diff --git a/dishes/desktop-hypervisor-amdcpu.cfg b/dishes/desktop-hypervisor-amdcpu.cfg new file mode 100644 index 0000000..dc559aa --- /dev/null +++ b/dishes/desktop-hypervisor-amdcpu.cfg @@ -0,0 +1,277 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-amdcpu.log + +sed -i 's/\(quiet\)/\1 amd_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_amd nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +NetworkManager-wifi +dejavu-sans-mono-fonts +fedora-remix-logos +firefox +generic-logos +generic-release +generic-release-common +generic-release-notes +gnome-backgrounds.noarch +gnome-initial-setup +gnome-shell +gnome-terminal +guestfs-tools +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-manager +virt-top +wget +wpa_supplicant +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes +-gnome-tour + +%end diff --git a/dishes/desktop-hypervisor-intelcpu-intelgpu.cfg b/dishes/desktop-hypervisor-intelcpu-intelgpu.cfg new file mode 100644 index 0000000..44fe168 --- /dev/null +++ b/dishes/desktop-hypervisor-intelcpu-intelgpu.cfg @@ -0,0 +1,287 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log + +sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelgpu.log + +sed -i 's/\(vfio-pci\)/\1 i915.enable_gvt=1/i' /mnt/sysimage/etc/default/grub # Load kernel modules in grub. + +# Load extra kernel modules to enable vfio-mdev on selected hardware +echo "kvmgt" > /mnt/sysimage/etc/modules-load.d/kvmgt.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm) +echo "vfio-mdev" > /mnt/sysimage/etc/modules-load.d/vfio-mdev.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm) + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +NetworkManager-wifi +dejavu-sans-mono-fonts +fedora-remix-logos +firefox +generic-logos +generic-release +generic-release-common +generic-release-notes +gnome-backgrounds.noarch +gnome-initial-setup +gnome-shell +gnome-terminal +guestfs-tools +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-manager +virt-top +wget +wpa_supplicant +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes +-gnome-tour + +%end diff --git a/dishes/desktop-hypervisor-intelcpu.cfg b/dishes/desktop-hypervisor-intelcpu.cfg new file mode 100644 index 0000000..6d4a50b --- /dev/null +++ b/dishes/desktop-hypervisor-intelcpu.cfg @@ -0,0 +1,277 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log + +sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +NetworkManager-wifi +dejavu-sans-mono-fonts +fedora-remix-logos +firefox +generic-logos +generic-release +generic-release-common +generic-release-notes +gnome-backgrounds.noarch +gnome-initial-setup +gnome-shell +gnome-terminal +guestfs-tools +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-manager +virt-top +wget +wpa_supplicant +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes +-gnome-tour + +%end diff --git a/dishes/desktop-hypervisor.cfg b/dishes/desktop-hypervisor.cfg new file mode 100644 index 0000000..5bc8c75 --- /dev/null +++ b/dishes/desktop-hypervisor.cfg @@ -0,0 +1,269 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +NetworkManager-wifi +dejavu-sans-mono-fonts +fedora-remix-logos +firefox +generic-logos +generic-release +generic-release-common +generic-release-notes +gnome-backgrounds.noarch +gnome-initial-setup +gnome-shell +gnome-terminal +guestfs-tools +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-manager +virt-top +wget +wpa_supplicant +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes +-gnome-tour + +%end diff --git a/dishes/desktop.cfg b/dishes/desktop.cfg index 7eaa2ea..a5681cd 100644 --- a/dishes/desktop.cfg +++ b/dishes/desktop.cfg @@ -1,31 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# X Window System configuration information -xconfig --defaultdesktop=GNOME --startxonboot -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Reboot after installation -reboot --kexec # Use text mode install text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 # Network information network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate -# Firewall configuration -firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# Shutdown after installation +shutdown repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" # System timezone timezone Europe/Paris --utc -# SELinux configuration -selinux --enforcing -# System services -services --disabled="sshd" --enabled="NetworkManager" +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record @@ -131,18 +131,21 @@ EOF %packages --exclude-weakdeps @core @hardware-support +NetworkManager-wifi dejavu-sans-mono-fonts -gnome-backgrounds.noarch fedora-remix-logos +firefox generic-logos generic-release generic-release-common generic-release-notes +gnome-backgrounds.noarch gnome-initial-setup gnome-shell gnome-terminal libusb mesa-dri-drivers +mozilla-ublock-origin.noarch nano neofetch pciutils diff --git a/dishes/dev-virtual-desktop.cfg b/dishes/dev-virtual-desktop.cfg index 7ef1792..3cc139d 100644 --- a/dishes/dev-virtual-desktop.cfg +++ b/dishes/dev-virtual-desktop.cfg @@ -1,29 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# X Window System configuration information -xconfig --defaultdesktop=GNOME --startxonboot -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --plaintext carpediem -# System language -lang en_US.UTF-8 # Use text mode install text -# Network information -network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Firewall configuration firewall --disabled -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch -# System timezone -timezone Europe/Paris --utc +# Root password +rootpw --plaintext carpediem # SELinux configuration selinux --disabled # System services services --disabled="sshd" --enabled="NetworkManager" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record @@ -43,19 +45,91 @@ grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful %end +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + %packages --exclude-weakdeps @core @hardware-support +NetworkManager-wifi dejavu-sans-mono-fonts -gnome-backgrounds.noarch fedora-remix-logos +firefox generic-logos generic-release generic-release-common generic-release-notes +gnome-backgrounds.noarch gnome-shell gnome-terminal mesa-dri-drivers +mozilla-ublock-origin.noarch nano neofetch pciutils diff --git a/dishes/dev-virtual-server.cfg b/dishes/dev-virtual-server.cfg index f1bb7ce..cbdbcb8 100644 --- a/dishes/dev-virtual-server.cfg +++ b/dishes/dev-virtual-server.cfg @@ -1,29 +1,29 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --plaintext carpediem -# System language -lang en_US.UTF-8 -# Reboot after installation -reboot --kexec # Use text mode install text -# Network information -network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Firewall configuration firewall --disabled -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch -# System timezone -timezone Europe/Paris --utc +# Root password +rootpw --plaintext carpediem # SELinux configuration selinux --disabled # System services services --disabled="sshd" --enabled="NetworkManager" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record diff --git a/dishes/live-desktop-hypervisor-amdcpu.cfg b/dishes/live-desktop-hypervisor-amdcpu.cfg new file mode 100644 index 0000000..bfb8318 --- /dev/null +++ b/dishes/live-desktop-hypervisor-amdcpu.cfg @@ -0,0 +1,543 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Firewall configuration +firewall --enabled --service=mdns +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --enforcing +# System services +services --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=none +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all +# Disk partitioning information +part / --size=5120 + +%post --logfile=/root/bl.log + +# FIXME: it'd be better to get this installed from a package +cat > /etc/rc.d/init.d/livesys << EOF +#!/bin/bash +# +# live: Init script for live image +# +# chkconfig: 345 00 99 +# description: Init script for live image. +### BEGIN INIT INFO +# X-Start-Before: display-manager chronyd +### END INIT INFO + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then + exit 0 +fi + +if [ -e /.liveimg-configured ] ; then + configdone=1 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +livedir="LiveOS" +for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then + livedir=\${arg##rd.live.dir=} + continue + fi + if [ "\${arg##live_dir=}" != "\${arg}" ]; then + livedir=\${arg##live_dir=} + fi +done + +# enable swapfile if it exists +if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then + action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img +fi + +mountPersistentHome() { + # support label/uuid + if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then + homedev=\`/sbin/blkid -o device -t "\$homedev"\` + fi + + # if we're given a file rather than a blockdev, loopback it + if [ "\${homedev##mtd}" != "\${homedev}" ]; then + # mtd devs don't have a block device but get magic-mounted with -t jffs2 + mountopts="-t jffs2" + elif [ ! -b "\$homedev" ]; then + loopdev=\`losetup -f\` + if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then + action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live + fi + losetup \$loopdev \$homedev + homedev=\$loopdev + fi + + # if it's encrypted, we need to unlock it + if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then + echo + echo "Setting up encrypted /home device" + plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" + homedev=/dev/mapper/EncHome + fi + + # and finally do the mount + mount \$mountopts \$homedev /home + # if we have /home under what's passed for persistent home, then + # we should make that the real /home. useful for mtd device on olpc + if [ -d /home/home ]; then mount --bind /home/home /home ; fi + [ -x /sbin/restorecon ] && /sbin/restorecon /home + if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi +} + +findPersistentHome() { + for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##persistenthome=}" != "\${arg}" ]; then + homedev=\${arg##persistenthome=} + fi + done +} + +if strstr "\`cat /proc/cmdline\`" persistenthome= ; then + findPersistentHome +elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then + homedev=/run/initramfs/live/\${livedir}/home.img +fi + +# if we have a persistent /home, then we want to go ahead and mount it +if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then + action "Mounting persistent /home" mountPersistentHome +fi + +if [ -n "\$configdone" ]; then + exit 0 +fi + +# add liveuser user with no passwd +action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser +passwd -d liveuser > /dev/null +usermod -aG wheel liveuser > /dev/null + +# Remove root password lock +passwd -d root > /dev/null + +# turn off firstboot for livecd boots +systemctl --no-reload disable firstboot-text.service 2> /dev/null || : +systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : +systemctl stop firstboot-text.service 2> /dev/null || : +systemctl stop firstboot-graphical.service 2> /dev/null || : + +# don't use prelink on a running live image +sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : + +# turn off mdmonitor by default +systemctl --no-reload disable mdmonitor.service 2> /dev/null || : +systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : +systemctl stop mdmonitor.service 2> /dev/null || : +systemctl stop mdmonitor-takeover.service 2> /dev/null || : + +# don't start cron/at as they tend to spawn things which are +# disk intensive that are painful on a live image +systemctl --no-reload disable crond.service 2> /dev/null || : +systemctl --no-reload disable atd.service 2> /dev/null || : +systemctl stop crond.service 2> /dev/null || : +systemctl stop atd.service 2> /dev/null || : + +# turn off abrtd on a live image +systemctl --no-reload disable abrtd.service 2> /dev/null || : +systemctl stop abrtd.service 2> /dev/null || : + +# Don't sync the system clock when running live (RHBZ #1018162) +sed -i 's/rtcsync//' /etc/chrony.conf + +# Mark things as configured +touch /.liveimg-configured + +# add static hostname to work around xauth bug +# https://bugzilla.redhat.com/show_bug.cgi?id=679486 +# the hostname must be something else than 'localhost' +# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 +hostnamectl set-hostname "localhost-live" + +EOF + +# bah, hal starts way too late +cat > /etc/rc.d/init.d/livesys-late << EOF +#!/bin/bash +# +# live: Late init script for live image +# +# chkconfig: 345 99 01 +# description: Late init script for live image. + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then + exit 0 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +touch /.liveimg-late-configured + +# read some variables out of /proc/cmdline +for o in \`cat /proc/cmdline\` ; do + case \$o in + ks=*) + ks="--kickstart=\${o#ks=}" + ;; + xdriver=*) + xdriver="\${o#xdriver=}" + ;; + esac +done + +# if liveinst or textinst is given, start anaconda +if strstr "\`cat /proc/cmdline\`" liveinst ; then + plymouth --quit + /usr/sbin/liveinst \$ks +fi +if strstr "\`cat /proc/cmdline\`" textinst ; then + plymouth --quit + /usr/sbin/liveinst --text \$ks +fi + +# configure X, allowing user to override xdriver +if [ -n "\$xdriver" ]; then + cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/fstab << EOF +vartmp /var/tmp tmpfs defaults 0 0 +EOF + +# work around for poor key import UI in PackageKit +rm -f /var/lib/rpm/__db* +echo "Packages within this LiveCD" +rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn +# Note that running rpm recreates the rpm db files which aren't needed or wanted +rm -f /var/lib/rpm/__db* + +# go ahead and pre-make the man -k cache (#455968) +/usr/bin/mandb + +# make sure there aren't core files lying around +rm -f /core* + +# remove random seed, the newly installed instance should make it's own +rm -f /var/lib/systemd/random-seed + +# convince readahead not to collect +# FIXME: for systemd + +echo 'File created by kickstart. See systemd-update-done.service(8).' \ + | tee /etc/.updated >/var/.updated + +# Drop the rescue kernel and initramfs, we don't need them on the live media itself. +# See bug 1317709 +rm -f /boot/*-rescue* + +# Disable network service here, as doing it in the services line +# fails due to RHBZ #1369794 +/sbin/chkconfig network off + +# Remove machine-id on pre generated images +rm -f /etc/machine-id +touch /etc/machine-id + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log +# For livecd-creator builds only (lorax/livemedia-creator handles this directly) +if [ -n "$LIVE_ROOT" ]; then + cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/" + + # only installed on x86, x86_64 + if [ -f /usr/bin/livecd-iso-to-disk ]; then + mkdir -p "$LIVE_ROOT/LiveOS" + cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS" + fi +fi + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --logfile=/opt/live-desktop-quirks.log + +cat >> /etc/rc.d/init.d/livesys << EOF + +# set up auto-login +cat > /etc/gdm/custom.conf << FOE +[daemon] +AutomaticLoginEnable=True +AutomaticLogin=liveuser +FOE + +# Make sure to set the right permissions and selinux contexts +chown -R liveuser:liveuser /home/liveuser/ +restorecon -R /home/liveuser/ + +EOF + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-amdcpu.log + +sed -i 's/\(quiet\)/\1 amd_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_amd nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%packages --exclude-weakdeps +@anaconda-tools +@x86-baremetal-tools +NetworkManager-wifi +aajohan-comfortaa-fonts +anaconda +anaconda-install-env-deps +anaconda-live +chkconfig +dejavu-sans-mono-fonts +dracut-live +firefox +glibc-all-langpacks +gnome-backgrounds.noarch +gnome-shell +gnome-terminal +guestfs-tools +initscripts +kernel +kernel-modules +kernel-modules-extra +libguestfs-tools +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +python3-libguestfs +qemu-kvm +virt-install +virt-manager +virt-top +wpa_supplicant +-device-mapper-multipath +-fcoe-utils +-gnome-tour + +%end diff --git a/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg b/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg new file mode 100644 index 0000000..f82c79c --- /dev/null +++ b/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg @@ -0,0 +1,553 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Firewall configuration +firewall --enabled --service=mdns +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --enforcing +# System services +services --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=none +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all +# Disk partitioning information +part / --size=5120 + +%post --logfile=/root/bl.log + +# FIXME: it'd be better to get this installed from a package +cat > /etc/rc.d/init.d/livesys << EOF +#!/bin/bash +# +# live: Init script for live image +# +# chkconfig: 345 00 99 +# description: Init script for live image. +### BEGIN INIT INFO +# X-Start-Before: display-manager chronyd +### END INIT INFO + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then + exit 0 +fi + +if [ -e /.liveimg-configured ] ; then + configdone=1 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +livedir="LiveOS" +for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then + livedir=\${arg##rd.live.dir=} + continue + fi + if [ "\${arg##live_dir=}" != "\${arg}" ]; then + livedir=\${arg##live_dir=} + fi +done + +# enable swapfile if it exists +if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then + action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img +fi + +mountPersistentHome() { + # support label/uuid + if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then + homedev=\`/sbin/blkid -o device -t "\$homedev"\` + fi + + # if we're given a file rather than a blockdev, loopback it + if [ "\${homedev##mtd}" != "\${homedev}" ]; then + # mtd devs don't have a block device but get magic-mounted with -t jffs2 + mountopts="-t jffs2" + elif [ ! -b "\$homedev" ]; then + loopdev=\`losetup -f\` + if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then + action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live + fi + losetup \$loopdev \$homedev + homedev=\$loopdev + fi + + # if it's encrypted, we need to unlock it + if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then + echo + echo "Setting up encrypted /home device" + plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" + homedev=/dev/mapper/EncHome + fi + + # and finally do the mount + mount \$mountopts \$homedev /home + # if we have /home under what's passed for persistent home, then + # we should make that the real /home. useful for mtd device on olpc + if [ -d /home/home ]; then mount --bind /home/home /home ; fi + [ -x /sbin/restorecon ] && /sbin/restorecon /home + if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi +} + +findPersistentHome() { + for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##persistenthome=}" != "\${arg}" ]; then + homedev=\${arg##persistenthome=} + fi + done +} + +if strstr "\`cat /proc/cmdline\`" persistenthome= ; then + findPersistentHome +elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then + homedev=/run/initramfs/live/\${livedir}/home.img +fi + +# if we have a persistent /home, then we want to go ahead and mount it +if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then + action "Mounting persistent /home" mountPersistentHome +fi + +if [ -n "\$configdone" ]; then + exit 0 +fi + +# add liveuser user with no passwd +action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser +passwd -d liveuser > /dev/null +usermod -aG wheel liveuser > /dev/null + +# Remove root password lock +passwd -d root > /dev/null + +# turn off firstboot for livecd boots +systemctl --no-reload disable firstboot-text.service 2> /dev/null || : +systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : +systemctl stop firstboot-text.service 2> /dev/null || : +systemctl stop firstboot-graphical.service 2> /dev/null || : + +# don't use prelink on a running live image +sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : + +# turn off mdmonitor by default +systemctl --no-reload disable mdmonitor.service 2> /dev/null || : +systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : +systemctl stop mdmonitor.service 2> /dev/null || : +systemctl stop mdmonitor-takeover.service 2> /dev/null || : + +# don't start cron/at as they tend to spawn things which are +# disk intensive that are painful on a live image +systemctl --no-reload disable crond.service 2> /dev/null || : +systemctl --no-reload disable atd.service 2> /dev/null || : +systemctl stop crond.service 2> /dev/null || : +systemctl stop atd.service 2> /dev/null || : + +# turn off abrtd on a live image +systemctl --no-reload disable abrtd.service 2> /dev/null || : +systemctl stop abrtd.service 2> /dev/null || : + +# Don't sync the system clock when running live (RHBZ #1018162) +sed -i 's/rtcsync//' /etc/chrony.conf + +# Mark things as configured +touch /.liveimg-configured + +# add static hostname to work around xauth bug +# https://bugzilla.redhat.com/show_bug.cgi?id=679486 +# the hostname must be something else than 'localhost' +# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 +hostnamectl set-hostname "localhost-live" + +EOF + +# bah, hal starts way too late +cat > /etc/rc.d/init.d/livesys-late << EOF +#!/bin/bash +# +# live: Late init script for live image +# +# chkconfig: 345 99 01 +# description: Late init script for live image. + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then + exit 0 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +touch /.liveimg-late-configured + +# read some variables out of /proc/cmdline +for o in \`cat /proc/cmdline\` ; do + case \$o in + ks=*) + ks="--kickstart=\${o#ks=}" + ;; + xdriver=*) + xdriver="\${o#xdriver=}" + ;; + esac +done + +# if liveinst or textinst is given, start anaconda +if strstr "\`cat /proc/cmdline\`" liveinst ; then + plymouth --quit + /usr/sbin/liveinst \$ks +fi +if strstr "\`cat /proc/cmdline\`" textinst ; then + plymouth --quit + /usr/sbin/liveinst --text \$ks +fi + +# configure X, allowing user to override xdriver +if [ -n "\$xdriver" ]; then + cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/fstab << EOF +vartmp /var/tmp tmpfs defaults 0 0 +EOF + +# work around for poor key import UI in PackageKit +rm -f /var/lib/rpm/__db* +echo "Packages within this LiveCD" +rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn +# Note that running rpm recreates the rpm db files which aren't needed or wanted +rm -f /var/lib/rpm/__db* + +# go ahead and pre-make the man -k cache (#455968) +/usr/bin/mandb + +# make sure there aren't core files lying around +rm -f /core* + +# remove random seed, the newly installed instance should make it's own +rm -f /var/lib/systemd/random-seed + +# convince readahead not to collect +# FIXME: for systemd + +echo 'File created by kickstart. See systemd-update-done.service(8).' \ + | tee /etc/.updated >/var/.updated + +# Drop the rescue kernel and initramfs, we don't need them on the live media itself. +# See bug 1317709 +rm -f /boot/*-rescue* + +# Disable network service here, as doing it in the services line +# fails due to RHBZ #1369794 +/sbin/chkconfig network off + +# Remove machine-id on pre generated images +rm -f /etc/machine-id +touch /etc/machine-id + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log +# For livecd-creator builds only (lorax/livemedia-creator handles this directly) +if [ -n "$LIVE_ROOT" ]; then + cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/" + + # only installed on x86, x86_64 + if [ -f /usr/bin/livecd-iso-to-disk ]; then + mkdir -p "$LIVE_ROOT/LiveOS" + cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS" + fi +fi + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --logfile=/opt/live-desktop-quirks.log + +cat >> /etc/rc.d/init.d/livesys << EOF + +# set up auto-login +cat > /etc/gdm/custom.conf << FOE +[daemon] +AutomaticLoginEnable=True +AutomaticLogin=liveuser +FOE + +# Make sure to set the right permissions and selinux contexts +chown -R liveuser:liveuser /home/liveuser/ +restorecon -R /home/liveuser/ + +EOF + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log + +sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelgpu.log + +sed -i 's/\(vfio-pci\)/\1 i915.enable_gvt=1/i' /mnt/sysimage/etc/default/grub # Load kernel modules in grub. + +# Load extra kernel modules to enable vfio-mdev on selected hardware +echo "kvmgt" > /mnt/sysimage/etc/modules-load.d/kvmgt.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm) +echo "vfio-mdev" > /mnt/sysimage/etc/modules-load.d/vfio-mdev.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm) + +%end + +%packages --exclude-weakdeps +@anaconda-tools +@x86-baremetal-tools +NetworkManager-wifi +aajohan-comfortaa-fonts +anaconda +anaconda-install-env-deps +anaconda-live +chkconfig +dejavu-sans-mono-fonts +dracut-live +firefox +glibc-all-langpacks +gnome-backgrounds.noarch +gnome-shell +gnome-terminal +guestfs-tools +initscripts +kernel +kernel-modules +kernel-modules-extra +libguestfs-tools +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +python3-libguestfs +qemu-kvm +virt-install +virt-manager +virt-top +wpa_supplicant +-device-mapper-multipath +-fcoe-utils +-gnome-tour + +%end diff --git a/dishes/live-desktop-hypervisor-intelcpu.cfg b/dishes/live-desktop-hypervisor-intelcpu.cfg new file mode 100644 index 0000000..0e72e54 --- /dev/null +++ b/dishes/live-desktop-hypervisor-intelcpu.cfg @@ -0,0 +1,543 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Firewall configuration +firewall --enabled --service=mdns +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --enforcing +# System services +services --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=none +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all +# Disk partitioning information +part / --size=5120 + +%post --logfile=/root/bl.log + +# FIXME: it'd be better to get this installed from a package +cat > /etc/rc.d/init.d/livesys << EOF +#!/bin/bash +# +# live: Init script for live image +# +# chkconfig: 345 00 99 +# description: Init script for live image. +### BEGIN INIT INFO +# X-Start-Before: display-manager chronyd +### END INIT INFO + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then + exit 0 +fi + +if [ -e /.liveimg-configured ] ; then + configdone=1 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +livedir="LiveOS" +for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then + livedir=\${arg##rd.live.dir=} + continue + fi + if [ "\${arg##live_dir=}" != "\${arg}" ]; then + livedir=\${arg##live_dir=} + fi +done + +# enable swapfile if it exists +if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then + action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img +fi + +mountPersistentHome() { + # support label/uuid + if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then + homedev=\`/sbin/blkid -o device -t "\$homedev"\` + fi + + # if we're given a file rather than a blockdev, loopback it + if [ "\${homedev##mtd}" != "\${homedev}" ]; then + # mtd devs don't have a block device but get magic-mounted with -t jffs2 + mountopts="-t jffs2" + elif [ ! -b "\$homedev" ]; then + loopdev=\`losetup -f\` + if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then + action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live + fi + losetup \$loopdev \$homedev + homedev=\$loopdev + fi + + # if it's encrypted, we need to unlock it + if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then + echo + echo "Setting up encrypted /home device" + plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" + homedev=/dev/mapper/EncHome + fi + + # and finally do the mount + mount \$mountopts \$homedev /home + # if we have /home under what's passed for persistent home, then + # we should make that the real /home. useful for mtd device on olpc + if [ -d /home/home ]; then mount --bind /home/home /home ; fi + [ -x /sbin/restorecon ] && /sbin/restorecon /home + if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi +} + +findPersistentHome() { + for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##persistenthome=}" != "\${arg}" ]; then + homedev=\${arg##persistenthome=} + fi + done +} + +if strstr "\`cat /proc/cmdline\`" persistenthome= ; then + findPersistentHome +elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then + homedev=/run/initramfs/live/\${livedir}/home.img +fi + +# if we have a persistent /home, then we want to go ahead and mount it +if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then + action "Mounting persistent /home" mountPersistentHome +fi + +if [ -n "\$configdone" ]; then + exit 0 +fi + +# add liveuser user with no passwd +action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser +passwd -d liveuser > /dev/null +usermod -aG wheel liveuser > /dev/null + +# Remove root password lock +passwd -d root > /dev/null + +# turn off firstboot for livecd boots +systemctl --no-reload disable firstboot-text.service 2> /dev/null || : +systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : +systemctl stop firstboot-text.service 2> /dev/null || : +systemctl stop firstboot-graphical.service 2> /dev/null || : + +# don't use prelink on a running live image +sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : + +# turn off mdmonitor by default +systemctl --no-reload disable mdmonitor.service 2> /dev/null || : +systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : +systemctl stop mdmonitor.service 2> /dev/null || : +systemctl stop mdmonitor-takeover.service 2> /dev/null || : + +# don't start cron/at as they tend to spawn things which are +# disk intensive that are painful on a live image +systemctl --no-reload disable crond.service 2> /dev/null || : +systemctl --no-reload disable atd.service 2> /dev/null || : +systemctl stop crond.service 2> /dev/null || : +systemctl stop atd.service 2> /dev/null || : + +# turn off abrtd on a live image +systemctl --no-reload disable abrtd.service 2> /dev/null || : +systemctl stop abrtd.service 2> /dev/null || : + +# Don't sync the system clock when running live (RHBZ #1018162) +sed -i 's/rtcsync//' /etc/chrony.conf + +# Mark things as configured +touch /.liveimg-configured + +# add static hostname to work around xauth bug +# https://bugzilla.redhat.com/show_bug.cgi?id=679486 +# the hostname must be something else than 'localhost' +# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 +hostnamectl set-hostname "localhost-live" + +EOF + +# bah, hal starts way too late +cat > /etc/rc.d/init.d/livesys-late << EOF +#!/bin/bash +# +# live: Late init script for live image +# +# chkconfig: 345 99 01 +# description: Late init script for live image. + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then + exit 0 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +touch /.liveimg-late-configured + +# read some variables out of /proc/cmdline +for o in \`cat /proc/cmdline\` ; do + case \$o in + ks=*) + ks="--kickstart=\${o#ks=}" + ;; + xdriver=*) + xdriver="\${o#xdriver=}" + ;; + esac +done + +# if liveinst or textinst is given, start anaconda +if strstr "\`cat /proc/cmdline\`" liveinst ; then + plymouth --quit + /usr/sbin/liveinst \$ks +fi +if strstr "\`cat /proc/cmdline\`" textinst ; then + plymouth --quit + /usr/sbin/liveinst --text \$ks +fi + +# configure X, allowing user to override xdriver +if [ -n "\$xdriver" ]; then + cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/fstab << EOF +vartmp /var/tmp tmpfs defaults 0 0 +EOF + +# work around for poor key import UI in PackageKit +rm -f /var/lib/rpm/__db* +echo "Packages within this LiveCD" +rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn +# Note that running rpm recreates the rpm db files which aren't needed or wanted +rm -f /var/lib/rpm/__db* + +# go ahead and pre-make the man -k cache (#455968) +/usr/bin/mandb + +# make sure there aren't core files lying around +rm -f /core* + +# remove random seed, the newly installed instance should make it's own +rm -f /var/lib/systemd/random-seed + +# convince readahead not to collect +# FIXME: for systemd + +echo 'File created by kickstart. See systemd-update-done.service(8).' \ + | tee /etc/.updated >/var/.updated + +# Drop the rescue kernel and initramfs, we don't need them on the live media itself. +# See bug 1317709 +rm -f /boot/*-rescue* + +# Disable network service here, as doing it in the services line +# fails due to RHBZ #1369794 +/sbin/chkconfig network off + +# Remove machine-id on pre generated images +rm -f /etc/machine-id +touch /etc/machine-id + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log +# For livecd-creator builds only (lorax/livemedia-creator handles this directly) +if [ -n "$LIVE_ROOT" ]; then + cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/" + + # only installed on x86, x86_64 + if [ -f /usr/bin/livecd-iso-to-disk ]; then + mkdir -p "$LIVE_ROOT/LiveOS" + cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS" + fi +fi + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --logfile=/opt/live-desktop-quirks.log + +cat >> /etc/rc.d/init.d/livesys << EOF + +# set up auto-login +cat > /etc/gdm/custom.conf << FOE +[daemon] +AutomaticLoginEnable=True +AutomaticLogin=liveuser +FOE + +# Make sure to set the right permissions and selinux contexts +chown -R liveuser:liveuser /home/liveuser/ +restorecon -R /home/liveuser/ + +EOF + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log + +sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%packages --exclude-weakdeps +@anaconda-tools +@x86-baremetal-tools +NetworkManager-wifi +aajohan-comfortaa-fonts +anaconda +anaconda-install-env-deps +anaconda-live +chkconfig +dejavu-sans-mono-fonts +dracut-live +firefox +glibc-all-langpacks +gnome-backgrounds.noarch +gnome-shell +gnome-terminal +guestfs-tools +initscripts +kernel +kernel-modules +kernel-modules-extra +libguestfs-tools +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +python3-libguestfs +qemu-kvm +virt-install +virt-manager +virt-top +wpa_supplicant +-device-mapper-multipath +-fcoe-utils +-gnome-tour + +%end diff --git a/dishes/live-desktop-hypervisor.cfg b/dishes/live-desktop-hypervisor.cfg new file mode 100644 index 0000000..ffa4612 --- /dev/null +++ b/dishes/live-desktop-hypervisor.cfg @@ -0,0 +1,535 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Firewall configuration +firewall --enabled --service=mdns +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --enforcing +# System services +services --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=none +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all +# Disk partitioning information +part / --size=5120 + +%post --logfile=/root/bl.log + +# FIXME: it'd be better to get this installed from a package +cat > /etc/rc.d/init.d/livesys << EOF +#!/bin/bash +# +# live: Init script for live image +# +# chkconfig: 345 00 99 +# description: Init script for live image. +### BEGIN INIT INFO +# X-Start-Before: display-manager chronyd +### END INIT INFO + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then + exit 0 +fi + +if [ -e /.liveimg-configured ] ; then + configdone=1 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +livedir="LiveOS" +for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then + livedir=\${arg##rd.live.dir=} + continue + fi + if [ "\${arg##live_dir=}" != "\${arg}" ]; then + livedir=\${arg##live_dir=} + fi +done + +# enable swapfile if it exists +if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then + action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img +fi + +mountPersistentHome() { + # support label/uuid + if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then + homedev=\`/sbin/blkid -o device -t "\$homedev"\` + fi + + # if we're given a file rather than a blockdev, loopback it + if [ "\${homedev##mtd}" != "\${homedev}" ]; then + # mtd devs don't have a block device but get magic-mounted with -t jffs2 + mountopts="-t jffs2" + elif [ ! -b "\$homedev" ]; then + loopdev=\`losetup -f\` + if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then + action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live + fi + losetup \$loopdev \$homedev + homedev=\$loopdev + fi + + # if it's encrypted, we need to unlock it + if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then + echo + echo "Setting up encrypted /home device" + plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" + homedev=/dev/mapper/EncHome + fi + + # and finally do the mount + mount \$mountopts \$homedev /home + # if we have /home under what's passed for persistent home, then + # we should make that the real /home. useful for mtd device on olpc + if [ -d /home/home ]; then mount --bind /home/home /home ; fi + [ -x /sbin/restorecon ] && /sbin/restorecon /home + if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi +} + +findPersistentHome() { + for arg in \`cat /proc/cmdline\` ; do + if [ "\${arg##persistenthome=}" != "\${arg}" ]; then + homedev=\${arg##persistenthome=} + fi + done +} + +if strstr "\`cat /proc/cmdline\`" persistenthome= ; then + findPersistentHome +elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then + homedev=/run/initramfs/live/\${livedir}/home.img +fi + +# if we have a persistent /home, then we want to go ahead and mount it +if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then + action "Mounting persistent /home" mountPersistentHome +fi + +if [ -n "\$configdone" ]; then + exit 0 +fi + +# add liveuser user with no passwd +action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser +passwd -d liveuser > /dev/null +usermod -aG wheel liveuser > /dev/null + +# Remove root password lock +passwd -d root > /dev/null + +# turn off firstboot for livecd boots +systemctl --no-reload disable firstboot-text.service 2> /dev/null || : +systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : +systemctl stop firstboot-text.service 2> /dev/null || : +systemctl stop firstboot-graphical.service 2> /dev/null || : + +# don't use prelink on a running live image +sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : + +# turn off mdmonitor by default +systemctl --no-reload disable mdmonitor.service 2> /dev/null || : +systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : +systemctl stop mdmonitor.service 2> /dev/null || : +systemctl stop mdmonitor-takeover.service 2> /dev/null || : + +# don't start cron/at as they tend to spawn things which are +# disk intensive that are painful on a live image +systemctl --no-reload disable crond.service 2> /dev/null || : +systemctl --no-reload disable atd.service 2> /dev/null || : +systemctl stop crond.service 2> /dev/null || : +systemctl stop atd.service 2> /dev/null || : + +# turn off abrtd on a live image +systemctl --no-reload disable abrtd.service 2> /dev/null || : +systemctl stop abrtd.service 2> /dev/null || : + +# Don't sync the system clock when running live (RHBZ #1018162) +sed -i 's/rtcsync//' /etc/chrony.conf + +# Mark things as configured +touch /.liveimg-configured + +# add static hostname to work around xauth bug +# https://bugzilla.redhat.com/show_bug.cgi?id=679486 +# the hostname must be something else than 'localhost' +# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 +hostnamectl set-hostname "localhost-live" + +EOF + +# bah, hal starts way too late +cat > /etc/rc.d/init.d/livesys-late << EOF +#!/bin/bash +# +# live: Late init script for live image +# +# chkconfig: 345 99 01 +# description: Late init script for live image. + +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then + exit 0 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +touch /.liveimg-late-configured + +# read some variables out of /proc/cmdline +for o in \`cat /proc/cmdline\` ; do + case \$o in + ks=*) + ks="--kickstart=\${o#ks=}" + ;; + xdriver=*) + xdriver="\${o#xdriver=}" + ;; + esac +done + +# if liveinst or textinst is given, start anaconda +if strstr "\`cat /proc/cmdline\`" liveinst ; then + plymouth --quit + /usr/sbin/liveinst \$ks +fi +if strstr "\`cat /proc/cmdline\`" textinst ; then + plymouth --quit + /usr/sbin/liveinst --text \$ks +fi + +# configure X, allowing user to override xdriver +if [ -n "\$xdriver" ]; then + cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/fstab << EOF +vartmp /var/tmp tmpfs defaults 0 0 +EOF + +# work around for poor key import UI in PackageKit +rm -f /var/lib/rpm/__db* +echo "Packages within this LiveCD" +rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn +# Note that running rpm recreates the rpm db files which aren't needed or wanted +rm -f /var/lib/rpm/__db* + +# go ahead and pre-make the man -k cache (#455968) +/usr/bin/mandb + +# make sure there aren't core files lying around +rm -f /core* + +# remove random seed, the newly installed instance should make it's own +rm -f /var/lib/systemd/random-seed + +# convince readahead not to collect +# FIXME: for systemd + +echo 'File created by kickstart. See systemd-update-done.service(8).' \ + | tee /etc/.updated >/var/.updated + +# Drop the rescue kernel and initramfs, we don't need them on the live media itself. +# See bug 1317709 +rm -f /boot/*-rescue* + +# Disable network service here, as doing it in the services line +# fails due to RHBZ #1369794 +/sbin/chkconfig network off + +# Remove machine-id on pre generated images +rm -f /etc/machine-id +touch /etc/machine-id + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log +# For livecd-creator builds only (lorax/livemedia-creator handles this directly) +if [ -n "$LIVE_ROOT" ]; then + cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/" + + # only installed on x86, x86_64 + if [ -f /usr/bin/livecd-iso-to-disk ]; then + mkdir -p "$LIVE_ROOT/LiveOS" + cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS" + fi +fi + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --logfile=/opt/live-desktop-quirks.log + +cat >> /etc/rc.d/init.d/livesys << EOF + +# set up auto-login +cat > /etc/gdm/custom.conf << FOE +[daemon] +AutomaticLoginEnable=True +AutomaticLogin=liveuser +FOE + +# Make sure to set the right permissions and selinux contexts +chown -R liveuser:liveuser /home/liveuser/ +restorecon -R /home/liveuser/ + +EOF + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%packages --exclude-weakdeps +@anaconda-tools +@x86-baremetal-tools +NetworkManager-wifi +aajohan-comfortaa-fonts +anaconda +anaconda-install-env-deps +anaconda-live +chkconfig +dejavu-sans-mono-fonts +dracut-live +firefox +glibc-all-langpacks +gnome-backgrounds.noarch +gnome-shell +gnome-terminal +guestfs-tools +initscripts +kernel +kernel-modules +kernel-modules-extra +libguestfs-tools +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +python3-libguestfs +qemu-kvm +virt-install +virt-manager +virt-top +wpa_supplicant +-device-mapper-multipath +-fcoe-utils +-gnome-tour + +%end diff --git a/dishes/live-desktop.cfg b/dishes/live-desktop.cfg index 0a2d2c2..d38260c 100644 --- a/dishes/live-desktop.cfg +++ b/dishes/live-desktop.cfg @@ -1,35 +1,29 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# X Window System configuration information -xconfig --defaultdesktop=GNOME --startxonboot -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Shutdown after installation -shutdown -# Network information -network --bootproto=dhcp --device=link --activate # Firewall configuration firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" -repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch -repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch -# System timezone -timezone Europe/Paris --utc +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --activate +# Shutdown after installation +shutdown +# Root password +rootpw --iscrypted --lock locked # SELinux configuration selinux --enforcing +# System timezone +timezone Europe/Paris --utc +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration bootloader --location=none # Clear the Master Boot Record zerombr # Partition clearing information clearpart --all -# Disk partitioning information -part / --size=5120 %post --logfile=/root/bl.log @@ -184,7 +178,7 @@ hostnamectl set-hostname "localhost-live" EOF # bah, hal starts way too late -# cat > /etc/rc.d/init.d/livesys-late << EOF +cat > /etc/rc.d/init.d/livesys-late << EOF #!/bin/bash # # live: Late init script for live image @@ -192,50 +186,50 @@ EOF # chkconfig: 345 99 01 # description: Late init script for live image. -# . /etc/init.d/functions -# -# if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then -# exit 0 -# fi -# -# exists() { -# which \$1 >/dev/null 2>&1 || return -# \$* -# } -# -# touch /.liveimg-late-configured +. /etc/init.d/functions + +if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then + exit 0 +fi + +exists() { + which \$1 >/dev/null 2>&1 || return + \$* +} + +touch /.liveimg-late-configured # read some variables out of /proc/cmdline -# for o in \`cat /proc/cmdline\` ; do -# case \$o in -# ks=*) -# ks="--kickstart=\${o#ks=}" -# ;; -# xdriver=*) -# xdriver="\${o#xdriver=}" -# ;; -# esac -# done -# +for o in \`cat /proc/cmdline\` ; do + case \$o in + ks=*) + ks="--kickstart=\${o#ks=}" + ;; + xdriver=*) + xdriver="\${o#xdriver=}" + ;; + esac +done + # if liveinst or textinst is given, start anaconda -# if strstr "\`cat /proc/cmdline\`" liveinst ; then -# plymouth --quit -# /usr/sbin/liveinst \$ks -# fi -# if strstr "\`cat /proc/cmdline\`" textinst ; then -# plymouth --quit -# /usr/sbin/liveinst --text \$ks -# fi +if strstr "\`cat /proc/cmdline\`" liveinst ; then + plymouth --quit + /usr/sbin/liveinst \$ks +fi +if strstr "\`cat /proc/cmdline\`" textinst ; then + plymouth --quit + /usr/sbin/liveinst --text \$ks +fi # configure X, allowing user to override xdriver -# if [ -n "\$xdriver" ]; then -# cat > /etc/X11/xorg.conf.d/00-xdriver.conf < /etc/X11/xorg.conf.d/00-xdriver.conf <> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF @@ -362,10 +370,73 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ %end -%post --logfile=/opt/live-desktop-quirks.log +%post --logfile=/root/ld.log cat >> /etc/rc.d/init.d/livesys << EOF +# # disable gnome-software automatically downloading updates +# cat >> /usr/share/glib-2.0/schemas/org.gnome.software.gschema.override << FOE +# [org.gnome.software] +# download-updates=false +# FOE +# +# # don't autostart gnome-software session service +# rm -f /etc/xdg/autostart/gnome-software-service.desktop + +# # disable the gnome-software shell search provider +# cat >> /usr/share/gnome-shell/search-providers/org.gnome.Software-search-provider.ini << FOE +# DefaultDisabled=true +# FOE + +# # don't run gnome-initial-setup +# mkdir ~liveuser/.config +# touch ~liveuser/.config/gnome-initial-setup-done + +# suppress anaconda spokes redundant with gnome-initial-setup +# cat >> /etc/sysconfig/anaconda << FOE +# [NetworkSpoke] +# visited=1 +# +# [PasswordSpoke] +# visited=1 +# +# [UserSpoke] +# visited=1 +# FOE + +## make the installer show up +#if [ -f /usr/share/applications/liveinst.desktop ]; then +# # Show harddisk install in shell dash +# sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop "" +# # need to move it to anaconda.desktop to make shell happy +# mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop +# +# cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE +# [org.gnome.shell] +# favorite-apps=['firefox.desktop', 'org.gnome.Calendar.desktop', 'rhythmbox.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop', 'anaconda.desktop'] +# FOE +# +# # Make the welcome screen show up +# if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop ]; then +# mkdir -p ~liveuser/.config/autostart +# cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/ +# cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/ +# fi +# +# # Disable GNOME welcome tour so it doesn't overlap with Fedora welcome screen +# cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE +# welcome-dialog-last-shown-version='4294967295' +# FOE +# +# # Copy Anaconda branding in place +# if [ -d /usr/share/lorax/product/usr/share/anaconda ]; then +# cp -a /usr/share/lorax/product/* / +# fi +# fi + +# rebuild schema cache with any overrides we installed +# glib-compile-schemas /usr/share/glib-2.0/schemas + # set up auto-login cat > /etc/gdm/custom.conf << FOE [daemon] @@ -373,7 +444,12 @@ AutomaticLoginEnable=True AutomaticLogin=liveuser FOE -# Make sure to set the right permissions and selinux contexts +# Turn off PackageKit-command-not-found while uninstalled +# if [ -f /etc/PackageKit/CommandNotFound.conf ]; then +# sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf +# fi + +# make sure to set the right permissions and selinux contexts chown -R liveuser:liveuser /home/liveuser/ restorecon -R /home/liveuser/ @@ -392,23 +468,18 @@ anaconda-live chkconfig dejavu-sans-mono-fonts dracut-live -efibootmgr -gnome-backgrounds.noarch +firefox glibc-all-langpacks +gnome-backgrounds.noarch gnome-shell gnome-terminal -grub2 -grub2-efi -grub2-efi-*-cdboot -grub2-efi-ia32 initscripts kernel kernel-modules kernel-modules-extra mesa-dri-drivers +mozilla-ublock-origin.noarch nano -shim -shim-ia32 wpa_supplicant -device-mapper-multipath -fcoe-utils diff --git a/dishes/server-hypervisor-amdcpu.cfg b/dishes/server-hypervisor-amdcpu.cfg new file mode 100644 index 0000000..b89dbeb --- /dev/null +++ b/dishes/server-hypervisor-amdcpu.cfg @@ -0,0 +1,120 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Run the Setup Agent on first boot +firstboot --reconfig +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-amdcpu.log + +sed -i 's/\(quiet\)/\1 amd_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_amd nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +fedora-remix-logos +generic-logos +generic-release +generic-release-common +generic-release-notes +guestfs-tools +initial-setup +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-top +wget +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes + +%end diff --git a/dishes/server-hypervisor-intelcpu-intelgpu.cfg b/dishes/server-hypervisor-intelcpu-intelgpu.cfg new file mode 100644 index 0000000..911e9ed --- /dev/null +++ b/dishes/server-hypervisor-intelcpu-intelgpu.cfg @@ -0,0 +1,130 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Run the Setup Agent on first boot +firstboot --reconfig +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log + +sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. + +echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelgpu.log + +sed -i 's/\(vfio-pci\)/\1 i915.enable_gvt=1/i' /mnt/sysimage/etc/default/grub # Load kernel modules in grub. + +# Load extra kernel modules to enable vfio-mdev on selected hardware +echo "kvmgt" > /mnt/sysimage/etc/modules-load.d/kvmgt.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm) +echo "vfio-mdev" > /mnt/sysimage/etc/modules-load.d/vfio-mdev.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm) + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +fedora-remix-logos +generic-logos +generic-release +generic-release-common +generic-release-notes +guestfs-tools +initial-setup +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-top +wget +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes + +%end diff --git a/dishes/server-hypervisor.cfg b/dishes/server-hypervisor.cfg new file mode 100644 index 0000000..485e721 --- /dev/null +++ b/dishes/server-hypervisor.cfg @@ -0,0 +1,112 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Run the Setup Agent on first boot +firstboot --reconfig +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +fedora-remix-logos +generic-logos +generic-release +generic-release-common +generic-release-notes +guestfs-tools +initial-setup +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +nano +neofetch +pciutils +python3-libguestfs +qemu-kvm +usbutils +virt-install +virt-top +wget +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes + +%end diff --git a/dishes/server.cfg b/dishes/server.cfg index 9e5e569..fd7bda4 100644 --- a/dishes/server.cfg +++ b/dishes/server.cfg @@ -1,31 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Reboot after installation -reboot --kexec # Use text mode install text -# Network information -network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Firewall configuration -firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" -repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch -repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch -# System timezone -timezone Europe/Paris --utc +firewall --enabled # Run the Setup Agent on first boot firstboot --reconfig +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --disabled="sshd" --enabled="NetworkManager" +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record diff --git a/dishes/virtual-desktop-hypervisor.cfg b/dishes/virtual-desktop-hypervisor.cfg new file mode 100644 index 0000000..93dee44 --- /dev/null +++ b/dishes/virtual-desktop-hypervisor.cfg @@ -0,0 +1,271 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Use text mode install +text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,libvirtd" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=mbr --timeout=1 +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi +part /boot --fstype="ext4" --size=384 --label=boot +part / --fstype="ext4" --grow --label=root + +%post --logfile=/opt/base.log + +localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked. +dnf update -y # Update the system +grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log + +# Create a file to autostart virt-manager +cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF +[Desktop Entry] +Type=Application +Name=Virtual Machine Manager +Exec=virt-manager +EOF + +# Modify the default virt-manager behavior for misc. options +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF + +# Modify the default virt-manager behavior for misc. options +[org.virt-manager.virt-manager] +xmleditor-enabled=true +manager-window-height=600 +manager-window-width=200 + +# Libvirt URIs listed in the manager window +[org.virt-manager.virt-manager.connections] +uris=['qemu:///system', 'qemu:///session'] +autoconnect=['qemu:///session'] + +# Show usage in the domain list +[org.virt-manager.virt-manager.vmlist-fields] +cpu-usage=false + +# Settings related to statistics +[org.virt-manager.virt-manager.stats] +update-interval=3 +enable-disk-poll=true +enable-memory-poll=true +enable-net-poll=true + +# Default behavior for the console +[org.virt-manager.virt-manager.console] +scaling=2 +resize-guest=1 +autoconnect=false + +# Do not show toolbar +[org.virt-manager.virt-manager.details] +show-toolbar=false + +# Modify default values for new VMs +[org.virt-manager.virt-manager.new-vm] +storage-format='raw' +cpu-default='host-model' +graphics-type='spice' + +# Modify the default virt-manager behavior for confirmation dialogues +[org.virt-manager.virt-manager.confirm] +forcepoweroff=false +removedev=false +unapplied-dev=false + +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log + +# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd +echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf +echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf +echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf +echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf + +mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images + +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh + +# fetch custom script and make it executable +wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ +chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-initial-setup-gnome.log + +truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available + +## Append lines to existing vendor.conf file, so that options are skipped upon reboot +cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF +[pages] +skip=privacy +[goa] +providers=local-first! +EOF + +%end + +%packages --exclude-weakdeps +@core +@hardware-support +NetworkManager-wifi +dejavu-sans-mono-fonts +fedora-remix-logos +firefox +generic-logos +generic-release +generic-release-common +generic-release-notes +gnome-backgrounds.noarch +gnome-initial-setup +gnome-shell +gnome-terminal +guestfs-tools +libguestfs-tools +libusb +libvirt +libvirt-daemon-config-network +libvirt-daemon-kvm +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +neofetch +pciutils +python3-libguestfs +qemu-guest-agent +qemu-kvm +spice-vdagent +usbutils +virt-install +virt-manager +virt-top +wget +wpa_supplicant +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes +-gnome-tour + +%end diff --git a/dishes/virtual-desktop.cfg b/dishes/virtual-desktop.cfg index d504f85..96306fc 100644 --- a/dishes/virtual-desktop.cfg +++ b/dishes/virtual-desktop.cfg @@ -1,31 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# X Window System configuration information -xconfig --defaultdesktop=GNOME --startxonboot -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Reboot after installation -reboot --kexec # Use text mode install text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 # Network information network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate -# Firewall configuration -firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# Shutdown after installation +shutdown repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" # System timezone timezone Europe/Paris --utc -# SELinux configuration -selinux --enforcing -# System services -services --disabled="sshd" --enabled="NetworkManager" +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record @@ -131,18 +131,21 @@ EOF %packages --exclude-weakdeps @core @hardware-support +NetworkManager-wifi dejavu-sans-mono-fonts -gnome-backgrounds.noarch fedora-remix-logos +firefox generic-logos generic-release generic-release-common generic-release-notes +gnome-backgrounds.noarch gnome-initial-setup gnome-shell gnome-terminal libusb mesa-dri-drivers +mozilla-ublock-origin.noarch nano neofetch pciutils diff --git a/dishes/virtual-encrypted-desktop-extended.cfg b/dishes/virtual-encrypted-desktop-extended.cfg index db08f9d..c4d9ec1 100644 --- a/dishes/virtual-encrypted-desktop-extended.cfg +++ b/dishes/virtual-encrypted-desktop-extended.cfg @@ -1,31 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# X Window System configuration information -xconfig --defaultdesktop=GNOME --startxonboot -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Shutdown after installation -shutdown # Use text mode install text +# Firewall configuration +firewall --enabled +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 # Network information network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate -# Firewall configuration -firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# Shutdown after installation +shutdown repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" # System timezone timezone Europe/Paris --utc -# SELinux configuration -selinux --enforcing -# System services -services --disabled="sshd" --enabled="NetworkManager" +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record @@ -133,18 +133,19 @@ EOF @hardware-support NetworkManager-wifi dejavu-sans-mono-fonts -gnome-backgrounds.noarch fedora-remix-logos firefox generic-logos generic-release generic-release-common generic-release-notes +gnome-backgrounds.noarch gnome-initial-setup gnome-shell gnome-terminal libusb mesa-dri-drivers +mozilla-ublock-origin.noarch nano nautilus neofetch @@ -154,6 +155,7 @@ qemu-guest-agent spice-vdagent thunderbird usbutils +vlc wget wpa_supplicant -fedora-logos diff --git a/dishes/virtual-server-encrypted.cfg b/dishes/virtual-server-encrypted.cfg index e802dbd..6c8ac21 100644 --- a/dishes/virtual-server-encrypted.cfg +++ b/dishes/virtual-server-encrypted.cfg @@ -1,31 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Reboot after installation -reboot --kexec # Use text mode install text -# Network information -network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Firewall configuration -firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" -repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch -repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch -# System timezone -timezone Europe/Paris --utc +firewall --enabled # Run the Setup Agent on first boot firstboot --reconfig +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --disabled="sshd" --enabled="NetworkManager" +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record diff --git a/dishes/virtual-server.cfg b/dishes/virtual-server.cfg index e9b66c8..f7ad7bb 100644 --- a/dishes/virtual-server.cfg +++ b/dishes/virtual-server.cfg @@ -1,31 +1,31 @@ -# Generated by pykickstart v3.34 +# Generated by pykickstart v3.47 #version=DEVEL -# Keyboard layouts -keyboard --xlayouts='ch (fr)' -# Root password -rootpw --iscrypted --lock locked -# System language -lang en_US.UTF-8 -# Reboot after installation -reboot --kexec # Use text mode install text -# Network information -network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Firewall configuration -firewall --enabled --service=mdns -# Use network installation -url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" -repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch -repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch -# System timezone -timezone Europe/Paris --utc +firewall --enabled # Run the Setup Agent on first boot firstboot --reconfig +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --disabled="sshd" --enabled="NetworkManager" +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" # System bootloader configuration bootloader --location=mbr --timeout=1 # Clear the Master Boot Record diff --git a/ingredients/base-desktop-gnome.cfg b/ingredients/base-desktop-gnome.cfg index 5bcfd72..03c7011 100644 --- a/ingredients/base-desktop-gnome.cfg +++ b/ingredients/base-desktop-gnome.cfg @@ -20,6 +20,8 @@ gnome-backgrounds.noarch # wallpapers from the GNOME project wpa_supplicant # WPA Supplicant for Linux. It is not packaged by default in GNOME Shell, but necessary to configure wireless networks using the Network Manager NetworkManager-wifi # Provides the plugin to manage Wireless networking within GNOME Shell nano # The nano text editor +firefox # Internet browser +mozilla-ublock-origin.noarch # An efficient blocker for Firefox %end diff --git a/ingredients/base-hypervisor-amdcpu.cfg b/ingredients/base-hypervisor-amdcpu.cfg index 133c7d0..4ecee1b 100644 --- a/ingredients/base-hypervisor-amdcpu.cfg +++ b/ingredients/base-hypervisor-amdcpu.cfg @@ -9,7 +9,7 @@ %post --nochroot --log=/mnt/sysimage/opt/base-hypervisor-amdcpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting -sed -i 's/\(quiet\)/\1 amd_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. +sed -i 's/\(quiet\)/\1 iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. echo "options kvm_amd nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization diff --git a/ingredients/base-live-hypervisor-a.cfg b/ingredients/base-live-hypervisor-a.cfg index f38b6e8..0afd5f7 100644 --- a/ingredients/base-live-hypervisor-a.cfg +++ b/ingredients/base-live-hypervisor-a.cfg @@ -9,7 +9,7 @@ %post --log=/root/bhla.log # Beginning of %post section. Those commands are executed inside the chroot environment. Logging is enabled to help with post-installation troubleshooting -sed -i 's/\(quiet\)/\1 amd_iommu=on amd_iommu=pt rd.driver.pre=vfio-pci/i' /etc/default/grub # Load kernel modules in GRUB. +sed -i 's/\(quiet\)/\1 iommu=pt rd.driver.pre=vfio-pci/i' /etc/default/grub # Load kernel modules in GRUB. # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd echo "vfio" > /etc/modules-load.d/vfio.conf diff --git a/ingredients/base.cfg b/ingredients/base.cfg index 81cea6c..e85a506 100644 --- a/ingredients/base.cfg +++ b/ingredients/base.cfg @@ -9,15 +9,15 @@ text # Perform installation in text mode -keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandie +keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandy lang en_US.UTF-8 # Set system language to American English. More languages could be supported: --addsupport=cs_CZ,de_DE,en_UK timezone Europe/Paris --utc # Set system timezone to Paris rootpw --lock --iscrypted locked # Lock the root account -selinux --enforcing # Make sure SELinux is in enforced mode -firewall --enabled --service=mdns # Make sure the firewall is enabled -services --enabled=NetworkManager --disabled=sshd +selinux --disabled # Make sure SELinux is disabled / Other option: --enforcing +firewall --enabled # Make sure the firewall is enabled +services --enabled=NetworkManager,systemd-resolved --disabled=sshd network --onboot=yes --bootproto=dhcp --device=link --activate --hostname=phyllome-alpha # Configure network interfaces and set hostname. "link" selects the first device reaching an up state zerombr # WARNING : Dangerous command ! Will clear the Master Boot Record diff --git a/recipes/live-desktop-hypervisor.cfg b/recipes/live-desktop-hypervisor.cfg index e3505bc..6c245c3 100644 --- a/recipes/live-desktop-hypervisor.cfg +++ b/recipes/live-desktop-hypervisor.cfg @@ -15,7 +15,7 @@ # Temporary disable SELinux: # setenforce 0 # Use the following command to create an ISO file, as the root user: -# livemedia-creator --make-iso --ks ../dishes/live-phyllome-desktop.cfg --no-virt --iso-only --iso-name phyllome-desktop-x86_64.iso --releasever 35 +# livemedia-creator --make-iso --ks ../dishes/live-phyllome-desktop.cfg --no-virt --iso-only --iso-name phyllome-desktop-x86_64.iso --releasever 38 # The resulting ISO can be tested with qemu-kvm, using the following these two commands, as *root*: # UEFI test: