From 4acb61c5d54239dcd75bed4a9dbb725cbcef027b Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:33:00 +0000 Subject: [PATCH 01/16] Update image_build.yml --- .github/workflows/image_build.yml | 154 +++++------------------------- 1 file changed, 23 insertions(+), 131 deletions(-) diff --git a/.github/workflows/image_build.yml b/.github/workflows/image_build.yml index f41ae0d..fa46c28 100644 --- a/.github/workflows/image_build.yml +++ b/.github/workflows/image_build.yml @@ -1,146 +1,38 @@ ---- name: Build-image on: - pull_request: - branches: - - main schedule: - - cron: '00 20 * * *' # 20:00 UTC everyday (2 hours after secureblue images start to build). + - cron: "00 06 * * *" # build at 06:00 UTC every day + # (20 minutes after last ublue images start building) push: - branches: - - main - paths-ignore: - - '**/README.md' - workflow_dispatch: + paths-ignore: # don't rebuild if only documentation has changed + - "**.md" + + pull_request: + workflow_dispatch: # allow manually triggering builds -env: - MY_IMAGE_NAME: "${{ github.event.repository.name }}" # The name of the image - MY_IMAGE_DESC: "A custom image designed for school and work environments" - IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}" - jobs: build_push: - name: Build and push image + name: Build Custom Image runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write - + + strategy: + fail-fast: false # stop GH from cancelling all matrix builds if one fails + matrix: + recipe: + # !! Add your recipes here + - recipe.yml + steps: - # Checkout push-to-registry action GitHub repository - - name: Checkout Push to Registry action - uses: actions/checkout@v4 - - - name: Generate tags - id: generate-tags - shell: bash - run: | - # Generate a timestamp for creating an image version history - TIMESTAMP="$(date +%Y%m%d)" - COMMIT_TAGS=() - BUILD_TAGS=() - - # Have tags for tracking builds during pull request - SHA_SHORT="${GITHUB_SHA::7}" - COMMIT_TAGS+=("pr-${{ github.event.number }}") - COMMIT_TAGS+=("${SHA_SHORT}") - - # Append matching timestamp tags to keep a version history - for TAG in "${BUILD_TAGS[@]}"; do - BUILD_TAGS+=("${TAG}-${TIMESTAMP}") - done - - BUILD_TAGS+=("${TIMESTAMP}") - BUILD_TAGS+=("latest") - BUILD_TAGS+=("40") - - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - echo "Generated the following commit tags: " - for TAG in "${COMMIT_TAGS[@]}"; do - echo "${TAG}" - done - - alias_tags=("${COMMIT_TAGS[@]}") - else - alias_tags=("${BUILD_TAGS[@]}") - fi - - echo "Generated the following build tags: " - for TAG in "${BUILD_TAGS[@]}"; do - echo "${TAG}" - done - - echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT - - # Build metadata - - name: Image Metadata - uses: docker/metadata-action@v5 - id: meta + # the build is fully handled by the reusable github action + - name: Build Custom Image + uses: blue-build/github-action@v1.6 with: - images: | - ${{ env.MY_IMAGE_NAME }} - - labels: | - io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md - org.opencontainers.image.description=${{ env.MY_IMAGE_DESC }} - org.opencontainers.image.title=${{ env.MY_IMAGE_NAME }} - - # Build image using Buildah action - - name: Build Image - id: build_image - uses: redhat-actions/buildah-build@v2 - with: - containerfiles: | - ./Containerfile - # Postfix image name with -custom to make it a little more descriptive - # Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format - image: ${{ env.MY_IMAGE_NAME }} - tags: | - ${{ steps.generate-tags.outputs.alias_tags }} - labels: ${{ steps.meta.outputs.labels }} - oci: false - - # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. - # https://github.com/macbre/push-to-ghcr/issues/12 - - name: Lowercase Registry - id: registry_case - uses: ASzc/change-string-case-action@v6 - with: - string: ${{ env.IMAGE_REGISTRY }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Push Image to GHCR - uses: redhat-actions/push-to-registry@v2 - id: push - env: - REGISTRY_USER: ${{ github.actor }} - REGISTRY_PASSWORD: ${{ github.token }} - with: - image: ${{ steps.build_image.outputs.image }} - tags: ${{ steps.build_image.outputs.tags }} - registry: ${{ steps.registry_case.outputs.lowercase }} - username: ${{ env.REGISTRY_USER }} - password: ${{ env.REGISTRY_PASSWORD }} - extra-args: | - --disable-content-trust - - # Sign container - - uses: sigstore/cosign-installer@v3.5.0 - if: github.event_name != 'pull_request' - - - name: Sign container image - if: github.event_name != 'pull_request' - run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} - env: - TAGS: ${{ steps.push.outputs.digest }} - COSIGN_EXPERIMENTAL: false - COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} + recipe: ${{ matrix.recipe }} + cosign_private_key: ${{ secrets.SIGNING_SECRET }} + registry_token: ${{ github.token }} + pr_event_number: ${{ github.event.number }} From a3f5f59b4515deb387a1885e82a1cea2a00f65ce Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:37:37 +0000 Subject: [PATCH 02/16] Create recipe.yml --- recipes/recipe.yml | 48 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 recipes/recipe.yml diff --git a/recipes/recipe.yml b/recipes/recipe.yml new file mode 100644 index 0000000..86c66b6 --- /dev/null +++ b/recipes/recipe.yml @@ -0,0 +1,48 @@ +# image will be published to ghcr.io// +name: edublue +# description will be included in the image's metadata +description: A custom image designed for school and work environments + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/silverblue-main +image-version: 40 # latest is also supported if you want new updates ASAP + +# module configuration, executed in order +# you can include multiple instances of the same module +modules: + - type: files + files: + - usr: /usr # copies config/files/usr into your image's /usr. + # put configuration files you want in /etc/ on a booted system + # in /usr/etc/ in the image. read more in files module reference. + + - type: rpm-ostree + repos: + # - https://copr.fedorainfracloud.org/coprs/atim/starship/repo/fedora-%OS_VERSION%/atim-starship-fedora-%OS_VERSION%.repo + install: + # - micro + # - starship + remove: + # example: removing firefox (in favor of the flatpak) + # "firefox" is the main package, "firefox-langpacks" is a dependency + # - firefox + # - firefox-langpacks # also remove firefox dependency (not required for all packages, this is a special case) + + - type: default-flatpaks + notify: true # Send notification after install/uninstall is finished (true/false) + system: + # If no repo information is specified, Flathub will be used by default + # repo-url: https://dl.flathub.org/repo/flathub.flatpakrepo + # repo-name: flathub + # repo-title: "Flathub (system-wide)" # Optional; this sets the remote's user-facing name in graphical frontends like GNOME Software + install: + # - org.mozilla.firefox + # - org.gnome.Loupe + # - one.ablaze.floorp//lightning # This is an example of flatpak which has multiple branches in selection (flatpak//branch). + # Flatpak runtimes are not supported (like org.winehq.Wine//stable-23.08), + # only normal flatpak applications are (like Floorp Lightning web browser in this example). + # Installing different branches of the same Flatpak is not supported. + remove: + # - org.gnome.eog + + - type: signing # this sets up the proper policy & signing files for signed images to work fully From f7044d33b178fa100eb42b3d0a5bfec8beae3b08 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:47:54 +0000 Subject: [PATCH 03/16] Create .gitkeep --- config/files/usr/.gitkeep | 1 + 1 file changed, 1 insertion(+) create mode 100644 config/files/usr/.gitkeep diff --git a/config/files/usr/.gitkeep b/config/files/usr/.gitkeep new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/config/files/usr/.gitkeep @@ -0,0 +1 @@ + From 440d779cffc971e52635a4074ebbed7bf8325cb4 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:48:13 +0000 Subject: [PATCH 04/16] Create example.sh --- config/scripts/example.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 config/scripts/example.sh diff --git a/config/scripts/example.sh b/config/scripts/example.sh new file mode 100644 index 0000000..fdb2e04 --- /dev/null +++ b/config/scripts/example.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Tell this script to exit if there are any errors. +# You should have this in every custom script, to ensure that your completed +# builds actually ran successfully without any errors! +set -oue pipefail + +# Your code goes here. +echo 'This is an example shell script' +echo 'Scripts here will run during build if specified in recipe.yml' From 015f52024109ee30dd22f1259527be64418ce666 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:48:29 +0000 Subject: [PATCH 05/16] Create .gitkeep --- modules/.gitkeep | 1 + 1 file changed, 1 insertion(+) create mode 100644 modules/.gitkeep diff --git a/modules/.gitkeep b/modules/.gitkeep new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/modules/.gitkeep @@ -0,0 +1 @@ + From 0da9730618ad76ea567b5896dd25987c402d2eaf Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:54:11 +0000 Subject: [PATCH 06/16] Update recipe.yml --- recipes/recipe.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/recipe.yml b/recipes/recipe.yml index 86c66b6..e9a3b79 100644 --- a/recipes/recipe.yml +++ b/recipes/recipe.yml @@ -4,7 +4,7 @@ name: edublue description: A custom image designed for school and work environments # the base image to build on top of (FROM) and the version tag to use -base-image: ghcr.io/ublue-os/silverblue-main +base-image: ghcr.io/ublue-os/aurora image-version: 40 # latest is also supported if you want new updates ASAP # module configuration, executed in order From 15dc2d8586b8452ca74dbb6decd5731a209271a3 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:55:10 +0000 Subject: [PATCH 07/16] Delete Containerfile --- Containerfile | 59 --------------------------------------------------- 1 file changed, 59 deletions(-) delete mode 100644 Containerfile diff --git a/Containerfile b/Containerfile deleted file mode 100644 index f2830e6..0000000 --- a/Containerfile +++ /dev/null @@ -1,59 +0,0 @@ -## 1. BUILD ARGS -# These allow changing the produced image by passing different build args to adjust -# the source from which your image is built. -# Build args can be provided on the commandline when building locally with: -# podman build -f Containerfile --build-arg FEDORA_VERSION=40 -t local-image - -# SOURCE_IMAGE arg can be anything from ublue upstream which matches your desired version: -# See list here: https://github.com/orgs/ublue-os/packages?repo_name=main -# - "silverblue" -# - "kinoite" -# - "sericea" -# - "onyx" -# - "lazurite" -# - "vauxite" -# - "base" -# -# "aurora", "bazzite", "bluefin" or "ucore" may also be used but have different suffixes. -ARG SOURCE_IMAGE="aurora-main-hardened" - -## SOURCE_SUFFIX arg should include a hyphen and the appropriate suffix name -# These examples all work for silverblue/kinoite/sericea/onyx/lazurite/vauxite/base -# - "-main" -# - "-nvidia" -# - "-asus" -# - "-asus-nvidia" -# - "-surface" -# - "-surface-nvidia" -# -# aurora, bazzite and bluefin each have unique suffixes. Please check the specific image. -# ucore has the following possible suffixes -# - stable -# - stable-nvidia -# - stable-zfs -# - stable-nvidia-zfs -# - (and the above with testing rather than stable) -ARG SOURCE_SUFFIX="" - -## SOURCE_TAG arg must be a version built for the specific image: eg, 39, 40, gts, latest -ARG SOURCE_TAG="40" - - -### 2. SOURCE IMAGE -## this is a standard Containerfile FROM using the build ARGs above to select the right upstream image -FROM ghcr.io/secureblue/${SOURCE_IMAGE}${SOURCE_SUFFIX}:${SOURCE_TAG} - - -### 3. MODIFICATIONS -## make modifications desired in your image and install packages by modifying the build.sh script -## the following RUN directive does all the things required to run "build.sh" as recommended. - -COPY build.sh /tmp/build.sh - -RUN mkdir -p /var/lib/alternatives && \ - /tmp/build.sh && \ - ostree container commit -## NOTES: -# - /var/lib/alternatives is required to prevent failure with some RPM installs -# - All RUN commands must end with ostree container commit -# see: https://coreos.github.io/rpm-ostree/container/#using-ostree-container-commit From 648bc8bbf65fbae6477513b86cd5ca951d572afe Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 08:55:19 +0000 Subject: [PATCH 08/16] Delete build.sh --- build.sh | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100755 build.sh diff --git a/build.sh b/build.sh deleted file mode 100755 index 1ba3f9a..0000000 --- a/build.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -set -ouex pipefail - -RELEASE="$(rpm -E %fedora)" - -# Adding back x11 support by default -rpm-ostree install kwin-x11 plasma-workspace-x11 - -# Adds firefox as another option alongside chromium -rpm-ostree install firefox - -# Install docker for winapps -rpm-ostree install https://download.docker.com/linux/fedora/40/x86_64/stable/Packages/docker-ce-26.1.4-1.fc40.x86_64.rpm https://download.docker.com/linux/fedora/40/x86_64/stable/Packages/docker-ce-cli-26.1.4-1.fc40.x86_64.rpm https://download.docker.com/linux/fedora/40/x86_64/stable/Packages/containerd.io-1.6.33-3.1.fc40.x86_64.rpm https://download.docker.com/linux/fedora/40/x86_64/stable/Packages/docker-buildx-plugin-0.14.1-1.fc40.x86_64.rpm https://download.docker.com/linux/fedora/40/x86_64/stable/Packages/docker-compose-plugin-2.27.1-1.fc40.x86_64.rpm - -# Example for enabling a System Unit File -systemctl enable podman.socket From 155c16f1718ffaca7dfe7d8653853c0fac0f72cc Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 09:25:22 +0000 Subject: [PATCH 09/16] Update iso_build.yml --- .github/workflows/iso_build.yml | 159 ++++---------------------------- 1 file changed, 17 insertions(+), 142 deletions(-) diff --git a/.github/workflows/iso_build.yml b/.github/workflows/iso_build.yml index 5f3fcde..db062d9 100644 --- a/.github/workflows/iso_build.yml +++ b/.github/workflows/iso_build.yml @@ -1,157 +1,32 @@ ---- -name: Build-iso +name: Build-Iso on: - pull_request: - branches: - - main schedule: - - cron: '05 10 1 * *' # 10:05am UTC first day of each month - workflow_dispatch: - workflow_call: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-iso - cancel-in-progress: true - -env: - MY_IMAGE_NAME: "${{ github.event.repository.name }}" # the name of the image - MY_IMAGE_DESC: "A custom image designed for school and work environments" - IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}" + - cron: "00 06 1 * *" # build at 06:00 UTC on the first of the month + push: + paths-ignore: # don't rebuild if only documentation has changed + - "**.md" + + pull_request: + workflow_dispatch: # allow manually triggering builds jobs: build_push: - name: Build and push image + name: Build Custom Image runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write - + strategy: - fail-fast: false - + fail-fast: false # stop GH from cancelling all matrix builds if one fails + matrix: + recipe: + # !! Add your recipes here + - recipe.yml + steps: - - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - - # Checkout push-to-registry action GitHub repository - - name: Checkout Push to Registry action - uses: actions/checkout@v4 - - - name: Generate tags - id: generate-tags - shell: bash - run: | - # Generate a timestamp for creating an image version history - TIMESTAMP="$(date +%Y%m%d)" - COMMIT_TAGS=() - BUILD_TAGS=() - - # Have tags for tracking builds during pull request - SHA_SHORT="${GITHUB_SHA::7}" - COMMIT_TAGS+=("pr-${{ github.event.number }}") - COMMIT_TAGS+=("${SHA_SHORT}") - - # Append matching timestamp tags to keep a version history - for TAG in "${BUILD_TAGS[@]}"; do - BUILD_TAGS+=("${TAG}-${TIMESTAMP}") - done - - BUILD_TAGS+=("${TIMESTAMP}") - BUILD_TAGS+=("latest") - BUILD_TAGS+=("40") - - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - echo "Generated the following commit tags: " - for TAG in "${COMMIT_TAGS[@]}"; do - echo "${TAG}" - done - - alias_tags=("${COMMIT_TAGS[@]}") - else - alias_tags=("${BUILD_TAGS[@]}") - fi - - echo "Generated the following build tags: " - for TAG in "${BUILD_TAGS[@]}"; do - echo "${TAG}" - done - - echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT - - # Build metadata - - name: Image Metadata - uses: docker/metadata-action@v5 - id: meta - with: - images: | - ${{ env.MY_IMAGE_NAME }} - - labels: | - io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md - org.opencontainers.image.description=${{ env.MY_IMAGE_DESC }} - org.opencontainers.image.title=${{ env.MY_IMAGE_NAME }} - - # Build image using Buildah action - - name: Build Image - id: build_image - uses: redhat-actions/buildah-build@v2 - with: - containerfiles: | - ./Containerfile - # Postfix image name with -custom to make it a little more descriptive - # Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format - image: ${{ env.MY_IMAGE_NAME }} - tags: | - ${{ steps.generate-tags.outputs.alias_tags }} - labels: ${{ steps.meta.outputs.labels }} - oci: false - - # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. - # https://github.com/macbre/push-to-ghcr/issues/12 - - name: Lowercase Registry - id: registry_case - uses: ASzc/change-string-case-action@v6 - with: - string: ${{ env.IMAGE_REGISTRY }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Push Image to GHCR - uses: redhat-actions/push-to-registry@v2 - id: push - env: - REGISTRY_USER: ${{ github.actor }} - REGISTRY_PASSWORD: ${{ github.token }} - with: - image: ${{ steps.build_image.outputs.image }} - tags: ${{ steps.build_image.outputs.tags }} - registry: ${{ steps.registry_case.outputs.lowercase }} - username: ${{ env.REGISTRY_USER }} - password: ${{ env.REGISTRY_PASSWORD }} - extra-args: | - --disable-content-trust - - # Sign container - - uses: sigstore/cosign-installer@v3.5.0 - if: github.event_name != 'pull_request' - - - name: Sign container image - if: github.event_name != 'pull_request' - run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} - env: - TAGS: ${{ steps.push.outputs.digest }} - COSIGN_EXPERIMENTAL: false - COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} - - name: Build ISOs uses: jasonn3/build-container-installer@v1.2.1 id: build @@ -168,7 +43,7 @@ jobs: - name: Upload ISOs and Checksum to Job Artifacts uses: actions/upload-artifact@v4 with: - name: edublue-${{ steps.build_image.outputs.tags }} + name: edublue path: ${{ steps.build.outputs.iso_path }} if-no-files-found: error retention-days: 0 From 5e2de9410a1fd14a98e12f644b838e7968fd77f9 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 25 Jun 2024 09:26:19 +0000 Subject: [PATCH 10/16] Update iso_build.yml --- .github/workflows/iso_build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/iso_build.yml b/.github/workflows/iso_build.yml index db062d9..f31a008 100644 --- a/.github/workflows/iso_build.yml +++ b/.github/workflows/iso_build.yml @@ -9,6 +9,10 @@ on: pull_request: workflow_dispatch: # allow manually triggering builds +concurrency: + group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-iso + cancel-in-progress: true + jobs: build_push: name: Build Custom Image @@ -21,10 +25,6 @@ jobs: strategy: fail-fast: false # stop GH from cancelling all matrix builds if one fails - matrix: - recipe: - # !! Add your recipes here - - recipe.yml steps: - name: Build ISOs From a6a3ab54cfe801d081963d239652aae290a08b84 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Wed, 26 Jun 2024 05:29:53 +0000 Subject: [PATCH 11/16] Update recipe.yml --- recipes/recipe.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/recipes/recipe.yml b/recipes/recipe.yml index e9a3b79..5f721a8 100644 --- a/recipes/recipe.yml +++ b/recipes/recipe.yml @@ -19,6 +19,7 @@ modules: - type: rpm-ostree repos: # - https://copr.fedorainfracloud.org/coprs/atim/starship/repo/fedora-%OS_VERSION%/atim-starship-fedora-%OS_VERSION%.repo + - https://download.docker.com/linux/fedora/docker-ce.repo install: # - micro # - starship @@ -27,6 +28,11 @@ modules: # "firefox" is the main package, "firefox-langpacks" is a dependency # - firefox # - firefox-langpacks # also remove firefox dependency (not required for all packages, this is a special case) + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin - type: default-flatpaks notify: true # Send notification after install/uninstall is finished (true/false) From a3130c6cccf7045d7203bb88a7f15082c822356c Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Wed, 26 Jun 2024 05:30:24 +0000 Subject: [PATCH 12/16] Update iso_build.yml --- .github/workflows/iso_build.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/iso_build.yml b/.github/workflows/iso_build.yml index f31a008..cecc00c 100644 --- a/.github/workflows/iso_build.yml +++ b/.github/workflows/iso_build.yml @@ -2,11 +2,7 @@ name: Build-Iso on: schedule: - cron: "00 06 1 * *" # build at 06:00 UTC on the first of the month - push: - paths-ignore: # don't rebuild if only documentation has changed - - "**.md" - - pull_request: + workflow_dispatch: # allow manually triggering builds concurrency: From bf1ecaafad98902c3fec1c61188cc24deb26ef94 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Wed, 26 Jun 2024 07:53:24 +0000 Subject: [PATCH 13/16] Update recipe.yml --- recipes/recipe.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/recipes/recipe.yml b/recipes/recipe.yml index 5f721a8..d379d4b 100644 --- a/recipes/recipe.yml +++ b/recipes/recipe.yml @@ -23,16 +23,16 @@ modules: install: # - micro # - starship - remove: - # example: removing firefox (in favor of the flatpak) - # "firefox" is the main package, "firefox-langpacks" is a dependency - # - firefox - # - firefox-langpacks # also remove firefox dependency (not required for all packages, this is a special case) - docker-ce - docker-ce-cli - containerd.io - docker-buildx-plugin - docker-compose-plugin + remove: + # example: removing firefox (in favor of the flatpak) + # "firefox" is the main package, "firefox-langpacks" is a dependency + # - firefox + # - firefox-langpacks # also remove firefox dependency (not required for all packages, this is a special case) - type: default-flatpaks notify: true # Send notification after install/uninstall is finished (true/false) From 0af171aab03b42eae1cc21f6ed16686ef808dd49 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Wed, 26 Jun 2024 08:14:28 +0000 Subject: [PATCH 14/16] Update recipe.yml --- recipes/recipe.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes/recipe.yml b/recipes/recipe.yml index d379d4b..c2e6c7f 100644 --- a/recipes/recipe.yml +++ b/recipes/recipe.yml @@ -23,6 +23,7 @@ modules: install: # - micro # - starship + - chromium - docker-ce - docker-ce-cli - containerd.io @@ -42,6 +43,7 @@ modules: # repo-name: flathub # repo-title: "Flathub (system-wide)" # Optional; this sets the remote's user-facing name in graphical frontends like GNOME Software install: + - org.onlyoffice.desktopeditors # - org.mozilla.firefox # - org.gnome.Loupe # - one.ablaze.floorp//lightning # This is an example of flatpak which has multiple branches in selection (flatpak//branch). From 47410c7085321142815c6d9594d790740b464008 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Wed, 26 Jun 2024 09:57:56 +0000 Subject: [PATCH 15/16] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5df1650..707aca1 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ Using: ![Shell script image](https://img.shields.io/badge/Shell_Script-121011?style=for-the-badge&logo=gnu-bash&logoColor=white) # Repo info -Edublue uses the template from the ublue-os team to modify the Aurora which has been patched by the secureblue team for added security. Fedora atomic means that your whole system is an "image". This means your computer is read-only and if any failures happen you can reboot to the last working image. Aurora made by the ublue-os team which has all the configuration done for you to make it easy for IT to locate and eliminate downtime or problems. The Universal Blue project builds a diverse set of continuously delivered operating system images which enables us to have the reliability of a Chromebook, but with the flexibility and power of a traditional Linux desktop. The secureblue team patches these images to defend against exploitation of both known and unknown vulnerabilities while trying to avoid sacrificing usability for most use cases. The edublue team gives a custom image designed for school and work environments. We add features that are needed for these environments while making sure that the organization has control. +Edublue uses the blue build system to modify the Aurora to add to reduce setup when deployed. Fedora atomic means that your whole system is an "image". This means your computer is read-only and if any failures happen you can reboot to the last working image. Aurora made by the ublue-os team which has all the configuration done for you to make it easy for IT to locate and eliminate downtime or problems. The Universal Blue project builds a diverse set of continuously delivered operating system images which enables us to have the reliability of a Chromebook, but with the flexibility and power of a traditional Linux desktop. Using build blue we add features that are needed for these environments while making sure that the organization has control. # How to use From a510b03563764fb8707a19544ea388c6c7c20db2 Mon Sep 17 00:00:00 2001 From: proJM <81658610+proJM-Coding@users.noreply.github.com> Date: Tue, 2 Jul 2024 03:16:42 +0000 Subject: [PATCH 16/16] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 707aca1..6e5980f 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ Boot from the BIOS/UEFI by either changing the boot order or overriding the next Wait for the installer to load and go through all the install steps. Make sure that the root user is enabled with a strong password and the user is not given administrator. -Once the process is completed reboot and follow the secureblue setup steps. +Once the process is completed reboot and update all package if needed. Make sure everything is up to date and then the install is complete.