Merge branch 'modules-setup' into 'main'

Modules setup See merge request wunker-bunker/wunker-os!2
2023-10-28 04:46:49 +00:00
parent 86ed2189d0 b50871bc58
commit fa6b5d673b
38 changed files with 109 additions and 406 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
 .idea
 cosign.key
-Containerfile
+/Containerfile
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -6,6 +6,6 @@ include:
  parallel:
    matrix:
      - RECIPE:
-          - recipe-desktop.yml
+          - recipe-jp-desktop.yml
-          - recipe-framework-13.yml
+          - recipe-jp-laptop.yml
-          - recipe-cp.yml
+          - recipe-cp-laptop.yml
--- a/config/containerfiles/xboxdrv/Containerfile
+++ b/config/containerfiles/xboxdrv/Containerfile
--- a/config/files/8bitdo-ultimate/etc/udev/rules.d/99-8bitdo-ultimate-xinput.rules
+++ b/config/files/8bitdo-ultimate/etc/udev/rules.d/99-8bitdo-ultimate-xinput.rules
--- a/config/files/8bitdo-ultimate/lib/systemd/system/8bitdo-ultimate-xinput@.service
+++ b/config/files/8bitdo-ultimate/lib/systemd/system/8bitdo-ultimate-xinput@.service
--- a/config/files/desktop-audio/etc/modprobe.d/hda-jack-retaks.conf
+++ b/config/files/desktop-audio/etc/modprobe.d/hda-jack-retaks.conf
--- a/config/files/desktop-audio/lib/firmware/hda-jack-retask.fw
+++ b/config/files/desktop-audio/lib/firmware/hda-jack-retask.fw
--- a/config/files/distrobox/etc/distrobox/distrobox.ini
+++ b/config/files/distrobox/etc/distrobox/distrobox.ini
--- a/config/files/framework-13/etc/systemd/system/frpintd.service
+++ b/config/files/framework-13/etc/systemd/system/frpintd.service
--- a/config/files/framework-13/etc/tlp.d/50-framework.conf
+++ b/config/files/framework-13/etc/tlp.d/50-framework.conf
--- a/config/files/steam-firewall/etc/firewalld/services/steam-local-transfer.xml
+++ b/config/files/steam-firewall/etc/firewalld/services/steam-local-transfer.xml
--- a/config/files/usr/share/ublue-os/firstboot/launcher/autostart.desktop
+++ b/config/files/usr/share/ublue-os/firstboot/launcher/autostart.desktop
--- a/config/files/usr/share/ublue-os/firstboot/launcher/autostart.sh
+++ b/config/files/usr/share/ublue-os/firstboot/launcher/autostart.sh
--- a/config/files/usr/share/ublue-os/firstboot/launcher/launcher-flowchart.png
+++ b/config/files/usr/share/ublue-os/firstboot/launcher/launcher-flowchart.png
--- a/config/files/usr/share/ublue-os/firstboot/launcher/login-profile.sh
+++ b/config/files/usr/share/ublue-os/firstboot/launcher/login-profile.sh
--- a/config/files/usr/share/ublue-os/firstboot/yafti.yml
+++ b/config/files/usr/share/ublue-os/firstboot/yafti.yml
--- a/config/files/usr/share/ublue-os/just/custom.just
+++ b/config/files/usr/share/ublue-os/just/custom.just
--- a/config/framework.yml
+++ b/config/framework.yml
@@ -0,0 +1,10 @@
 modules:
  - type: files
    files:
      - framework-13: /usr
  - type: rpm-ostree
    install:
      - fprintd
      - fprintd-pam
      - tlp
      - powertop
--- a/config/jp-apps.yml
+++ b/config/jp-apps.yml
@@ -0,0 +1,56 @@
 modules:
  - type: files
    files:
      - usr: /usr
      - distrobox: /usr
  - type: script
    scripts:
      - install-syncthing.sh
      - setup-kubectl.sh
      - setup-vscode.sh
  - type: rpm-ostree
    repos:
      - https://pkg.earthly.dev/earthly.repo
      - https://copr.fedorainfracloud.org/coprs/varlad/helix/repo/fedora-%OS_VERSION%/varlad-helix-fedora-%OS_VERSION%.repo
      - https://pkgs.tailscale.com/stable/fedora/%OS_VERSION%/tailscale.repo
    install:
      - libadwaita
      - cmake
      - code
      - cronie
      - neofetch
      - virt-manager
      - plasma-browser-integration
      - "gcc-c++"
      - id3v2
      - docker
      - xinput
      - earthly
      - kubectl
      - helm
      - neovim
      - ripgrep
      - helix
      - tailscale
      - strawberry
    remove:
      - firefox
      - firefox-langpacks
  - type: script
    scripts:
      - setup-selinux-dockersock.sh
      - install-codelldb.sh
  # - type: yafti
  #   flatpaks:
  #     - Krita: org.kde.krita
  #     - Discord: com.discordapp.Discord
  #     - Steam: com.valvesoftware.Steam
  #     - Mangohud: com.valvesoftware.Steam.Utility.MangoHud
  #     - Gamescope: com.valvesoftware.Steam.Utility.gamescope
  #     - Brave: com.brave.Browser
  #     - Flatseal: com.github.tchx84.Flatseal
  #     - Nextcloud: com.nextcloud.desktopclient.nextcloud
  #     - Bottles: com.usebottles.bottles
  #     - Obsidian: md.obsidian.Obsidian
  #     - R2Modman: io.github.Foldex.r2modman
  #     - Mediawriter: org.fedoraproject.MediaWriter
--- a/config/recipe-cp-laptop.yml
+++ b/config/recipe-cp-laptop.yml
@@ -0,0 +1,18 @@
 name: cp-laptop
 base-image: ghcr.io/ublue-os/cinnamon-main
 image-version: 38
 description: The image of Wunker OS for CP's laptop.
 modules:
  - type: files
    files:
      - usr: /usr
  - from-file: framework.yml
  - type: rpm-ostree
    install:
      - libadwaita
      - cronie
  - type: yafti
    custom-flatpaks:
      - Discord: com.discordapp.Discord
      - Nextcloud: com.nextcloud.desktopclient.nextcloud
      - Chrome: com.google.Chrome
--- a/config/recipe-jp-desktop.yml
+++ b/config/recipe-jp-desktop.yml
@@ -0,0 +1,14 @@
 name: jp-desktop
 base-image: ghcr.io/ublue-os/kinoite-nvidia
 image-version: 38
 description: The image of Wunker OS for JP's desktop.
 modules:
  - type: files
    files:
      - 8bitdo-ultimate: /usr
      - steam-firewall: /usr
      - desktop-audio: /usr
  - type: containerfile
    containerfiles:
      - xboxdrv
  - from-file: jp-apps.yml
--- a/config/recipe-jp-laptop.yml
+++ b/config/recipe-jp-laptop.yml
@@ -0,0 +1,7 @@
 name: jp-laptop
 base-image: ghcr.io/ublue-os/kinoite-main
 image-version: 38
 description: The image of Wunker OS for JP's Laptop.
 modules:
  - from-file: jp-apps.yml
  - from-file: framework.yml
--- a/config/scripts/README.md
+++ b/config/scripts/README.md
--- a/config/scripts/enable-crond.sh
+++ b/config/scripts/enable-crond.sh
--- a/config/scripts/install-codelldb.sh
+++ b/config/scripts/install-codelldb.sh
--- a/config/scripts/install-intellij.sh
+++ b/config/scripts/install-intellij.sh
--- a/config/scripts/install-rubymine.sh
+++ b/config/scripts/install-rubymine.sh
--- a/config/scripts/install-syncthing.sh
+++ b/config/scripts/install-syncthing.sh
--- a/config/scripts/setup-kubectl.sh
+++ b/config/scripts/setup-kubectl.sh
--- a/config/scripts/setup-selinux-dockersock.sh
+++ b/config/scripts/setup-selinux-dockersock.sh
--- a/config/scripts/setup-vscode.sh
+++ b/config/scripts/setup-vscode.sh
--- a/scripts/post/.gitkeep
+++ b/scripts/post/.gitkeep
--- a/recipe-cp.yml
+++ b/recipe-cp.yml
@@ -1,36 +0,0 @@
 name: cp-laptop
 base-image: ghcr.io/ublue-os/cinnamon-main
 fedora-version: 38
 description: The image of Wunker OS for CP's laptop.
 usr-dirs:
  - usr-framework
 # scripts:
 #   pre: []
 #   post: []
 rpm:
  # A list of urls of ".repo" files that should be added to your system.
  # This is the proper way to add custom COPR repos to your image.
  # Tip: Use `%FEDORA_VERSION%` instead of static Fedora version numbers,
  # so that your repos automatically use your image's actual Fedora version,
  # which greatly simplifies future maintenance of your custom recipe.
  # repos: []
  install:
    # Needed for yafti (the first boot installer). Remove if you're not using yafti.
    - python3-pip
    # GNOME's GTK4 theme, Libadwaita. Already included in Silverblue, but not
    # other spins. You can remove if you aren't using yafti, but many native
    # apps and binaries require it, so it's a good idea to always include it
    # if you ever download or compile any custom software on your machine.
    - libadwaita
    - cronie
    - fprintd
    - fprintd-pam
    - tlp
    - powertop
  # remove: []
 firstboot:
  yafti: true
  flatpaks:
    - com.discordapp.Discord
    - com.nextcloud.desktopclient.nextcloud
    - com.google.Chrome
--- a/recipe-desktop.yml
+++ b/recipe-desktop.yml
@@ -1,77 +0,0 @@
 name: jp-desktop
 base-image: ghcr.io/ublue-os/kinoite-nvidia
 fedora-version: 38
 description: The image of Wunker OS for JP's desktop.
 usr-dir-overlays:
  - usr-distrobox
  - usr-8bitdo-ultimate
  - usr-steam-firewall
  - usr-desktop-audio
 containerfiles:
  pre:
    - xboxdrv
 scripts:
  pre:
    - install-syncthing.sh
    - setup-kubectl.sh
    - setup-vscode.sh
  post:
    - setup-selinux-dockersock.sh
    - install-codelldb.sh
 rpm:
  # A list of urls of ".repo" files that should be added to your system.
  # This is the proper way to add custom COPR repos to your image.
  # Tip: Use `%FEDORA_VERSION%` instead of static Fedora version numbers,
  # so that your repos automatically use your image's actual Fedora version,
  # which greatly simplifies future maintenance of your custom recipe.
  repos:
    - https://pkg.earthly.dev/earthly.repo
    - https://copr.fedorainfracloud.org/coprs/varlad/helix/repo/fedora-%FEDORA_VERSION%/varlad-helix-fedora-%FEDORA_VERSION%.repo
    - https://pkgs.tailscale.com/stable/fedora/%FEDORA_VERSION%/tailscale.repo
  install:
    # Needed for yafti (the first boot installer). Remove if you're not using yafti.
    - python3-pip
    # GNOME's GTK4 theme, Libadwaita. Already included in Silverblue, but not
    # other spins. You can remove if you aren't using yafti, but many native
    # apps and binaries require it, so it's a good idea to always include it
    # if you ever download or compile any custom software on your machine.
    - libadwaita
    - cmake
    - code
    - cronie
    - neofetch
    - virt-manager
    - plasma-browser-integration
    - "gcc-c++"
    - id3v2
    - docker
    - xinput
    - earthly
    - kubectl
    - helm
    - neovim
    - ripgrep
    - helix
    - tailscale
    - strawberry
  remove:
    # Remove the native firefox (from Fedora) in favor of the Flatpak.
    - firefox
    - firefox-langpacks
 firstboot:
  yafti: false
  flatpaks:
    - io.github.celluloid_player.Celluloid
    - org.kde.krita
    - com.discordapp.Discord
    - com.valvesoftware.Steam
    - com.valvesoftware.Steam.Utility.MangoHud
    - com.valvesoftware.Steam.Utility.gamescope
    - com.brave.Browser
    - com.github.tchx84.Flatseal
    - com.nextcloud.desktopclient.nextcloud
    - com.usebottles.bottles
    - md.obsidian.Obsidian
    - io.github.Foldex.r2modman
    - org.fedoraproject.MediaWriter
    - org.strawberrymusicplayer.strawberry
--- a/recipe-framework-13.yml
+++ b/recipe-framework-13.yml
@@ -1,73 +0,0 @@
 name: jp-laptop
 base-image: ghcr.io/ublue-os/kinoite-main
 fedora-version: 38
 description: The image of Wunker OS for JP's Laptop.
 usr-dir-overlays:
  - usr-distrobox
  - usr-framework
 scripts:
  pre:
    - install-syncthing.sh
    - setup-kubectl.sh
    - setup-vscode.sh
  post:
    - setup-selinux-dockersock.sh
    - install-codelldb.sh
 rpm:
  # A list of urls of ".repo" files that should be added to your system.
  # This is the proper way to add custom COPR repos to your image.
  # Tip: Use `%FEDORA_VERSION%` instead of static Fedora version numbers,
  # so that your repos automatically use your image's actual Fedora version,
  # which greatly simplifies future maintenance of your custom recipe.
  repos:
    - https://pkg.earthly.dev/earthly.repo
    - https://copr.fedorainfracloud.org/coprs/varlad/helix/repo/fedora-%FEDORA_VERSION%/varlad-helix-fedora-%FEDORA_VERSION%.repo
    - https://pkgs.tailscale.com/stable/fedora/%FEDORA_VERSION%/tailscale.repo
  install:
    # Needed for yafti (the first boot installer). Remove if you're not using yafti.
    - python3-pip
    # GNOME's GTK4 theme, Libadwaita. Already included in Silverblue, but not
    # other spins. You can remove if you aren't using yafti, but many native
    # apps and binaries require it, so it's a good idea to always include it
    # if you ever download or compile any custom software on your machine.
    - libadwaita
    - cmake
    - code
    - cronie
    - fprintd
    - fprintd-pam
    - tlp
    - powertop
    - neofetch
    - virt-manager
    - plasma-browser-integration
    - "gcc-c++"
    - docker
    - id3v2
    - xinput
    - earthly
    - kubectl
    - helm
    - neovim
    - ripgrep
    - helix
    - strawberry
    - tailscale
    - alacritty
  remove:
    # Remove the native firefox (from Fedora) in favor of the Flatpak.
    - firefox
    - firefox-langpacks
 firstboot:
  yafti: false
  flatpaks:
    - io.github.celluloid_player.Celluloid
    - org.kde.
    - com.discordapp.Discord
    - com.brave.Browser
    - com.github.tchx84.Flatseal
    - com.nextcloud.desktopclient.nextcloud
    - com.usebottles.bottles
    - md.obsidian.Obsidian
    - org.fedoraproject.MediaWriter
    - org.strawberrymusicplayer.strawberry
--- a/scripts/pre/.gitkeep
+++ b/scripts/pre/.gitkeep
--- a/usr/bin/ublue-nix-install
+++ b/usr/bin/ublue-nix-install
@@ -1,130 +0,0 @@
 #!/bin/bash
 # original script here: https://github.com/dnkmmr69420/nix-with-selinux/blob/main/silverblue-installer.sh
 # thanks dnkmmr!
 sudo sleep 2
 echo "Adding SELinux content to /nix"
 sudo semanage fcontext -a -t etc_t '/nix/store/[^/]+/etc(/.*)?' ; sudo semanage fcontext -a -t lib_t '/nix/store/[^/]+/lib(/.*)?' ; sudo semanage fcontext -a -t systemd_unit_file_t '/nix/store/[^/]+/lib/systemd/system(/.*)?' ; sudo semanage fcontext -a -t man_t '/nix/store/[^/]+/man(/.*)?' ; sudo semanage fcontext -a -t bin_t '/nix/store/[^/]+/s?bin(/.*)?' ; sudo semanage fcontext -a -t usr_t '/nix/store/[^/]+/share(/.*)?' ; sudo semanage fcontext -a -t var_run_t '/nix/var/nix/daemon-socket(/.*)?' ; sudo semanage fcontext -a -t usr_t '/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'
 sleep 1
 sudo mkdir /var/lib/nix
 sleep 1
 echo "Adding SELinux content to /var/lib/nix"
 sudo semanage fcontext -a -t etc_t '/var/lib/nix/store/[^/]+/etc(/.*)?' ; sudo semanage fcontext -a -t lib_t '/var/lib/nix/store/[^/]+/lib(/.*)?' ; sudo semanage fcontext -a -t systemd_unit_file_t '/var/lib/nix/store/[^/]+/lib/systemd/system(/.*)?' ; sudo semanage fcontext -a -t man_t '/var/lib/nix/store/[^/]+/man(/.*)?' ; sudo semanage fcontext -a -t bin_t '/var/lib/nix/store/[^/]+/s?bin(/.*)?' ; sudo semanage fcontext -a -t usr_t '/var/lib/nix/store/[^/]+/share(/.*)?' ; sudo semanage fcontext -a -t var_run_t '/var/lib/nix/var/nix/daemon-socket(/.*)?' ; sudo semanage fcontext -a -t usr_t '/var/lib/nix/var/nix/profiles(/per-user/[^/]+)?/[^/]+'
 echo "Creating service files"
 sleep 1
 sleep 1
 echo "Creating rootfs mkdir service"
 sudo tee /etc/systemd/system/mkdir-rootfs@.service <<EOF
 [Unit]
 Description=Enable mount points in / for ostree
 ConditionPathExists=!%f
 DefaultDependencies=no
 Requires=local-fs-pre.target
 After=local-fs-pre.target
 [Service]
 Type=oneshot
 ExecStartPre=chattr -i /
 ExecStart=mkdir -p '%f'
 ExecStopPost=chattr +i /
 EOF
 sleep 1
 echo "Creating nix.mount"
 sudo tee /etc/systemd/system/nix.mount <<EOF
 [Unit]
 Description=Nix Package Manager
 DefaultDependencies=no
 After=mkdir-rootfs@nix.service
 Wants=mkdir-rootfs@nix.service
 Before=sockets.target
 After=ostree-remount.service
 BindsTo=var.mount
 [Mount]
 What=/var/lib/nix
 Where=/nix
 Options=bind
 Type=none
 EOF
 sleep 1
 echo "Enabling mount and resetting SELinux context"
 sleep 1
 sudo systemctl daemon-reload ; sudo systemctl enable nix.mount ; sudo systemctl start nix.mount ; sudo restorecon -RF /nix
 sleep 1
 echo "Temorarily setting SELinux to Permissive"
 sudo setenforce Permissive
 sleep 1
 echo "Preparing the nix install script"
 sleep 2
 sh <(curl -L https://nixos.org/nix/install) --daemon
 echo "Nix installer has finished running"
 sleep 1
 echo "Copying service files"
 sleep 1
 echo "Creating SSL cert file"
 sudo mkdir -p /etc/systemd/system/nix-daemon.service.d/
 sudo tee /etc/systemd/system/nix-daemon.service.d/override.conf <<EOF
 [Service]
 Environment="NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt"
 EOF
 sudo rm -f /etc/systemd/system/nix-daemon.{service,socket} ; sudo cp /nix/var/nix/profiles/default/lib/systemd/system/nix-daemon.{service,socket} /etc/systemd/system/ ; sudo restorecon -RF /nix ; sudo systemctl daemon-reload ; sudo systemctl enable --now nix-daemon.socket
 sleep 1
 echo "Setting SELinux back to Enforcing"
 sudo setenforce Enforcing
 echo "Modifying /etc/nix/nix.conf"
 echo "experimental-features = nix-command flakes" | sudo tee -a /etc/nix/nix.conf
 sleep 1
 echo "Adding /etc/profile.d/nix-app-icons.sh"
 sudo rm -f /etc/profile.d/nix-app-icons.sh 
 sudo tee /etc/profile.d/nix-app-icons.sh <<EOF
 XDG_DATA_DIRS="$HOME/.nix-profile/share:/nix/var/nix/profiles/default/share:$XDG_DATA_DIRS"
 EOF
 sleep 1
 echo "Installing nix backup"
 sudo mkdir /opt/nixbackup
 sudo cp -R /nix /opt/nixbackup
 sudo tee /opt/nixbackup/reset-nix <<EOF
 #!/bin/bash
 sudo echo "Resetting nix..."
 sudo rm -rf /nix/*
 sudo mkdir -p /nix
 sudo cp -R /opt/nixbackup/nix/* /nix/
 sudo restorecon -RF /nix
 sudo echo "Nix has been reset. Reboot for changes to apply."
 EOF
 sudo chmod a+x /opt/nixbackup/reset-nix
 sudo echo "Finished installing nix backup"
 sleep 1
 echo "You MUST reboot in order for the installation to finish"
 echo "Reboot your system by typing:"
 echo "systemctl reboot"
--- a/usr/bin/ublue-nix-uninstall
+++ b/usr/bin/ublue-nix-uninstall
@@ -1,86 +0,0 @@
 #!/bin/bash
 VERBOSITY="${VERBOSITY:-0}"
 SUDO_PROGRAM="${SUDO_PROGRAM:-sudo}"
 USER_WARNING="${USER_WARNING:-1}"
 [ "$VERBOSITY" = "1" ] && set -x
 set -uo pipefail
 function log {
 	LEVEL=$1
 	shift
 	echo "[${LEVEL}]" $@ >&2
 }
 if [ "$EUID" = 0 ] ; then
  log WARNING "Do not run this command as root, as it won't delete proper files in your system"
  exit
 fi
 if [ "$USER_WARNING" = 1 ] ; then
 	cat <<EOF
 This is a destructive operation, it will delete the following:
 Services:
 - nix-daemon.service
 - nix-daemon.socket
 - nix.mount
 - mkdir-rootfs@.service
 Files & Directories:
 - $HOME/{.nix-channels,.nix-defexpr,.nix-profile,.config/nixpkgs}
 - /etc/profile.d/nix-app-icons.sh
 - /etc/profile.d/nix.sh
 - /etc/nix
 - /etc/tmpfiles.d/nix-daemon.conf 
 - ~root/.nix-channels 
 - ~root/.nix-defexpr 
 - ~root/.nix-profile
 Users & Groups:
 - nixbld[0-32]
 If you are unsure about everything that will be done, make sure to read the source code of this script by running "cat $(realpath $0)" on your terminal.
 EOF
 	read -r -p "Are you sure you want to proceed? [y/N] " response
 	case "$response" in
 		[yY][eE][sS]|[yY]) 
 	        ;;
 		*)
 			exit
 		;;
 	esac
 fi
 log TASK 'Removing nix configuration from "\$HOME"'
 log TASK 'To finish removing everything, make sure to remove the '. "$HOME/.nix-profile/etc/profile.d/nix.sh"' line in your ~/.profile or ~/.bash_profile'
 rm -rf $HOME/{.nix-channels,.nix-defexpr,.nix-profile,.config/nixpkgs,.local/state/nix,.cache/nix}
 log TASK 'Deleting nix system users'
 for i in $(seq 1 32); do
 	"$SUDO_PROGRAM" userdel "nixbld$i"
 done
 "$SUDO_PROGRAM" groupdel 'nixbld'
 log TASK 'Removing nix systemd services'
 "$SUDO_PROGRAM" systemctl disable --now nix-daemon.service nix-daemon.socket nix.mount mkdir-rootfs@.service
 "$SUDO_PROGRAM" systemctl daemon-reload
 "$SUDO_PROGRAM" rm -rf '/etc/systemd/system/mkdir-rootfs@.service' '/etc/systemd/system/nix.mount' /etc/systemd/system/nix-daemon.{service,socket} '/etc/systemd/system/nix-daemon.service.d/'
 log TASK 'Removing remaining nix system configuration'
 "$SUDO_PROGRAM" rm -rf '/etc/profile.d/nix-app-icons.sh' '/etc/nix' '/etc/profile.d/nix.sh' '/etc/tmpfiles.d/nix-daemon.conf' ~root/.nix-channels ~root/.nix-defexpr ~root/.nix-profile
 "$SUDO_PROGRAM" cp -f '/etc/bashrc.backup-before-nix' '/etc/bashrc'
 log TASK 'Removing /var/lib/nix'
 "$SUDO_PROGRAM" restorecon -RF '/var/lib/nix'
 "$SUDO_PROGRAM" restorecon -RF '/nix'
 "$SUDO_PROGRAM" rm -rf '/var/lib/nix'
 log INFO 'Make sure to remove residual configurations from the following files:' "/etc/bash.bashrc /etc/bashrc /etc/profile /etc/zsh/zshrc /etc/zshrc $HOME/.bashr $HOME/.bash_profile $HOME/.zshrc $HOME/.profile"
 log INFO 'You may now reboot your system to confirm these changes with "systemctl reboot"'