# Originally generated from https://github.com/wayblueorg/wayblue # This stage is responsible for holding onto # your config without copying it directly into # the final image FROM scratch AS stage-files COPY ./files /files # Copy modules # The default modules are inside blue-build/modules # Custom modules overwrite defaults FROM scratch AS stage-modules COPY --from=ghcr.io/blue-build/modules:latest /modules /modules COPY ./modules /modules # Bins to install # These are basic tools that are added to all images. # Generally used for the build process. We use a multi # stage process so that adding the bins into the image # can be added to the ostree commits. FROM scratch AS stage-bins COPY --from=gcr.io/projectsigstore/cosign /ko-app/cosign /bins/cosign COPY --from=docker.io/mikefarah/yq /usr/bin/yq /bins/yq COPY --from=ghcr.io/blue-build/cli:latest-installer /out/bluebuild /bins/bluebuild # Keys for pre-verified images # Used to copy the keys into the final image # and perform an ostree commit. # # Currently only holds the current image's # public key. FROM scratch AS stage-keys COPY cosign.pub /keys/river.pub # Main image FROM quay.io/fedora-ostree-desktops/base:41 AS river ARG RECIPE=./recipes/recipe-river.yml ARG IMAGE_REGISTRY=localhost ARG CONFIG_DIRECTORY="/tmp/files" ARG MODULE_DIRECTORY="/tmp/modules" ARG IMAGE_NAME="river" ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/base" ARG FORCE_COLOR=1 ARG CLICOLOR_FORCE=1 ARG RUST_LOG_STYLE=always # Key RUN RUN --mount=type=bind,from=stage-keys,src=/keys,dst=/tmp/keys \ mkdir -p /etc/pki/containers/ \ mkdir -p /usr/etc/pki/containers/ \ && cp /tmp/keys/* /etc/pki/containers/ \ && cp /tmp/keys/* /usr/etc/pki/containers/ \ && ostree container commit # Bin RUN RUN --mount=type=bind,from=stage-bins,src=/bins,dst=/tmp/bins \ mkdir -p /usr/bin/ \ && cp /tmp/bins/* /usr/bin/ \ && ostree container commit # Module RUNs RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["sddm","sddm-themes","qt5-qtgraphicaleffects","qt5-qtquickcontrols2","qt5-qtsvg","kwallet","pam-kwallet"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["setsddmtheming.sh"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'systemd' '{"type":"systemd","system":{"enabled":["sddm-boot.service"]}}' \ && ostree container commit COPY --from=ghcr.io/ublue-os/akmods:main-41 /rpms /tmp/rpms RUN find /tmp/rpms RUN rpm -q ublue-os-akmods-addons || rpm-ostree install /tmp/rpms/ublue-os/ublue-os-akmods-addons*.rpm COPY --from=ghcr.io/ublue-os/main-kernel:41 /tmp/rpms /tmp/rpms/kernel RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["installsignedkernel.sh"]}' \ && ostree container commit RUN rpm-ostree install just powerstat COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-udev-rules.noarch.rpm / COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-update-services.noarch.rpm / COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-signing.noarch.rpm / COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-luks.noarch.rpm / COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-just.noarch.rpm / RUN rpm -ivh /ublue-os-udev-rules.noarch.rpm RUN rpm -ivh /ublue-os-update-services.noarch.rpm RUN rpm -ivh /ublue-os-signing.noarch.rpm RUN rpm -ivh /ublue-os-luks.noarch.rpm RUN rpm -ivh /ublue-os-just.noarch.rpm RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["installandroidudev.sh","installrpmfusion.sh"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["rofi-wayland","power-profiles-daemon","xorg-x11-server-Xwayland","headsetcontrol","mediainfo","polkit","xfce-polkit","fprintd-pam","xdg-user-dirs","dbus-tools","dbus-daemon","wl-clipboard","pavucontrol","playerctl","qt5-qtwayland","qt6-qtwayland","vulkan-validation-layers","vulkan-tools","google-noto-emoji-fonts","gnome-disk-utility","ddcutil","openssl","vim","just","alsa-firmware","p7zip","unrar","wireplumber","pipewire","pamixer","pulseaudio-utils","network-manager-applet","NetworkManager-openvpn","NetworkManager-openconnect","bluez","bluez-tools","blueman","firewall-config","thunar","thunar-archive-plugin","thunar-volman","xarchiver","imv","p7zip","gvfs-mtp","gvfs-gphoto2","gvfs-smb","gvfs-nfs","gvfs-fuse","gvfs-archive","android-tools","slurp","grim","wlr-randr","wlsunset","brightnessctl","kanshi","dunst","adwaita-qt5","fontawesome-fonts-all","gnome-themes-extra","gnome-icon-theme","paper-icon-theme","breeze-icon-theme","papirus-icon-theme"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["installproprietarypackages.sh"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["heif-pixbuf-loader","ffmpeg","ffmpeg-libs","ffmpegthumbnailer","pipewire-libs-extra","libfdk-aac","gstreamer1-plugins-bad","gstreamer1-plugins-ugly"],"remove":["gstreamer1-plugins-bad-free","gstreamer1-plugins-bad-free-libs","gstreamer1-plugins-ugly-free","fdk-aac-free","ffmpeg-free","libavcodec-free","libavdevice-free","libavfilter-free","libavformat-free","libavutil-free","libpostproc-free","libswresample-free","libswscale-free"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["removeunusedrepos.sh"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'files' '{"type":"files","files":[{"source":"system/usr","destination":"/usr"},{"source":"system/etc","destination":"/etc"}]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'gschema-overrides' '{"type":"gschema-overrides","include":["zz1-secureblue-theming.gschema.override"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["settheming.sh","addbrewjustimport.sh"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'wayblue-signing' '{"type":"wayblue-signing"}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["river","waybar","xdg-desktop-portal-wlr","xdg-desktop-portal-gtk","foot","swaylock","swayidle"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'files' '{"type":"files","files":[{"source":"system/river","destination":"/"}]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["setriverwaybarmodules.sh"]}' \ && ostree container commit RUN \ --mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \ --mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \ --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \ /tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["removeunusedrepos.sh","regenerateinitramfs.sh"]}' \ && ostree container commit RUN --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/scripts/ \ /scripts/post_build.sh # Labels are added last since they cause cache misses with buildah LABEL org.blue-build.build-id="a3459c17-7a25-4df6-9c32-5578138f7870" LABEL org.opencontainers.image.title="river" LABEL org.opencontainers.image.description="ublue images for wayland compositors" LABEL org.opencontainers.image.source="" LABEL io.artifacthub.package.readme-url=https://raw.githubusercontent.com/blue-build/cli/main/README.md