From 62ceb41aecd1e1fc02a945c5e4f9250cee15b77b Mon Sep 17 00:00:00 2001 From: Tulili Date: Fri, 8 Mar 2024 04:51:45 -0300 Subject: [PATCH] feat: realtime preparations for pipewire + realtime-setup and tests and fsync kernel --- .github/workflows/build.yml | 24 ++-- README.md | 11 +- config/common/audio/jack-packages.yml | 19 ---- config/common/audio/jack-services.yml | 8 -- config/common/audio/pipewire-flatpaks.yml | 18 --- config/common/audio/pipewire-services.yml | 7 -- config/common/shared/flatpaks.yml | 2 + config/common/shared/packages.yml | 3 + config/common/shared/scripts.yml | 2 +- config/common/shared/services.yml | 5 + .../etc/security/limits.d/95-pipewire.conf | 4 + config/files/shared/etc/sysconfig/rtkit | 13 +++ .../shared/etc/sysctl.d/50-atomicstudio.conf | 5 +- .../system/rtkit-daemon.service.d/limits.conf | 4 + .../lib/systemd/user/custom-jackd.service | 17 --- .../shared/libexec/atomic-studio-cli/jackd.nu | 105 ------------------ .../shared/libexec/atomic-studio-cli/mod.nu | 3 +- .../shared/libexec/atomic-studio-cli/pw.nu | 45 ++++++++ .../libexec/atomic-studio-cli/pwjack.nu | 49 -------- .../files/shared/libexec/studio-jackd-default | 19 ---- .../shared/share/ublue-os/firstboot/yafti.yml | 8 +- .../{pw => }/hardened/recipe-gnome-nvidia.yml | 4 +- .../{pw => }/hardened/recipe-gnome.yml | 4 +- .../{pw => }/hardened/recipe-nvidia.yml | 4 +- config/recipes/{pw => }/hardened/recipe.yml | 4 +- .../jack/hardened/recipe-gnome-nvidia.yml | 22 ---- config/recipes/jack/hardened/recipe-gnome.yml | 23 ---- .../recipes/jack/hardened/recipe-nvidia.yml | 20 ---- config/recipes/jack/hardened/recipe.yml | 21 ---- config/recipes/jack/recipe-gnome-nvidia.yml | 21 ---- config/recipes/jack/recipe-gnome.yml | 22 ---- config/recipes/jack/recipe-nvidia.yml | 20 ---- config/recipes/jack/recipe.yml | 21 ---- .../recipes/{pw => }/recipe-gnome-nvidia.yml | 4 +- config/recipes/{pw => }/recipe-gnome.yml | 4 +- config/recipes/{pw => }/recipe-nvidia.yml | 4 +- config/recipes/{pw => }/recipe.yml | 4 +- config/scripts/fsync-kernel.nu | 10 ++ config/scripts/rt-kernel.nu | 18 --- config/scripts/tuned.nu | 2 +- 40 files changed, 120 insertions(+), 483 deletions(-) delete mode 100644 config/common/audio/jack-packages.yml delete mode 100644 config/common/audio/jack-services.yml delete mode 100644 config/common/audio/pipewire-flatpaks.yml delete mode 100644 config/common/audio/pipewire-services.yml create mode 100644 config/common/shared/services.yml create mode 100644 config/files/shared/etc/security/limits.d/95-pipewire.conf create mode 100644 config/files/shared/etc/sysconfig/rtkit create mode 100644 config/files/shared/lib/systemd/system/rtkit-daemon.service.d/limits.conf delete mode 100644 config/files/shared/lib/systemd/user/custom-jackd.service delete mode 100755 config/files/shared/libexec/atomic-studio-cli/jackd.nu create mode 100755 config/files/shared/libexec/atomic-studio-cli/pw.nu delete mode 100755 config/files/shared/libexec/atomic-studio-cli/pwjack.nu delete mode 100755 config/files/shared/libexec/studio-jackd-default rename config/recipes/{pw => }/hardened/recipe-gnome-nvidia.yml (88%) rename config/recipes/{pw => }/hardened/recipe-gnome.yml (87%) rename config/recipes/{pw => }/hardened/recipe-nvidia.yml (86%) rename config/recipes/{pw => }/hardened/recipe.yml (86%) delete mode 100644 config/recipes/jack/hardened/recipe-gnome-nvidia.yml delete mode 100644 config/recipes/jack/hardened/recipe-gnome.yml delete mode 100644 config/recipes/jack/hardened/recipe-nvidia.yml delete mode 100644 config/recipes/jack/hardened/recipe.yml delete mode 100644 config/recipes/jack/recipe-gnome-nvidia.yml delete mode 100644 config/recipes/jack/recipe-gnome.yml delete mode 100644 config/recipes/jack/recipe-nvidia.yml delete mode 100644 config/recipes/jack/recipe.yml rename config/recipes/{pw => }/recipe-gnome-nvidia.yml (86%) rename config/recipes/{pw => }/recipe-gnome.yml (87%) rename config/recipes/{pw => }/recipe-nvidia.yml (85%) rename config/recipes/{pw => }/recipe.yml (86%) create mode 100755 config/scripts/fsync-kernel.nu delete mode 100755 config/scripts/rt-kernel.nu diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ca2a5ed..3dbd76a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,22 +20,14 @@ jobs: fail-fast: false matrix: recipe: - - recipes/pw/recipe.yml - - recipes/pw/recipe-nvidia.yml - - recipes/pw/recipe-gnome.yml - - recipes/pw/recipe-gnome-nvidia.yml - - recipes/pw/hardened/recipe.yml - - recipes/pw/hardened/recipe-nvidia.yml - - recipes/pw/hardened/recipe-gnome.yml - - recipes/pw/hardened/recipe-gnome-nvidia.yml - - recipes/jack/recipe.yml - - recipes/jack/recipe-nvidia.yml - - recipes/jack/recipe-gnome.yml - - recipes/jack/recipe-gnome-nvidia.yml - - recipes/jack/hardened/recipe.yml - - recipes/jack/hardened/recipe-nvidia.yml - - recipes/jack/hardened/recipe-gnome.yml - - recipes/jack/hardened/recipe-gnome-nvidia.yml + - recipes/recipe.yml + - recipes/recipe-nvidia.yml + - recipes/recipe-gnome.yml + - recipes/recipe-gnome-nvidia.yml + - recipes/hardened/recipe.yml + - recipes/hardened/recipe-nvidia.yml + - recipes/hardened/recipe-gnome.yml + - recipes/hardened/recipe-gnome-nvidia.yml steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@v6 diff --git a/README.md b/README.md index c78d5f0..bf59e0e 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ Want a reproducible and atomic environment for all your content creation needs? This image is distributed in two flavours: Plasma and Gnome, they have the same applications, but some minor differentes in theming, and some adapted aplications for better system integration (like `qpwgraph` <-> `helvum`). You can install this image by either installing the (current netinstall) ISO in [Releases](https://github.com/atomic-studio-org/Atomic-Studio/releases) or by rebasing your system to one of them. -You can use Jack-only images that do not have pipewire enabled by default and you can use hardened images that have less hardware compatibility but have much better security! +You can also use hardened images that have less hardware compatibility but have much better security! ### Rebasing @@ -26,15 +26,8 @@ rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic- # Latest Gnome version + Nvidia rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-nvidia:latest -# Add -jack or -hardened or both on your images to get the jack-only, or hardened image versions. +# Add -hardened to get the hardened image versions. E.g.: rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-hardened:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-jack-hardened:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-hardened:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-jack:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-jack-hardened:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-nvidia-hardened:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-nvidia-jack:latest -rpm-ostree rebase ostree-image-signed:docker://ghcr.io/atomic-studio-org/atomic-studio-gnome-nvidia-jack-hardened:latest ``` > Note: If these commands do not work first time, you are probably on a vanilla Fedora Atomic system, please run these but, instead of `ostree-image-signed:docker://`, use `ostree-unverified-registry:`, like the follwing command: diff --git a/config/common/audio/jack-packages.yml b/config/common/audio/jack-packages.yml deleted file mode 100644 index d821dbf..0000000 --- a/config/common/audio/jack-packages.yml +++ /dev/null @@ -1,19 +0,0 @@ -type: rpm-ostree -install: - - jack-audio-connection-kit - - jack-audio-connection-kit-dbus - - csound-jack - - qemu-audio-jack - - qemu-audio-pa - - pulseaudio - - pulseaudio-utils - - pulseaudio-module-jack - - pulseaudio-module-bluetooth - - pulseaudio-libs -remove: - - pipewire-utils - - pipewire-pulseaudio - - pipewire-jack-audio-connection-kit - - pipewire-jack-audio-connection-kit-libs - - pipewire-codec-aptx - - vlc-plugin-pipewire diff --git a/config/common/audio/jack-services.yml b/config/common/audio/jack-services.yml deleted file mode 100644 index 0f114f1..0000000 --- a/config/common/audio/jack-services.yml +++ /dev/null @@ -1,8 +0,0 @@ -type: systemd -user: - enabled: - - pulseaudio.service - - custom-jackd.service - masked: - - pipewire.service - - pipewire.socket diff --git a/config/common/audio/pipewire-flatpaks.yml b/config/common/audio/pipewire-flatpaks.yml deleted file mode 100644 index 1201c03..0000000 --- a/config/common/audio/pipewire-flatpaks.yml +++ /dev/null @@ -1,18 +0,0 @@ -type: default-flatpaks -notify: true -system: - install: - - org.mozilla.firefox - - com.obsproject.Studio - - org.gimp.GIMP - - org.gimp.GIMP.Plugin.BIMP - - org.gimp.GIMP.Plugin.Fourier - - org.gimp.GIMP.Plugin.Lensfun - - org.gimp.GIMP.Plugin.LiquidRescale - - org.kde.digikam - - com.github.qarmin.czkawka - - org.darktable.Darktable - - io.github.fabrialberio.pinapp - - org.rncbc.qtractor - - org.hydrogenmusic.Hydrogen - - io.github.dyegoaurelio.simple-wireplumber-gui diff --git a/config/common/audio/pipewire-services.yml b/config/common/audio/pipewire-services.yml deleted file mode 100644 index de7bf96..0000000 --- a/config/common/audio/pipewire-services.yml +++ /dev/null @@ -1,7 +0,0 @@ -type: systemd -user: - enabled: - - pipewire.service - - pipewire.socket - masked: - - studio-custom-jackd.service diff --git a/config/common/shared/flatpaks.yml b/config/common/shared/flatpaks.yml index fabd6b2..8015fe3 100644 --- a/config/common/shared/flatpaks.yml +++ b/config/common/shared/flatpaks.yml @@ -11,3 +11,5 @@ system: - org.hydrogenmusic.Hydrogen - com.mattjakeman.ExtensionManager - io.missioncenter.MissionCenter + - it.mijorus.whisper + - io.github.dimtpap.coppwr diff --git a/config/common/shared/packages.yml b/config/common/shared/packages.yml index fb5261e..17a9f78 100644 --- a/config/common/shared/packages.yml +++ b/config/common/shared/packages.yml @@ -12,3 +12,6 @@ install: - ffmpeg - fish - switcheroo-control + - realtime-setup + - realtime-tests + - pulseaudio-utils diff --git a/config/common/shared/scripts.yml b/config/common/shared/scripts.yml index 7e02efd..7c2a9bc 100644 --- a/config/common/shared/scripts.yml +++ b/config/common/shared/scripts.yml @@ -3,4 +3,4 @@ scripts: - ptyxis.nu - extra-packages.nu - tuned.nu - #- rt-kernel.nu + - fsync-kernel.nu diff --git a/config/common/shared/services.yml b/config/common/shared/services.yml new file mode 100644 index 0000000..a97c460 --- /dev/null +++ b/config/common/shared/services.yml @@ -0,0 +1,5 @@ +type: systemd +system: + enabled: + - realtime-entsk + - realtime-setup diff --git a/config/files/shared/etc/security/limits.d/95-pipewire.conf b/config/files/shared/etc/security/limits.d/95-pipewire.conf new file mode 100644 index 0000000..47f9ab4 --- /dev/null +++ b/config/files/shared/etc/security/limits.d/95-pipewire.conf @@ -0,0 +1,4 @@ +# Default limits for users of pipewire +@pipewire - rtprio 95 +@pipewire - nice -19 +@pipewire - memlock 4194304 diff --git a/config/files/shared/etc/sysconfig/rtkit b/config/files/shared/etc/sysconfig/rtkit new file mode 100644 index 0000000..e8a9bf7 --- /dev/null +++ b/config/files/shared/etc/sysconfig/rtkit @@ -0,0 +1,13 @@ +RTKIT_ARGS="--scheduling-policy=FIFO +--our-realtime-priority=89 +--max-realtime-priority=88 +--min-nice-level=-19 +--rttime-usec-max=2000000 +--users-max=100 +--processes-per-user-max=1000 +--threads-per-user-max=10000 +--actions-burst-sec=10 +--actions-per-burst-max=1000 +--canary-cheep-msec=30000 +--canary-watchdog-msec=60000 +" diff --git a/config/files/shared/etc/sysctl.d/50-atomicstudio.conf b/config/files/shared/etc/sysctl.d/50-atomicstudio.conf index e2d0e4d..c23cc56 100644 --- a/config/files/shared/etc/sysctl.d/50-atomicstudio.conf +++ b/config/files/shared/etc/sysctl.d/50-atomicstudio.conf @@ -1,4 +1,3 @@ vm.swappiness = 10 -fs.inotify.max_user_watches = 524288 -#if you are gonna use midi modify this in your custom overlay -#dev.hpet.max-user-freq=3072 +fs.inotify.max_user_watches = 600000 +dev.hpet.max-user-freq=3072 diff --git a/config/files/shared/lib/systemd/system/rtkit-daemon.service.d/limits.conf b/config/files/shared/lib/systemd/system/rtkit-daemon.service.d/limits.conf new file mode 100644 index 0000000..b80b9e4 --- /dev/null +++ b/config/files/shared/lib/systemd/system/rtkit-daemon.service.d/limits.conf @@ -0,0 +1,4 @@ +[Service] +EnvironmentFile=/etc/sysconfig/rtkit +ExecStart= +ExecStart=/usr/libexec/rtkit-daemon $RTKIT_ARGS diff --git a/config/files/shared/lib/systemd/user/custom-jackd.service b/config/files/shared/lib/systemd/user/custom-jackd.service deleted file mode 100644 index 745bc6d..0000000 --- a/config/files/shared/lib/systemd/user/custom-jackd.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Atomic Studio jackd server autostart service - -[Service] -LockPersonality=yes -MemoryDenyWriteExecute=yes -NoNewPrivileges=yes -RestrictNamespaces=yes -SystemCallArchitectures=native -SystemCallFilter=@system-service -Type=simple -ExecStart=/usr/bin/studio jackd -Restart=on-failure -Slice=session.slice - -[Install] -WantedBy=default.target diff --git a/config/files/shared/libexec/atomic-studio-cli/jackd.nu b/config/files/shared/libexec/atomic-studio-cli/jackd.nu deleted file mode 100755 index c925786..0000000 --- a/config/files/shared/libexec/atomic-studio-cli/jackd.nu +++ /dev/null @@ -1,105 +0,0 @@ -#!/usr/bin/env -S nu - -const SYSTEM_JACKD_SCRIPT_PATH = "/usr/libexec/studio-jackd-default" - -def user_prompt [yes: bool] { - let user_response = input "[Y/n]> " - return (($user_response =~ "(?i)yes") or ($user_response =~ "(?i)y")) -} - -# Toggle Jackd only mode -export def "main jackd toggle" [ - --yes (-y) # Skip confirmation prompts -] { - let CURRENT_IMAGE = (rpm-ostree status -b --json | jq -r '.deployments[0]."container-image-reference"') - - if ($CURRENT_IMAGE | grep -q "/var/ublue-os/image") { - echo "Before we can switch to the Jack image,the current system needs an update. Do you wish to update?" - - if not (user_prompt $yes) { - exit 0 - } - - studio update - exit 0 - } - - mut CURRENT_STATE = "disabled" - if ($CURRENT_IMAGE | grep -q "jack") { - $CURRENT_STATE = "enabled" - } - - echo "Jack-only mode is currently ${CURRENT_STATE}" - echo "Enable or Disable jack-only mode" - let OPTION = (gum choose Enable Disable) - - if "$OPTION" == "Enable" { - if "$CURRENT_STATE" == "enabled" { - echo "You are already on a jack image" - } else { - echo "Rebasing to a pipewire image" - let base_image_name = ($CURRENT_IMAGE | sed 's|^ostree-image-signed:docker://ghcr.io/.*/||') - run-external rpm-ostree rebase $"ostree-image-signed:docker://($base_image_name)-jack:latest" - } - } else if "$OPTION" == "Disable" { - if "$CURRENT_STATE" == "enabled" { - echo "Rebasing to a pipewire image" - run-external rpm-ostree rebase $"($CURRENT_IMAGE | str replace --all "-jack" "")" - } else { - echo "You are currently not on a pipewire image" - } - } -} - -# Do not use the users jackd script instead of the predefined system script -export def "main jackd disable-user" [] { - let USER_JACKD_ENABLED = $"($env.HOME)/.config/atomic-studio/jack/user_custom_jackd" - if not ($USER_JACKD_ENABLED | path exists) { - echo "Custom JackD script for the user not enabled" - exit 0 - } - - rm $USER_JACKD_ENABLED - echo "Sucessfully disabled custom user JackD script" -} - -# Use the users jackd script instead of the predefined system script -export def "main jackd enable-user" [] { - let DEFAULT_CUSTOM_SCRIPT_PATH = $"($env.HOME)/.config/atomic-studio/jack/custom-jackd" - let USER_JACKD_ENABLED = $"($env.HOME)/.config/atomic-studio/jack/user_custom_jackd" - if ($USER_JACKD_ENABLED | path exists) { - echo "Custom JackD script for the user already is enabled" - exit 0 - } - - mkdir ($DEFAULT_CUSTOM_SCRIPT_PATH | path dirname) - touch $USER_JACKD_ENABLED - cp $SYSTEM_JACKD_SCRIPT_PATH $DEFAULT_CUSTOM_SCRIPT_PATH - echo "Sucessfully enabled custom user JackD script" -} - -# Run jackd with a specific script -export def "main jackd" [ - --entrypoint (-e): string # Entrypoint script for running jackd (default: ~/.config/atomic-studio/jack/custom-jackd.nu) - ...args # Arguments that will be passed to the script -] { - let DEFAULT_CUSTOM_SCRIPT_PATH = $"($env.HOME)/.config/atomic-studio/jack/custom-jackd" - let USER_JACKD_ENABLED = $"($env.HOME)/.config/atomic-studio/jack/user_custom_jackd" - - mut entrypoint_path = "" - if $entrypoint == null { - if not ($USER_JACKD_ENABLED | path exists) { - $entrypoint_path = $SYSTEM_JACKD_SCRIPT_PATH - } else { - $entrypoint_path = $DEFAULT_CUSTOM_SCRIPT_PATH - } - } - - if not ($entrypoint_path | path exists) { - mkdir ($entrypoint_path | path dirname) - cp $SYSTEM_JACKD_SCRIPT_PATH $entrypoint_path - run-external chmod +x $entrypoint_path - } - - run-external $entrypoint_path ...$args -} diff --git a/config/files/shared/libexec/atomic-studio-cli/mod.nu b/config/files/shared/libexec/atomic-studio-cli/mod.nu index cf8eab5..f652532 100644 --- a/config/files/shared/libexec/atomic-studio-cli/mod.nu +++ b/config/files/shared/libexec/atomic-studio-cli/mod.nu @@ -1,8 +1,7 @@ export use add.nu * -export use jackd.nu * export use davinci.nu * export use motd.nu * export use reporter.nu * export use speaker-test.nu * export use update.nu * -export use pwjack.nu * +export use pw.nu * diff --git a/config/files/shared/libexec/atomic-studio-cli/pw.nu b/config/files/shared/libexec/atomic-studio-cli/pw.nu new file mode 100755 index 0000000..30cfe40 --- /dev/null +++ b/config/files/shared/libexec/atomic-studio-cli/pw.nu @@ -0,0 +1,45 @@ +#!/usr/bin/env -S nu + +const TARGET_CONFIG_PATH = "/etc/profile.d/atomic-pwjack.sh" +const VALID_BFSIZES = [8,16,32,64,128,256,512,1024,2048,4096] + +# Set specific buffersize for PIPEWIRE_QUANTUM variable (fixes ardour and carla crashes) +export def "main pw set quantum-buffersize" [--buffersize (-b): int] { + mut is_valid_thing: bool = false + mut iter = 0 + let max_iter = ($VALID_BFSIZES | length) + loop { + if $iter == $max_iter { + break + } + if VALID_BFSIZES.$iter == $buffersize { + $is_valid_thing = true + } + } + + if not is_valid_thing { + echo "Invalid Value" + exit 2 + } + + $"export PIPEWIRE_QUANTUM=\"($buffersize)/48000\"" | save -f /etc/profile.d/atomic-pwjack.sh + pw-metadata -n settings 0 clock.force-quantum $buffersize + + echo "Log out and in for changes to take effect." + exit 0 +} + +# Enables realtime in linux kernel arguments +export def "main pw enable realtime" [] { + rpm-ostree kargs --append-if-missing="preempt=full" +} + +# Disables realtime from linux kernel arguments +export def "main pw disable realtime" [] { + rpm-ostree kargs --delete-if-present="preempt=full" +} + +# Manage pipewire configurations +export def "main pw" [] { + echo "Usage pw ." +} diff --git a/config/files/shared/libexec/atomic-studio-cli/pwjack.nu b/config/files/shared/libexec/atomic-studio-cli/pwjack.nu deleted file mode 100755 index 280fb31..0000000 --- a/config/files/shared/libexec/atomic-studio-cli/pwjack.nu +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/env -S nu - -const TARGET_CONFIG_PATH = "/etc/profile.d/atomic-pwjack.sh" -const VALID_BFSIZES = [8,16,32,64,128,256,512,1024,2048,4096] - -# Set specific buffersize for PIPEWIRE_QUANTUM variable -export def "main pw-jack set" [--buffersize (-b): int] { - mut is_valid_thing: bool = false - mut iter = 0 - let max_iter = ($VALID_BFSIZES | length) - loop { - if $iter == $max_iter { - break - } - if VALID_BFSIZES.$iter == $buffersize { - $is_valid_thing = true - } - } - - if not is_valid_thing { - echo "Invalid Value" - exit 2 - } - - $"export PIPEWIRE_QUANTUM=\"($buffersize)/48000\"" | save -f /etc/profile.d/atomic-pwjack.sh - - echo "Log out and in for changes to take effect." - exit 0 -} - -# Enable custom pipewire-jack configuration -export def "main pw-jack enable" [] { - ln -fs /usr/share/doc/pipewire/examples/ld.so.conf.d/pipewire-jack-*-linux-gnu.conf \ - /etc/ld.so.conf.d/pipewire-jack.conf - ldconfig - systemctl mask pulseaudio-enable-autospawn.service - echo "Reboot for changes to take effect." - exit 0 -} - -# Disables custom pipewire-jack configuration -export def "main pw-jack disable" [] { - rm -f /etc/ld.so.conf.d/pipewire-jack.conf - ldconfig - systemctl unmask pulseaudio-enable-autospawn.service - echo "Reboot for changes to take effect." - exit 0 -} - diff --git a/config/files/shared/libexec/studio-jackd-default b/config/files/shared/libexec/studio-jackd-default deleted file mode 100755 index c12c702..0000000 --- a/config/files/shared/libexec/studio-jackd-default +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash -unload() { - SINKID=$(LANG=C.UTF-8 pactl list | grep -B 1 "Name: module-jack-sink" | grep Module | sed 's/[^0-9]//g') - SOURCEID=$(LANG=C.UTF-8 pactl list | grep -B 1 "Name: module-jack-source" | grep Module | sed 's/[^0-9]//g') - pactl unload-module "$SINKID" - pactl unload-module "$SOURCEID" - sleep 5 - pacmd suspend false -} - -trap unload EXIT - -pacmd suspend true -jackd -r -dalsa -dhw:0 -r48000 -p1024 -n2 & -sleep 3 -pactl load-module module-jack-sink channels=2 -pactl load-module module-jack-source channels=2 -pacmd set-default-sink jack_out -pacmd set-default-source jack_in diff --git a/config/files/shared/share/ublue-os/firstboot/yafti.yml b/config/files/shared/share/ublue-os/firstboot/yafti.yml index 1325bcb..71c2f63 100644 --- a/config/files/shared/share/ublue-os/firstboot/yafti.yml +++ b/config/files/shared/share/ublue-os/firstboot/yafti.yml @@ -27,13 +27,11 @@ screens: default: true packages: - Change to Fish shell: pkexec usermod $USER --shell /usr/bin/fish - Jack User Groups: - description: Add certain user groups for your user in order to use Jack realtime applications properly + Realtime User Groups: + description: Add certain user groups for your user in order to use realtime applications properly default: false - condition: - run: rpm -qa | grep "^jack-audio-connection-kit" packages: - - Add jackuser group: pkexec sh -c "for GROUP in jackuser realtime ; do usermod -a -G $GROUP $USER ; done" + - Add realtime group: pkexec sh -c "for GROUP in realtime pipewire ; do usermod -a -G $GROUP $USER ; done" Davinci Box: description: Reproducible and descartable environment for installing Davinci Resolve - Make sure to install Davinci Resolve inside of davincibox. default: false diff --git a/config/recipes/pw/hardened/recipe-gnome-nvidia.yml b/config/recipes/hardened/recipe-gnome-nvidia.yml similarity index 88% rename from config/recipes/pw/hardened/recipe-gnome-nvidia.yml rename to config/recipes/hardened/recipe-gnome-nvidia.yml index 212c43d..6dc2eb7 100644 --- a/config/recipes/pw/hardened/recipe-gnome-nvidia.yml +++ b/config/recipes/hardened/recipe-gnome-nvidia.yml @@ -12,11 +12,11 @@ modules: - from-file: common/shared/scripts-noptyxis.yml - from-file: common/shared/hardened-ptyxis-flatpak.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/gnome/scripts.yml - from-file: common/gnome/apps.yml - from-file: common/gnome/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/pw/hardened/recipe-gnome.yml b/config/recipes/hardened/recipe-gnome.yml similarity index 87% rename from config/recipes/pw/hardened/recipe-gnome.yml rename to config/recipes/hardened/recipe-gnome.yml index 9eed092..a0a2152 100644 --- a/config/recipes/pw/hardened/recipe-gnome.yml +++ b/config/recipes/hardened/recipe-gnome.yml @@ -12,11 +12,11 @@ modules: - from-file: common/shared/scripts-noptyxis.yml - from-file: common/shared/hardened-ptyxis-flatpak.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/gnome/scripts.yml - from-file: common/gnome/apps.yml - from-file: common/gnome/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/pw/hardened/recipe-nvidia.yml b/config/recipes/hardened/recipe-nvidia.yml similarity index 86% rename from config/recipes/pw/hardened/recipe-nvidia.yml rename to config/recipes/hardened/recipe-nvidia.yml index 99a4074..a1ea200 100644 --- a/config/recipes/pw/hardened/recipe-nvidia.yml +++ b/config/recipes/hardened/recipe-nvidia.yml @@ -11,10 +11,10 @@ modules: - from-file: common/shared/files.yml - from-file: common/shared/scripts.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/plasma/apps.yml - from-file: common/plasma/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/pw/hardened/recipe.yml b/config/recipes/hardened/recipe.yml similarity index 86% rename from config/recipes/pw/hardened/recipe.yml rename to config/recipes/hardened/recipe.yml index eed7491..ec8fb97 100644 --- a/config/recipes/pw/hardened/recipe.yml +++ b/config/recipes/hardened/recipe.yml @@ -12,10 +12,10 @@ modules: - from-file: common/shared/files.yml - from-file: common/shared/scripts.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/plasma/apps.yml - from-file: common/plasma/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/jack/hardened/recipe-gnome-nvidia.yml b/config/recipes/jack/hardened/recipe-gnome-nvidia.yml deleted file mode 100644 index a51f1c3..0000000 --- a/config/recipes/jack/hardened/recipe-gnome-nvidia.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: atomic-studio-gnome-nvidia-jack-hardened -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/secureblue/silverblue-nvidia-userns-hardened -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/nvidia/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts-noptyxis.yml - - from-file: common/shared/hardened-ptyxis-flatpak.yml - - from-file: common/shared/bling.yml - - from-file: common/gnome/scripts.yml - - from-file: common/gnome/apps.yml - - from-file: common/gnome/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/hardened/recipe-gnome.yml b/config/recipes/jack/hardened/recipe-gnome.yml deleted file mode 100644 index c256e8f..0000000 --- a/config/recipes/jack/hardened/recipe-gnome.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: atomic-studio-gnome-jack-hardened -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/secureblue/silverblue-main-userns-hardened -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/amd/packages.yml - - from-file: common/shared/amd/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts-noptyxis.yml - - from-file: common/shared/hardened-ptyxis-flatpak.yml - - from-file: common/shared/bling.yml - - from-file: common/gnome/scripts.yml - - from-file: common/gnome/apps.yml - - from-file: common/gnome/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/hardened/recipe-nvidia.yml b/config/recipes/jack/hardened/recipe-nvidia.yml deleted file mode 100644 index f504ff9..0000000 --- a/config/recipes/jack/hardened/recipe-nvidia.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: atomic-studio-nvidia-jack-hardened -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/secureblue/kinoite-nvidia-userns-hardened -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/nvidia/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts.yml - - from-file: common/shared/bling.yml - - from-file: common/plasma/apps.yml - - from-file: common/plasma/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/hardened/recipe.yml b/config/recipes/jack/hardened/recipe.yml deleted file mode 100644 index 60a1685..0000000 --- a/config/recipes/jack/hardened/recipe.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: atomic-studio-jack-hardened -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/secureblue/kinoite-main-userns-hardened -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/amd/packages.yml - - from-file: common/shared/amd/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts.yml - - from-file: common/shared/bling.yml - - from-file: common/plasma/apps.yml - - from-file: common/plasma/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/recipe-gnome-nvidia.yml b/config/recipes/jack/recipe-gnome-nvidia.yml deleted file mode 100644 index 077c448..0000000 --- a/config/recipes/jack/recipe-gnome-nvidia.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: atomic-studio-gnome-nvidia-jack -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/ublue-os/silverblue-nvidia -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/nvidia/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts.yml - - from-file: common/shared/bling.yml - - from-file: common/gnome/scripts.yml - - from-file: common/gnome/apps.yml - - from-file: common/gnome/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/recipe-gnome.yml b/config/recipes/jack/recipe-gnome.yml deleted file mode 100644 index c7460f1..0000000 --- a/config/recipes/jack/recipe-gnome.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: atomic-studio-gnome-jack -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/ublue-os/silverblue-main -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/amd/packages.yml - - from-file: common/shared/amd/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts.yml - - from-file: common/shared/bling.yml - - from-file: common/gnome/scripts.yml - - from-file: common/gnome/apps.yml - - from-file: common/gnome/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/recipe-nvidia.yml b/config/recipes/jack/recipe-nvidia.yml deleted file mode 100644 index d96ceeb..0000000 --- a/config/recipes/jack/recipe-nvidia.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: atomic-studio-nvidia-jack -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/ublue-os/kinoite-nvidia -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/nvidia/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts.yml - - from-file: common/shared/bling.yml - - from-file: common/plasma/apps.yml - - from-file: common/plasma/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/jack/recipe.yml b/config/recipes/jack/recipe.yml deleted file mode 100644 index bad603f..0000000 --- a/config/recipes/jack/recipe.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: atomic-studio-jack -description: Operating system based on Fedora Atomic meant for content creators and artists - -base-image: ghcr.io/ublue-os/kinoite-main -image-version: latest - -modules: - - from-file: common/shared/gui-apps.yml - - from-file: common/shared/packages.yml - - from-file: common/shared/amd/packages.yml - - from-file: common/shared/amd/scripts.yml - - from-file: common/shared/files.yml - - from-file: common/shared/scripts.yml - - from-file: common/shared/bling.yml - - from-file: common/plasma/apps.yml - - from-file: common/plasma/files.yml - - from-file: common/audio/audinux.yml - - from-file: common/audio/jack-packages.yml - - from-file: common/audio/jack-services.yml - - type: yafti - - type: signing diff --git a/config/recipes/pw/recipe-gnome-nvidia.yml b/config/recipes/recipe-gnome-nvidia.yml similarity index 86% rename from config/recipes/pw/recipe-gnome-nvidia.yml rename to config/recipes/recipe-gnome-nvidia.yml index 21f3502..ca04bdf 100644 --- a/config/recipes/pw/recipe-gnome-nvidia.yml +++ b/config/recipes/recipe-gnome-nvidia.yml @@ -11,11 +11,11 @@ modules: - from-file: common/shared/files.yml - from-file: common/shared/scripts.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/gnome/scripts.yml - from-file: common/gnome/apps.yml - from-file: common/gnome/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/pw/recipe-gnome.yml b/config/recipes/recipe-gnome.yml similarity index 87% rename from config/recipes/pw/recipe-gnome.yml rename to config/recipes/recipe-gnome.yml index 8e95f24..fe8a5ac 100644 --- a/config/recipes/pw/recipe-gnome.yml +++ b/config/recipes/recipe-gnome.yml @@ -12,11 +12,11 @@ modules: - from-file: common/shared/files.yml - from-file: common/shared/scripts.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/gnome/scripts.yml - from-file: common/gnome/apps.yml - from-file: common/gnome/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/pw/recipe-nvidia.yml b/config/recipes/recipe-nvidia.yml similarity index 85% rename from config/recipes/pw/recipe-nvidia.yml rename to config/recipes/recipe-nvidia.yml index 0914dfc..0e54060 100644 --- a/config/recipes/pw/recipe-nvidia.yml +++ b/config/recipes/recipe-nvidia.yml @@ -11,10 +11,10 @@ modules: - from-file: common/shared/files.yml - from-file: common/shared/scripts.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/plasma/apps.yml - from-file: common/plasma/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/recipes/pw/recipe.yml b/config/recipes/recipe.yml similarity index 86% rename from config/recipes/pw/recipe.yml rename to config/recipes/recipe.yml index ba096b1..477d036 100644 --- a/config/recipes/pw/recipe.yml +++ b/config/recipes/recipe.yml @@ -12,10 +12,10 @@ modules: - from-file: common/shared/files.yml - from-file: common/shared/scripts.yml - from-file: common/shared/bling.yml + - from-file: common/shared/services.yml - from-file: common/plasma/apps.yml - from-file: common/plasma/files.yml - - from-file: common/audio/pipewire-flatpaks.yml - - from-file: common/audio/pipewire-services.yml + - from-file: common/audio/pipewire-packages.yml - from-file: common/audio/audinux.yml - type: yafti - type: signing diff --git a/config/scripts/fsync-kernel.nu b/config/scripts/fsync-kernel.nu new file mode 100755 index 0000000..da741e4 --- /dev/null +++ b/config/scripts/fsync-kernel.nu @@ -0,0 +1,10 @@ +#!/usr/bin/env -S nu +let FEDORA_MAJOR_VERSION = (rpm -E %fedora) +let REPO_FILE_PATH= "/etc/yum.repos.d/_copr_sentry-kernel-fsync.repo" + +wget $"https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-($FEDORA_MAJOR_VERSION)/sentry-kernel-fsync-fedora-($$FEDORA_MAJOR_VERSION).repo" -O $REPO_FILE_PATH + +rpm-ostree cliwrap install-to-root / +rpm-ostree override replace --experimental --from repo=copr:copr.fedorainfracloud.org:sentry:kernel-fsync kernel kernel-core kernel-modules kernel-modules-core kernel-modules-extra kernel-uki-virt + +rm -f $REPO_FILE_PATH diff --git a/config/scripts/rt-kernel.nu b/config/scripts/rt-kernel.nu deleted file mode 100755 index c2c1614..0000000 --- a/config/scripts/rt-kernel.nu +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -FEDORA_MAJOR_VERSION=$(rpm -E %fedora) -REPO_FILE_PATH=/etc/yum.repos.d/_copr_ycollet-audinux.repo - -wget "https://copr.fedorainfracloud.org/coprs/ycollet/audinux/repo/fedora-${FEDORA_MAJOR_VERSION}/ycollet-audinux-fedora-${FEDORA_MAJOR_VERSION}.repo" \ - -O $REPO_FILE_PATH - -rpm-ostree cliwrap install-to-root / -rpm-ostree override replace \ - --experimental \ - --remove=kernel \ - --remove=kernel-core \ - --from repo=copr:copr.fedorainfracloud.org:ycollet:audinux \ - kernel-rt-mao - -rm -f $REPO_FILE_PATH diff --git a/config/scripts/tuned.nu b/config/scripts/tuned.nu index 80da2a6..e4e5059 100755 --- a/config/scripts/tuned.nu +++ b/config/scripts/tuned.nu @@ -7,7 +7,7 @@ const COPR_FILE = "/etc/yum.repos.d/_copr_ublue-os_staging.repo" http get $"https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-($FEDORA_MAJOR_VERSION)/ublue-os-staging-fedora-($FEDORA_MAJOR_VERSION).repo" | save -f $COPR_FILE -rpm-ostree install tuned tuned-ppd tuned-utils tuned-utils-systemtap tuned-gtk tuned-profiles-atomic tuned-profiles-cpu-partitioning powertop +rpm-ostree install tuned tuned-ppd tuned-utils tuned-utils-systemtap tuned-gtk tuned-profiles-atomic tuned-profiles-cpu-partitioning tuned-profiles-realtime powertop systemctl enable tuned.service