alecodes/boxes
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
boxes/ostree-images/river/Dockerfile

206 lines
13 KiB
Docker
Raw Blame History

# Originally generated from https://github.com/wayblueorg/wayblue
# This stage is responsible for holding onto
# your config without copying it directly into
# the final image
FROM scratch AS stage-files
COPY ./files /files
# Copy modules
# The default modules are inside blue-build/modules
# Custom modules overwrite defaults
FROM scratch AS stage-modules
COPY --from=ghcr.io/blue-build/modules:latest /modules /modules
COPY ./modules /modules
# Bins to install
# These are basic tools that are added to all images.
# Generally used for the build process. We use a multi
# stage process so that adding the bins into the image
# can be added to the ostree commits.
FROM scratch AS stage-bins
COPY --from=gcr.io/projectsigstore/cosign /ko-app/cosign /bins/cosign
COPY --from=docker.io/mikefarah/yq /usr/bin/yq /bins/yq
COPY --from=ghcr.io/blue-build/cli:latest-installer /out/bluebuild /bins/bluebuild
# Keys for pre-verified images
# Used to copy the keys into the final image
# and perform an ostree commit.
#
# Currently only holds the current image's
# public key.
FROM scratch AS stage-keys
COPY cosign.pub /keys/river.pub
# Main image
FROM quay.io/fedora-ostree-desktops/base:41 AS river
ARG RECIPE=./recipes/recipe-river.yml
ARG IMAGE_REGISTRY=localhost
ARG CONFIG_DIRECTORY="/tmp/files"
ARG MODULE_DIRECTORY="/tmp/modules"
ARG IMAGE_NAME="river"
ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/base"
ARG FORCE_COLOR=1
ARG CLICOLOR_FORCE=1
ARG RUST_LOG_STYLE=always
# Key RUN
RUN --mount=type=bind,from=stage-keys,src=/keys,dst=/tmp/keys \
mkdir -p /etc/pki/containers/ \
mkdir -p /usr/etc/pki/containers/ \
&& cp /tmp/keys/* /etc/pki/containers/ \
&& cp /tmp/keys/* /usr/etc/pki/containers/ \
&& ostree container commit
# Bin RUN
RUN --mount=type=bind,from=stage-bins,src=/bins,dst=/tmp/bins \
mkdir -p /usr/bin/ \
&& cp /tmp/bins/* /usr/bin/ \
&& ostree container commit
# Module RUNs
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["sddm","sddm-themes","qt5-qtgraphicaleffects","qt5-qtquickcontrols2","qt5-qtsvg","kwallet","pam-kwallet"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["setsddmtheming.sh"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'systemd' '{"type":"systemd","system":{"enabled":["sddm-boot.service"]}}' \
&& ostree container commit
COPY --from=ghcr.io/ublue-os/akmods:main-41 /rpms /tmp/rpms
RUN find /tmp/rpms
RUN rpm -q ublue-os-akmods-addons || rpm-ostree install /tmp/rpms/ublue-os/ublue-os-akmods-addons*.rpm
COPY --from=ghcr.io/ublue-os/main-kernel:41 /tmp/rpms /tmp/rpms/kernel
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["installsignedkernel.sh"]}' \
&& ostree container commit
RUN rpm-ostree install just powerstat
COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-udev-rules.noarch.rpm /
COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-update-services.noarch.rpm /
COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-signing.noarch.rpm /
COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-luks.noarch.rpm /
COPY --from=ghcr.io/ublue-os/config:latest /rpms/ublue-os-just.noarch.rpm /
RUN rpm -ivh /ublue-os-udev-rules.noarch.rpm
RUN rpm -ivh /ublue-os-update-services.noarch.rpm
RUN rpm -ivh /ublue-os-signing.noarch.rpm
RUN rpm -ivh /ublue-os-luks.noarch.rpm
RUN rpm -ivh /ublue-os-just.noarch.rpm
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["installandroidudev.sh","installrpmfusion.sh"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["rofi-wayland","power-profiles-daemon","xorg-x11-server-Xwayland","headsetcontrol","mediainfo","polkit","xfce-polkit","fprintd-pam","xdg-user-dirs","dbus-tools","dbus-daemon","wl-clipboard","pavucontrol","playerctl","qt5-qtwayland","qt6-qtwayland","vulkan-validation-layers","vulkan-tools","google-noto-emoji-fonts","gnome-disk-utility","ddcutil","openssl","vim","just","alsa-firmware","p7zip","unrar","wireplumber","pipewire","pamixer","pulseaudio-utils","network-manager-applet","NetworkManager-openvpn","NetworkManager-openconnect","bluez","bluez-tools","blueman","firewall-config","thunar","thunar-archive-plugin","thunar-volman","xarchiver","imv","p7zip","gvfs-mtp","gvfs-gphoto2","gvfs-smb","gvfs-nfs","gvfs-fuse","gvfs-archive","android-tools","slurp","grim","wlr-randr","wlsunset","brightnessctl","kanshi","dunst","adwaita-qt5","fontawesome-fonts-all","gnome-themes-extra","gnome-icon-theme","paper-icon-theme","breeze-icon-theme","papirus-icon-theme"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["installproprietarypackages.sh"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["heif-pixbuf-loader","ffmpeg","ffmpeg-libs","ffmpegthumbnailer","pipewire-libs-extra","libfdk-aac","gstreamer1-plugins-bad","gstreamer1-plugins-ugly"],"remove":["gstreamer1-plugins-bad-free","gstreamer1-plugins-bad-free-libs","gstreamer1-plugins-ugly-free","fdk-aac-free","ffmpeg-free","libavcodec-free","libavdevice-free","libavfilter-free","libavformat-free","libavutil-free","libpostproc-free","libswresample-free","libswscale-free"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["removeunusedrepos.sh"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'files' '{"type":"files","files":[{"source":"system/usr","destination":"/usr"},{"source":"system/etc","destination":"/etc"}]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'gschema-overrides' '{"type":"gschema-overrides","include":["zz1-secureblue-theming.gschema.override"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["settheming.sh","addbrewjustimport.sh"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'wayblue-signing' '{"type":"wayblue-signing"}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'rpm-ostree' '{"type":"rpm-ostree","install":["river","waybar","xdg-desktop-portal-wlr","xdg-desktop-portal-gtk","foot","swaylock","swayidle"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'files' '{"type":"files","files":[{"source":"system/river","destination":"/"}]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["setriverwaybarmodules.sh"]}' \
&& ostree container commit
RUN \
--mount=type=bind,from=stage-files,src=/files,dst=/tmp/files,rw \
--mount=type=bind,from=stage-modules,src=/modules,dst=/tmp/modules,rw \
--mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/tmp/scripts/ \
--mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-river-41,sharing=locked \
/tmp/scripts/run_module.sh 'script' '{"type":"script","scripts":["removeunusedrepos.sh","regenerateinitramfs.sh"]}' \
&& ostree container commit
RUN --mount=type=bind,from=ghcr.io/blue-build/cli:7c5578994e79d13d8780406600dc796422e22c8c-build-scripts,src=/scripts/,dst=/scripts/ \
/scripts/post_build.sh
# Labels are added last since they cause cache misses with buildah
LABEL org.blue-build.build-id="a3459c17-7a25-4df6-9c32-5578138f7870"
LABEL org.opencontainers.image.title="river"
LABEL org.opencontainers.image.description="ublue images for wayland compositors"
LABEL org.opencontainers.image.source=""
LABEL io.artifacthub.package.readme-url=https://raw.githubusercontent.com/blue-build/cli/main/README.md
Reference in a new issue View git blame Copy permalink