL.remove[]" "$CONFIG_FILE"
echo "Creating $INSTALL_LEVEL Flatpak install list at $INSTALL_LIST"
if [[ ${#INSTALL[@]} -gt 0 ]]; then
touch $INSTALL_LIST
for flatpak in "${INSTALL[@]}"; do
echo "Adding to $INSTALL_LEVEL flatpak installs: $(printf ${flatpak})"
echo $flatpak >> $INSTALL_LIST
@ -94,7 +93,6 @@ configure_lists () {
echo "Creating $INSTALL_LEVEL Flatpak removals list $REMOVE_LIST"
if [[ ${#REMOVE[@]} -gt 0 ]]; then
touch $REMOVE_LIST
for flatpak in "${REMOVE[@]}"; do
echo "Adding to $INSTALL_LEVEL flatpak removals: $(printf ${flatpak})"
echo $flatpak >> $REMOVE_LIST
@ -103,23 +101,37 @@ configure_lists () {
}
echo "Enabling flatpaks module"
mkdir -p /usr/etc/flatpak/{system,user}
mkdir -p /usr/share/bluebuild/default-flatpaks/{system,user}
mkdir -p /usr/etc/bluebuild/default-flatpaks/{system,user}
systemctl enable -f system-flatpak-setup.service
systemctl enable -f --global user-flatpak-setup.service
# Check that `system` is present before configuring
# Check that `system` is present before configuring. Also copy template list files before writing Flatpak IDs.
if [[ ! $(echo "$1" | yq -I=0 ".system") == "null" ]]; then
configure_flatpak_repo "$1" "system"
cp -r "$MODULE_DIRECTORY"/default-flatpaks/config/system/install /usr/share/bluebuild/default-flatpaks/system/install
cp -r "$MODULE_DIRECTORY"/default-flatpaks/config/system/remove /usr/share/bluebuild/default-flatpaks/system/remove
configure_lists "$1" "system"
fi
# Check that `user` is present before configuring
# Check that `user` is present before configuring. Also copy template list files before writing Flatpak IDs.
if [[ ! $(echo "$1" | yq -I=0 ".user") == "null" ]]; then
configure_flatpak_repo "$1" "user"
cp -r "$MODULE_DIRECTORY"/default-flatpaks/config/user/install /usr/share/bluebuild/default-flatpaks/user/install
cp -r "$MODULE_DIRECTORY"/default-flatpaks/config/user/remove /usr/share/bluebuild/default-flatpaks/user/remove
configure_lists "$1" "user"
fi
echo "Configuring default-flatpaks notifications"
NOTIFICATIONS=$(echo "$1" | yq -I=0 ".notify")
NOTIFICATIONS_CONFIG_FILE="/usr/etc/flatpak/notifications"
echo "$NOTIFICATIONS" > "$NOTIFICATIONS_CONFIG_FILE"
CONFIG_NOTIFICATIONS="/usr/share/bluebuild/default-flatpaks/notifications"
cp -r "$MODULE_DIRECTORY"/default-flatpaks/config/notifications "$CONFIG_NOTIFICATIONS"
echo "$NOTIFICATIONS" >> "$CONFIG_NOTIFICATIONS"
echo "Copying user modification template files"
cp -r "$MODULE_DIRECTORY"/default-flatpaks/user-config/system/install /usr/etc/bluebuild/default-flatpaks/system/install
cp -r "$MODULE_DIRECTORY"/default-flatpaks/user-config/system/remove /usr/etc/bluebuild/default-flatpaks/system/remove
cp -r "$MODULE_DIRECTORY"/default-flatpaks/user-config/user/install /usr/etc/bluebuild/default-flatpaks/user/install
cp -r "$MODULE_DIRECTORY"/default-flatpaks/user-config/user/remove /usr/etc/bluebuild/default-flatpaks/user/remove
cp -r "$MODULE_DIRECTORY"/default-flatpaks/user-config/notifications /usr/etc/bluebuild/default-flatpaks/notifications

38
modules/default-flatpaks/module.yml Normal file
View file

@ -0,0 +1,38 @@
name: default-flatpaks
shortdesc: The default-flatpaks module can be used to install or uninstall flatpaks from a configurable remote on every boot.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/default-flatpaks/README.md
example: |
modules: # configured multiple times to highlight how options are overridden
- type: default-flatpaks
notify: true # Send notification after install/uninstall is finished (true/false)
system:
# If no repo information is specified, Flathub will be used by default
repo-url: https://dl.flathub.org/repo/flathub.flatpakrepo
repo-name: flathub
repo-title: "Flathub (system-wide)" # Optional; this sets the remote's user-facing name in graphical frontends like GNOME Software
install:
- org.gnome.Loupe
- one.ablaze.floorp//lightning # This is an example of flatpak which has multiple branches in selection (flatpak//branch).
# Flatpak runtimes are not supported (like org.winehq.Wine//stable-23.08).
# Only normal flatpak applications are (like Floorp Lightning web browser in this example).
# Multiple install of same flatpaks with different branches is not supported.
remove:
- org.gnome.eog
# A flatpak repo can also be added without having to install flatpaks,
# as long as one of the repo- fields is present
user:
repo-name: flathub
# Assuming that the above example is configured first in a recipe,
# a subsequent usage might look like this:
- type: default-flatpaks
system:
# If the repo-* fields are omitted on the subsequent usage,
# the module will use the previously configured repo.
# Otherwise, it will overwrite the repo configuration.
install:
- org.kde.kdenlive # this Flatpak is appended to the insta llist
user:
# repo-name will overwrite the previously-configured repo-name for the user remote
repo-name: flathub-user
repo-title: "Flathub (User)

74
modules/default-flatpaks/system-flatpak-setup
View file

@ -17,7 +17,7 @@ if grep -qz 'fedora' <<< "$(flatpak remotes)"; then
flatpak remove --system --noninteractive ${FEDORA_FLATPAKS[@]}
fi
REPO_INFO="/etc/flatpak/system/repo-info.yml"
REPO_INFO="/usr/share/bluebuild/default-flatpaks/system/repo-info.yml"
REPO_URL=$(yq '.repo-url' $REPO_INFO)
REPO_NAME=$(yq '.repo-name' $REPO_INFO)
REPO_TITLE=$(yq '.repo-title' $REPO_INFO)
@ -42,14 +42,42 @@ if [[ ! $REPO_TITLE == "null" ]]; then
fi
# Notifications config
NOTIFICATIONS=$(cat /etc/flatpak/notifications)
NOTIFICATIONS_FILE="/usr/share/bluebuild/default-flatpaks/notifications"
USER_NOTIFICATIONS_FILE="/etc/bluebuild/default-flatpaks/notifications"
# Ignore words starting with # symbol, whitelines & duplicate entries for notifications config
MAINTAINER_NOTIFICATIONS=$(cat "$NOTIFICATIONS_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
USER_NOTIFICATIONS=$(cat "$USER_NOTIFICATIONS_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
# If user modified notifications config, utilize user's configuration, otherwise maintainer's
if [[ -n $USER_NOTIFICATIONS ]]; then
NOTIFICATIONS="$USER_NOTIFICATIONS"
else
NOTIFICATIONS="$MAINTAINER_NOTIFICATIONS"
fi
# Installed flatpaks
FLATPAK_LIST=$(flatpak list --system --columns=application)
FLATPAK_LIST=$(flatpak list --system --app --columns=application)
# Flatpak list files
INSTALL_LIST_FILE="/etc/flatpak/system/install"
REMOVE_LIST_FILE="/etc/flatpak/system/remove"
INSTALL_LIST_FILE="/usr/share/bluebuild/default-flatpaks/system/install"
REMOVE_LIST_FILE="/usr/share/bluebuild/default-flatpaks/system/remove"
USER_INSTALL_LIST_FILE="/etc/bluebuild/default-flatpaks/system/install"
USER_REMOVE_LIST_FILE="/etc/bluebuild/default-flatpaks/system/remove"
# Prefer user's install + remove list over maintainer's, in case when same flatpak ID is present in maintainer's install list + user's remove list & vice-versa
# Also ignores words starting with # symbol, whitelines & duplicate entries
MAINTAINER_INSTALL_LIST=$(comm -23 <(sort "$INSTALL_LIST_FILE") <(sort "$USER_REMOVE_LIST_FILE") | grep -v -E '^#|^$' | awk '!seen[$0]++')
MAINTAINER_REMOVE_LIST=$(comm -23 <(sort "$REMOVE_LIST_FILE") <(sort "$USER_INSTALL_LIST_FILE") | grep -v -E '^#|^$' | awk '!seen[$0]++')
# Combine maintainer & user list. Ignore words starting with # symbol, whitelines & duplicate entries
COMBINED_INSTALL_LIST=$(cat <(echo "$MAINTAINER_INSTALL_LIST") "$USER_INSTALL_LIST_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
COMBINED_REMOVE_LIST=$(cat <(echo "$MAINTAINER_REMOVE_LIST") "$USER_REMOVE_LIST_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
function notify-send-pre-install {
user_name=$(loginctl list-sessions --output=json | jq -r '.[].user')
uid=$(loginctl list-sessions --output=json | jq -r '.[].uid')
xdg_runtime_path="/run/user/$uid"
display_var=$(printenv DISPLAY)
sudo -u "$user_name" DBUS_SESSION_BUS_ADDRESS=unix:path="$xdg_runtime_path"/bus DISPLAY="$display_var" notify-send "Flatpak Installer" "Started install of system flatpaks" --app-name="Flatpak Installer" -u NORMAL
}
function notify-send-install {
user_name=$(loginctl list-sessions --output=json | jq -r '.[].user')
@ -59,6 +87,14 @@ function notify-send-install {
sudo -u "$user_name" DBUS_SESSION_BUS_ADDRESS=unix:path="$xdg_runtime_path"/bus DISPLAY="$display_var" notify-send "Flatpak Installer" "Finished install of system flatpaks:\n$INSTALL_LIST" --app-name="Flatpak Installer" -u NORMAL
}
function notify-send-pre-uninstall {
user_name=$(loginctl list-sessions --output=json | jq -r '.[].user')
uid=$(loginctl list-sessions --output=json | jq -r '.[].uid')
xdg_runtime_path="/run/user/$uid"
display_var=$(printenv DISPLAY)
sudo -u "$user_name" DBUS_SESSION_BUS_ADDRESS=unix:path="$xdg_runtime_path"/bus DISPLAY="$display_var" notify-send "Flatpak Installer" "Started uninstall of some system flatpaks" --app-name="Flatpak Installer" -u NORMAL
}
function notify-send-uninstall {
user_name=$(loginctl list-sessions --output=json | jq -r '.[].user')
uid=$(loginctl list-sessions --output=json | jq -r '.[].uid')
@ -68,27 +104,29 @@ function notify-send-uninstall {
}
# Install flatpaks in list
if [[ -f $INSTALL_LIST_FILE ]]; then
if [[ -f $INSTALL_LIST_FILE ]] || [[ -f $USER_INSTALL_LIST_FILE ]]; then
if [[ -n $FLATPAK_LIST ]]; then
INSTALL_LIST=$(echo "$FLATPAK_LIST" | grep -vf - "$INSTALL_LIST_FILE")
INSTALL_LIST=$(comm -23 <(echo "$COMBINED_INSTALL_LIST" | sort) <(echo "$FLATPAK_LIST" | sort))
else
INSTALL_LIST=$(cat $INSTALL_LIST_FILE)
INSTALL_LIST="$COMBINED_INSTALL_LIST"
fi
if [[ -n $INSTALL_LIST ]]; then
if [[ -n $INSTALL_LIST ]] && [[ ! $NOTIFICATIONS == "true" ]]; then
flatpak install --system --noninteractive "$REPO_NAME" ${INSTALL_LIST[@]}
if [[ $NOTIFICATIONS == "true" ]]; then
notify-send-install
fi
elif [[ -n $INSTALL_LIST ]] && [[ $NOTIFICATIONS == "true" ]]; then
notify-send-pre-install
flatpak install --system --noninteractive "$REPO_NAME" ${INSTALL_LIST[@]}
notify-send-install
fi
fi
# Remove flatpaks in list
if [[ -f $REMOVE_LIST_FILE ]]; then
REMOVE_LIST=$(echo "$FLATPAK_LIST" | grep -o -f - "$REMOVE_LIST_FILE")
if [[ -n $REMOVE_LIST ]]; then
if [[ -f $REMOVE_LIST_FILE ]] || [[ -f $USER_REMOVE_LIST_FILE ]]; then
REMOVE_LIST=$(comm -12 <(echo "$COMBINED_REMOVE_LIST" | sort) <(echo "$FLATPAK_LIST" | sort))
if [[ -n $REMOVE_LIST ]] && [[ ! $NOTIFICATIONS == "true" ]]; then
flatpak uninstall --system --noninteractive ${REMOVE_LIST[@]}
if [[ $NOTIFICATIONS == "true" ]]; then
notify-send-uninstall
fi
elif [[ -n $REMOVE_LIST ]] && [[ $NOTIFICATIONS == "true" ]]; then
notify-send-pre-uninstall
flatpak uninstall --system --noninteractive ${REMOVE_LIST[@]}
notify-send-uninstall
fi
fi

6
modules/default-flatpaks/user-config/notifications Normal file
View file

@ -0,0 +1,6 @@
# This file can be used by the users for configuration of `notifications` used by the the `default-flatpaks` BlueBuild module.
# If this file is not modified, the image's default configuration will be used instead (located in /usr/share/bluebuild/default-flatpaks/notifications).
# Possible values: true, false
# Here's an example on how to edit this file (ignore # symbol):
#
# false

10
modules/default-flatpaks/user-config/system/install Normal file
View file

@ -0,0 +1,10 @@
# This file can be used by the users for configuration of `system flatpaks install` used by the `default-flatpaks` BlueBuild module.
# If this file is not modified, the image's default configuration will be used instead (located in /usr/share/bluebuild/default-flatpaks/system/install).
# This list uses the Flatpak ID format, with one ID per line.
# Duplicated entries won't be used if located in the image's default configuration.
# Flatpak runtimes are not supported.
# Here's an example on how to edit this file (ignore # symbol):
#
# org.gnome.Maps
# org.gnome.TextEditor
# org.telegram.desktop

10
modules/default-flatpaks/user-config/system/remove Normal file
View file

@ -0,0 +1,10 @@
# This file can be used by the users for configuration for `system flatpaks removal` used by the `default-flatpaks` BlueBuild module.
# If this file is not modified, the image's default configuration will be used instead (located in /usr/share/bluebuild/default-flatpaks/system/remove).
# This list uses the Flatpak ID format, with one ID per line.
# Duplicated entries won't be used if located the image's default configuration.
# Flatpak runtimes are not supported.
# Here's an example on how to edit this file (ignore # symbol):
#
# org.gnome.Maps
# org.gnome.TextEditor
# org.telegram.desktop

10
modules/default-flatpaks/user-config/user/install Normal file
View file

@ -0,0 +1,10 @@
# This file can be used by the users for configuration of configuration for `user flatpaks install` used by the `default-flatpaks` BlueBuild module.
# If this file is not modified, the image's default configuration will be used instead (located in /usr/share/bluebuild/default-flatpaks/user/install).
# This list uses the Flatpak ID format, with one ID per line.
# Duplicated entries won't be used if located in the image's default configuration.
# Flatpak runtimes are not supported.
# Here's an example on how to edit this file (ignore # symbol):
#
# org.gnome.Maps
# org.gnome.TextEditor
# org.telegram.desktop

10
modules/default-flatpaks/user-config/user/remove Normal file
View file

@ -0,0 +1,10 @@
# This file can be used by the users for configuration of `user flatpaks removal` used by the `default-flatpaks` BlueBuild module.
# If this file is not modified, the image's default configuration will be used instead (located in /usr/share/bluebuild/default-flatpaks/user/remove).
# This list uses the Flatpak ID format, with one ID per line.
# Duplicated entries won't be used if located in the image's default configuration.
# Flatpak runtimes are not supported.
# Here's an example on how to edit this file (ignore # symbol):
#
# org.gnome.Maps
# org.gnome.TextEditor
# org.telegram.desktop

58
modules/default-flatpaks/user-flatpak-setup
View file

@ -6,7 +6,7 @@ if grep -qz 'fedora' <<< "$(flatpak remotes)"; then
flatpak remote-delete --user fedora-testing --force
fi
REPO_INFO="/etc/flatpak/user/repo-info.yml"
REPO_INFO="/usr/share/bluebuild/default-flatpaks/user/repo-info.yml"
REPO_URL=$(yq '.repo-url' $REPO_INFO)
REPO_NAME=$(yq '.repo-name' $REPO_INFO)
REPO_TITLE=$(yq '.repo-title' $REPO_INFO)
@ -24,37 +24,59 @@ if [[ ! $REPO_TITLE == "null" ]]; then
fi
# Notifications config
NOTIFICATIONS=$(cat /etc/flatpak/notifications)
NOTIFICATIONS_FILE="/usr/share/bluebuild/default-flatpaks/notifications"
USER_NOTIFICATIONS_FILE="/etc/bluebuild/default-flatpaks/notifications"
# Ignore words starting with # symbol, whitelines & duplicate entries for notifications config
MAINTAINER_NOTIFICATIONS=$(cat "$NOTIFICATIONS_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
USER_NOTIFICATIONS=$(cat "$USER_NOTIFICATIONS_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
# If user modified notifications config, utilize user's configuration, otherwise maintainer's
if [[ -n $USER_NOTIFICATIONS ]]; then
NOTIFICATIONS="$USER_NOTIFICATIONS"
else
NOTIFICATIONS="$MAINTAINER_NOTIFICATIONS"
fi
# Installed flatpaks
FLATPAK_LIST=$(flatpak list --user --columns=application)
FLATPAK_LIST=$(flatpak list --user --app --columns=application)
# Flatpak list files
INSTALL_LIST_FILE="/etc/flatpak/user/install"
REMOVE_LIST_FILE="/etc/flatpak/user/remove"
INSTALL_LIST_FILE="/usr/share/bluebuild/default-flatpaks/user/install"
REMOVE_LIST_FILE="/usr/share/bluebuild/default-flatpaks/user/remove"
USER_INSTALL_LIST_FILE="/etc/bluebuild/default-flatpaks/user/install"
USER_REMOVE_LIST_FILE="/etc/bluebuild/default-flatpaks/user/remove"
# Prefer user's install + remove list over maintainer's, in case when same flatpak ID is present in maintainer's install list + user's remove list & vice-versa
# Also ignores words starting with # symbol, whitelines & duplicate entries
MAINTAINER_INSTALL_LIST=$(comm -23 <(sort "$INSTALL_LIST_FILE") <(sort "$USER_REMOVE_LIST_FILE") | grep -v -E '^#|^$' | awk '!seen[$0]++')
MAINTAINER_REMOVE_LIST=$(comm -23 <(sort "$REMOVE_LIST_FILE") <(sort "$USER_INSTALL_LIST_FILE") | grep -v -E '^#|^$' | awk '!seen[$0]++')
# Combine maintainer & user list. Ignore words starting with # symbol, whitelines & duplicate entries
COMBINED_INSTALL_LIST=$(cat <(echo "$MAINTAINER_INSTALL_LIST") "$USER_INSTALL_LIST_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
COMBINED_REMOVE_LIST=$(cat <(echo "$MAINTAINER_REMOVE_LIST") "$USER_REMOVE_LIST_FILE" | grep -v -E '^#|^$' | awk '!seen[$0]++')
# Install flatpaks in list
if [[ -f $INSTALL_LIST_FILE ]]; then
if [[ -f $INSTALL_LIST_FILE ]] || [[ -f $USER_INSTALL_LIST_FILE ]]; then
if [[ -n $FLATPAK_LIST ]]; then
INSTALL_LIST=$(echo "$FLATPAK_LIST" | grep -vf - "$INSTALL_LIST_FILE")
INSTALL_LIST=$(comm -23 <(echo "$COMBINED_INSTALL_LIST" | sort) <(echo "$FLATPAK_LIST" | sort))
else
INSTALL_LIST=$(cat $INSTALL_LIST_FILE)
INSTALL_LIST="$COMBINED_INSTALL_LIST"
fi
if [[ -n $INSTALL_LIST ]]; then
if [[ -n $INSTALL_LIST ]] && [[ ! $NOTIFICATIONS == "true" ]]; then
flatpak install --user --noninteractive "$REPO_NAME" ${INSTALL_LIST[@]}
if [[ $NOTIFICATIONS == "true" ]]; then
notify-send "Flatpak Installer" "Finished install of user flatpaks:\n$INSTALL_LIST" --app-name="Flatpak Installer" -u NORMAL
fi
elif [[ -n $INSTALL_LIST ]] && [[ $NOTIFICATIONS == "true" ]]; then
notify-send "Flatpak Installer" "Started install of user flatpaks" --app-name="Flatpak Installer" -u NORMAL
flatpak install --user --noninteractive "$REPO_NAME" ${INSTALL_LIST[@]}
notify-send "Flatpak Installer" "Finished install of user flatpaks:\n$INSTALL_LIST" --app-name="Flatpak Installer" -u NORMAL
fi
fi
# Remove flatpaks in list
if [[ -f $REMOVE_LIST_FILE ]]; then
REMOVE_LIST=$(echo "$FLATPAK_LIST" | grep -o -f - "$REMOVE_LIST_FILE")
if [[ -n $REMOVE_LIST ]]; then
if [[ -f $REMOVE_LIST_FILE ]] || [[ -f $USER_REMOVE_LIST_FILE ]]; then
REMOVE_LIST=$(comm -12 <(echo "$COMBINED_REMOVE_LIST" | sort) <(echo "$FLATPAK_LIST" | sort))
if [[ -n $REMOVE_LIST ]] && [[ ! $NOTIFICATIONS == "true" ]]; then
flatpak uninstall --user --noninteractive ${REMOVE_LIST[@]}
if [[ $NOTIFICATIONS == "true" ]]; then
notify-send "Flatpak Installer" "Finished uninstall of user flatpaks:\n$REMOVE_LIST" --app-name="Flatpak Installer" -u NORMAL
fi
elif [[ -n $REMOVE_LIST ]] && [[ $NOTIFICATIONS == "true" ]]; then
notify-send "Flatpak Installer" "Started uninstall of some user flatpaks" --app-name="Flatpak Installer" -u NORMAL
flatpak uninstall --user --noninteractive ${REMOVE_LIST[@]}
notify-send "Flatpak Installer" "Finished uninstall of user flatpaks:\n$REMOVE_LIST" --app-name="Flatpak Installer" -u NORMAL
fi
fi

17
modules/files/README.md
View file

@ -1,16 +1,7 @@
# `files` Module for Startingpoint
# `files`
The `files` module simplifies the process of copying files to the image during the build time. These files are sourced from the `config/files` directory, which is located at `/tmp/config/files` inside the image.
> **Warning**
> If you want to place anything in `/etc` of the final image, you MUST place them in `/usr/etc` in your repo, so that they're written to `/usr/etc` on the final system. That is the proper directory for "system" configuration templates on OSTree-based Fedora distros, whereas `/etc` is meant for manual overrides and editing by the machine's admin AFTER installation! See issue https://github.com/ublue-os/startingpoint/issues/28.
## Example Configuration
```yaml
type: files
files:
- usr: /usr
```
In the example above, `usr` represents the directory located inside the `config/files` in the repository, while `/usr` designates the corresponding destination within the image.
:::note
If you want to place any files in `/etc/`, you should place them in `/usr/etc/` instead, which will be used to generate `/etc/` on a booted system. That is the proper directory for "system" configuration templates on atomic Fedora distros, whereas `/etc/` is meant for manual overrides and editing by the machine's admin AFTER installation! See issue https://github.com/ublue-os/startingpoint/issues/28.
:::

9
modules/files/files.sh
View file

@ -6,6 +6,7 @@ set -euo pipefail
get_yaml_array FILES '.files[]' "$1"
cd "$CONFIG_DIRECTORY/files"
shopt -s dotglob
if [[ ${#FILES[@]} -gt 0 ]]; then
echo "Adding files to image"
@ -17,17 +18,21 @@ if [[ ${#FILES[@]} -gt 0 ]]; then
mkdir -p "$DEST"
fi
echo "Copying $FILE to $DEST"
cp -r "$FILE"/* $DEST
cp -rf "$FILE"/* $DEST
rm -f "$DEST"/.gitkeep
elif [ -f "$FILE" ]; then
DEST_DIR=$(dirname "$DEST")
if [ ! -d "$DEST_DIR" ]; then
mkdir -p "$DEST_DIR"
fi
echo "Copying $FILE to $DEST"
cp $FILE $DEST
cp -f $FILE $DEST
rm -f "$DEST"/.gitkeep
else
echo "File or Directory $FILE Does Not Exist in $CONFIG_DIRECTORY/files"
exit 1
fi
done
fi
shopt -u dotglob

9
modules/files/module.yml Normal file
View file

@ -0,0 +1,9 @@
name: files
shortdesc: The files module simplifies the process of copying files to the image during the build time.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/files/README.md
example: |
type: files
files:
- usr: /usr
# usr: file/folder inside config/files/ to copy (config/files/usr/ in the repository)
# /usr: destination on the final system

21
modules/fonts/README.md
View file

@ -1,20 +1,3 @@
# `fonts` Module for Startingpoint
# `fonts`
The `fonts` module can be used to install [nerd-fonts](https://www.nerdfonts.com/) or [google-fonts](https://fonts.google.com/). This module will always download the latest version and properly configure fonts.
## Example configuration
```yaml
- type: fonts
fonts:
nerd-fonts:
- FiraCode # don't add "Nerd Font" suffix.
- Hack
- SourceCodePro
- Terminus
- JetBrainsMono
- NerdFontsSymbolsOnly
google-fonts:
- Roboto
- Open Sans
```
The `fonts` module can be used to install fonts from [Nerd Fonts](https://www.nerdfonts.com/) or [Google Fonts](https://fonts.google.com/). This module will always download the latest version of a font and properly configure it.

8
modules/fonts/fonts.sh
View file

@ -1,6 +1,12 @@
#!/usr/bin/env bash
set -euo pipefail
# Workaround for fonts module failing on legacy templates (with build.sh)
get_yaml_array() {
# creates array $1 with content at key $2 from $3
readarray "$1" < <(echo "$3" | yq -I=0 "$2")
}
export FONTS_MODULE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
for source in "$FONTS_MODULE_DIR"/sources/*.sh; do
@ -13,4 +19,4 @@ for source in "$FONTS_MODULE_DIR"/sources/*.sh; do
bash "$source" "${FONTS[@]}"
done
done

16
modules/fonts/module.yml Normal file
View file

@ -0,0 +1,16 @@
name: fonts
shortdesc: The `fonts` module can be used to install fonts from Nerd Fonts or Google Fonts.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/fonts/README.md
example: |
type: fonts
fonts:
nerd-fonts:
- FiraCode # don't add "Nerd Font" suffix.
- Hack
- SourceCodePro
- Terminus
- JetBrainsMono
- NerdFontsSymbolsOnly
google-fonts:
- Roboto
- Open Sans

86
modules/gschema-overrides/README.md Normal file
View file

@ -0,0 +1,86 @@
# `gschema-overrides`
The `gschema-overrides` module can be used for including system-setting overrides for GTK-based desktop environments.
GTK-based desktop environments include Gnome, Cinnamon, MATE, Budgie & such.
This module is similar to using `dconf` configuration, but is better because it doesn't require a systemd service & supports build-time troubleshooting.
What does this module do?
- It copies all content from `/usr/share/glib-2.0/schemas`, except existing gschema.overrides to avoid conflicts, into temporary test location.
- It copies your gschema.overrides you provided in this module from `config/gschema-overrides` into temporary test location.
- It tests them for errors in temporary test location by using `glib-compile-schemas` with `--strict` flag. If errors are found, build will fail.
- If test is passed successfully, it copies your gschema.overrides to `/usr/share/glib-2.0/schemas`.
- It compiles gschema using `glib-compile-schemas` in `/usr/share/glib-2.0/schemas` location to include your changes.
Temporary test location is:
`/tmp/bluebuild-schema-test`
## Usage
To use this module, you need to include your gschema.override file(s) in this location (make folder if it doesn't exist):
`config/gschema-overrides`
Then you need to include those file(s) in recipe file, like in example configuration.
It is highly recommended to use `zz1-` prefix before your gschema.override name, to ensure that your changes are going to be applied.
Also don't forget to rename your file(s) too with this prefix in `config/gschema-overrides`.
## Creating gschema.override files
Gschema.override files use `gsettings` keyfile format for settings output.
### Example of gschema.override settings
```
[org.gnome.desktop.peripherals.touchpad]
tap-to-click=true
[org.gnome.settings-daemon.plugins.power]
power-button-action='interactive'
[org.gnome.mutter]
check-alive-timeout=uint32 20000
[org.gnome.shell.extensions.blur-my-shell]
sigma=5
```
### Example of gschema.override lockscreen settings (Gnome)
```
[org.gnome.desktop.peripherals.touchpad:GNOME-Greeter]
tap-to-click=true
```
- To gather setting change after you input the command, use this:
`dconf watch /`
When you change some setting toggle or option when this command is active,
you will notice that command will output the key for the changed setting,
which you can use & write into gschema.override file in the format shown in example above.
- To gather current & available settings on booted system, you can use this command:
`gsettings list-recursively`
You should use this command everytime when you want to apply some setting override,
to ensure that it's listed as available.
**Gschema.override files don't support relocatable schemas & locking settings.**
For that functionality, you should use `dconf-update-service` module.
Relocatable schemas are rare, so most users won't run into this scenario.
### Example of relocatable schemas
gsettings format:
```
[org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Utilities/]
[org.gnome.settings-daemon.plugins.media-keys.custom-keybinding:/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/]
```
dconf format:
```
[org/gnome/desktop/app-folders/folders/Utilities]
[org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0]
```

54
modules/gschema-overrides/gschema-overrides.sh Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env bash
set -euo pipefail
get_yaml_array INCLUDE '.include[]' "$1"
schema_include_location="/tmp/config/gschema-overrides"
schema_test_location="/tmp/bluebuild-schema-test"
schema_location="/usr/share/glib-2.0/schemas"
gschema_extension=false
echo "Installing gschema-overrides module"
# Abort build if file in module is not included
if [[ ${#INCLUDE[@]} == 0 ]]; then
echo "Module failed because gschema-overrides aren't included into the module."
exit 1
fi
# Abort build if included file does not have .gschema.override extension
if [[ ${#INCLUDE[@]} -gt 0 ]]; then
for file in "${INCLUDE[@]}"; do
file="${file//$'\n'/}"
if [[ $file == *.gschema.override ]]; then
gschema_extension=true
else
echo "Module failed because included files in module don't have .gschema.override extension."
exit 1
fi
done
fi
# Apply gschema-override when all conditions above are satisfied
if [[ ${#INCLUDE[@]} -gt 0 ]] && $gschema_extension; then
printf "Applying the following gschema-overrides:\n"
for file in "${INCLUDE[@]}"; do
file="${file//$'\n'/}"
printf "%s\n" "$file"
done
mkdir -p "$schema_test_location" "$schema_location"
find "$schema_location" -type f ! -name "*.gschema.override" -exec cp {} "$schema_test_location" \;
for file in "${INCLUDE[@]}"; do
file_path="${schema_include_location}/${file//$'\n'/}"
cp "$file_path" "$schema_test_location"
done
echo "Running error-checking test for your gschema-overrides. If test fails, build also fails."
glib-compile-schemas --strict "$schema_test_location"
echo "Compiling gschema to include your changes with gschema-override"
for file in "${INCLUDE[@]}"; do
file_path="${schema_test_location}/${file//$'\n'/}"
cp "$file_path" "$schema_location"
done
glib-compile-schemas "$schema_location" &>/dev/null
fi

7
modules/gschema-overrides/module.yml Normal file
View file

@ -0,0 +1,7 @@
name: gschema-overrides
shortdesc: The `gschema-overrides` module can be used for including system-setting overrides for GTK-based desktop environments.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/gschema-overrides/README.md
example: |
type: gschema-overrides
include:
- zz1-myoverride.gschema.override # test & compile the override file included in config/gschema-overrides/zz1-myoverride.gschema.override

28
modules/rpm-ostree/README.md
View file

@ -1,34 +1,22 @@
# [`rpm-ostree`](https://coreos.github.io/rpm-ostree/) Module for Startingpoint
# `rpm-ostree`
The `rpm-ostree` module offers pseudo-declarative package and repository management using `rpm-ostree`.
The [`rpm-ostree`](https://coreos.github.io/rpm-ostree/) module offers pseudo-declarative package and repository management using `rpm-ostree`.
The module first downloads the repository files from repositories declared under `repos:` into `/etc/yum.repos.d/`. The magic string `%OS_VERSION%` is substituted with the current VERSION_ID (major Fedora version), which can be used, for example, for pulling correct versions of repositories from [Fedora's Copr](https://copr.fedorainfracloud.org/).
Then the module installs the packages declared under `install:` using `rpm-ostree install`, it removes the packages declared under `remove:` using `rpm-ostree override remove`. If there are packages declared under both `install:` and `remove:` a hybrid command `rpm-ostree remove <packages> --install <packages>` is used, which should allow you to switch required packages for other ones.
:::note
[Removed packages are still present in the underlying ostree repository](https://coreos.github.io/rpm-ostree/administrator-handbook/#removing-a-base-package), what `remove` does is kind of like hiding them from the system, it doesn't free up storage space.
:::
Additionally, the `rpm-ostree` module supports a temporary (waiting for `rpm-ostree` issue [#233](https://github.com/coreos/rpm-ostree/issues/233)) fix for packages that install into `/opt/`. Installation for packages that install into folder names declared under `optfix:` are fixed using some symlinks.
## Example Configuration
```yaml
type: rpm-ostree
repos:
- https://copr.fedorainfracloud.org/coprs/atim/starship/repo/fedora-%OS_VERSION%/atim-starship-fedora-%OS_VERSION%.repo # when including COPR repos, use the %OS_VERSION% magic string
- https://pkgs.tailscale.com/stable/fedora/tailscale.repo
install:
- python3-pip
- libadwaita
remove:
- firefox
- firefox-langpacks
```
## Known issues
When removing certain packages, some problem probably in upstream `rpm-ostree` causes a `depsolve` issue similar to below. [Removed packages are still present in the underlying ostree repository](https://coreos.github.io/rpm-ostree/administrator-handbook/#removing-a-base-package), what `remove` does is "hide" them from the system, it doesn't reclaim disk space.
When removing certain packages, some problem probably in upstream `rpm-ostree` causes a `depsolve` issue similar to below.
```
Resolving dependencies...done
error: Could not depsolve transaction; 1 problem detected:
Problem: conflicting requests
```
```

14
modules/rpm-ostree/module.yml Normal file
View file

@ -0,0 +1,14 @@
name: rpm-ostree
shortdesc: The rpm-ostree module offers pseudo-declarative package and repository management using rpm-ostree.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/rpm-ostree/README.md
example: |
type: rpm-ostree
repos:
- https://copr.fedorainfracloud.org/coprs/atim/starship/repo/fedora-%OS_VERSION%/atim-starship-fedora-%OS_VERSION%.repo # when including COPR repos, use the %OS_VERSION% magic string
- https://pkgs.tailscale.com/stable/fedora/tailscale.repo
install:
- python3-pip
- libadwaita
remove:
- firefox
- firefox-langpacks

15
modules/script/README.md
View file

@ -1,16 +1,8 @@
# `script` Module for Startingpoint
# `script`
The `script` module can be used to run arbitrary scripts at image build time that take no or minimal external configuration (in the form of command line arguments).
The scripts, which are run from the `config/scripts` directory, are declared under `scripts:`.
## Example Configuration
```yaml
type: script
scripts:
- signing.sh
```
## Creating a Script
Look at `example.sh` for an example shell script. You can rename and copy the file for your own purposes. In order for the script to be executed, declare it in the recipe
@ -19,8 +11,7 @@ When creating a script, please make sure
- ...its filename ends with `.sh`.
- This follows convention for (especially bash) shell scripts.
- `autorun.sh` only executes files that match `*.sh`.
- ...it starts with a [shebang](<https://en.wikipedia.org/wiki/Shebang_(Unix)>) like `#!/usr/bin/env bash`.
- This ensures the script is ran with the correct interpreter / shell.
- ...it contains the command `set -euo pipefail` near the start.
- This will make the image build fail if your script fails. If you do not care if your script works or not, you can omit this line.
- ...it contains the command `set -euo pipefail` right after the shebang.
- This will make the image build fail if your script fails. If you do not care if your script works or not, you can omit this line.

7
modules/script/module.yml Normal file
View file

@ -0,0 +1,7 @@
name: script
shortdesc: The script module can be used to run arbitrary scripts at image build time.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/script/README.md
example: |
type: script
scripts:
- myscript.sh # will run config/scripts/myscript.sh

3
modules/signing/README.md Normal file
View file

@ -0,0 +1,3 @@
# `signing`
The `signing` module is used to install the required signing policies for cosign image verification with [`rpm-ostree`](https://github.com/coreos/rpm-ostree) and [`bootc`](https://github.com/containers/bootc). This module is the successor to the `signing.sh` script that previously existed in the template. This module also allows for basing off of non-Universal-Blue Fedora base images.

6
modules/signing/image-info.json Normal file
View file

@ -0,0 +1,6 @@
{
"image-ref": "IMAGE_REF",
"image-tag": "latest",
"image-vendor": "bluebuild",
"fedora-version": "FEDORA_MAJOR_VERSION"
}

5
modules/signing/module.yml Normal file
View file

@ -0,0 +1,5 @@
name: signing
shortdesc: The signing module is used to install the required signing policies for cosign image verification with rpm-ostree and bootc.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/signing/README.md
example: |
type: signing # this sets up the proper policy & signing files for signed images to work fully

86
modules/signing/policy.json Normal file
View file

@ -0,0 +1,86 @@
{
"default": [
{
"type": "reject"
}
],
"transports": {
"docker": {
"registry.access.redhat.com": [
{
"type": "signedBy",
"keyType": "GPGKeys",
"keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
}
],
"registry.redhat.io": [
{
"type": "signedBy",
"keyType": "GPGKeys",
"keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
}
],
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"docker-daemon": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"atomic": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"containers-storage": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"dir": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"oci": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"oci-archive": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"docker-archive": {
"": [
{
"type": "insecureAcceptAnything"
}
]
},
"tarball": {
"": [
{
"type": "insecureAcceptAnything"
}
]
}
}
}

3
modules/signing/registry-config.yaml Normal file
View file

@ -0,0 +1,3 @@
docker:
ghcr.io/IMAGENAME:
use-sigstore-attachments: true

56
modules/signing/signing.sh Normal file
View file

@ -0,0 +1,56 @@
#!/usr/bin/env bash
# Tell build process to exit if there are any errors.
set -euo pipefail
CONTAINER_DIR="/usr/etc/containers"
MODULE_DIRECTORY="${MODULE_DIRECTORY:-"/tmp/modules"}"
echo "Setting up container signing in policy.json and cosign.yaml for $IMAGE_NAME"
echo "Registry to write: $IMAGE_REGISTRY"
if ! [ -d "$CONTAINER_DIR" ]; then
mkdir -p "$CONTAINER_DIR"
fi
if ! [ -d $CONTAINER_DIR/registries.d ]; then
mkdir -p "$CONTAINER_DIR/registries.d"
fi
if ! [ -d "/usr/etc/pki/containers" ]; then
mkdir -p "/usr/etc/pki/containers"
fi
if ! [ -f "$CONTAINER_DIR/policy.json" ]; then
cp "$MODULE_DIRECTORY/signing/policy.json" "$CONTAINER_DIR/policy.json"
fi
if ! [ -f "/usr/share/ublue-os/image-info.json" ]; then
cp "$MODULE_DIRECTORY/signing/image-info.json" "/usr/share/ublue-os/image-info.json"
fi
cp "/usr/share/ublue-os/cosign.pub" "/usr/etc/pki/containers/$IMAGE_NAME.pub"
POLICY_FILE="$CONTAINER_DIR/policy.json"
IMAGE_INFO="/usr/share/ublue-os/image-info.json"
yq -i -o=j '.transports.docker |=
{"'"$IMAGE_REGISTRY"'/'"$IMAGE_NAME"'": [
{
"type": "sigstoreSigned",
"keyPath": "/usr/etc/pki/containers/'"$IMAGE_NAME"'.pub",
"signedIdentity": {
"type": "matchRepository"
}
}
]
}
+ .' "$POLICY_FILE"
IMAGE_REF="ostree-image-signed:docker://$IMAGE_REGISTRY/$IMAGE_NAME"
# Sets image-info.json used by ublue-update for auto-rebase workaround. Used by both bazzite and bluefin
yq -i -o=j '.image-ref="'"$IMAGE_REF"'" | .fedora-version="'"$OS_VERSION"'"' "$IMAGE_INFO"
mv "$MODULE_DIRECTORY/signing/registry-config.yaml" "$CONTAINER_DIR/registries.d/$IMAGE_NAME.yaml"
sed -i "s ghcr.io/IMAGENAME $IMAGE_REGISTRY g" "$CONTAINER_DIR/registries.d/$IMAGE_NAME.yaml"

64
modules/systemd/README.md
View file

@ -1,63 +1,5 @@
# `systemd` Module for Startingpoint
# `systemd`
The `systemd` module streamlines the management of systemd units during image building. Units are divided into `system` and `user` categories, with `system` units managed directly using `systemctl` and `user` units using `systemctl --user`. You can specify which units to enable/disable or unmask/mask under each category.
The `systemd` module streamlines the management of systemd units during image building. Units are divided into `system` and `user` categories, with `system` units managed directly using `systemctl` and `user` units using `systemctl --global`. You can specify which units to enable/disable or unmask/mask under each category.
## Example Configuration
```yaml
type: systemd
system:
enabled:
- example.service
disabled:
- example.target
unmasked:
- example.service
masked:
- example.service
user:
enabled:
- example.timer
disabled:
- example.service
unmasked:
- example.service
masked:
- example.service
```
In this example:
### System Units
- `example.service`: Enabled (runs on system boot)
- `example.target`: Disabled (does not run on system boot, unless other unit strictly requires it)
- `example.service`: Unmasked (runs on system boot, even if previously masked)
- `example.service`: Masked (does not run on system boot, under any circumstances)
### User Units
- `example.timer`: Enabled (runs for the user)
- `example.service`: Disabled (does not run for the user, unless other unit strictly requires it)
- `example.service`: Unmasked (runs for the user, even if previously masked)
- `example.service`: Masked (does not run for the user, under any circumstances)
This configuration achieves the same results as the following commands:
```sh
# System Units
systemctl enable example.service
systemctl disable example.target
systemctl unmask example.service
systemctl mask example.service
# User Units
systemctl --global enable example.timer
systemctl --global disable example.service
systemctl --global unmask example.service
systemctl --global mask example.service
```
For more information about these systemctl commands, please visit:
https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#enable%20UNIT%E2%80%A6
https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#disable%20UNIT%E2%80%A6
https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#unmask%20UNIT%E2%80%A6
https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#mask%20UNIT%E2%80%A6
Supported operations are [enabling](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#enable%20UNIT%E2%80%A6), [disabling](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#disable%20UNIT%E2%80%A6), [masking](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#mask%20UNIT%E2%80%A6%E2%80%A6) and [unmasking](https://www.freedesktop.org/software/systemd/man/latest/systemctl.html#unmask%20UNIT%E2%80%A6).

23
modules/systemd/module.yml Normal file
View file

@ -0,0 +1,23 @@
name: systemd
shortdesc: The systemd module streamlines the management of systemd units during image building.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/systemd/README.md
example: |
type: systemd
system:
enabled:
- example.service # Enabled (runs on system boot)
disabled:
- example.target # Disabled (does not run on system boot, unless other unit strictly requires it)
masked:
- example.service # Masked (does not run on system boot, under any circumstances)
unmasked:
- example.service # Unmasked (runs on system boot, even if previously masked)
user:
enabled:
- example.timer # Enabled (runs for the user)
disabled:
- example.service # Disabled (does not run for the user, unless other unit strictly requires it)
masked:
- example.service # Masked (does not run for the user, under any circumstances)
unmasked:
- example.service # Unmasked (runs for the user, even if previously masked)

15
modules/yafti/README.md
View file

@ -1,16 +1,7 @@
# [`yafti`](https://github.com/ublue-os/yafti) Module for Startingpoint
# `yafti`
The `yafti` module can be used to install `yafti` and set it up to run on first boot. Also `yafti`'s dependencies, `python3-pip` and `libadwaita` are installed.
The [`yafti`](https://github.com/ublue-os/yafti) module can be used to install [`yafti`](https://github.com/ublue-os/yafti) and set it up to run on first boot. Also `yafti`'s dependencies, `python3-pip` and `libadwaita` are installed.
Optionally, a list of Flatpak names and IDs can be included under `custom-flatpaks:`. These will be enabled by default under their own section on the Flatpak installation screen of `yafti`.
A default version of the `yafti` configuration file, `yafti.yml`, is supplied by this module. To make your own, create the file at `/usr/share/ublue-os/firstboot/yafti.yml`. The default version of the file can be found [here](https://github.com/ublue-os/bling/blob/main/modules/yafti/yafti.yml).
## Example configuration
```yaml
type: yafti
custom-flatpaks:
- Celluloid: io.github.celluloid_player.Celluloid
- Krita: org.kde.krita
```
A default version of the `yafti` configuration file, `yafti.yml`, is supplied by this module. To make your own, create the file at `/usr/share/ublue-os/firstboot/yafti.yml`. The default version of the file can be found [here](https://github.com/ublue-os/bling/blob/main/modules/yafti/yafti.yml).

8
modules/yafti/module.yml Normal file
View file

@ -0,0 +1,8 @@
name: yafti
shortdesc: The yafti module can be used to install yafti and set it up to run on first boot.
readme: https://raw.githubusercontent.com/ublue-os/bling/main/modules/yafti/README.md
example: |
type: yafti
custom-flatpaks:
- Celluloid: io.github.celluloid_player.Celluloid
- Krita: org.kde.krita