#109 WIP: Silverblue using coreos-assembler
Opened a month ago by walters. Modified a month ago
walters/workstation-ostree-config f29-assembler  into  f29

and remove systemd-firstboot
Colin Walters • 24 days ago  
Silverblue using coreos-assembler
Colin Walters • 24 days ago  
file modified
+2 -2

@@ -1,7 +1,7 @@ 

  [fedora-29]

  name=Fedora 29 $basearch

- baseurl=http://download.fedoraproject.org/pub/fedora/linux//development/29/Everything/$basearch/os/

- #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=29&arch=$basearch

+ #baseurl=http://download.fedoraproject.org/pub/fedora/linux//development/29/Everything/$basearch/os/

+ mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-29&arch=$basearch

  enabled=0

  gpgcheck=0

  metadata_expire=1d

@@ -1,1 +0,0 @@ 

- ./fedora-silverblue.json 

\ No newline at end of file

file removed
-13

@@ -1,13 +0,0 @@ 

- {

-     "ref": "fedora/29/${basearch}/silverblue",

-     "repos": ["fedora-29"],

- 

-     "include": "gnome-desktop-pkgs.json",

- 

-     "packages": [

-         "desktop-backgrounds-gnome",

-         "gnome-shell-extension-background-logo",

-         "pinentry-gnome3",

-         "qgnomeplatform"

-     ]

- }

@@ -0,0 +1,42 @@ 

+ include: gnome-desktop-pkgs.json

+ 

+ # Like Fedora CoreOS; we have a dd-based install, so ensure

+ # that ConditionFirstBoot= fires.

+ machineid-compat: false

+ 

+ ref: fedora/29/${basearch}/silverblue

+ rojig:

+   name: fedora-silverblue

+   summary: "Fedora Silverblue base image"

+   license: MIT

+ packages:

+   - desktop-backgrounds-gnome

+   - gnome-shell-extension-background-logo

+   - pinentry-gnome3

+   # Does it really still make sense to ship Qt by default if we

+   # expect people to run apps in containers?

+   - qgnomeplatform

+ 

+ postprocess:

+   - |

+     #!/usr/bin/bash

+     set -xeuo pipefail

+     # Do a dance to enable initial setup.  The default of requiring a file to

+     # exist in /var conflicts with the libostree "/var starts empty" model, so

+     # invert it.

+     echo '[daemon]' >> /etc/gdm/custom.conf

+     echo 'InitialSetupEnable=true' >> /etc/gdm/custom.conf

+     cat > /usr/lib/systemd/system/silverblue-initial-setup.service << 'EOF'

+     [Unit]

+     ConditionFirstBoot=true

+     [Service]

+     Before=gdm.service

+     ExecStart=/bin/touch /var/lib/gdm/run-initial-setup

+     EOF

+     ln -s ../silverblue-initial-setup.service /usr/lib/systemd/system/multi-user.target.wants

+     # And disable systemd's builtin one

+     rm -vf /usr/lib/systemd/system/systemd-firstboot.service /usr/bin/systemd-firstboot \

+            /usr/lib/systemd/*.target.wants/systemd-firstboot.service

+ 

+ repos:

+   - fedora-29

file added
+36

@@ -0,0 +1,36 @@ 

+ # This line is interpreted by coreos-virt-install

+ #--coreos-virt-install-disk-size-gb: 8

+ text

+ lang en_US.UTF-8

+ keyboard us

+ timezone --utc Etc/UTC

+ rootpw --lock --iscrypted locked

+ 

+ firewall --disabled

+ bootloader --timeout=3

+ 

+ zerombr

+ clearpart --initlabel --all

+ # https://github.com/coreos/fedora-coreos-tracker/issues/18

+ # See also coreos-growpart.service defined in fedora-coreos-base.yaml

+ # You can change this partition layout, but note that the `boot` and `root`

+ # filesystem labels are currently mandatory (they're interpreted by coreos-assembler).

+ part /boot --size=500 --fstype=xfs --label=boot

+ part pv.01 --grow

+ volgroup sb pv.01

+ logvol / --size=5000 --fstype="xfs" --label=root --mkfsoptions="-m reflink=1" --vgname=sb --name=root

+ logvol /var --size=2000 --fstype="xfs" --label=var --grow --mkfsoptions="-m reflink=1" --vgname=sb --name=var

+ 

+ reboot

+ 

+ %post --erroronfail

+ 

+ # Remove any persistent NIC rules generated by udev

+ rm -vf /etc/udev/rules.d/*persistent-net*.rules

+ 

+ # Anaconda is writing a /etc/resolv.conf from the generating environment.

+ # The system should start out with an empty file.

+ truncate -s 0 /etc/resolv.conf

+ # And no random seed

+ rm -f /var/lib/random-seed

+ %end

@@ -0,0 +1,1 @@ 

+ fedora-silverblue.yaml 

\ No newline at end of file

no initial comment

Currently this is using gnome-initial-setup (after one edits the disk manually to enable it, going to fix that), and not Ignition.

I also want to experiment with changing it to use machineid-compat: false.

seems a bit risky to apply this to f29, first. I see #107 is part of this for rawhide. Let's fixup and merge that and then what do you think about getting the rest of this applied to rawhide and test it before we apply to f29.

rebased onto c2dcf88

a month ago

This is just a WIP. It can't be applied as is since it will (without further work) break installations via Anaconda.

I'm targeting F29 as a stable base, let's not get too distracted by rawhide vs 29.

My goal here is just to publish the work so others can see it.

rebased onto 7bb7c5f

24 days ago

1 new commit added

  • and remove systemd-firstboot
24 days ago

2 new commits added

  • and remove systemd-firstboot
  • Silverblue using coreos-assembler
24 days ago

One thing that's broken about this is the resulting image has console=ttyS0,115200n8 I think because we're passing that to virt-install. Yet another anaconda artifact; we should change c-a to require that be specified in bootloader if it's desired.

Big picture though a blocker for us to switch to this path is going to be (for a lot of users):
https://github.com/coreos/fedora-coreos-tracker/issues/18#issuecomment-437870653

Also right now this only does a BIOS layout, so I had to change my laptop's BIOS to enable that, but we're going to fix that in coreos-assembler.