From a6258f2e4fe116ef1d5e386dab2aef7628099624 Mon Sep 17 00:00:00 2001 From: Gerald Pinder Date: Sun, 13 Aug 2023 11:48:27 -0400 Subject: [PATCH] Add extra support for framework 13 laptops; sync some files with ublue-os/startingpoint --- Containerfile.cp | 12 +- Containerfile.jp | 12 +- recipe-cp.yml | 1 + recipe-framework-13.yml | 1 + scripts/setup-framework-13.sh | 198 ++++++++++++++++++++++++++++ usr-cp/.gitkeep | 0 usr-cp/etc/tlp.conf | 1 - usr-jp/etc/distrobox/distrobox.ini | 15 +++ usr-jp/etc/tlp.conf | 1 - usr/share/ublue-os/just/custom.just | 27 +--- 10 files changed, 241 insertions(+), 27 deletions(-) create mode 100755 scripts/setup-framework-13.sh create mode 100644 usr-cp/.gitkeep delete mode 100644 usr-cp/etc/tlp.conf create mode 100644 usr-jp/etc/distrobox/distrobox.ini delete mode 100644 usr-jp/etc/tlp.conf diff --git a/Containerfile.cp b/Containerfile.cp index 5a99583..bbe0711 100644 --- a/Containerfile.cp +++ b/Containerfile.cp @@ -31,6 +31,15 @@ COPY ${USR_DIR}/ /usr # Copy the recipe that we're building. COPY ${RECIPE} /usr/share/ublue-os/recipe.yml +# Copy nix install script and Universal Blue wallpapers RPM from Bling image +COPY --from=ghcr.io/ublue-os/bling:latest /rpms/ublue-os-wallpapers-0.1-1.fc38.noarch.rpm /tmp/ublue-os-wallpapers-0.1-1.fc38.noarch.rpm + +# Integrate bling justfiles onto image +COPY --from=ghcr.io/ublue-os/bling:latest /files/usr/share/ublue-os/just /usr/share/ublue-os/just + +# Add nix installer if you want to use it +COPY --from=ghcr.io/ublue-os/bling:latest /files/usr/bin/ublue-nix* /usr/bin + # "yq" used in build.sh and the "setup-flatpaks" just-action to read recipe.yml. # Copied from the official container image since it's not available as an RPM. COPY --from=docker.io/mikefarah/yq /usr/bin/yq /usr/bin/yq @@ -39,7 +48,8 @@ COPY --from=docker.io/mikefarah/yq /usr/bin/yq /usr/bin/yq COPY scripts /tmp/scripts # Run the build script, then clean up temp files and finalize container build. -RUN chmod +x /tmp/scripts/build.sh && \ +RUN rpm-ostree install /tmp/ublue-os-wallpapers-0.1-1.fc38.noarch.rpm && \ + chmod +x /tmp/scripts/build.sh && \ /tmp/scripts/build.sh && \ rm -rf /tmp/* /var/* && \ ostree container commit diff --git a/Containerfile.jp b/Containerfile.jp index 384bd3b..22c271f 100644 --- a/Containerfile.jp +++ b/Containerfile.jp @@ -31,6 +31,15 @@ COPY ${USR_DIR}/ /usr # Copy the recipe that we're building. COPY ${RECIPE} /usr/share/ublue-os/recipe.yml +# Copy nix install script and Universal Blue wallpapers RPM from Bling image +COPY --from=ghcr.io/ublue-os/bling:latest /rpms/ublue-os-wallpapers-0.1-1.fc38.noarch.rpm /tmp/ublue-os-wallpapers-0.1-1.fc38.noarch.rpm + +# Integrate bling justfiles onto image +COPY --from=ghcr.io/ublue-os/bling:latest /files/usr/share/ublue-os/just /usr/share/ublue-os/just + +# Add nix installer if you want to use it +COPY --from=ghcr.io/ublue-os/bling:latest /files/usr/bin/ublue-nix* /usr/bin + # "yq" used in build.sh and the "setup-flatpaks" just-action to read recipe.yml. # Copied from the official container image since it's not available as an RPM. COPY --from=docker.io/mikefarah/yq /usr/bin/yq /usr/bin/yq @@ -47,7 +56,8 @@ COPY --from=registry.gitlab.com/wunker-bunker/xboxdrv-docker /usr/local/share/ma COPY scripts /tmp/scripts # Run the build script, then clean up temp files and finalize container build. -RUN chmod +x /tmp/scripts/build.sh && \ +RUN rpm-ostree install /tmp/ublue-os-wallpapers-0.1-1.fc38.noarch.rpm && \ + chmod +x /tmp/scripts/build.sh && \ /tmp/scripts/build.sh && \ rm -rf /tmp/* /var/* && \ ostree container commit diff --git a/recipe-cp.yml b/recipe-cp.yml index e9ec9fc..6577650 100644 --- a/recipe-cp.yml +++ b/recipe-cp.yml @@ -7,6 +7,7 @@ scripts: - autorun.sh post: - autorun.sh + - setup-framework-13.sh rpm: # A list of urls of ".repo" files that should be added to your system. # This is the proper way to add custom COPR repos to your image. diff --git a/recipe-framework-13.yml b/recipe-framework-13.yml index a99d19d..b6b5fb0 100644 --- a/recipe-framework-13.yml +++ b/recipe-framework-13.yml @@ -11,6 +11,7 @@ scripts: post: - autorun.sh - setup-selinux-dockersock.sh + - setup-framework-13.sh rpm: # A list of urls of ".repo" files that should be added to your system. # This is the proper way to add custom COPR repos to your image. diff --git a/scripts/setup-framework-13.sh b/scripts/setup-framework-13.sh new file mode 100755 index 0000000..f1145fa --- /dev/null +++ b/scripts/setup-framework-13.sh @@ -0,0 +1,198 @@ +#!/usr/bin/env bash + +set -euo pipefail + +echo "Installing fprintd service" + +mkdir -p /usr/etc/systemd/system/ + +cat </usr/etc/systemd/system/fprintd.service +[Unit] +Description=Fingerprint Authentication Daemon +Documentation=man:fprintd(1) + +[Service] +Type=dbus +BusName=net.reactivated.Fprint +ExecStart=/usr/libexec/fprintd + +# Filesystem lockdown +ProtectSystem=strict +ProtectKernelTunables=true +ProtectKernelLogs=true +ProtectControlGroups=true +# This always corresponds to /var/lib/fprint +StateDirectory=fprint +StateDirectoryMode=0700 +ProtectHome=true +PrivateTmp=true + +SystemCallFilter=@system-service + +# Network +RestrictAddressFamilies=AF_UNIX AF_LOCAL AF_NETLINK + +# Execute Mappings +MemoryDenyWriteExecute=true + +# Modules +ProtectKernelModules=true + +# Real-time +RestrictRealtime=true + +# Privilege escalation +NoNewPrivileges=true + +# Protect clock, allow USB and SPI device access +ProtectClock=yes +DeviceAllow=char-usb_device rw +DeviceAllow=char-spi rw +DeviceAllow=char-hidraw rw + +# Allow tuning USB parameters (wakeup and persist) +ReadWritePaths=/sys/devices + +[Install] +WantedBy=multi-user.target +EOL + +echo "Installing tlp config" + +mkdir -p /usr/etc/tlp.d/ + +cat </usr/etc/tlp.d/50-framework.conf +# ------------------------------------------------------------------------------ +# /etc/tlp.conf - TLP user configuration (version 1.4) +# See full explanation: https://linrunner.de/tlp/settings +# +# Settings are read in the following order: +# +# 1. Intrinsic defaults +# 2. /etc/tlp.d/*.conf - Drop-in customization snippets +# 3. /etc/tlp.conf - User configuration (this file) +# +# Notes: +# - In case of identical parameters, the last occurence has precedence +# - This also means, parameters enabled here will override anything else +# - However you may append values to a parameter already defined as intrinsic +# default or in a previously read file: use PARAMETER+="add values" +# - IMPORTANT: all parameters here are disabled; remove the leading '#' if you +# like to enable a feature without default or have a value different from the +# default +# - Default *: intrinsic default that is effective when the parameter is missing +# or disabled by a leading '#'; use PARAM="" to disable an intrinsic default +# - Default : do nothing or use kernel/hardware defaults +# - +# ------------------------------------------------------------------------------ +# tlp - Parameters for power saving +# +# Settings based on Framework's guidance: https://knowledgebase.frame.work/en_us/optimizing-fedora-battery-life-r1baXZh + +# Select a CPU frequency scaling governor. +# Intel processor with intel_pstate driver: +# performance, powersave(*). +# Intel processor with intel_cpufreq driver (aka intel_pstate passive mode): +# conservative, ondemand, userspace, powersave, performance, schedutil(*). +# Intel and other processor brands with acpi-cpufreq driver: +# conservative, ondemand(*), userspace, powersave, performance, schedutil(*). +# Use tlp-stat -p to show the active driver and available governors. +# Important: +# Governors marked (*) above are power efficient for *almost all* workloads +# and therefore kernel and most distributions have chosen them as defaults. +# You should have done your research about advantages/disadvantages *before* +# changing the governor. +# Default: + +CPU_SCALING_GOVERNOR_ON_AC=performance +CPU_SCALING_GOVERNOR_ON_BAT=powersave + +# Set Intel CPU energy/performance policies HWP.EPP and EPB: +# performance, balance_performance, default, balance_power, power. +# Values are given in order of increasing power saving. +# Notes: +# - HWP.EPP: requires kernel 4.10, intel_pstate scaling driver and Intel Core i +# 6th gen. or newer CPU +# - EPB: requires kernel 5.2 or module msr and x86_energy_perf_policy from +# linux-tools, intel_pstate or intel_cpufreq scaling driver and Intel Core i +# 2nd gen. or newer CPU +# - When HWP.EPP is available, EPB is not set +# Default: balance_performance (AC), balance_power (BAT) + +CPU_ENERGY_PERF_POLICY_ON_AC=performance +CPU_ENERGY_PERF_POLICY_ON_BAT=power + +# Set Intel CPU P-state performance: 0..100 (%). +# Limit the max/min P-state to control the power dissipation of the CPU. +# Values are stated as a percentage of the available performance. +# Requires intel_pstate or intel_cpufreq driver and Intel Core i 2nd gen. or +# newer CPU. +# Default: + +CPU_MIN_PERF_ON_AC=0 +CPU_MAX_PERF_ON_AC=100 +CPU_MIN_PERF_ON_BAT=0 +CPU_MAX_PERF_ON_BAT=30 + +# Set the CPU "turbo boost" (Intel) or "turbo core" (AMD) feature: +# 0=disable, 1=allow. +# Note: a value of 1 does *not* activate boosting, it just allows it. +# Default: + +CPU_BOOST_ON_AC=1 +CPU_BOOST_ON_BAT=0 + +# Set the Intel CPU HWP dynamic boost feature: +# 0=disable, 1=enable. +# Requires intel_pstate scaling driver in 'active' mode and Intel Core i +# 6th gen. or newer CPU. +# Default: + +CPU_HWP_DYN_BOOST_ON_AC=1 +CPU_HWP_DYN_BOOST_ON_BAT=0 + +# Select platform profile: +# performance, balanced, low-power. +# Controls system operating characteristics around power/performance levels, +# thermal and fan speed. Values are given in order of increasing power saving. +# Note: check the output of tlp-stat -p to determine availability on your +# hardware and additional profiles such as: balanced-performance, quiet, cool. +# Default: + +PLATFORM_PROFILE_ON_AC=performance +PLATFORM_PROFILE_ON_BAT=low-power + +# Set the min/max/turbo frequency for the Intel GPU. +# Possible values depend on your hardware. For available frequencies see +# the output of tlp-stat -g. +# Default: + +INTEL_GPU_MIN_FREQ_ON_AC=100 +INTEL_GPU_MIN_FREQ_ON_BAT=100 +INTEL_GPU_MAX_FREQ_ON_AC=1300 +INTEL_GPU_MAX_FREQ_ON_BAT=800 +INTEL_GPU_BOOST_FREQ_ON_AC=1300 +INTEL_GPU_BOOST_FREQ_ON_BAT=1100 + +# Wi-Fi power saving mode: on=enable, off=disable. +# Default: off (AC), on (BAT) + +#WIFI_PWR_ON_AC=off +WIFI_PWR_ON_BAT=off + +# PCIe Active State Power Management (ASPM): +# default(*), performance, powersave, powersupersave. +# (*) keeps BIOS ASPM defaults (recommended) +# Default: + +#PCIE_ASPM_ON_AC=default +PCIE_ASPM_ON_BAT=powersupersave + +# Exclude PCIe devices assigned to the listed drivers from Runtime PM. +# Note: this preserves the kernel driver default, to force a certain state +# use RUNTIME_PM_ENABLE/DISABLE instead. +# Separate multiple drivers with spaces. +# Default: "mei_me nouveau radeon", use "" to disable completely. + +RUNTIME_PM_DRIVER_DENYLIST="" +EOL diff --git a/usr-cp/.gitkeep b/usr-cp/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/usr-cp/etc/tlp.conf b/usr-cp/etc/tlp.conf deleted file mode 100644 index 6cc171a..0000000 --- a/usr-cp/etc/tlp.conf +++ /dev/null @@ -1 +0,0 @@ -PCIE_ASPM_ON_BAT=powersupersave \ No newline at end of file diff --git a/usr-jp/etc/distrobox/distrobox.ini b/usr-jp/etc/distrobox/distrobox.ini new file mode 100644 index 0000000..3db6902 --- /dev/null +++ b/usr-jp/etc/distrobox/distrobox.ini @@ -0,0 +1,15 @@ +[ubuntu] +image=ghcr.io/ublue-os/ubuntu-toolbox:latest +init=false +nvidia=false +pull=true +root=false +replace=true + +[fedora] +image=registry.fedoraproject.org/fedora-toolbox:latest +init=false +nvidia=false +pull=true +root=false +replace=true diff --git a/usr-jp/etc/tlp.conf b/usr-jp/etc/tlp.conf deleted file mode 100644 index 6cc171a..0000000 --- a/usr-jp/etc/tlp.conf +++ /dev/null @@ -1 +0,0 @@ -PCIE_ASPM_ON_BAT=powersupersave \ No newline at end of file diff --git a/usr/share/ublue-os/just/custom.just b/usr/share/ublue-os/just/custom.just index 0b83707..80387fa 100644 --- a/usr/share/ublue-os/just/custom.just +++ b/usr/share/ublue-os/just/custom.just @@ -1,3 +1,6 @@ +!include /usr/share/ublue-os/just/bling.just + +# Install all flatpaks defined in recipe.yml setup-flatpaks: #!/usr/bin/env bash echo 'Installing flatpaks from the ublue recipe ...' @@ -7,26 +10,4 @@ setup-flatpaks: flatpak install --user --noninteractive flathub $pkg; \ done -setup-gaming: - echo 'Setting up gaming experience ... lock and load.' - flatpak install -y --user \\ - com.discordapp.Discord \\ - com.feaneron.Boatswain \\ - org.freedesktop.Platform.VulkanLayer.MangoHud//22.08 \\ - org.freedesktop.Platform.VulkanLayer.OBSVkCapture//22.08 \\ - org.freedesktop.Platform.VulkanLayer.vkBasalt//22.08 \\ - com.heroicgameslauncher.hgl \\ - com.obsproject.Studio \\ - com.obsproject.Studio.Plugin.OBSVkCapture \\ - com.obsproject.Studio.Plugin.Gstreamer \\ - com.usebottles.bottles \\ - com.valvesoftware.Steam \\ - com.valvesoftware.Steam.Utility.gamescope \\ - net.davidotek.pupgui2 - flatpak override com.usebottles.bottles --user --filesystem=xdg-data/applications - flatpak override --user --env=MANGOHUD=1 com.valvesoftware.Steam - flatpak override --user --env=MANGOHUD=1 com.heroicgameslauncher.hgl - -nix-me-up: - echo 'Setting phasers to kill. Installing nix.' - /usr/bin/ublue-nix-install +# Include some of your custom scripts here!