#109 WIP: Silverblue based on Fedora CoreOS
Opened 8 months ago by walters. Modified 4 months ago
walters/workstation-ostree-config f29-assembler  into  f29

Silverblue derives from Fedora CoreOS
Colin Walters • 4 months ago  
file added
+3

@@ -0,0 +1,3 @@ 

+ [submodule "fcos"]

+ 	path = fcos

+ 	url = https://github.com/coreos/fedora-coreos-config

file renamed
+ -
@@ -0,0 +1,1 @@ 
+ Subproject commit 7e1fb3fc697592a1b0fe1aed65aa1855c378edff
file removed
-7

@@ -1,7 +0,0 @@ 

- [fedora-29-updates]

- name=Fedora 29 $basearch Updates

- #baseurl=http://download.fedoraproject.org/pub/fedora/linux//updates/29/$basearch/os/

- mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-released-f29&arch=$basearch

- enabled=0

- gpgcheck=0

- metadata_expire=1d

file removed
-7

@@ -1,7 +0,0 @@ 

- [fedora-29]

- name=Fedora 29 $basearch

- baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/29/Everything/$basearch/os/

- #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=29&arch=$basearch

- enabled=0

- gpgcheck=0

- metadata_expire=1d

@@ -1,5 +1,6 @@ 

  {

      "00packages-comment": "DO NOT EDIT! This content is generated from comps-sync.py",

+     "include": "fcos/fedora-coreos-base.yaml",

      "packages": [

          "NetworkManager",

          "NetworkManager-bluetooth",

file modified
+1 -23

@@ -1,9 +1,6 @@ 

  {

      "ref": "fedora/rawhide/${basearch}/ostree-base",

  

-     "automatic_version_prefix": "29",

-     "mutate-os-release": "29",

- 

      "include": "fedora-common-ostree-pkgs.json",

  

      "packages": [

@@ -18,26 +15,7 @@ 

          "xdg-desktop-portal"

      ],

  

-     "selinux": true,

-     "documentation": true,

-     "boot_location": "new",

-     "etc-group-members": ["wheel"],

-     "tmp-is-dir": true,

- 

      "postprocess-script": "post.sh",

  

-     "ignore-removed-users": ["root"],

-     "ignore-removed-groups": ["root"],

-     "check-passwd": { "type": "file", "filename": "passwd" },

-     "check-groups": { "type": "file", "filename": "group" },

- 

-     "default_target": "graphical.target",

- 

-     "comment-for-packages": "Keep this in sync with fedora-atomic-host.json from fedora-atomic",

-     "packages-aarch64": ["grub2-efi", "ostree-grub2", "efibootmgr", "shim"],

-     "packages-armhfp": ["extlinux-bootloader"],

-     "packages-ppc64": ["grub2", "ostree-grub2"],

-     "packages-ppc64le": ["grub2", "ostree-grub2"],

-     "packages-x86_64": ["grub2", "grub2-efi-x64", "ostree-grub2",

-                          "efibootmgr", "shim", "microcode_ctl"]

+     "default-target": "graphical.target"

  }

file modified
-3

@@ -10,6 +10,3 @@ 

    - plasma-workspace-wayland

    - xdg-desktop-portal-kde

    - xorg-x11-server-Xwayland

- 

- repos:

-   - fedora-29

file modified
-3

@@ -7,6 +7,3 @@ 

  packages:

    - libqtxdg

    - xdg-desktop-portal-kde

- 

- repos:

-   - fedora-29

file modified
+21 -2

@@ -1,4 +1,5 @@ 

  include: gnome-desktop-pkgs.json

+ 

  ref: fedora/29/${basearch}/silverblue

  rojig:

    name: fedora-silverblue

@@ -21,5 +22,23 @@ 

    - kernel-devel

    - elfutils-libelf-devel

  

- repos:

-   - fedora-29

+ postprocess:

+   - |

+     #!/usr/bin/bash

+     set -xeuo pipefail

+     # Do a dance to enable initial setup.  The default of requiring a file to

+     # exist in /var conflicts with the libostree "/var starts empty" model, so

+     # invert it.

+     echo '[daemon]' >> /etc/gdm/custom.conf

+     echo 'InitialSetupEnable=true' >> /etc/gdm/custom.conf

+     cat > /usr/lib/systemd/system/silverblue-initial-setup.service << 'EOF'

+     [Unit]

+     ConditionFirstBoot=true

+     [Service]

+     Before=gdm.service

+     ExecStart=/bin/touch /var/lib/gdm/run-initial-setup

+     EOF

+     ln -s ../silverblue-initial-setup.service /usr/lib/systemd/system/multi-user.target.wants

+     # And disable systemd's builtin one

+     rm -vf /usr/lib/systemd/system/systemd-firstboot.service /usr/bin/systemd-firstboot \

+            /usr/lib/systemd/*.target.wants/systemd-firstboot.service

file modified
-2

@@ -6,5 +6,3 @@ 

    license: MIT

  packages:

      - xdg-desktop-portal-gtk

- repos:

-   - fedora-29

file added
+1

@@ -0,0 +1,1 @@ 

+ size: 8

file added
+1

@@ -0,0 +1,1 @@ 

+ fedora-silverblue.yaml 

\ No newline at end of file

Currently this is using gnome-initial-setup (after one edits the disk manually to enable it, going to fix that), and not Ignition.

I also want to experiment with changing it to use machineid-compat: false.

seems a bit risky to apply this to f29, first. I see #107 is part of this for rawhide. Let's fixup and merge that and then what do you think about getting the rest of this applied to rawhide and test it before we apply to f29.

rebased onto c2dcf88525b8c5d59adce0b6983a140b2a0243c8

8 months ago

This is just a WIP. It can't be applied as is since it will (without further work) break installations via Anaconda.

I'm targeting F29 as a stable base, let's not get too distracted by rawhide vs 29.

My goal here is just to publish the work so others can see it.

rebased onto 7bb7c5f4c3f44cbfaca72ceae52fb5db749d8796

8 months ago

1 new commit added

  • and remove systemd-firstboot
8 months ago

2 new commits added

  • and remove systemd-firstboot
  • Silverblue using coreos-assembler
8 months ago

One thing that's broken about this is the resulting image has console=ttyS0,115200n8 I think because we're passing that to virt-install. Yet another anaconda artifact; we should change c-a to require that be specified in bootloader if it's desired.

Big picture though a blocker for us to switch to this path is going to be (for a lot of users):
https://github.com/coreos/fedora-coreos-tracker/issues/18#issuecomment-437870653

Also right now this only does a BIOS layout, so I had to change my laptop's BIOS to enable that, but we're going to fix that in coreos-assembler.

rebased onto fb62e4a2555e2bd9e244087895a19369ac5fef96

5 months ago

Since coreos-assembler can now output metal-bios and metal-uefi, this gets even nicer.

rebased onto e137359

4 months ago

Rebased :surfer: and now this adds FCOS as a git submodule, which means we inherit a lot of the core tweaks there and don't need to duplicate them. We also start using Ignition, although I think for Silverblue we need to disable the logic of initramfs networking on firstboot by default and only look for /boot/config.ign or so.