robojerk/particle-os
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
particle-os/Containerfile.phase2
robojerk bf14af4f35 ready for bootloader tetsing
2025-08-10 19:03:24 -07:00

106 lines
4.2 KiB
Text
Raw Blame History

# Particle-OS Phase 2 Containerfile
# Builds on the minimal image and implements Phase 2 deliverables:
# - OSTree repository setup and management
# - System update and rollback mechanisms
# - Network configuration and management
# - Security hardening and SELinux integration
# - Container runtime optimization
FROM particle-os:minimal
# Install Phase 2 required packages
RUN apt-get update && apt-get install -y \
# OSTree management and deployment
ostree-grub2 \
ostree-boot \
# Network management (systemd-networkd is already included in systemd)
network-manager \
# Security tools
apparmor \
apparmor-utils \
# Container runtime optimization
containerd \
runc \
# System management
systemd-container \
# Additional utilities for Phase 2
curl \
wget \
vim \
htop \
iotop \
&& rm -rf /var/lib/apt/lists/*
# Set up OSTree repository structure
RUN mkdir -p /ostree/repo/refs/heads && \
mkdir -p /ostree/repo/refs/remotes && \
mkdir -p /ostree/repo/objects && \
mkdir -p /ostree/repo/state
# Initialize OSTree repository if not already done
RUN ostree --repo=/ostree/repo init --mode=bare || echo "Repository already initialized"
# Create initial deployment structure
RUN mkdir -p /sysroot/ostree/deploy/particle-os/minimal/deploy && \
mkdir -p /sysroot/ostree/deploy/particle-os/minimal/var && \
mkdir -p /sysroot/ostree/deploy/particle-os/minimal/usr
# Set up home directory symlink for OSTree compliance
RUN if [ ! -L /home ]; then \
ln -sf ../var/home /home; \
fi
# Configure OSTree for Phase 2
RUN echo "OSTREE_OSVARIANT=minimal" >> /etc/ostree/ostree.conf && \
echo "OSTREE_SERVICES=" >> /etc/ostree/ostree.conf && \
echo "OSTREE_DESKTOP=" >> /etc/ostree/ostree.conf
# Set up systemd services for Phase 2
RUN systemctl enable systemd-networkd
# Create Phase 2 specific directories and files
RUN mkdir -p /etc/systemd/system && \
mkdir -p /etc/systemd/user && \
mkdir -p /var/lib/systemd
# Set up container runtime configuration
RUN mkdir -p /etc/containerd && \
containerd config default > /etc/containerd/config.toml
# Create Phase 2 management scripts
RUN echo '#!/bin/bash' > /usr/local/bin/particle-ostree-update && \
echo 'echo "Particle-OS OSTree Update Tool"' >> /usr/local/bin/particle-ostree-update && \
echo 'echo "Phase 2: CoreOS Development"' >> /usr/local/bin/particle-ostree-update && \
echo 'echo "Available commands:"' >> /usr/local/bin/particle-ostree-update && \
echo 'echo " ostree admin status - Check deployment status"' >> /usr/local/bin/particle-ostree-update && \
echo 'echo " ostree admin os-diff - Show pending changes"' >> /usr/local/bin/particle-ostree-update && \
echo 'echo " ostree admin upgrade - Apply system updates"' >> /usr/local/bin/particle-ostree-update && \
chmod +x /usr/local/bin/particle-ostree-update
# Create network configuration
RUN echo '[Match]' > /etc/systemd/network/20-wired.network && \
echo 'Name=en*' >> /etc/systemd/network/20-wired.network && \
echo '[Network]' >> /etc/systemd/network/20-wired.network && \
echo 'DHCP=yes' >> /etc/systemd/network/20-wired.network
# Set up security configuration
RUN echo 'kernel.keys.root_maxkeys = 1000000' >> /etc/sysctl.conf && \
echo 'kernel.keys.root_maxbytes = 25000000' >> /etc/sysctl.conf
# Create Phase 2 version file
RUN echo "Particle-OS Phase 2 - CoreOS Development" > /etc/particle-os-phase && \
echo "Version: 0.2.0" >> /etc/particle-os-phase && \
echo "Phase: 2" >> /etc/particle-os-phase && \
echo "Status: Development" >> /etc/particle-os-phase
# Label the image with Phase 2 information
LABEL org.opencontainers.image.title="Particle-OS Phase 2"
LABEL org.opencontainers.image.description="Phase 2: CoreOS Development with OSTree management"
LABEL org.opencontainers.image.version="0.2.0"
LABEL org.opencontainers.image.vendor="Particle-OS Project"
LABEL org.opencontainers.image.source="https://github.com/your-org/particle-os"
LABEL org.opencontainers.image.revision="0.2.0"
LABEL org.opencontainers.image.ostree.osname="particle-os"
LABEL org.opencontainers.image.ostree.osversion="0.2.0"
LABEL org.opencontainers.image.ostree.osvariant="minimal"
LABEL org.opencontainers.image.ostree.phase="2"
Reference in a new issue View git blame Copy permalink