fix: remove greetd

.github/workflows/build.yml

@@ -25,6 +25,12 @@ jobs:
   build_push:
     name: Build and push image
     runs-on: ubuntu-24.04
+    strategy:
+      fail-fast: false
+      matrix:
+        desktop_environment:
+          - gnome
+          - hyprland
 
     permissions:
       contents: read
@@ -62,8 +68,8 @@ jobs:
         id: metadata
         with:
           tags: |
-            type=raw,value=${{ github.ref_name }}.${{ env.DEFAULT_TAG }}
-            type=raw,value=${{ github.ref_name }}.{{date 'YYYYMMDD-HHmm'}}
+            type=raw,value=${{ github.ref_name }}.${{ matrix.desktop_environment }}.${{ env.DEFAULT_TAG }}
+            type=raw,value=${{ github.ref_name }}.${{ matrix.desktop_environment }}.{{date 'YYYYMMDD-HHmm'}}
             type=sha,enable=${{ github.event_name == 'pull_request' }}
             type=ref,event=pr
           labels: |
@@ -75,7 +81,7 @@ jobs:
             org.opencontainers.image.title=${{ env.IMAGE_NAME }}
             org.opencontainers.image.url=https://github.com/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}/tree/${{ github.sha }}
             org.opencontainers.image.vendor=${{ github.repository_owner }}
-            org.opencontainers.image.version=${{ github.ref_name }}.{{date 'YYYYMMDD-HHmm'}}
+            org.opencontainers.image.version=${{ github.ref_name }}.${{ matrix.desktop_environment }}.{{date 'YYYYMMDD-HHmm'}}
             io.artifacthub.package.deprecated=false
             io.artifacthub.package.keywords=${{ env.IMAGE_KEYWORDS }}
             io.artifacthub.package.license=Apache-2.0
@@ -95,6 +101,8 @@ jobs:
           tags: ${{ steps.metadata.outputs.tags }}
           labels: ${{ steps.metadata.outputs.labels }}
           oci: false
+          build-args: |
+            DESKTOP_ENVIRONMENT=${{ matrix.desktop_environment }}
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3

Containerfile

@@ -1,7 +1,11 @@
 FROM scratch AS ctx
 COPY build_files /
 
-FROM ghcr.io/ublue-os/base-main:42
+FROM ghcr.io/ublue-os/akmods:main-43 AS akmods
+
+FROM ghcr.io/ublue-os/akmods-nvidia-open:main-43 AS akmods_nvidia
+
+FROM ghcr.io/ublue-os/base-main:43
 
 RUN rm -r /opt && mkdir /opt
 
@@ -9,18 +13,35 @@ RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
     --mount=type=cache,dst=/var/cache \
     --mount=type=cache,dst=/var/log \
     --mount=type=tmpfs,dst=/tmp \
-    /ctx/nvidia.sh
+    --mount=type=bind,from=akmods,src=/rpms/ublue-os,dst=/tmp/akmods-rpms \
+    --mount=type=bind,from=akmods,src=/kernel-rpms,dst=/tmp/kernel-rpms \
+    --mount=type=bind,from=akmods_nvidia,src=/rpms,dst=/tmp/akmods-nv-rpms \
+    /ctx/00_nvidia.sh
 
 RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
     --mount=type=cache,dst=/var/cache \
     --mount=type=cache,dst=/var/log \
     --mount=type=tmpfs,dst=/tmp \
-    /ctx/build.sh
+    /ctx/01_pre_desktop.sh
+
+ARG DESKTOP_ENVIRONMENT="gnome"
 
 RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
     --mount=type=cache,dst=/var/cache \
     --mount=type=cache,dst=/var/log \
     --mount=type=tmpfs,dst=/tmp \
-    /ctx/initramfs.sh
+    /ctx/02_${DESKTOP_ENVIRONMENT}.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/03_post_desktop.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/04_initramfs.sh
 
 RUN bootc container lint

Makefile

@@ -1,11 +1,14 @@
 clean:
 	sudo rm -fr flathub output output-repo
 	sudo podman system prune
-	for container in $$(sudo podman container list --external --format "{{.ID}}"); do sudo podman rm $$container; done
+	for container in $$(sudo podman container list --external --format "{{.ID}}"); do sudo podman rm --force $$container; done
 
 oci:
 	sudo podman build --network=host -t podman-image .
 
+oci_hyprland:
+	sudo podman build --network=host -t podman-image-hyprland --build-arg DESKTOP_ENVIRONMENT=hyprland .
+
 CONTAINER_IMAGE=localhost/podman-image
 FILESYSTEM_TYPE=ext4
 qcow:

README.md

@@ -39,6 +39,7 @@ It is possible to keep a revision by pinning it: `ostree admin pin 0`
 
 - man
 - langpacks: en, de
+- default-fonts-cjk
 - Gnome + Software
 - curl
 - git
@@ -57,6 +58,8 @@ It is possible to keep a revision by pinning it: `ostree admin pin 0`
 - sqlite
 - netcat
 - tor & torbrowser-launcher
+- podman compose
+- hugo
 - Flatpak (with default repository configured)
 - Chromium
 - Veracrypt
@@ -88,4 +91,4 @@ It is possible to keep a revision by pinning it: `ostree admin pin 0`
 
 ### Notes
 
-Those also include links that didn't work out in the end for various reasons, the one I use now is based on extracting the relevant parts of the bluefin scripts.
+Those also include links that didn't work out in the end for various reasons, the one I use now is based on ublue-os/main scripts.

build_files/00_nvidia.sh

@@ -0,0 +1,103 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+FRELEASE="$(rpm -E %fedora)"
+: "${AKMODNV_PATH:=/tmp/akmods-nv-rpms}"
+
+
+# this is only to aid in human understanding of any issues in CI
+find "${AKMODNV_PATH}"/
+
+if ! command -v dnf5 >/dev/null; then
+    echo "Requires dnf5... Exiting"
+    exit 1
+fi
+
+# Check if any rpmfusion repos exist before trying to disable them
+if dnf5 repolist --all | grep -q rpmfusion; then
+    dnf5 config-manager setopt "rpmfusion*".enabled=0
+fi
+
+# Always try to disable cisco repo (or add similar check)
+dnf5 config-manager setopt fedora-cisco-openh264.enabled=0
+
+## nvidia install steps
+dnf5 install -y "${AKMODNV_PATH}"/ublue-os/ublue-os-nvidia-addons-*.rpm
+
+# Install MULTILIB packages from negativo17-multimedia prior to disabling repo
+
+MULTILIB=(
+    mesa-dri-drivers.i686
+    mesa-filesystem.i686
+    mesa-libEGL.i686
+    mesa-libGL.i686
+    mesa-libgbm.i686
+    mesa-va-drivers.i686
+    mesa-vulkan-drivers.i686
+)
+
+dnf5 install -y "${MULTILIB[@]}"
+
+# enable repos provided by ublue-os-nvidia-addons (not enabling fedora-nvidia-lts)
+dnf5 config-manager setopt fedora-nvidia.enabled=1 nvidia-container-toolkit.enabled=1
+
+# Disable Multimedia
+NEGATIVO17_MULT_PREV_ENABLED=N
+if dnf5 repolist --enabled | grep -q "fedora-multimedia"; then
+    NEGATIVO17_MULT_PREV_ENABLED=Y
+    echo "disabling negativo17-fedora-multimedia to ensure negativo17-fedora-nvidia is used"
+    dnf5 config-manager setopt fedora-multimedia.enabled=0
+fi
+
+# Enable staging for supergfxctl if repo file exists
+if [[ -f /etc/yum.repos.d/_copr_ublue-os-staging.repo ]]; then
+    sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-staging.repo
+else
+    # Otherwise, retrieve the repo file for staging
+    curl -Lo /etc/yum.repos.d/_copr_ublue-os-staging.repo https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FRELEASE}"/ublue-os-staging-fedora-"${FRELEASE}".repo
+fi
+
+source "${AKMODNV_PATH}"/kmods/nvidia-vars
+
+dnf5 install -y \
+    libnvidia-fbc \
+    libnvidia-ml.i686 \
+    libva-nvidia-driver \
+    nvidia-driver \
+    nvidia-driver-cuda \
+    nvidia-driver-cuda-libs.i686 \
+    nvidia-driver-libs.i686 \
+    nvidia-settings \
+    nvidia-container-toolkit \
+    "${AKMODNV_PATH}"/kmods/kmod-nvidia-"${KERNEL_VERSION}"-"${NVIDIA_AKMOD_VERSION}"."${DIST_ARCH}".rpm
+
+# Ensure the version of the Nvidia module matches the driver
+KMOD_VERSION="$(rpm -q --queryformat '%{VERSION}' kmod-nvidia)"
+DRIVER_VERSION="$(rpm -q --queryformat '%{VERSION}' nvidia-driver)"
+if [ "$KMOD_VERSION" != "$DRIVER_VERSION" ]; then
+    echo "Error: kmod-nvidia version ($KMOD_VERSION) does not match nvidia-driver version ($DRIVER_VERSION)"
+    exit 1
+fi
+
+## nvidia post-install steps
+# disable repos provided by ublue-os-nvidia-addons
+dnf5 config-manager setopt fedora-nvidia.enabled=0 fedora-nvidia-lts.enabled=0 nvidia-container-toolkit.enabled=0
+
+# Disable staging
+sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_ublue-os-staging.repo
+
+systemctl enable ublue-nvctk-cdi.service
+semodule --verbose --install /usr/share/selinux/packages/nvidia-container.pp
+
+# Universal Blue specific Initramfs fixes
+cp /etc/modprobe.d/nvidia-modeset.conf /usr/lib/modprobe.d/nvidia-modeset.conf
+# we must force driver load to fix black screen on boot for nvidia desktops
+sed -i 's@omit_drivers@force_drivers@g' /usr/lib/dracut/dracut.conf.d/99-nvidia.conf
+# as we need forced load, also mustpre-load intel/amd iGPU else chromium web browsers fail to use hardware acceleration
+sed -i 's@ nvidia @ i915 amdgpu nvidia @g' /usr/lib/dracut/dracut.conf.d/99-nvidia.conf
+
+# re-enable negativo17-mutlimedia since we disabled it
+if [[ "${NEGATIVO17_MULT_PREV_ENABLED}" = "Y" ]]; then
+    dnf5 config-manager setopt fedora-multimedia.enabled=1
+fi

build_files/01_pre_desktop.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+cp /ctx/bootc-fetch-apply-updates.service /usr/lib/systemd/system/bootc-fetch-apply-updates.service
+cp /ctx/os-release /usr/lib/os-release
+
+echo "LANG=de_DE.UTF-8" >> /etc/default/locale
+ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
+ln -s /usr/bin/xdg-open /usr/bin/open
+
+dnf5 update -y --setopt=install_weak_deps=False
+dnf5 install -y man-pages man-db glibc-langpack-en glibc-langpack-de default-fonts-cjk plymouth git

build_files/02_gnome.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+dnf5 install -y --setopt=exclude=gnome-tour,malcontent-control \
+    gnome-shell \
+    gnome-terminal \
+    gnome-bluetooth \
+    gnome-calculator \
+    gnome-disk-utility \
+    gnome-extensions-app \
+    gnome-browser-connector \
+    gnome-backgrounds \
+    gnome-shell-extension-appindicator
+dnf5 install -y  \
+    totem \
+    nautilus \
+    seahorse \
+    gstreamer1-plugin-libav
+
+git clone https://github.com/Tudmotu/gnome-shell-extension-clipboard-indicator.git /usr/share/gnome-shell/extensions/clipboard-indicator@tudmotu.com

build_files/02_hyprland.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+dnf5 copr enable -y solopasha/hyprland
+dnf5 install -y \
+    hyprland \
+    hypridle \
+    hyprlock \
+    hyprpolkitagent \
+    waybar \
+    pavucontrol
+

build_files/03_post_desktop.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+dnf5 install -y \
+    gnome-keyring \
+    gnome-keyring-pam \
+    evolution \
+    fzf \
+    vlc \
+    curl \
+    btop \
+    tmux \
+    make \
+    xsel \
+    7zip \
+    nvtop \
+    direnv \
+    sqlite \
+    flatpak \
+    chromium \
+    pciutils \
+    tailscale \
+    podman-compose \
+    netcat tor torbrowser-launcher \
+    ansible-core ansible-collection-community-general \
+    pandoc-common pandoc-pdf texlive-collection-langgerman \
+    hugo
+
+flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
+
+systemctl enable tailscaled.service
+systemctl disable sshd.service
+
+# Install VSCode: https://packages.microsoft.com/yumrepos/vscode/
+curl -fsSLo /etc/yum.repos.d/vscode.repo https://packages.microsoft.com/yumrepos/vscode/config.repo
+rpm-ostree install code
+rm /etc/yum.repos.d/vscode.repo
+
+dnf5 install -y https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \
+                https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
+dnf5 install -y --allowerasing ffmpeg x265-libs
+
+# Install Veracrypt: https://veracrypt.io/en/Downloads.html
+dnf5 install -y https://launchpad.net/veracrypt/trunk/1.26.24/+download/veracrypt-1.26.24-Fedora-40-x86_64.rpm
+
+dnf5 remove  -y rpmfusion-free-release rpmfusion-nonfree-release
+dnf5 clean all

build_files/04_initramfs.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/bash
+
+set -eoux pipefail
+
+KERNEL_VERSION="$(rpm -q --queryformat="%{evr}.%{arch}" kernel-core)"
+
+# Ensure Initramfs is generated
+export DRACUT_NO_XATTR=1
+/usr/bin/dracut --no-hostonly --kver "${KERNEL_VERSION}" --reproducible -v --add ostree -f "/lib/modules/${KERNEL_VERSION}/initramfs.img"
+chmod 0600 "/lib/modules/${KERNEL_VERSION}/initramfs.img"

build_files/build.sh

@@ -1,27 +0,0 @@
-#!/bin/bash
-
-set -ouex pipefail
-cp /ctx/bootc-fetch-apply-updates.service /usr/lib/systemd/system/bootc-fetch-apply-updates.service
-cp /ctx/os-release /usr/lib/os-release
-
-dnf5 update -y --setopt=install_weak_deps=False
-dnf5 install -y man-pages man-db glibc-langpack-en glibc-langpack-de plymouth
-dnf5 install -y --setopt=exclude=gnome-tour,malcontent-control gnome-shell gnome-keyring gnome-keyring-pam gnome-bluetooth gnome-terminal nautilus seahorse evolution totem gstreamer1-plugin-libav gnome-extensions-app gnome-browser-connector gnome-shell-extension-appindicator
-dnf5 install -y gnome-calculator gnome-disk-utility gnome-backgrounds
-dnf5 install -y curl git btop nvtop tmux flatpak pciutils tailscale make fzf direnv xsel chromium pandoc-common pandoc-pdf texlive-collection-langgerman ansible-core ansible-collection-community-general vlc sqlite netcat tor torbrowser-launcher
-git clone https://github.com/Tudmotu/gnome-shell-extension-clipboard-indicator.git /usr/share/gnome-shell/extensions/clipboard-indicator@tudmotu.com
-flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
-echo "LANG=de_DE.UTF-8" >> /etc/default/locale
-ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
-ln -s /usr/bin/xdg-open /usr/bin/open
-systemctl enable tailscaled.service
-systemctl disable sshd.service
-# Install VSCode: https://packages.microsoft.com/yumrepos/vscode/
-curl -fsSLo /etc/yum.repos.d/vscode.repo https://packages.microsoft.com/yumrepos/vscode/config.repo
-rpm-ostree install code
-rm /etc/yum.repos.d/vscode.repo
-
-# Install Veracrypt: https://veracrypt.io/en/Downloads.html
-curl -fsSLo /tmp/veracrypt.rpm "https://launchpad.net/veracrypt/trunk/1.26.24/+download/veracrypt-1.26.24-Fedora-40-x86_64.rpm"
-rpm-ostree install -y /tmp/veracrypt.rpm
-rm /tmp/veracrypt.rpm

build_files/initramfs.sh

@@ -1,14 +0,0 @@
-#!/usr/bin/bash
-# https://github.com/ublue-os/bluefin/blob/ba5d621270982b245343abcae47b3393cc5cffb8/build_files/base/19-initramfs.sh
-
-echo "::group:: ===$(basename "$0")==="
-
-set -oue pipefail
-
-KERNEL_SUFFIX=""
-QUALIFIED_KERNEL="$(rpm -qa | grep -P 'kernel-(|'"$KERNEL_SUFFIX"'-)(\d+\.\d+\.\d+)' | sed -E 's/kernel-(|'"$KERNEL_SUFFIX"'-)//')"
-export DRACUT_NO_XATTR=1
-/usr/bin/dracut --no-hostonly --kver "$QUALIFIED_KERNEL" --reproducible -v --add ostree -f "/lib/modules/$QUALIFIED_KERNEL/initramfs.img"
-chmod 0600 "/lib/modules/$QUALIFIED_KERNEL/initramfs.img"
-
-echo "::endgroup::"

build_files/nvidia.sh

@@ -1,65 +0,0 @@
-#!/usr/bin/bash
-# based on https://raw.githubusercontent.com/ublue-os/bluefin/ba5d621270982b245343abcae47b3393cc5cffb8/build_files/base/03-install-kernel-akmods.sh
-
-echo "::group:: ===$(basename "$0")==="
-
-# Set Variables
-export AKMODS_FLAVOR=main
-export KERNEL="6.17.9-200.fc42.x86_64"
-export IMAGE_NAME=""
-
-set -eoux pipefail
-
-# Remove Existing Kernel
-for pkg in kernel kernel-core kernel-modules kernel-modules-core kernel-modules-extra; do
-    rpm --erase $pkg --nodeps
-done
-
-# Fetch Common AKMODS & Kernel RPMS
-skopeo copy --retry-times 3 docker://ghcr.io/ublue-os/akmods:"${AKMODS_FLAVOR}"-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods
-AKMODS_TARGZ=$(jq -r '.layers[].digest' </tmp/akmods/manifest.json | cut -d : -f 2)
-tar -xvzf /tmp/akmods/"$AKMODS_TARGZ" -C /tmp/
-mv /tmp/rpms/* /tmp/akmods/
-# NOTE: kernel-rpms should auto-extract into correct location
-
-# Install Kernel
-dnf5 -y install \
-    /tmp/kernel-rpms/kernel-[0-9]*.rpm \
-    /tmp/kernel-rpms/kernel-core-*.rpm \
-    /tmp/kernel-rpms/kernel-modules-*.rpm
-
-# TODO: Figure out why akmods cache is pulling in akmods/kernel-devel
-dnf5 -y install \
-    /tmp/kernel-rpms/kernel-devel-*.rpm
-
-dnf5 versionlock add kernel kernel-devel kernel-devel-matched kernel-core kernel-modules kernel-modules-core kernel-modules-extra
-
-# Everyone
-# NOTE: we won't use dnf5 copr plugin for ublue-os/akmods until our upstream provides the COPR standard naming
-sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo
-
-# Nvidia AKMODS
-
-# Fetch Nvidia RPMs
-skopeo copy --retry-times 3 docker://ghcr.io/ublue-os/akmods-nvidia-open:"${AKMODS_FLAVOR}"-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods-rpms
-NVIDIA_TARGZ=$(jq -r '.layers[].digest' </tmp/akmods-rpms/manifest.json | cut -d : -f 2)
-tar -xvzf /tmp/akmods-rpms/"$NVIDIA_TARGZ" -C /tmp/
-mv /tmp/rpms/* /tmp/akmods-rpms/
-
-# Monkey patch right now...
-if ! grep -q negativo17 <(rpm -qi mesa-dri-drivers); then
-    dnf5 -y swap --repo=updates-testing \
-        mesa-dri-drivers mesa-dri-drivers
-fi
-
-# Install Nvidia RPMs
-curl -sSL "https://raw.githubusercontent.com/ublue-os/main/0454e5857ac43c47e8d0b365a1c6a3912a5f9859/build_files/nvidia-install.sh" -o /tmp/nvidia-install.sh
-chmod +x /tmp/nvidia-install.sh
-/tmp/nvidia-install.sh
-rm -f /usr/share/vulkan/icd.d/nouveau_icd.*.json
-ln -sf libnvidia-ml.so.1 /usr/lib64/libnvidia-ml.so
-tee /usr/lib/bootc/kargs.d/00-nvidia.toml <<EOF
-kargs = ["rd.driver.blacklist=nouveau", "modprobe.blacklist=nouveau", "nvidia-drm.modeset=1", "initcall_blacklist=simpledrm_platform_driver_init"]
-EOF
-
-echo "::endgroup::"

build_files/os-release

@@ -2,4 +2,4 @@ NAME="ManInDark bootc Linux"
 ID=manindark-linux
 PRETTY_NAME="ManInDark's bootc Linux"
 VARIANT_ID=desktop
-VERSION_ID=42
+VERSION_ID=43