fix: move nautilus to post desktop

Containerfile

@@ -1,23 +1,10 @@
 FROM scratch AS ctx
 COPY build_files /
 
-FROM ghcr.io/ublue-os/akmods:main-43 AS akmods
+FROM ghcr.io/ublue-os/base-nvidia:43
-
-FROM ghcr.io/ublue-os/akmods-nvidia-open:main-43 AS akmods_nvidia
-
-FROM ghcr.io/ublue-os/base-main:43
 
 RUN rm -r /opt && mkdir /opt
 
-RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
-    --mount=type=cache,dst=/var/cache \
-    --mount=type=cache,dst=/var/log \
-    --mount=type=tmpfs,dst=/tmp \
-    --mount=type=bind,from=akmods,src=/rpms/ublue-os,dst=/tmp/akmods-rpms \
-    --mount=type=bind,from=akmods,src=/kernel-rpms,dst=/tmp/kernel-rpms \
-    --mount=type=bind,from=akmods_nvidia,src=/rpms,dst=/tmp/akmods-nv-rpms \
-    /ctx/00_nvidia.sh
-
 RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
     --mount=type=cache,dst=/var/cache \
     --mount=type=cache,dst=/var/log \
@@ -38,10 +25,4 @@ RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
     --mount=type=tmpfs,dst=/tmp \
     /ctx/03_post_desktop.sh
 
-RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
-    --mount=type=cache,dst=/var/cache \
-    --mount=type=cache,dst=/var/log \
-    --mount=type=tmpfs,dst=/tmp \
-    /ctx/04_initramfs.sh
-
 RUN bootc container lint

build_files/00_nvidia.sh

@@ -1,103 +0,0 @@
-#!/bin/bash
-
-set -ouex pipefail
-
-FRELEASE="$(rpm -E %fedora)"
-: "${AKMODNV_PATH:=/tmp/akmods-nv-rpms}"
-
-
-# this is only to aid in human understanding of any issues in CI
-find "${AKMODNV_PATH}"/
-
-if ! command -v dnf5 >/dev/null; then
-    echo "Requires dnf5... Exiting"
-    exit 1
-fi
-
-# Check if any rpmfusion repos exist before trying to disable them
-if dnf5 repolist --all | grep -q rpmfusion; then
-    dnf5 config-manager setopt "rpmfusion*".enabled=0
-fi
-
-# Always try to disable cisco repo (or add similar check)
-dnf5 config-manager setopt fedora-cisco-openh264.enabled=0
-
-## nvidia install steps
-dnf5 install -y "${AKMODNV_PATH}"/ublue-os/ublue-os-nvidia-addons-*.rpm
-
-# Install MULTILIB packages from negativo17-multimedia prior to disabling repo
-
-MULTILIB=(
-    mesa-dri-drivers.i686
-    mesa-filesystem.i686
-    mesa-libEGL.i686
-    mesa-libGL.i686
-    mesa-libgbm.i686
-    mesa-va-drivers.i686
-    mesa-vulkan-drivers.i686
-)
-
-dnf5 install -y "${MULTILIB[@]}"
-
-# enable repos provided by ublue-os-nvidia-addons (not enabling fedora-nvidia-lts)
-dnf5 config-manager setopt fedora-nvidia.enabled=1 nvidia-container-toolkit.enabled=1
-
-# Disable Multimedia
-NEGATIVO17_MULT_PREV_ENABLED=N
-if dnf5 repolist --enabled | grep -q "fedora-multimedia"; then
-    NEGATIVO17_MULT_PREV_ENABLED=Y
-    echo "disabling negativo17-fedora-multimedia to ensure negativo17-fedora-nvidia is used"
-    dnf5 config-manager setopt fedora-multimedia.enabled=0
-fi
-
-# Enable staging for supergfxctl if repo file exists
-if [[ -f /etc/yum.repos.d/_copr_ublue-os-staging.repo ]]; then
-    sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-staging.repo
-else
-    # Otherwise, retrieve the repo file for staging
-    curl -Lo /etc/yum.repos.d/_copr_ublue-os-staging.repo https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FRELEASE}"/ublue-os-staging-fedora-"${FRELEASE}".repo
-fi
-
-source "${AKMODNV_PATH}"/kmods/nvidia-vars
-
-dnf5 install -y \
-    libnvidia-fbc \
-    libnvidia-ml.i686 \
-    libva-nvidia-driver \
-    nvidia-driver \
-    nvidia-driver-cuda \
-    nvidia-driver-cuda-libs.i686 \
-    nvidia-driver-libs.i686 \
-    nvidia-settings \
-    nvidia-container-toolkit \
-    "${AKMODNV_PATH}"/kmods/kmod-nvidia-"${KERNEL_VERSION}"-"${NVIDIA_AKMOD_VERSION}"."${DIST_ARCH}".rpm
-
-# Ensure the version of the Nvidia module matches the driver
-KMOD_VERSION="$(rpm -q --queryformat '%{VERSION}' kmod-nvidia)"
-DRIVER_VERSION="$(rpm -q --queryformat '%{VERSION}' nvidia-driver)"
-if [ "$KMOD_VERSION" != "$DRIVER_VERSION" ]; then
-    echo "Error: kmod-nvidia version ($KMOD_VERSION) does not match nvidia-driver version ($DRIVER_VERSION)"
-    exit 1
-fi
-
-## nvidia post-install steps
-# disable repos provided by ublue-os-nvidia-addons
-dnf5 config-manager setopt fedora-nvidia.enabled=0 fedora-nvidia-lts.enabled=0 nvidia-container-toolkit.enabled=0
-
-# Disable staging
-sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_ublue-os-staging.repo
-
-systemctl enable ublue-nvctk-cdi.service
-semodule --verbose --install /usr/share/selinux/packages/nvidia-container.pp
-
-# Universal Blue specific Initramfs fixes
-cp /etc/modprobe.d/nvidia-modeset.conf /usr/lib/modprobe.d/nvidia-modeset.conf
-# we must force driver load to fix black screen on boot for nvidia desktops
-sed -i 's@omit_drivers@force_drivers@g' /usr/lib/dracut/dracut.conf.d/99-nvidia.conf
-# as we need forced load, also mustpre-load intel/amd iGPU else chromium web browsers fail to use hardware acceleration
-sed -i 's@ nvidia @ i915 amdgpu nvidia @g' /usr/lib/dracut/dracut.conf.d/99-nvidia.conf
-
-# re-enable negativo17-mutlimedia since we disabled it
-if [[ "${NEGATIVO17_MULT_PREV_ENABLED}" = "Y" ]]; then
-    dnf5 config-manager setopt fedora-multimedia.enabled=1
-fi

build_files/01_pre_desktop.sh

@@ -9,5 +9,5 @@ echo "LANG=de_DE.UTF-8" >> /etc/default/locale
 ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
 ln -s /usr/bin/xdg-open /usr/bin/open
 
-dnf5 update -y --setopt=install_weak_deps=False
+# dnf5 update -y --setopt=install_weak_deps=False --setopt=install_deps=False
 dnf5 install -y man-pages man-db glibc-langpack-en glibc-langpack-de default-fonts-cjk plymouth git

build_files/02_gnome.sh

@@ -14,7 +14,6 @@ dnf5 install -y --setopt=exclude=gnome-tour,malcontent-control \
     gnome-shell-extension-appindicator
 dnf5 install -y  \
     totem \
-    nautilus \
     seahorse \
     gstreamer1-plugin-libav
 

build_files/02_hyprland.sh

@@ -3,15 +3,16 @@
 set -ouex pipefail
 
 dnf5 copr enable -y solopasha/hyprland
+dnf5 copr enable -y erikreider/SwayNotificationCenter
 dnf5 install -y \
     hyprland \
     hypridle \
     hyprlock \
+    hyprshot \
     hyprpolkitagent \
     waybar \
-    pavucontrol
+    pavucontrol \
+    cliphist \
+    SwayNotificationCenter-git
 
-cp /ctx/hypr* /usr/lib/systemd/system
+echo 'if [[ $(ps aux | grep hyprland | wc -l) -eq 1 ]]; then cd $HOME && echo "launch hyprland?" && read && systemd-run --user --service-type=exec --unit=hyprland --description="hyprland start service" hyprland ; fi' >> /etc/profile.d/launch_hyprland.sh
-for service in $(ls /ctx/hypr*); do
-	systemctl enable $service;
-done

build_files/03_post_desktop.sh

@@ -20,6 +20,7 @@ dnf5 install -y \
     flatpak \
     chromium \
     pciutils \
+    nautilus \
     tailscale \
     podman-compose \
     netcat tor torbrowser-launcher \
@@ -46,3 +47,6 @@ dnf5 install -y https://launchpad.net/veracrypt/trunk/1.26.24/+download/veracryp
 
 dnf5 remove  -y rpmfusion-free-release rpmfusion-nonfree-release
 dnf5 clean all
+
+cp /ctx/login /etc/pam.d
+

build_files/04_initramfs.sh

@@ -1,10 +0,0 @@
-#!/usr/bin/bash
-
-set -eoux pipefail
-
-KERNEL_VERSION="$(rpm -q --queryformat="%{evr}.%{arch}" kernel-core)"
-
-# Ensure Initramfs is generated
-export DRACUT_NO_XATTR=1
-/usr/bin/dracut --no-hostonly --kver "${KERNEL_VERSION}" --reproducible -v --add ostree -f "/lib/modules/${KERNEL_VERSION}/initramfs.img"
-chmod 0600 "/lib/modules/${KERNEL_VERSION}/initramfs.img"

build_files/hyprland.service

@@ -1,50 +0,0 @@
-# /usr/lib/systemd/system/gdm.service
-[Unit]
-Description=Hyprland
-
-# replaces the getty
-Conflicts=getty@tty1.service
-After=getty@tty1.service
-
-# replaces plymouth-quit since it quits plymouth on its own
-Conflicts=plymouth-quit.service
-After=plymouth-quit.service
-
-# Needs all the dependencies of the services it's replacing
-# pulled from getty@.service and plymouth-quit.service
-# (except for plymouth-quit-wait.service since it waits until
-# plymouth is quit, which we do)
-After=rc-local.service plymouth-start.service systemd-user-sessions.service
-
-# GDM takes responsibility for stopping plymouth, so if it fails
-# for any reason, make sure plymouth still stops
-OnFailure=plymouth-quit.service
-
-[Service]
-ExecStart=/usr/bin/hyprland
-KillMode=mixed
-Restart=always
-IgnoreSIGPIPE=no
-BusName=org.freedesktop.portal.Desktop
-EnvironmentFile=-/etc/locale.conf
-ExecReload=/bin/kill -SIGHUP $MAINPID
-KeyringMode=shared
-
-[Install]
-Alias=display-manager.service
-
-# /usr/lib/systemd/system/service.d/10-timeout-abort.conf
-# This file is part of the systemd package.
-# See https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer.
-#
-# To facilitate debugging when a service fails to stop cleanly,
-# TimeoutStopFailureMode=abort is set to "crash" services that fail to stop in
-# the time allotted. This will cause the service to be terminated with SIGABRT
-# and a coredump to be generated.
-#
-# To undo this configuration change, create a mask file:
-#   sudo mkdir -p /etc/systemd/system/service.d
-#   sudo ln -sv /dev/null /etc/systemd/system/service.d/10-timeout-abort.conf
-
-[Service]
-TimeoutStopFailureMode=abort

build_files/login

@@ -0,0 +1,18 @@
+#%PAM-1.0
+auth       substack     system-auth
+auth       include      postlogin
+auth       optional	pam_gnome_keyring.so
+account    required     pam_nologin.so
+account    include      system-auth
+password   include      system-auth
+# pam_selinux.so close should be the first session rule
+session    required     pam_selinux.so close
+session    required     pam_loginuid.so
+# pam_selinux.so open should only be followed by sessions to be executed in the user context
+session    required     pam_selinux.so open
+session    required     pam_namespace.so
+session    optional     pam_keyinit.so force revoke
+session    include      system-auth
+session    include      postlogin
+-session   optional     pam_ck_connector.so
+session    optional	pam_gnome_keyring.so auto_start