From 854ce5d0091d12bbf2d7ccf700a8bf2900de7ec9 Mon Sep 17 00:00:00 2001 From: Lukas Greve Date: Sun, 14 Dec 2025 09:49:37 +0100 Subject: [PATCH] new devel recipes --- dishes/virtual-desktop-hypervisor.cfg | 51 +++- dishes/virtual-desktop-hypervisor_devel.cfg | 292 ++++++++++++++++++++ dishes/virtual-desktop.cfg | 164 ++++++++++- dishes/virtual-desktop_devel.cfg | 181 ++++++++++++ dishes/virtual-server-hypervisor_devel.cfg | 143 ++++++++++ dishes/virtual-server_devel.cfg | 96 +++++++ 6 files changed, 918 insertions(+), 9 deletions(-) create mode 100644 dishes/virtual-desktop-hypervisor_devel.cfg create mode 100644 dishes/virtual-desktop_devel.cfg create mode 100644 dishes/virtual-server-hypervisor_devel.cfg create mode 100644 dishes/virtual-server_devel.cfg diff --git a/dishes/virtual-desktop-hypervisor.cfg b/dishes/virtual-desktop-hypervisor.cfg index 03c7f10..9e77a0f 100644 --- a/dishes/virtual-desktop-hypervisor.cfg +++ b/dishes/virtual-desktop-hypervisor.cfg @@ -3,7 +3,9 @@ # Use text mode install text # Firewall configuration -firewall --enabled --service=ssh +firewall --enabled +# Run the Setup Agent on first boot +firstboot --reconfig # Keyboard layouts keyboard --xlayouts='ch (fr)' # System language @@ -13,10 +15,10 @@ network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Shutdown after installation shutdown repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64 -# Root password -rootpw --plaintext --allow-ssh 1234 +#Root password +rootpw --lock # SELinux configuration -selinux --disabled +selinux --enforcing # System services services --enabled="NetworkManager,systemd-resolved,libvirtd" # System timezone @@ -36,6 +38,27 @@ part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winn part /boot --fstype="ext4" --size=512 --label=boot part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" +%post --logfile=/mnt/sysimage/root/post.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system + +%end + +%post --nochroot --logfile=/mnt/sysimage/root/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + %post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF @@ -202,9 +225,16 @@ mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso image NetworkManager NetworkManager-config-connectivity-fedora NetworkManager-wifi +alsa-sof-firmware +amd-gpu-firmware +atheros-firmware audit +b43-fwcutter +b43-openfwwf basesystem bash +brcmfmac-firmware +cirrus-audio-firmware coreutils curl dejavu-sans-mono-fonts @@ -226,14 +256,22 @@ generic-release-notes glibc gnome-backgrounds.noarch gnome-control-center +gnome-initial-setup gnome-shell gnome-terminal hostname +intel-audio-firmware +intel-gpu-firmware +intel-vsc-firmware iproute iputils +iwlegacy-firmware +iwlwifi-dvm-firmware +iwlwifi-mvm-firmware kbd kernel less +libertas-firmware libusb libvirt libvirt-client @@ -253,8 +291,11 @@ libvirt-nss man-db mesa-dri-drivers mozilla-ublock-origin.noarch +mt7xxx-firmware nano ncurses +nvidia-gpu-firmware +nxpwireless-firmware openssh-clients openssh-server parted @@ -268,6 +309,7 @@ prefixdevname procps-ng qemu-guest-agent qemu-kvm +realtek-firmware rootfiles rpm selinux-policy-targeted @@ -279,6 +321,7 @@ sssd-kcm sudo systemd systemd-resolved +tiwilink-firmware usbutils util-linux vim-minimal diff --git a/dishes/virtual-desktop-hypervisor_devel.cfg b/dishes/virtual-desktop-hypervisor_devel.cfg new file mode 100644 index 0000000..03c7f10 --- /dev/null +++ b/dishes/virtual-desktop-hypervisor_devel.cfg @@ -0,0 +1,292 @@ +# Generated by pykickstart v3.62 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled --service=ssh +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64 +# Root password +rootpw --plaintext --allow-ssh 1234 +# SELinux configuration +selinux --disabled +# System services +services --enabled="NetworkManager,systemd-resolved,libvirtd" +# System timezone +timezone Europe/Zurich --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=512 --label=boot +part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" + +%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log + +# cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +# [org.gnome.desktop.background] +# picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +# EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account. + +# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit +# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'. +# virsh pool-build isos # Build the pool +# virsh pool-start isos # Start it +# virsh pool-autostart isos # Set-it to autostart + +# fetch custom script and make it executable +# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml +# virsh define linux.xml + +# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml +# virsh define windows.xml + +%end + +%packages --exclude-weakdeps +NetworkManager +NetworkManager-config-connectivity-fedora +NetworkManager-wifi +audit +basesystem +bash +coreutils +curl +dejavu-sans-mono-fonts +dhcp-client +dnf5 +dnf5-plugins +dracut +dracut-config-rescue +e2fsprogs +fedora-remix-logos +filesystem +firefox +firewalld +fwupd +generic-logos +generic-release +generic-release-common +generic-release-notes +glibc +gnome-backgrounds.noarch +gnome-control-center +gnome-shell +gnome-terminal +hostname +iproute +iputils +kbd +kernel +less +libusb +libvirt +libvirt-client +libvirt-client-qemu +libvirt-daemon +libvirt-daemon-common +libvirt-daemon-config-network +libvirt-daemon-driver-ch +libvirt-daemon-driver-interface +libvirt-daemon-driver-network +libvirt-daemon-driver-qemu +libvirt-daemon-kvm +libvirt-daemon-log +libvirt-daemon-qemu +libvirt-dbus +libvirt-nss +man-db +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +ncurses +openssh-clients +openssh-server +parted +pciutils +pipewire-alsa +pipewire-jack-audio-connection-kit +pipewire-pulseaudio +plymouth +policycoreutils +prefixdevname +procps-ng +qemu-guest-agent +qemu-kvm +rootfiles +rpm +selinux-policy-targeted +setup +shadow-utils +spice-vdagent +sssd-common +sssd-kcm +sudo +systemd +systemd-resolved +usbutils +util-linux +vim-minimal +virt-install +virt-manager +wget +wpa_supplicant +zram-generator-defaults +-gnome-tour + +%end diff --git a/dishes/virtual-desktop.cfg b/dishes/virtual-desktop.cfg index a9fd783..9e77a0f 100644 --- a/dishes/virtual-desktop.cfg +++ b/dishes/virtual-desktop.cfg @@ -3,7 +3,9 @@ # Use text mode install text # Firewall configuration -firewall --enabled --service=ssh +firewall --enabled +# Run the Setup Agent on first boot +firstboot --reconfig # Keyboard layouts keyboard --xlayouts='ch (fr)' # System language @@ -13,12 +15,12 @@ network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Shutdown after installation shutdown repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64 -# Root password -rootpw --plaintext --allow-ssh 1234 +#Root password +rootpw --lock # SELinux configuration -selinux --disabled +selinux --enforcing # System services -services --enabled="NetworkManager,systemd-resolved" +services --enabled="NetworkManager,systemd-resolved,libvirtd" # System timezone timezone Europe/Zurich --utc # Use network installation @@ -36,6 +38,27 @@ part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winn part /boot --fstype="ext4" --size=512 --label=boot part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" +%post --logfile=/mnt/sysimage/root/post.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system + +%end + +%post --nochroot --logfile=/mnt/sysimage/root/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + %post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF @@ -105,13 +128,113 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ %end +%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account. + +# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit +# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'. +# virsh pool-build isos # Build the pool +# virsh pool-start isos # Start it +# virsh pool-autostart isos # Set-it to autostart + +# fetch custom script and make it executable +# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml +# virsh define linux.xml + +# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml +# virsh define windows.xml + +%end + %packages --exclude-weakdeps NetworkManager NetworkManager-config-connectivity-fedora NetworkManager-wifi +alsa-sof-firmware +amd-gpu-firmware +atheros-firmware audit +b43-fwcutter +b43-openfwwf basesystem bash +brcmfmac-firmware +cirrus-audio-firmware coreutils curl dejavu-sans-mono-fonts @@ -133,20 +256,46 @@ generic-release-notes glibc gnome-backgrounds.noarch gnome-control-center +gnome-initial-setup gnome-shell gnome-terminal hostname +intel-audio-firmware +intel-gpu-firmware +intel-vsc-firmware iproute iputils +iwlegacy-firmware +iwlwifi-dvm-firmware +iwlwifi-mvm-firmware kbd kernel less +libertas-firmware libusb +libvirt +libvirt-client +libvirt-client-qemu +libvirt-daemon +libvirt-daemon-common +libvirt-daemon-config-network +libvirt-daemon-driver-ch +libvirt-daemon-driver-interface +libvirt-daemon-driver-network +libvirt-daemon-driver-qemu +libvirt-daemon-kvm +libvirt-daemon-log +libvirt-daemon-qemu +libvirt-dbus +libvirt-nss man-db mesa-dri-drivers mozilla-ublock-origin.noarch +mt7xxx-firmware nano ncurses +nvidia-gpu-firmware +nxpwireless-firmware openssh-clients openssh-server parted @@ -159,6 +308,8 @@ policycoreutils prefixdevname procps-ng qemu-guest-agent +qemu-kvm +realtek-firmware rootfiles rpm selinux-policy-targeted @@ -170,9 +321,12 @@ sssd-kcm sudo systemd systemd-resolved +tiwilink-firmware usbutils util-linux vim-minimal +virt-install +virt-manager wget wpa_supplicant zram-generator-defaults diff --git a/dishes/virtual-desktop_devel.cfg b/dishes/virtual-desktop_devel.cfg new file mode 100644 index 0000000..a9fd783 --- /dev/null +++ b/dishes/virtual-desktop_devel.cfg @@ -0,0 +1,181 @@ +# Generated by pykickstart v3.62 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled --service=ssh +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64 +# Root password +rootpw --plaintext --allow-ssh 1234 +# SELinux configuration +selinux --disabled +# System services +services --enabled="NetworkManager,systemd-resolved" +# System timezone +timezone Europe/Zurich --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=512 --label=boot +part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" + +%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log + +# cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +# [org.gnome.desktop.background] +# picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +# EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%packages --exclude-weakdeps +NetworkManager +NetworkManager-config-connectivity-fedora +NetworkManager-wifi +audit +basesystem +bash +coreutils +curl +dejavu-sans-mono-fonts +dhcp-client +dnf5 +dnf5-plugins +dracut +dracut-config-rescue +e2fsprogs +fedora-remix-logos +filesystem +firefox +firewalld +fwupd +generic-logos +generic-release +generic-release-common +generic-release-notes +glibc +gnome-backgrounds.noarch +gnome-control-center +gnome-shell +gnome-terminal +hostname +iproute +iputils +kbd +kernel +less +libusb +man-db +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +ncurses +openssh-clients +openssh-server +parted +pciutils +pipewire-alsa +pipewire-jack-audio-connection-kit +pipewire-pulseaudio +plymouth +policycoreutils +prefixdevname +procps-ng +qemu-guest-agent +rootfiles +rpm +selinux-policy-targeted +setup +shadow-utils +spice-vdagent +sssd-common +sssd-kcm +sudo +systemd +systemd-resolved +usbutils +util-linux +vim-minimal +wget +wpa_supplicant +zram-generator-defaults +-gnome-tour + +%end diff --git a/dishes/virtual-server-hypervisor_devel.cfg b/dishes/virtual-server-hypervisor_devel.cfg new file mode 100644 index 0000000..2137d92 --- /dev/null +++ b/dishes/virtual-server-hypervisor_devel.cfg @@ -0,0 +1,143 @@ +# Generated by pykickstart v3.62 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled --service=ssh +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64 +# Root password +rootpw --plaintext --allow-ssh 1234 +# SELinux configuration +selinux --disabled +# System services +services --enabled="NetworkManager,systemd-resolved,libvirtd" +# System timezone +timezone Europe/Zurich --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64" +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=512 --label=boot +part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" + +%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account. + +# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit +# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'. +# virsh pool-build isos # Build the pool +# virsh pool-start isos # Start it +# virsh pool-autostart isos # Set-it to autostart + +# fetch custom script and make it executable +# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml +# virsh define linux.xml + +# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml +# virsh define windows.xml + +%end + +%packages --exclude-weakdeps +NetworkManager +NetworkManager-config-connectivity-fedora +audit +basesystem +bash +coreutils +curl +dhcp-client +dnf5 +dnf5-plugins +dracut +dracut-config-rescue +e2fsprogs +fedora-remix-logos +filesystem +firewalld +fwupd +generic-logos +generic-release +generic-release-common +generic-release-notes +glibc +hostname +iproute +iputils +kbd +kernel +less +libusb +libvirt +libvirt-client +libvirt-client-qemu +libvirt-daemon +libvirt-daemon-common +libvirt-daemon-config-network +libvirt-daemon-driver-ch +libvirt-daemon-driver-interface +libvirt-daemon-driver-network +libvirt-daemon-driver-qemu +libvirt-daemon-kvm +libvirt-daemon-log +libvirt-daemon-qemu +libvirt-dbus +libvirt-nss +man-db +nano +ncurses +openssh-clients +openssh-server +parted +pciutils +plymouth +policycoreutils +prefixdevname +procps-ng +qemu-guest-agent +qemu-kvm +rootfiles +rpm +selinux-policy-targeted +setup +shadow-utils +spice-vdagent +sssd-common +sssd-kcm +sudo +systemd +systemd-resolved +usbutils +util-linux +vim-minimal +virt-install +wget +zram-generator-defaults + +%end diff --git a/dishes/virtual-server_devel.cfg b/dishes/virtual-server_devel.cfg new file mode 100644 index 0000000..0757b46 --- /dev/null +++ b/dishes/virtual-server_devel.cfg @@ -0,0 +1,96 @@ +# Generated by pykickstart v3.62 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled --service=ssh +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64 +# Root password +rootpw --plaintext --allow-ssh 1234 +# SELinux configuration +selinux --disabled +# System services +services --enabled="NetworkManager,systemd-resolved" +# System timezone +timezone Europe/Zurich --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64" +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=512 --label=boot +part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" + +%packages --exclude-weakdeps +NetworkManager +NetworkManager-config-connectivity-fedora +audit +basesystem +bash +coreutils +curl +dhcp-client +dnf5 +dnf5-plugins +dracut +dracut-config-rescue +e2fsprogs +fedora-remix-logos +filesystem +firewalld +fwupd +generic-logos +generic-release +generic-release-common +generic-release-notes +glibc +hostname +iproute +iputils +kbd +kernel +less +libusb +man-db +nano +ncurses +openssh-clients +openssh-server +parted +pciutils +plymouth +policycoreutils +prefixdevname +procps-ng +qemu-guest-agent +rootfiles +rpm +selinux-policy-targeted +setup +shadow-utils +spice-vdagent +sssd-common +sssd-kcm +sudo +systemd +systemd-resolved +usbutils +util-linux +vim-minimal +wget +zram-generator-defaults + +%end