new devel recipes

Reviewed-on: #4

.gitea/workflows/build-iso.yaml

@@ -0,0 +1,76 @@
+name: release
+
+on: 
+  push:
+    branches:
+      - main  # Or your desired branch
+
+jobs:
+  checkout:
+    runs-on: fedora-cloud-42
+    defaults:
+      run:
+        shell: bash
+    container: 
+      image: git.phyllo.me/devops/fedora-runner-image:latest
+
+    steps:
+      - uses: https://git.phyllo.me/devops/checkout@v5
+        with:
+          fetch-depth: 0
+   
+      - name: Initialize mock
+        run: |
+          mock -r fedora-43-x86_64 --init
+
+      - name: Install required packages
+        run: |
+          mock -r fedora-43-x86_64 --install lorax-lmc-novirt vim-minimal pykickstart livecd-tools
+
+      - name: Copy configuration file to mock
+        run: |
+          mock -r fedora-43-x86_64 --copyin dishes/live-server.cfg /builddir
+
+      - name: Build ISO with livemedia-creator
+        run: |
+          mock -r fedora-43-x86_64 --shell --enable-network --isolation=simple << 'EOF'
+          cd /builddir
+          livemedia-creator --ks live-server.cfg --no-virt --resultdir /var/lmc --project live-desktop-hypervisor --make-iso --volid live-desktop-hypervisor --iso-only --iso-name server-43.iso --releasever 43 --macboot
+          EOF
+
+      - name: Upload ISO as artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: server-43.iso
+          path: /var/lmc/server-43.iso
+          if-no-files-found: error
+
+      - name: Create Release
+        if: github.ref == 'refs/heads/main'
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: iso-build-${{ github.run_number }}
+          release_name: ISO Build ${{ github.run_number }}
+          body: |
+            Build artifact from workflow run ${{ github.run_number }}
+            ISO file: server-43.iso
+          draft: false
+          prerelease: false
+
+      - name: Upload ISO to Release
+        if: github.ref == 'refs/heads/main'
+        uses: actions/upload-release-asset@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: /var/lmc/server-43.iso
+          asset_name: server-43.iso
+          asset_content_type: application/x-iso9660-image
+
+      - name: Cleanup mock environment
+        if: always()
+        run: |
+          mock -r fedora-43-x86_64 --clean

.gitignore

@@ -0,0 +1,3 @@
+.aider*
+# dishes/
+# !dishes/

README.md

@@ -1,224 +1,193 @@
-# Phyllome OS
+# Kickstart Phyllome OS
 
-Phyllome OS is a [Fedora Remix](https://fedoraproject.org/wiki/Remix) designed to leverage [hardware-assisted virtualization](https://wiki.phyllo.me/virt/lexicon#hardware-assisted-virtualization) and [paravirtualization](https://wiki.phyllo.me/virt/lexicon#paravirtualization) to make it easier to run virtualized operating systems locally.
+[Phyllome OS](https://wiki.phyllo.me/phyllomeos/context) uses the [kickstart installation method](https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-1-introduction) to deploy itself to a specific target computer or virtual machine by means of kickstart files.
 
-Phyllome OS uses the [automated kickstart installation](https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-1-introduction) method to deploy itself to a specific target computer or virtual machine.
+Provided that some dependencies are met (`libvirt` is running on your computer, QEMU is installed, etc), one could run the following script to deploy virtual machines, including Phyllome OS itself.
 
-> Phyllome OS is in its ***alpha*** stage of development. Expect bugs and disappointment
-
-## The content of this repository
-
-Each version of Phyllome OS is like a `dish` that is based on a `recipe` that lists `ingredients`, or basic building blocks for assembling Phyllome OS and other derivatives.
-
-* `ingredients`🥑 🥥 🥭 🥝 🥦 🥬 🥒 🧄: Each ingredient represents a feature or a set of integrated features, such as a specific Desktop Environment
-
-`cat ingredients/base-storage.cfg`
+- Make the script executable:
 
 ```
+chmod +x deploy-vm.sh
+```
+
+- Execute it and pick `virtual-desktop-hypervisor` when prompted:
+
+```
+./deploy-vm.sh
+
+Executing: ./scripts/core-count.sh
+System has more than 2 core (nproc --all: 6).
 [...]
-# What ? This kickstart file provides a basic ext4 unencrypted partition layout for UEFI-based systems
-
-part /boot/efi --fstype="efi" --size=128 --fsoptions="umask=0077,shortname=winnt" --label=efi # Will create an EFI system partitition of 128 MiB (vda1)
-part /boot --fstype="ext4" --size=512 --label=boot # Create a boot partition of 512 MiB using the ext4 filesystem (vda2)
-part / --fstype="ext4" --grow --label=root # The remaining space will be used for root (vda3)
-```
-
-* `recipes`🧾 🧩: this directory contains recipes for deploying operating system artifacts on bare-metal, as a live system, or inside a virtual machine.
-
-`cat recipes/desktop-hypervisor.cfg`
-
-```
-# What ? This kickstart file bootstraps a desktop hypervisor.
-
+10. virtual-desktop-hypervisor
 [...]
+Enter the number of the file you want to select: 10
+You selected: virtual-desktop-hypervisor
 
-%include ../ingredients/base-fedora-repo.cfg # offical repositories for Fedora
-%include ../ingredients/base-storage.cfg # base storage
-%include ../ingredients/base.cfg # A minimal machine
-%include ../ingredients/base-desktop-gnome.cfg # A desktop environment based on GNOME Shell
-%include ../ingredients/base-desktop-virtual-machine-manager.cfg # the virtual machine manager
-%include ../ingredients/base-hypervisor.cfg # A base hypervisor
-%include ../ingredients/base-initial-setup-gnome.cfg # Includes initial-setup for GNOME Shell, allowing for the creation of a user after the first boot, as well as some basic configuration
+Starting install...
+Retrieving 'vmlinuz'                                                                                     |  16 MB  00:00:00     
+Retrieving 'initrd.img'                                                                                  | 161 MB  00:00:05     
+Allocating 'virtinst-n0km88yy-vmlinuz'                                                                   |  16 MB  00:00:00     
+Transferring 'virtinst-n0km88yy-vmlinuz'                                                                 |  16 MB  00:00:00     
+Allocating 'virtinst-qxr2jxcb-initrd.img'                                                                | 161 MB  00:00:00     
+Transferring 'virtinst-qxr2jxcb-initrd.img'                                                              | 161 MB  00:00:00     
+Allocating 'virtual-desktop-hypervisor.img'                                                              |  10 GB  00:00:00     
+Creating domain...                              
 ```
+After a successfull installation, the virtual machine will shutdown and be ready to use when powered on again.
 
-* `dishes`🥨 🥐 🥖 🥧 🥞 🥯 🧆 🧁...: the end-product in the form of stand-alone and ready-to-consume kickstart file
+## Repository structure
 
-`cat dishes/desktop-hypervisor.cfg`
+This repository contains such files broken down as:
 
-```
-# Generated by pykickstart v3.58
-#version=DEVEL
-# Use text mode install
-text
-# Firewall configuration
-firewall --enabled --service=mdns
-# Keyboard layouts
-keyboard --xlayouts='ch (fr)'
-# System language
-lang en_US.UTF-8
-# Network information
+* `ingredients`🥑 🥥 🥭 🥝 🥦 🥬 🥒 🧄: the basic building blocks for assembling Phyllome OS and other derivatives.
 
-[...]
+* `recipes`🧾 🧩: lists of ingredients to compose several editions
 
-%end
+* `dishes`🥨 🥐 🥖 🥧 🥞 🥯 🧆 🧁: read-to-consume and standalone kickstart artifacts, which can be used to deploy complete systems
 
-%packages --exclude-weakdeps
-@core
-@hardware-support
-NetworkManager-wifi
-dejavu-sans-mono-fonts
-fedora-remix-logos
-firefox
-generic-logos
-generic-release
-generic-release-common
-generic-release-notes
-gnome-backgrounds.noarch
-gnome-initial-setup
-gnome-shell
-gnome-terminal
-guestfs-tools
-libguestfs-tools
-libusb
-libvirt
-libvirt-daemon-config-network
-libvirt-daemon-kvm
-mesa-dri-drivers
-mozilla-ublock-origin.noarch
-nano
-pciutils
-python3-libguestfs
-qemu-kvm
-usbutils
-virt-install
-virt-manager
-virt-top
-wget
-wpa_supplicant
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
--gnome-tour
-
-%end
-```
+Each ingredient represents a feature or a set of integrated features, such as a specific Desktop Environment or a storage configuration. 
+    - Ingredients prefixed with *live* such as `live-core.cfg` are to be used with live editions only
+    - *core* ingredients are meant be used in all their respective recipes, *base* ingredients, recommended but optional, and extra provides more stuff (sic)
 
 ## Development
 
-Let's assume you wish to add [Luanti](https://www.luanti.org/), a free and open-source sandbox video game engine, as an ingredient to a dish.
+Using a pull request, you can suggest a modification to an existing ingredient or create a new ingredient from scratch.
 
-* Clone this repository and change directory:
+### Requirements
+
+- `qemu`
+- `libvirt`
+- `virt-install`
+- `pykickstart`
+
+### Example 1: add a new package and include it into a recipe
+
+- Add [Luanti](https://www.luanti.org/), a free and open-source sandbox video game engine formerly known as Minetest, as a standalone ingredient, using the `echo` command
 
 ```
-$ git clone https://git.phyllo.me/roots/phyllomeos && cd phyllomeos
+echo "%packages --exclude-weakdeps # Beginning of the package section. Does not include weak dependencies
+
+luanti # Multiplayer infinite-world block sandbox with survival mode
+
+%end # End of the packages section" > ingredients/extra-luanti.cfg
 ```
 
-* Make a copy of the `template.cfg` file and rename it
+Instead of creating a recipe from scratch, let's make a copy of the `virtual-desktop.cfg` recipe, which provide a Desktop environment necessary for *luanti* to function
 
 ```
-$ cp ingredients/template.cfg ingredients/extra-luanti.cfg
+cp recipes/virtual-desktop.cfg recipes/virtual-desktop-luanti.cfg
 ```
 
-* Add software `luanti` to your file:
+- Add the extra ingredient to the new recipe:
 
-```
-$ nano ingredients/extra-luanti.cfg
+``` 
+echo "%include ../ingredients/extra-luanti.cfg # Sandbox video game engine" >> recipes/virtual-desktop-luanti.cfg
 ```
 
-```
-# What ? This partial kickstart file provides the video game Luanti
+#### Flatten
 
-%packages --exclude-weakdeps # Beginning of the packages section. Excludes weak package dependencies
-
-luanti # a free and open-source sandbox video game
-
-%end
-```
-
-* Navigate inside the `recipes` folder:
+- Prepare the dish by following the recipe, a process called 'flattening'
 
 ```
-$ cd recipes
-```
-
-* Pick a suitable recipe to add your ingredient to it. As luanti is a GUI application, `virtual-desktop.cfg` is a fitting candidate. Make a copy of it.
-
-```
-$ cp virtual-desktop.cfg virtual-desktop-lunanti.cfg
-```
-
-* Edit the file and add the newly defined ingredient:
-
-```
-$ nano virtual-desktop-luanti.cfg
-```
-
-```
-%include ../ingredients/base-fedora-repo.cfg # offical repositories for Fedora
-%include ../ingredients/base-storage.cfg # base storage
-%include ../ingredients/base.cfg # A minimal machine
-%include ../ingredients/base-desktop-gnome.cfg # A desktop environment
-%include ../ingredients/base-guest-agents.cfg # Guest agents
-%include ../ingredients/base-initial-setup-gnome.cfg # Includes initial-setup for GNOME Shell, allowing for the creation of a user after the first boot, as well as some basic configuration
-
-%include ../ingredients/extra-luanti.cfg # A free and open-source sandbox video game
-
-poweroff # Shut down the system after a successful installation
-```
-
-* Merge the kickstart basic building blocks a single file, or dish. This process is called 'flattening'.
-
-```
-$ ksflatten -c virtual-desktop-lunanti.cfg -o ../dishes/virtual-desktop-luanti.cfg
+ksflatten -c recipes/virtual-desktop-luanti.cfg -o dishes/virtual-desktop-luanti.cfg
 ```
 
 > If any errors are detected, go back and fix them.
 
-If multiple dishes are affected by your ingredients, flatten them all while in the `recipes` folder.
+It is time to test the new dish!
+
+#### Kickstart
+
+- Make the `deploy-vm.sh` script executable
+
+```
+chmod +x deploy-vm.sh
+```
+
+- Execute the script
+
+```
+./deploy-vm.sh
+```
+
+- Select the new dish, *virtual-desktop-luanti*
+
+```
+[...]
+Available files:
+1. desktop-hypervisor-amdcpu
+[...]
+14. virtual-desktop-luanti
+```
+
+- When the installation is done, the machine will shut down
+
+- Start it again, and ensure that Luanti has correctly been installed
+
+That's it !
+
+### Example 2: Create a new recipe from the existing list of ingredients
+
+The file `recipes/_list-of-ingredients.cfg` can be copied and edited to create your own remix of Phyllome OS, which itself is a remix of Fedora.
+
+```
+cp recipes/_list-of-ingredients.cfg recipes/my-new-distro.cfg
+```
+
+Then edit the said file to include your favorite ingredient
+
+```
+nano recipes/my-new-distro.cfg
+```
+
+```
+#            __          ____                        ____  _____
+#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
+#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
+#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
+#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
+# /_/          /____/
+
+# The list of ingredients for composing Phyllome OS
+# Uncomment lines with "%include" to enable ingredient
+
+# Installation method
+# Exactly one option has to be picked
+# %include ../ingredients/core.cfg # Text mode
+# %include ../ingredients/live-core.cfg # For live systems only
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#graphical-or-text-or-cmdline
+
+# Storage configuration 
+# Exactly one option has to be picked
+# WARNING !!! Will erase local disks!
+# %include ../ingredients/core-storage.cfg # Basic ext4 partition layout for UEFI-based systems
+# %include ../ingredients/live-core-storage.cfg # For live systems only
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#part-or-partition
+[...]
+```
+
+- Once you are done, you can [flatten](#flatten) the file and [kickstart](#kickstart) it as explained in the previous section.
+
+## FAQ
+
+If multiple dishes are affected by your ingredient, you can flatten them all
+
+- Navigate to the recipes' directory
+
+```
+cd recipes
+```
+
+- Then use the following
 
 ```
 for filename in *.cfg; do ksflatten -c "$filename" -o "../dishes/$filename"; done
 ```
 
-* Navigate inside the `dishes` folder:
+The following message can safetly be ignored:
 
 ```
-$ cd ../dishes/
-```
-
-* You can then kickstart your own installation:
-
-```
-# virt-install \
-    --connect qemu:///system \
-    --metadata description="Phyllome OS Desktop, virtual edition, with Luanti" \
-    --os-variant fedora41 \
-    --virt-type kvm \
-    --arch x86_64 \
-    --machine q35 \
-    --name virtual-desktop-luanti \
-    --boot uefi \
-    --cpu host-model,topology.sockets=1,topology.cores=2,topology.threads=1 \
-    --vcpus 2 \
-    --memory 4096 \
-    --video virtio \
-    --graphics spice,listen=none \
-    --channel spicevmc \
-    --autoconsole none \
-    --console pty,target.type=virtio \
-    --sound none \
-    --network type=user,model=virtio \
-    --controller type=virtio-serial \
-    --controller type=usb,model=none \
-    --controller type=scsi,model=virtio-scsi \
-    --input type=keyboard,bus=virtio \
-    --input type=tablet,bus=virtio \
-    --rng /dev/urandom,model=virtio \
-    --disk path=/var/lib/libvirt/images/virtual-phyllome-desktop.img,format=raw,bus=virtio,cache=writeback,size=5 \
-    --location=https://download.fedoraproject.org/pub/fedora/linux/releases/42/Everything/x86_64/os/ \
-    --initrd-inject virtual-desktop-luanti.cfg --extra-args "inst.ks=file:virtual-desktop-luanti.cfg"
+/usr/lib/python3.13/site-packages/pykickstart/commands/partition.py:461: KickstartParseWarning: A partition with the mountpoint / has already been defined.
 ```
 
 ## Acknowledgement

all-ingredients.cfg

@@ -6,7 +6,7 @@
 # /_/          /____/
 
 # The list of ingredients for composing Phyllome OS
-# Uncomment to enable option
+# Uncomment lines with "%include" to enable ingredient
 
 # Installation method
 # Exactly one option has to be picked
@@ -47,56 +47,54 @@
 
 # Repositories 
 # Exactly one option has to be picked
-# %include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
-# %include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
+# %include ../ingredients/core-fedora-repo.cfg # Official repositories for Fedora
+# %include ../ingredients/core-fedora-repo-rawhide.cfg # Official repositories for Fedora Rawhide
 
-### Package selection ###
-# Mandatory packages. Exactly one option has to be picked
-# %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-# %include ../ingredients/core-packages-mandatory-trimming-attempt.cfg # Trimming attempt for the mandatory packages 
-
-# Mandatory packages to make it a generic distribution. Required
-# %include ../ingredients/core-packages-generic.cfg # Generic
-
-# Mandatory packages for live edition. Required
+# Packages 
+# Exactly one option has to be picked
+# %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages
+# %include ../ingredients/core-packages-mandatory-trimming-attempt.cfg # Trimming attempt for the mandatory packages
+# Mandatory packages for live editions
 # %include ../ingredients/live-core-mandatory-packages.cfg # For live systems
+# Other optional packages
+# Recommended but not strictly required
+# %include ../ingredients/core-packages-default.cfg # Recommended extra packages
+# %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support. Recommended for non-virtual systems
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-9-package-selection
 
-# Other optional packages. Recommended but not stricly required
-# %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-# %include ../ingredients/core-packages-custom.cfg # Hand-picked packages
-# %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-### End of Package selection ###
-
-### Pre and post section ###
-# Scripts launched before the installation. Optionnal. Two options can be picked
+# Pre- and post-installation sections
+# Optional
+# All options can be picked
 # %include ../ingredients/pre.cfg # Triggered just after the kickstart file has been parsed
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-4-pre-installation-script
 # %include ../ingredients/pre-install.cfg # Script triggered just after the system storage has been set up
-# Scripts launched after the installation. Optionnal.
-# %include ../ingredients/phyllomeos/ingredients/core-post-nochroot.cfg # Triggered after the installation no chroot
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-5-pre-install-script
+# %include ../ingredients/core-post-nochroot.cfg # Triggered after the installation no chroot
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-6-post-installation-script
 # %include ../ingredients/core-post.cfg # Triggered after the installation
+# Documentation: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-6-post-installation-script
+# Two options have to be picked, for live systems only
 # %include ../ingredients/live-core-post.cfg # Post configuration script for a live system only
 # %include ../ingredients/live-core-post-live-session.cfg # Live session script
-### End of pre and post section ###
-### Pre and post section ###
 
-# OEM setup 
+# OEM setup
 # Exactly one option has to be picked
-# %include ../ingredients/core-desktop-initial-setup.cfg #  Ensures that GNOME initial setup will launch on the first system start-up
+# %include ../ingredients/core-desktop-initial-setup.cfg # Ensures that GNOME initial setup will launch on the first system start-up
 # %include ../ingredients/core-server-initial-setup.cfg # For headless systems
 
-# A GNOME Shell-based desktop environment. 
-# Optionnal
+# A GNOME Shell-based desktop environment
+# Optional
 # %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment
 # Documentation: https://fedoraproject.org/wiki/InitialSetup
 
 # Virtualization-related packages
-# Optionnal
+# Optional
 # %include ../ingredients/base-desktop-virtual-machine-manager.cfg # Virtual Machine Manager
-# %include ../ingredients/base-hypervisor.cfg # Base hypervisor
+# %include ../ingredients/base-hypervisor.cfg # Generic building block to build a virtualization host
 
 # Virtualization-related options
-# Optionnal
+# Optional
 # %include ../ingredients/base-hypervisor-amdcpu.cfg # Virtualization configuration for AMD (tm) CPUs
 # %include ../ingredients/base-hypervisor-intelcpu.cfg # Virtualization configuration for Intel (tm) CPUs
 # %include ../ingredients/base-hypervisor-intelgpu.cfg # Virtualization configuration for Intel (tm) GPUs from 4th to the 9th generation (compatible with vfio-mdev)
-# %include ../ingredients/base-guest-agents.cfg # Guest agents
+# %include ../ingredients/base-guest-agents.cfg # Guest agents

deploy.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+# Function to execute a script
+execute_script() {
+  local script_to_execute="$1"
+  echo "Executing: $script_to_execute"
+  "$script_to_execute" || {
+    echo "Script failed: $script_to_execute"
+    return 1  # Indicate failure
+  }
+  return 0  # Indicate success
+}
+
+# Array of scripts
+scripts=(
+  "./scripts/install-prerequisites-on-linux.sh"
+  "./scripts/core-count.sh"
+  "./scripts/system-memory.sh"
+  "./scripts/deploy-distro.sh"
+)
+
+# Iterate through the scripts and execute them
+for script in "${scripts[@]}"; do
+  execute_script "$script"
+done
+
+echo "All scripts executed."

dishes/desktop-hypervisor-amdcpu.cfg

@@ -3,7 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -14,18 +14,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -35,15 +34,14 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %post --logfile=/mnt/sysimage/root/post.log
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
@@ -61,7 +59,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -130,7 +128,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
@@ -193,7 +191,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -223,7 +221,7 @@ mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso image
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-amdcpu.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor-amdcpu.log
 
 sed -i 's/\(quiet\)/\1 iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. 
 
@@ -265,10 +263,10 @@ generic-release-common
 generic-release-notes
 glibc
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
-guestfs-tools
 hostname
 intel-audio-firmware
 intel-gpu-firmware
@@ -282,11 +280,22 @@ kbd
 kernel
 less
 libertas-firmware
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 mesa-dri-drivers
 mozilla-ublock-origin.noarch
@@ -299,11 +308,13 @@ openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-kvm
 realtek-firmware
 rootfiles
@@ -322,15 +333,9 @@ util-linux
 vim-minimal
 virt-install
 virt-manager
-virt-top
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/desktop-hypervisor-intelcpu-intelgpu.cfg

@@ -3,7 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -14,18 +14,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -35,15 +34,14 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %post --logfile=/mnt/sysimage/root/post.log
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
@@ -61,7 +59,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -130,7 +128,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
@@ -193,7 +191,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -223,7 +221,7 @@ mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso image
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor-intelcpu.log
 
 sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB.
 
@@ -231,7 +229,7 @@ echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelgpu.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor-intelgpu.log
 
 sed -i 's/\(vfio-pci\)/\1 i915.enable_gvt=1/i' /mnt/sysimage/etc/default/grub # Load kernel modules in grub.
 
@@ -275,10 +273,10 @@ generic-release-common
 generic-release-notes
 glibc
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
-guestfs-tools
 hostname
 intel-audio-firmware
 intel-gpu-firmware
@@ -292,11 +290,22 @@ kbd
 kernel
 less
 libertas-firmware
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 mesa-dri-drivers
 mozilla-ublock-origin.noarch
@@ -309,11 +318,13 @@ openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-kvm
 realtek-firmware
 rootfiles
@@ -332,15 +343,9 @@ util-linux
 vim-minimal
 virt-install
 virt-manager
-virt-top
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/desktop-hypervisor-intelcpu.cfg

@@ -3,7 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -14,18 +14,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -35,15 +34,14 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %post --logfile=/mnt/sysimage/root/post.log
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
@@ -61,7 +59,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -130,7 +128,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
@@ -193,7 +191,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -223,7 +221,7 @@ mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso image
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor-intelcpu.log
 
 sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB.
 
@@ -265,10 +263,10 @@ generic-release-common
 generic-release-notes
 glibc
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
-guestfs-tools
 hostname
 intel-audio-firmware
 intel-gpu-firmware
@@ -282,11 +280,22 @@ kbd
 kernel
 less
 libertas-firmware
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 mesa-dri-drivers
 mozilla-ublock-origin.noarch
@@ -299,11 +308,13 @@ openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-kvm
 realtek-firmware
 rootfiles
@@ -322,15 +333,9 @@ util-linux
 vim-minimal
 virt-install
 virt-manager
-virt-top
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/desktop-hypervisor.cfg

@@ -3,7 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -14,18 +14,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -35,15 +34,14 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %post --logfile=/mnt/sysimage/root/post.log
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
@@ -61,7 +59,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -130,7 +128,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
@@ -193,7 +191,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -257,10 +255,10 @@ generic-release-common
 generic-release-notes
 glibc
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
-guestfs-tools
 hostname
 intel-audio-firmware
 intel-gpu-firmware
@@ -274,11 +272,22 @@ kbd
 kernel
 less
 libertas-firmware
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 mesa-dri-drivers
 mozilla-ublock-origin.noarch
@@ -291,11 +300,13 @@ openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-kvm
 realtek-firmware
 rootfiles
@@ -314,15 +325,9 @@ util-linux
 vim-minimal
 virt-install
 virt-manager
-virt-top
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/desktop.cfg

@@ -0,0 +1,222 @@
+# Generated by pykickstart v3.62
+#version=DEVEL
+# Use text mode install
+text
+# Firewall configuration
+firewall --enabled
+# Run the Setup Agent on first boot
+firstboot --reconfig
+# Keyboard layouts
+keyboard --xlayouts='ch (fr)'
+# System language
+lang en_US.UTF-8
+# Network information
+network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
+# Shutdown after installation
+shutdown
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
+# SELinux configuration
+selinux --enforcing
+# System services
+services --enabled="NetworkManager,systemd-resolved"
+# System timezone
+timezone Europe/Zurich --utc
+# Use network installation
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
+# X Window System configuration information
+xconfig  --defaultdesktop=GNOME --startxonboot
+# System bootloader configuration
+bootloader --location=mbr --timeout=1
+# Clear the Master Boot Record
+zerombr
+# Partition clearing information
+clearpart --all --initlabel
+# Disk partitioning information
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot --fstype="ext4" --size=512 --label=boot
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
+
+%post --logfile=/mnt/sysimage/root/post.log
+
+localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
+dnf update -y # Update the system 
+
+%end
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-initial-setup-gnome.log
+
+truncate -s 0 /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf # remove content of vendor.conf so that all options are made available
+
+## Append lines to existing vendor.conf file, so that options are skipped upon reboot
+cat >> /mnt/sysimage/usr/share/gnome-initial-setup/vendor.conf<< EOF
+[pages]
+skip=privacy
+[goa]
+providers=local-first!
+EOF
+
+%end
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
+
+# cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
+# [org.gnome.desktop.background]
+# picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg'
+# EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF
+[org.gnome.desktop.media-handling]
+automount-open=false
+autorun-never=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF
+[org.gnome.Terminal.Legacy.Profile]
+font='DejaVu Sans Mono 12'
+use-system-font=false
+audible-bell=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF
+[org.gnome.desktop.wm.preferences]
+button-layout=':minimize,maximize,close'
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF
+[org.gnome.desktop.a11y]
+always-show-universal-access-status=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF
+[org.gnome.desktop.interface]
+enable-animations=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF
+[org.gnome.desktop.privacy]
+remove-old-temp-files=true
+remember-recent-files=false
+remember-app-usage=false
+disable-camera=true
+disable-microphone=true
+disable-sound-output=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF
+[org.gnome.desktop.search-providers]
+disable-external=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF
+[org.gnome.desktop.notifications.application]
+enable-sound-alerts=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF
+[org.gnome.desktop.sound]
+event-sounds=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF
+[org.gnome.desktop.thumbnailers]
+disable-all=true
+EOF
+
+glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
+
+%end
+
+%packages --exclude-weakdeps
+NetworkManager
+NetworkManager-config-connectivity-fedora
+NetworkManager-wifi
+alsa-sof-firmware
+amd-gpu-firmware
+atheros-firmware
+audit
+b43-fwcutter
+b43-openfwwf
+basesystem
+bash
+brcmfmac-firmware
+cirrus-audio-firmware
+coreutils
+curl
+dejavu-sans-mono-fonts
+dhcp-client
+dnf5
+dnf5-plugins
+dracut
+dracut-config-rescue
+e2fsprogs
+fedora-remix-logos
+filesystem
+firefox
+firewalld
+fwupd
+generic-logos
+generic-release
+generic-release-common
+generic-release-notes
+glibc
+gnome-backgrounds.noarch
+gnome-control-center
+gnome-initial-setup
+gnome-shell
+gnome-terminal
+hostname
+intel-audio-firmware
+intel-gpu-firmware
+intel-vsc-firmware
+iproute
+iputils
+iwlegacy-firmware
+iwlwifi-dvm-firmware
+iwlwifi-mvm-firmware
+kbd
+kernel
+less
+libertas-firmware
+libusb
+man-db
+mesa-dri-drivers
+mozilla-ublock-origin.noarch
+mt7xxx-firmware
+nano
+ncurses
+nvidia-gpu-firmware
+nxpwireless-firmware
+openssh-clients
+openssh-server
+parted
+pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
+plymouth
+policycoreutils
+prefixdevname
+procps-ng
+realtek-firmware
+rootfiles
+rpm
+selinux-policy-targeted
+setup
+shadow-utils
+sssd-common
+sssd-kcm
+sudo
+systemd
+systemd-resolved
+tiwilink-firmware
+usbutils
+util-linux
+vim-minimal
+wget
+wpa_supplicant
+zram-generator-defaults
+-gnome-tour
+
+%end

dishes/live-desktop-hypervisor.cfg

@@ -1,7 +1,7 @@
 # Generated by pykickstart v3.62
 #version=DEVEL
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -12,18 +12,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -40,11 +39,10 @@ part / --size=8576
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
-%post --logfile=/mnt/sysimage/root/post.log
+%post --logfile=/mnt/sysimage/root/post-live-core.log
 
 # Enable livesys services
 systemctl enable livesys.service
@@ -117,7 +115,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -186,7 +184,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
@@ -249,7 +247,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -317,10 +315,10 @@ generic-release-notes
 glibc
 glibc-all-langpacks
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
-guestfs-tools
 hostname
 intel-audio-firmware
 intel-gpu-firmware
@@ -336,11 +334,22 @@ kernel-modules
 kernel-modules-extra
 less
 libertas-firmware
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 livesys-scripts
 man-db
 mesa-dri-drivers
@@ -354,11 +363,13 @@ openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-kvm
 realtek-firmware
 rootfiles
@@ -377,15 +388,9 @@ util-linux
 vim-minimal
 virt-install
 virt-manager
-virt-top
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/live-desktop.cfg

@@ -1,7 +1,7 @@
 # Generated by pykickstart v3.62
 #version=DEVEL
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -12,18 +12,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager"
+services --enabled="NetworkManager,systemd-resolved"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -40,11 +39,10 @@ part / --size=8576
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
-%post --logfile=/mnt/sysimage/root/post.log
+%post --logfile=/mnt/sysimage/root/post-live-core.log
 
 # Enable livesys services
 systemctl enable livesys.service
@@ -117,7 +115,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -224,6 +222,7 @@ generic-release-notes
 glibc
 glibc-all-langpacks
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
@@ -256,6 +255,9 @@ openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
@@ -278,11 +280,6 @@ vim-minimal
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/live-server-hypervisor.cfg

@@ -1,7 +1,7 @@
 # Generated by pykickstart v3.62
 #version=DEVEL
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -12,18 +12,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # System bootloader configuration
 bootloader --location=none --timeout=1
 # Clear the Master Boot Record
@@ -38,11 +37,10 @@ part / --size=8576
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
-%post --logfile=/mnt/sysimage/root/post.log
+%post --logfile=/mnt/sysimage/root/post-live-core.log
 
 # Enable livesys services
 systemctl enable livesys.service
@@ -101,7 +99,7 @@ sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -165,7 +163,6 @@ generic-release-common
 generic-release-notes
 glibc
 glibc-all-langpacks
-guestfs-tools
 hostname
 initial-setup
 intel-audio-firmware
@@ -182,11 +179,22 @@ kernel-modules
 kernel-modules-extra
 less
 libertas-firmware
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 livesys-scripts
 man-db
 mt7xxx-firmware
@@ -202,7 +210,6 @@ plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-kvm
 realtek-firmware
 rootfiles
@@ -220,13 +227,7 @@ usbutils
 util-linux
 vim-minimal
 virt-install
-virt-top
 wget
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 
 %end

dishes/live-server.cfg

@@ -1,7 +1,7 @@
 # Generated by pykickstart v3.62
 #version=DEVEL
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -12,18 +12,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager"
+services --enabled="NetworkManager,systemd-resolved"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # System bootloader configuration
 bootloader --location=none --timeout=1
 # Clear the Master Boot Record
@@ -38,11 +37,10 @@ part / --size=8576
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
-%post --logfile=/mnt/sysimage/root/post.log
+%post --logfile=/mnt/sysimage/root/post-live-core.log
 
 # Enable livesys services
 systemctl enable livesys.service
@@ -165,10 +163,5 @@ util-linux
 vim-minimal
 wget
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 
 %end

dishes/virtual-desktop-hypervisor.cfg

@@ -3,7 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -14,18 +14,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -35,15 +34,14 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %post --logfile=/mnt/sysimage/root/post.log
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
@@ -61,7 +59,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -130,7 +128,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
@@ -193,7 +191,7 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -227,9 +225,16 @@ mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso image
 NetworkManager
 NetworkManager-config-connectivity-fedora
 NetworkManager-wifi
+alsa-sof-firmware
+amd-gpu-firmware
+atheros-firmware
 audit
+b43-fwcutter
+b43-openfwwf
 basesystem
 bash
+brcmfmac-firmware
+cirrus-audio-firmware
 coreutils
 curl
 dejavu-sans-mono-fonts
@@ -250,37 +255,61 @@ generic-release-common
 generic-release-notes
 glibc
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
-guestfs-tools
 hostname
+intel-audio-firmware
+intel-gpu-firmware
+intel-vsc-firmware
 iproute
 iputils
+iwlegacy-firmware
+iwlwifi-dvm-firmware
+iwlwifi-mvm-firmware
 kbd
 kernel
 less
-libguestfs-tools
+libertas-firmware
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 mesa-dri-drivers
 mozilla-ublock-origin.noarch
+mt7xxx-firmware
 nano
 ncurses
+nvidia-gpu-firmware
+nxpwireless-firmware
 openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-guest-agent
 qemu-kvm
+realtek-firmware
 rootfiles
 rpm
 selinux-policy-targeted
@@ -292,20 +321,15 @@ sssd-kcm
 sudo
 systemd
 systemd-resolved
+tiwilink-firmware
 usbutils
 util-linux
 vim-minimal
 virt-install
 virt-manager
-virt-top
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/virtual-desktop-hypervisor_devel.cfg

@@ -0,0 +1,292 @@
+# Generated by pykickstart v3.62
+#version=DEVEL
+# Use text mode install
+text
+# Firewall configuration
+firewall --enabled --service=ssh
+# Keyboard layouts
+keyboard --xlayouts='ch (fr)'
+# System language
+lang en_US.UTF-8
+# Network information
+network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
+# Shutdown after installation
+shutdown
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+# Root password
+rootpw --plaintext --allow-ssh 1234
+# SELinux configuration
+selinux --disabled
+# System services
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
+# System timezone
+timezone Europe/Zurich --utc
+# Use network installation
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
+# X Window System configuration information
+xconfig  --defaultdesktop=GNOME --startxonboot
+# System bootloader configuration
+bootloader --location=mbr --timeout=1
+# Clear the Master Boot Record
+zerombr
+# Partition clearing information
+clearpart --all --initlabel
+# Disk partitioning information
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot --fstype="ext4" --size=512 --label=boot
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
+
+# cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
+# [org.gnome.desktop.background]
+# picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg'
+# EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF
+[org.gnome.desktop.media-handling]
+automount-open=false
+autorun-never=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF
+[org.gnome.Terminal.Legacy.Profile]
+font='DejaVu Sans Mono 12'
+use-system-font=false
+audible-bell=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF
+[org.gnome.desktop.wm.preferences]
+button-layout=':minimize,maximize,close'
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF
+[org.gnome.desktop.a11y]
+always-show-universal-access-status=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF
+[org.gnome.desktop.interface]
+enable-animations=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF
+[org.gnome.desktop.privacy]
+remove-old-temp-files=true
+remember-recent-files=false
+remember-app-usage=false
+disable-camera=true
+disable-microphone=true
+disable-sound-output=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF
+[org.gnome.desktop.search-providers]
+disable-external=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF
+[org.gnome.desktop.notifications.application]
+enable-sound-alerts=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF
+[org.gnome.desktop.sound]
+event-sounds=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF
+[org.gnome.desktop.thumbnailers]
+disable-all=true
+EOF
+
+glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
+
+%end
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
+
+# Create a file to autostart virt-manager
+cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
+[Desktop Entry]
+Type=Application
+Name=Virtual Machine Manager
+Exec=virt-manager
+EOF
+
+# Modify the default virt-manager behavior for misc. options
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF
+
+# Modify the default virt-manager behavior for misc. options
+[org.virt-manager.virt-manager]
+xmleditor-enabled=true
+manager-window-height=600
+manager-window-width=200
+
+# Libvirt URIs listed in the manager window
+[org.virt-manager.virt-manager.connections]
+uris=['qemu:///system', 'qemu:///session']
+autoconnect=['qemu:///session']
+
+# Show usage in the domain list
+[org.virt-manager.virt-manager.vmlist-fields]
+cpu-usage=false
+
+# Settings related to statistics
+[org.virt-manager.virt-manager.stats]
+update-interval=3
+enable-disk-poll=true
+enable-memory-poll=true
+enable-net-poll=true
+
+# Default behavior for the console
+[org.virt-manager.virt-manager.console]
+scaling=2
+resize-guest=1
+autoconnect=false
+
+# Do not show toolbar
+[org.virt-manager.virt-manager.details]
+show-toolbar=false
+
+# Modify default values for new VMs
+[org.virt-manager.virt-manager.new-vm]
+storage-format='raw'
+cpu-default='host-model'
+graphics-type='spice'
+
+# Modify the default virt-manager behavior for confirmation dialogues
+[org.virt-manager.virt-manager.confirm]
+forcepoweroff=false
+removedev=false
+unapplied-dev=false
+
+EOF
+
+glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
+
+%end
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
+
+# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
+echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
+echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
+echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
+echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
+
+mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account. 
+
+# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory
+
+# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit 
+# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'.
+# virsh pool-build isos # Build the pool
+# virsh pool-start isos # Start it
+# virsh pool-autostart isos # Set-it to autostart
+
+# fetch custom script and make it executable
+# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
+# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh
+
+# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml
+# virsh define linux.xml
+
+# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml
+# virsh define windows.xml
+
+%end
+
+%packages --exclude-weakdeps
+NetworkManager
+NetworkManager-config-connectivity-fedora
+NetworkManager-wifi
+audit
+basesystem
+bash
+coreutils
+curl
+dejavu-sans-mono-fonts
+dhcp-client
+dnf5
+dnf5-plugins
+dracut
+dracut-config-rescue
+e2fsprogs
+fedora-remix-logos
+filesystem
+firefox
+firewalld
+fwupd
+generic-logos
+generic-release
+generic-release-common
+generic-release-notes
+glibc
+gnome-backgrounds.noarch
+gnome-control-center
+gnome-shell
+gnome-terminal
+hostname
+iproute
+iputils
+kbd
+kernel
+less
+libusb
+libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
+libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
+libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
+man-db
+mesa-dri-drivers
+mozilla-ublock-origin.noarch
+nano
+ncurses
+openssh-clients
+openssh-server
+parted
+pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
+plymouth
+policycoreutils
+prefixdevname
+procps-ng
+qemu-guest-agent
+qemu-kvm
+rootfiles
+rpm
+selinux-policy-targeted
+setup
+shadow-utils
+spice-vdagent
+sssd-common
+sssd-kcm
+sudo
+systemd
+systemd-resolved
+usbutils
+util-linux
+vim-minimal
+virt-install
+virt-manager
+wget
+wpa_supplicant
+zram-generator-defaults
+-gnome-tour
+
+%end

dishes/virtual-desktop.cfg

@@ -3,7 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
+firewall --enabled
 # Run the Setup Agent on first boot
 firstboot --reconfig
 # Keyboard layouts
@@ -14,18 +14,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+#Root password
+rootpw --lock
 # SELinux configuration
-selinux --disabled
+selinux --enforcing
 # System services
-services --enabled="NetworkManager"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # X Window System configuration information
 xconfig  --defaultdesktop=GNOME --startxonboot
 # System bootloader configuration
@@ -35,15 +34,14 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %post --logfile=/mnt/sysimage/root/post.log
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end
 
@@ -61,7 +59,7 @@ EOF
 
 %end
 
-%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]
@@ -130,13 +128,113 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
 
 %end
 
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log
+
+# Create a file to autostart virt-manager
+cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
+[Desktop Entry]
+Type=Application
+Name=Virtual Machine Manager
+Exec=virt-manager
+EOF
+
+# Modify the default virt-manager behavior for misc. options
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF
+
+# Modify the default virt-manager behavior for misc. options
+[org.virt-manager.virt-manager]
+xmleditor-enabled=true
+manager-window-height=600
+manager-window-width=200
+
+# Libvirt URIs listed in the manager window
+[org.virt-manager.virt-manager.connections]
+uris=['qemu:///system', 'qemu:///session']
+autoconnect=['qemu:///session']
+
+# Show usage in the domain list
+[org.virt-manager.virt-manager.vmlist-fields]
+cpu-usage=false
+
+# Settings related to statistics
+[org.virt-manager.virt-manager.stats]
+update-interval=3
+enable-disk-poll=true
+enable-memory-poll=true
+enable-net-poll=true
+
+# Default behavior for the console
+[org.virt-manager.virt-manager.console]
+scaling=2
+resize-guest=1
+autoconnect=false
+
+# Do not show toolbar
+[org.virt-manager.virt-manager.details]
+show-toolbar=false
+
+# Modify default values for new VMs
+[org.virt-manager.virt-manager.new-vm]
+storage-format='raw'
+cpu-default='host-model'
+graphics-type='spice'
+
+# Modify the default virt-manager behavior for confirmation dialogues
+[org.virt-manager.virt-manager.confirm]
+forcepoweroff=false
+removedev=false
+unapplied-dev=false
+
+EOF
+
+glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
+
+%end
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
+
+# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
+echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
+echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
+echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
+echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
+
+mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account. 
+
+# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory
+
+# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit 
+# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'.
+# virsh pool-build isos # Build the pool
+# virsh pool-start isos # Start it
+# virsh pool-autostart isos # Set-it to autostart
+
+# fetch custom script and make it executable
+# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
+# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh
+
+# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml
+# virsh define linux.xml
+
+# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml
+# virsh define windows.xml
+
+%end
+
 %packages --exclude-weakdeps
 NetworkManager
 NetworkManager-config-connectivity-fedora
 NetworkManager-wifi
+alsa-sof-firmware
+amd-gpu-firmware
+atheros-firmware
 audit
+b43-fwcutter
+b43-openfwwf
 basesystem
 bash
+brcmfmac-firmware
+cirrus-audio-firmware
 coreutils
 curl
 dejavu-sans-mono-fonts
@@ -157,30 +255,61 @@ generic-release-common
 generic-release-notes
 glibc
 gnome-backgrounds.noarch
+gnome-control-center
 gnome-initial-setup
 gnome-shell
 gnome-terminal
 hostname
+intel-audio-firmware
+intel-gpu-firmware
+intel-vsc-firmware
 iproute
 iputils
+iwlegacy-firmware
+iwlwifi-dvm-firmware
+iwlwifi-mvm-firmware
 kbd
 kernel
 less
+libertas-firmware
 libusb
+libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
+libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
+libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 mesa-dri-drivers
 mozilla-ublock-origin.noarch
+mt7xxx-firmware
 nano
 ncurses
+nvidia-gpu-firmware
+nxpwireless-firmware
 openssh-clients
 openssh-server
 parted
 pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
 plymouth
 policycoreutils
 prefixdevname
 procps-ng
 qemu-guest-agent
+qemu-kvm
+realtek-firmware
 rootfiles
 rpm
 selinux-policy-targeted
@@ -192,17 +321,15 @@ sssd-kcm
 sudo
 systemd
 systemd-resolved
+tiwilink-firmware
 usbutils
 util-linux
 vim-minimal
+virt-install
+virt-manager
 wget
 wpa_supplicant
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 -gnome-tour
 
 %end

dishes/virtual-desktop_devel.cfg

@@ -0,0 +1,181 @@
+# Generated by pykickstart v3.62
+#version=DEVEL
+# Use text mode install
+text
+# Firewall configuration
+firewall --enabled --service=ssh
+# Keyboard layouts
+keyboard --xlayouts='ch (fr)'
+# System language
+lang en_US.UTF-8
+# Network information
+network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
+# Shutdown after installation
+shutdown
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+# Root password
+rootpw --plaintext --allow-ssh 1234
+# SELinux configuration
+selinux --disabled
+# System services
+services --enabled="NetworkManager,systemd-resolved"
+# System timezone
+timezone Europe/Zurich --utc
+# Use network installation
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
+# X Window System configuration information
+xconfig  --defaultdesktop=GNOME --startxonboot
+# System bootloader configuration
+bootloader --location=mbr --timeout=1
+# Clear the Master Boot Record
+zerombr
+# Partition clearing information
+clearpart --all --initlabel
+# Disk partitioning information
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot --fstype="ext4" --size=512 --label=boot
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-desktop-gnome.log
+
+# cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
+# [org.gnome.desktop.background]
+# picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg'
+# EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF
+[org.gnome.desktop.media-handling]
+automount-open=false
+autorun-never=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF
+[org.gnome.Terminal.Legacy.Profile]
+font='DejaVu Sans Mono 12'
+use-system-font=false
+audible-bell=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF
+[org.gnome.desktop.wm.preferences]
+button-layout=':minimize,maximize,close'
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF
+[org.gnome.desktop.a11y]
+always-show-universal-access-status=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF
+[org.gnome.desktop.interface]
+enable-animations=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF
+[org.gnome.desktop.privacy]
+remove-old-temp-files=true
+remember-recent-files=false
+remember-app-usage=false
+disable-camera=true
+disable-microphone=true
+disable-sound-output=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF
+[org.gnome.desktop.search-providers]
+disable-external=true
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF
+[org.gnome.desktop.notifications.application]
+enable-sound-alerts=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF
+[org.gnome.desktop.sound]
+event-sounds=false
+EOF
+
+cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF
+[org.gnome.desktop.thumbnailers]
+disable-all=true
+EOF
+
+glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
+
+%end
+
+%packages --exclude-weakdeps
+NetworkManager
+NetworkManager-config-connectivity-fedora
+NetworkManager-wifi
+audit
+basesystem
+bash
+coreutils
+curl
+dejavu-sans-mono-fonts
+dhcp-client
+dnf5
+dnf5-plugins
+dracut
+dracut-config-rescue
+e2fsprogs
+fedora-remix-logos
+filesystem
+firefox
+firewalld
+fwupd
+generic-logos
+generic-release
+generic-release-common
+generic-release-notes
+glibc
+gnome-backgrounds.noarch
+gnome-control-center
+gnome-shell
+gnome-terminal
+hostname
+iproute
+iputils
+kbd
+kernel
+less
+libusb
+man-db
+mesa-dri-drivers
+mozilla-ublock-origin.noarch
+nano
+ncurses
+openssh-clients
+openssh-server
+parted
+pciutils
+pipewire-alsa
+pipewire-jack-audio-connection-kit
+pipewire-pulseaudio
+plymouth
+policycoreutils
+prefixdevname
+procps-ng
+qemu-guest-agent
+rootfiles
+rpm
+selinux-policy-targeted
+setup
+shadow-utils
+spice-vdagent
+sssd-common
+sssd-kcm
+sudo
+systemd
+systemd-resolved
+usbutils
+util-linux
+vim-minimal
+wget
+wpa_supplicant
+zram-generator-defaults
+-gnome-tour
+
+%end

dishes/virtual-nano.cfg

@@ -1,98 +0,0 @@
-# Generated by pykickstart v3.62
-#version=DEVEL
-# Use text mode install
-text
-# Firewall configuration
-firewall --disabled
-# Run the Setup Agent on first boot
-firstboot --reconfig
-# Keyboard layouts
-keyboard --xlayouts='ch (fr)'
-# System language
-lang en_US.UTF-8
-# Network information
-network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
-# Shutdown after installation
-shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-# Root password
-rootpw --iscrypted --lock locked
-# SELinux configuration
-selinux --disabled
-# System services
-services --enabled="NetworkManager"
-# System timezone
-timezone Europe/Paris --utc
-# Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
-# System bootloader configuration
-bootloader --location=mbr --timeout=1 --sdboot
-# Clear the Master Boot Record
-zerombr
-# Partition clearing information
-clearpart --all --initlabel
-# Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
-part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
-
-%post --logfile=/mnt/sysimage/root/post.log
-
-localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
-dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
-
-%end
-
-%packages --exclude-weakdeps
-basesystem
-bash
-curl
-dhcp-client
-dnf5
-dracut
-fedora-remix-logos
-filesystem
-generic-logos
-generic-release
-generic-release-common
-generic-release-notes
-glibc
-hostname
-initial-setup
-iproute
-iputils
-kbd
-kernel
-ncurses
-parted
-procps-ng
-qemu-guest-agent
-rootfiles
-rpm
-setup
-shadow-utils
-spice-vdagent
-systemd
-util-linux
--audit
--coreutils
--e2fsprogs
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
--less
--man-db
--openssh-clients
--openssh-server
--policycoreutils
--selinux-policy-targeted
--sssd-common
--sssd-kcm
--sudo
--vim-minimal
-
-%end

dishes/virtual-server-hypervisor.cfg

@@ -3,9 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
-# Run the Setup Agent on first boot
-firstboot --reconfig
+firewall --enabled --service=ssh
 # Keyboard layouts
 keyboard --xlayouts='ch (fr)'
 # System language
@@ -14,18 +12,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
 # Root password
-rootpw --iscrypted --lock locked
+rootpw --plaintext --allow-ssh 1234
 # SELinux configuration
 selinux --disabled
 # System services
-services --enabled="NetworkManager,libvirtd"
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # System bootloader configuration
 bootloader --location=mbr --timeout=1
 # Clear the Master Boot Record
@@ -33,19 +30,11 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
-%post --logfile=/mnt/sysimage/root/post.log
-
-localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
-dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
-
-%end
-
-%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
@@ -98,19 +87,28 @@ generic-release
 generic-release-common
 generic-release-notes
 glibc
-guestfs-tools
 hostname
-initial-setup
 iproute
 iputils
 kbd
 kernel
 less
-libguestfs-tools
 libusb
 libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
 libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
 libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
 man-db
 nano
 ncurses
@@ -122,7 +120,6 @@ plymouth
 policycoreutils
 prefixdevname
 procps-ng
-python3-libguestfs
 qemu-guest-agent
 qemu-kvm
 rootfiles
@@ -140,13 +137,7 @@ usbutils
 util-linux
 vim-minimal
 virt-install
-virt-top
 wget
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 
 %end

dishes/virtual-server-hypervisor_devel.cfg

@@ -0,0 +1,143 @@
+# Generated by pykickstart v3.62
+#version=DEVEL
+# Use text mode install
+text
+# Firewall configuration
+firewall --enabled --service=ssh
+# Keyboard layouts
+keyboard --xlayouts='ch (fr)'
+# System language
+lang en_US.UTF-8
+# Network information
+network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
+# Shutdown after installation
+shutdown
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+# Root password
+rootpw --plaintext --allow-ssh 1234
+# SELinux configuration
+selinux --disabled
+# System services
+services --enabled="NetworkManager,systemd-resolved,libvirtd"
+# System timezone
+timezone Europe/Zurich --utc
+# Use network installation
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
+# System bootloader configuration
+bootloader --location=mbr --timeout=1
+# Clear the Master Boot Record
+zerombr
+# Partition clearing information
+clearpart --all --initlabel
+# Disk partitioning information
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot --fstype="ext4" --size=512 --label=boot
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
+
+%post --nochroot --logfile=/mnt/sysimage/root/base-hypervisor.log
+
+# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
+echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
+echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
+echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
+echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
+
+mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account. 
+
+# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory
+
+# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit 
+# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'.
+# virsh pool-build isos # Build the pool
+# virsh pool-start isos # Start it
+# virsh pool-autostart isos # Set-it to autostart
+
+# fetch custom script and make it executable
+# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
+# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh
+
+# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml
+# virsh define linux.xml
+
+# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml
+# virsh define windows.xml
+
+%end
+
+%packages --exclude-weakdeps
+NetworkManager
+NetworkManager-config-connectivity-fedora
+audit
+basesystem
+bash
+coreutils
+curl
+dhcp-client
+dnf5
+dnf5-plugins
+dracut
+dracut-config-rescue
+e2fsprogs
+fedora-remix-logos
+filesystem
+firewalld
+fwupd
+generic-logos
+generic-release
+generic-release-common
+generic-release-notes
+glibc
+hostname
+iproute
+iputils
+kbd
+kernel
+less
+libusb
+libvirt
+libvirt-client
+libvirt-client-qemu
+libvirt-daemon
+libvirt-daemon-common
+libvirt-daemon-config-network
+libvirt-daemon-driver-ch
+libvirt-daemon-driver-interface
+libvirt-daemon-driver-network
+libvirt-daemon-driver-qemu
+libvirt-daemon-kvm
+libvirt-daemon-log
+libvirt-daemon-qemu
+libvirt-dbus
+libvirt-nss
+man-db
+nano
+ncurses
+openssh-clients
+openssh-server
+parted
+pciutils
+plymouth
+policycoreutils
+prefixdevname
+procps-ng
+qemu-guest-agent
+qemu-kvm
+rootfiles
+rpm
+selinux-policy-targeted
+setup
+shadow-utils
+spice-vdagent
+sssd-common
+sssd-kcm
+sudo
+systemd
+systemd-resolved
+usbutils
+util-linux
+vim-minimal
+virt-install
+wget
+zram-generator-defaults
+
+%end

dishes/virtual-server.cfg

@@ -3,9 +3,7 @@
 # Use text mode install
 text
 # Firewall configuration
-firewall --disabled
-# Run the Setup Agent on first boot
-firstboot --reconfig
+firewall --enabled --service=ssh
 # Keyboard layouts
 keyboard --xlayouts='ch (fr)'
 # System language
@@ -14,18 +12,17 @@ lang en_US.UTF-8
 network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
 # Shutdown after installation
 shutdown
-repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
 # Root password
-rootpw --iscrypted --lock locked
+rootpw --plaintext --allow-ssh 1234
 # SELinux configuration
 selinux --disabled
 # System services
-services --enabled="NetworkManager"
+services --enabled="NetworkManager,systemd-resolved"
 # System timezone
-timezone Europe/Paris --utc
+timezone Europe/Zurich --utc
 # Use network installation
-url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
 # System bootloader configuration
 bootloader --location=mbr --timeout=1
 # Clear the Master Boot Record
@@ -33,17 +30,9 @@ zerombr
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
 part /boot --fstype="ext4" --size=512 --label=boot
-part / --fstype="ext4" --grow --label=root
-
-%post --logfile=/mnt/sysimage/root/post.log
-
-localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
-dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
-
-%end
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
 
 %packages --exclude-weakdeps
 NetworkManager
@@ -69,7 +58,6 @@ generic-release-common
 generic-release-notes
 glibc
 hostname
-initial-setup
 iproute
 iputils
 kbd
@@ -104,10 +92,5 @@ util-linux
 vim-minimal
 wget
 zram-generator-defaults
--fedora-logos
--fedora-release
--fedora-release-common
--fedora-release-identity-basic
--fedora-release-notes
 
 %end

dishes/virtual-server_devel.cfg

@@ -0,0 +1,96 @@
+# Generated by pykickstart v3.62
+#version=DEVEL
+# Use text mode install
+text
+# Firewall configuration
+firewall --enabled --service=ssh
+# Keyboard layouts
+keyboard --xlayouts='ch (fr)'
+# System language
+lang en_US.UTF-8
+# Network information
+network  --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
+# Shutdown after installation
+shutdown
+repo --name="rawhide" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+# Root password
+rootpw --plaintext --allow-ssh 1234
+# SELinux configuration
+selinux --disabled
+# System services
+services --enabled="NetworkManager,systemd-resolved"
+# System timezone
+timezone Europe/Zurich --utc
+# Use network installation
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
+# System bootloader configuration
+bootloader --location=mbr --timeout=1
+# Clear the Master Boot Record
+zerombr
+# Partition clearing information
+clearpart --all --initlabel
+# Disk partitioning information
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi
+part /boot --fstype="ext4" --size=512 --label=boot
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit"
+
+%packages --exclude-weakdeps
+NetworkManager
+NetworkManager-config-connectivity-fedora
+audit
+basesystem
+bash
+coreutils
+curl
+dhcp-client
+dnf5
+dnf5-plugins
+dracut
+dracut-config-rescue
+e2fsprogs
+fedora-remix-logos
+filesystem
+firewalld
+fwupd
+generic-logos
+generic-release
+generic-release-common
+generic-release-notes
+glibc
+hostname
+iproute
+iputils
+kbd
+kernel
+less
+libusb
+man-db
+nano
+ncurses
+openssh-clients
+openssh-server
+parted
+pciutils
+plymouth
+policycoreutils
+prefixdevname
+procps-ng
+qemu-guest-agent
+rootfiles
+rpm
+selinux-policy-targeted
+setup
+shadow-utils
+spice-vdagent
+sssd-common
+sssd-kcm
+sudo
+systemd
+systemd-resolved
+usbutils
+util-linux
+vim-minimal
+wget
+zram-generator-defaults
+
+%end

ingredients/base-desktop-gnome.cfg

@@ -1,18 +1,10 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file provides a basic block to build a minimal and customized desktop-oriented operating system using GNOME Shell.
-
 xconfig --startxonboot --defaultdesktop=GNOME # Start the display session on boot. Although it says --startx, which seems to imply xorg, it is actually generic and thus works also with Wayland.
 
 %packages --exclude-weakdeps # Beginning of the packages section. Excludes weak dependencies
 
 gnome-shell # the version 3 of the GNOME desktop environment, without any presintalled applications
 gnome-terminal # install the default terminal for GNOME Shell
+gnome-control-center # Utilities to configure the GNOME desktop
 -gnome-tour # delete GNOME Tour so it doesn't automatically launch on boot 
 mesa-dri-drivers # add mesa drivers otherwise there is a blank screen when first booting a desktop-based kickstart without virtualization tools 
 dejavu-sans-mono-fonts # the gnome-shell package doesn't include much fonts by default, resulting in weird spacings in GNOME Terminal. GNOME Terminal unfortunately doesn't automatically pick this font 
@@ -21,10 +13,13 @@ wpa_supplicant # WPA Supplicant for Linux. It is not packaged by default in GNOM
 NetworkManager-wifi # Provides the plugin to manage Wireless networking within GNOME Shell
 firefox # Internet browser
 mozilla-ublock-origin.noarch # An efficient ad blocker for Firefox
+pipewire-alsa # PipeWire media server ALSA support
+pipewire-pulseaudio # PipeWire PulseAudio implementation
+pipewire-jack-audio-connection-kit # PipeWire JACK implementation
 
 %end # End of the packagages section
 
-%post --nochroot --log=/mnt/sysimage/opt/base-desktop-gnome.log # Beginning of %post section. Those commands are executed outside the chroot environment
+%post --nochroot --log=/mnt/sysimage/root/base-desktop-gnome.log # Beginning of %post section. Those commands are executed outside the chroot environment
 
 # cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
 # [org.gnome.desktop.background]

ingredients/base-desktop-virtual-machine-manager.cfg

@@ -1,19 +1,10 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file provides a virtual machine manager, sets it to auto-launch and tweaked it.
-
 %packages --exclude-weakdeps # Beginning of the packages section. Excludes weak package dependencies
 
 virt-manager # Install virt-manager, a graphical front-end for QEMU/KVM
 
 %end
 
-%post --nochroot --log=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log # Beginning of %post section. Those commands are executed outside the chroot environment. Add logging.
+%post --nochroot --log=/mnt/sysimage/root/base-desktop-gnome-virtual-machine-manager.log # Beginning of %post section. Those commands are executed outside the chroot environment. Add logging.
 
 # Create a file to autostart virt-manager
 cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF

ingredients/base-guest-agents.cfg

@@ -1,12 +1,3 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file provides guest-agents, which are useful for virtual machines
-
 %packages --exclude-weakdeps # Beginning of the packages section. Does not include weak dependencies.
 
 qemu-guest-agent # "QEMU guest agent" The qemu-guest agent is unnecessary for a bare-metal system. However, it is included here to cover cases where this kickstart file is used to deploy a virtual machine 

ingredients/base-hypervisor-amdcpu.cfg

@@ -1,13 +1,4 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file preloads the vfio-pci driver for devices that are binded to it, activates IOMMU and enables nested-virtualization for AMD (tm) CPUs
-
-%post --nochroot --log=/mnt/sysimage/opt/base-hypervisor-amdcpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting
+%post --nochroot --log=/mnt/sysimage/root/base-hypervisor-amdcpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting
 
 sed -i 's/\(quiet\)/\1 iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. 
 

ingredients/base-hypervisor-intelcpu.cfg

@@ -1,13 +1,4 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file preloads the vfio-pci driver for devices that are binded to it, activates IOMMU and enables nested-virtualization for Intel(tm) CPUs
-
-%post --nochroot --log=/mnt/sysimage/opt/base-hypervisor-intelcpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting
+%post --nochroot --log=/mnt/sysimage/root/base-hypervisor-intelcpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting
 
 sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB.
 

ingredients/base-hypervisor-intelgpu.cfg

@@ -1,14 +1,4 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file enables vfio-mdev and KVMGT for compatible Intel(tm) graphic cards, allowing a host to create virtual GPUs.
-# The fifth generation of Broadwell-based SoC are compatible, up to the ninth generation (Cannon Lake and Whiskey Lake). Tiger Lake and later SoC based on the new Xe GPU architecture are not compatible, as they use SR/IOV instead.  
-
-%post --nochroot --log=/mnt/sysimage/opt/base-hypervisor-intelgpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installtion troubleshooting
+%post --nochroot --log=/mnt/sysimage/root/base-hypervisor-intelgpu.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installtion troubleshooting
 
 sed -i 's/\(vfio-pci\)/\1 i915.enable_gvt=1/i' /mnt/sysimage/etc/default/grub # Load kernel modules in grub.
 

ingredients/base-hypervisor.cfg

@@ -1,30 +1,28 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file provides a basic, generic building block to build a virtualization host. 
-
-services --enabled="NetworkManager,libvirtd" # Without libvirtd here, it appears the service won't automatically start
+services --enabled="NetworkManager,systemd-resolved,libvirtd" # Without libvirtd here, it appears the service won't automatically start
 
 %packages --exclude-weakdeps # Beginning of the packages section. Does not include weak dependencies.
 
-qemu-kvm
-libvirt
-libvirt-daemon-config-network
-libvirt-daemon-kvm
-# libvirt-daemon-driver-lxc
-virt-install
-virt-top
-libguestfs-tools # Complementary tools useful for interacting with vith guest systems. Could probablby be removed
-python3-libguestfs # Complementary tools useful for interacting with vith guest systems. Could probablby be removed
-guestfs-tools # Complementary tools useful for interacting with vith guest systems. Could probablby be removed
+qemu-kvm # QEMU metapackage for KVM support
+libvirt # Library providing a simple virtualization API
+libvirt-client # Client side utilities of the libvirt library
+libvirt-client-qemu # Additional client side utilities for QEMU. Used to interact with some QEMU specific features of libvirt.
+libvirt-daemon # Server side daemon and supporting files for libvirt library
+libvirt-daemon-common # Miscellaneous files and utilities used by other libvirt daemons
+libvirt-daemon-config-network # Default configuration files for the libvirtd daemon. Provides NAT based networking
+libvirt-daemon-driver-interface # Interface driver plugin for the libvirtd daemon
+libvirt-daemon-driver-network # The network driver plugin for the libvirtd daemon, providing an implementation of the virtual network APIs using the Linux bridge capabilities.
+libvirt-daemon-driver-qemu # QEMU driver plugin for the libvirtd daemon
+libvirt-daemon-kvm # Server side daemon & driver required to run KVM guests
+libvirt-daemon-log # Server side daemon for managing logs
+libvirt-daemon-qemu # Server side daemon and driver required to manage the virtualization capabilities of the QEMU TCG emulators
+libvirt-nss # Libvirt plugin for Name Service Switch
+libvirt-dbus # libvirt D-Bus API binding
+libvirt-daemon-driver-ch # Cloud-Hypervisor driver plugin for libvirtd daemon
+virt-install # Utilities for installing virtual machines
 
 %end # End of the packages section
 
-%post --nochroot --log=/mnt/sysimage/opt/base-hypervisor.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting
+%post --nochroot --log=/mnt/sysimage/root/base-hypervisor.log # Beginning of %post section. Those commands are executed outside the chroot environment. Logging is enabled to help with post-installation troubleshooting
 
 # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
 echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf

ingredients/core-bootloader-systemd-boot.cfg

@@ -1 +1 @@
-bootloader --sdboot --timeout=1 # Use systemd-boot and set a timeout to 1
+bootloader --sdboot --location=mbr --timeout=1 # Use systemd-boot and set a timeout to 1

ingredients/core-fedora-iso-repo-43.cfg

@@ -0,0 +1 @@
+liveimg --url=file:///mnt/iso/LiveOS/squashfs.img

ingredients/core-fedora-repo-43.cfg

@@ -0,0 +1,3 @@
+repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-43&arch=x86_64 # Official Fedora mirror
+repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f43&arch=x86_64 # Official Fedora updates mirror
+url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-43&arch=x86_64 # Official Fedora updates mirror

ingredients/core-fedora-repo-rawhide.cfg

@@ -1,2 +1,2 @@
-repo --name=rawhide --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=$basearch
-url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=$basearch
+repo --name=rawhide --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64
+url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64

ingredients/core-fedora-repo.cfg

@@ -1,3 +0,0 @@
-repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch # Official Fedora mirror
-repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Official Fedora updates mirror
-url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch # Official Fedora updates mirror

ingredients/core-initial-setup-desktop.cfg

@@ -1,4 +1,4 @@
-firstboot --reconfig # Initial Setup will start after the first reboot
+firstboot --enable --reconfig # Initial Setup will start after the first reboot
 
 %packages --exclude-weakdeps # Beginning of the packages section. Do not include weak dependencies.
 

ingredients/core-initial-setup-server.cfg

@@ -1,4 +1,4 @@
-firstboot --reconfig # Enable the Setup Agent to start at boot time in reconfiguration mode. This mode enables the language, mouse, keyboard, root password, security level, time zone, and networking configuration options in addition to the default ones
+firstboot --enable --reconfig # Enable the Setup Agent to start at boot time in reconfiguration mode. This mode enables the language, mouse, keyboard, root password, security level, time zone, and networking configuration options in addition to the default ones
 
 %packages --exclude-weakdeps # Beginning of the packages section. Do not include weak dependencies
 

ingredients/core-locale.cfg

@@ -1,3 +1,3 @@
 keyboard --xlayouts='ch (fr)' # Set keyboard layouts for Romandy
 lang en_US.UTF-8 # Set system language to American English. More languages could be supported: --addsupport=cs_CZ,de_DE,en_UK
-timezone Europe/Paris --utc # Set system timezone to Paris
+timezone Europe/Zurich --utc # Set system timezone to Zurich

ingredients/core-packages-custom.cfg

@@ -1,18 +0,0 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# Provides hand-picked packages
-
-%packages --exclude-weakdeps # Beginning of the package section. Does not include weak dependencies. Description courtesy of the Fedora project
-
-pciutils # PCI bus related utilities
-libusb # Library for accessing USB devices
-usbutils # Linux USB utilities
-wget # An advanced file and recursive website downloader
-nano # A small text editor
-
-%end # End of the packages section

ingredients/core-packages-default.cfg

@@ -1,14 +1,6 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# Provides the default but not necessary packages that are part of the core DNF group
-
 %packages --exclude-weakdeps # Beginning of the package section. Does not include weak dependencies. Description courtesy of the Fedora project
 
+# Default packages fom core dnf group not marked as mandatory (`dnf group info --hidden core`)
 NetworkManager # Network connection manager and user applications
 NetworkManager-config-connectivity-fedora # NetworkManager config file for connectivity checking via Fedora servers
 dnf5-plugins # Plugins for dnf5
@@ -20,4 +12,12 @@ prefixdevname # Udev helper utility that provides network interface naming using
 systemd-resolved # Network Name Resolution manager
 zram-generator-defaults # Default configuration for zram-generator
 
+# Hand-picked packages
+pciutils # PCI bus related utilities
+libusb # Library for accessing USB devices
+usbutils # Linux USB utilities
+curl # transfer a URL
+wget # An advanced file and recursive website downloader
+nano # A small text editor
+
 %end # End of the packages section

ingredients/core-packages-generic.cfg

@@ -1,24 +0,0 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# Provides packages to make Phyllome OS a generic distro
-# It removes Fedora logos to comply with Fedora Remix legal guidelines: https://fedoraproject.org/wiki/Remix 
-
-%packages --exclude-weakdeps # Beginning of the package section. Does not include weak dependencies. Description courtesy of the Fedora project
-
--fedora-logos # Fedora-related icons and pictures
--fedora-release # Fedora release files
--fedora-release-notes # Release Notes
--fedora-release-common # fedora-release-common
--fedora-release-identity-basic # Package providing the basic Fedora identity
-fedora-remix-logos # Fedora Remix logos
-generic-release # Generic release files
-generic-logos # Icons and pictures
-generic-release-common # Generic release files
-generic-release-notes # Release Notes
-
-%end # End of the packages section

ingredients/core-packages-mandatory-trimming-attempt.cfg

@@ -1,48 +0,0 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# Provides the mandatory packages that are part of the core DNF group
-
-%packages --exclude-weakdeps # Beginning of the package section. Does not include weak dependencies. Description courtesy of the Fedora project
-
--audit # User space tools for kernel auditing
-basesystem # The skeleton package which defines a simple Fedora system
-bash # The Bourne Again SHell, a command-line interpreter.
--coreutils # A set of basic GNU tools commonly used in shell scripts
-curl # A utility for getting files from remote servers (FTP, HTTP, and others)
-dhcp-client # Provides the ISC DHCP client daemon and dhclient-script
-dnf5 # Command-line package manager
-dracut # Initramfs generator using udev
--e2fsprogs # Utilities for managing ext2, ext3, and ext4 file systems
-filesystem # The basic directory layout for a Linux system
-glibc # The GNU libc libraries
-hostname # Utility to set/show the host name or domain name
-iproute # Advanced IP routing and network device configuration tools
-iputils # Network monitoring tools including ping
-kbd # Tools for configuring the console (keyboard, virtual terminals, etc.)
-kernel # The Linux kernel
--less # A text file browser similar to more, but better. Can be excluded
--man-db # Tools for searching and reading man pages. Can be excluded
-ncurses # Ncurses support utilities
--openssh-clients # An open source SSH client applications. Can be excluded
--openssh-server # An open source SSH server daemon. Can be excluded
-parted # The GNU disk partition manipulation program
--policycoreutils # SELinux policy core utilities. Can be excluded
-procps-ng # System and process monitoring utilities
-rootfiles # The basic required files for the root user's directory
-rpm # The RPM package management system
--selinux-policy-targeted # SELinux targeted policy. Can be excluded
-setup # A set of system configuration and setup files
-shadow-utils # Utilities for managing accounts and shadow password files
--sssd-common # Common files for the SSSD. Can be excluded
--sssd-kcm # An implementation of a Kerberos KCM server. Can be excluded
--sudo # Allows restricted root access for specified users
-systemd # System and Service Manager
-util-linux # Collection of basic system utilities
--vim-minimal # A minimal version of the VIM editor
-
-%end # End of the packages section

ingredients/core-packages-mandatory.cfg

@@ -10,6 +10,7 @@
 
 %packages --ignoremissing --nocore --exclude-weakdeps # Beginning of the package section. Does not include weak dependencies. Description courtesy of the Fedora project
 
+# Mandatory packages found in hidden `core` group (`dnf group info --hidden core`)
 audit # User space tools for kernel auditing
 basesystem # The skeleton package which defines a simple Fedora system
 bash # The Bourne Again SHell, a command-line interpreter.
@@ -46,4 +47,12 @@ systemd # System and Service Manager
 util-linux # Collection of basic system utilities
 vim-minimal # A minimal version of the VIM editor
 
+# Packages to make Phyllome OS a generic distro
+# Adds packages to comply with Fedora Remix legal guidelines: https://fedoraproject.org/wiki/Remix 
+fedora-remix-logos # Fedora Remix logos
+generic-release # Generic release files
+generic-logos # Icons and pictures
+generic-release-common # Generic release files
+generic-release-notes # Release Notes
+
 %end # End of the packages section

ingredients/core-post-nochroot.cfg

@@ -1,13 +1,3 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# What ? This kickstart file contains scripts made to be launched right after the system has been installed but before the first boot
-# More information: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-6-post-installation-script
-
 %post --nochroot --log=/mnt/sysimage/root/post-nochroot.log # Beginning of the post-installation section. Log all messages to a given file
 
 %end # End of the %post section

ingredients/core-post.cfg

@@ -1,17 +1,6 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# What ? This kickstart file contains scripts made to be launched right after the system has been installed but before the first boot
-# More information: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-6-post-installation-script
-
 %post --log=/mnt/sysimage/root/post.log # Beginning of the post-installation section. Log all messages to a given file
 
 localectl set-keymap ch-fr # Set keymap to `ch-fr`. Alternatively, `us` can be picked.
 dnf update -y # Update the system 
-grub2-mkconfig -o /boot/grub2/grub.cfg # Unsure it is actually useful
 
 %end # End of the %post section

ingredients/core-pre-install.cfg

@@ -1,13 +1,3 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# Script triggered just after the system storage has been set up
-# More information: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-5-pre-install-script
-
 %pre --log=/mnt/sysimage/root/pre-install.log Beginning of the pre-installation section. Log all messages to a given file
 
 %end # End of the %post section

ingredients/core-pre.cfg

@@ -1,13 +1,3 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# Script triggered just after the kickstart file has been parsed
-# More information: https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#chapter-4-pre-installation-script
-
 %pre --log=/mnt/sysimage/root/pre.log Beginning of the pre section. Log all messages to a given file
 
 %end # End of the %post section

ingredients/core-security-off.cfg

@@ -1,3 +1,3 @@
-rootpw --lock --iscrypted locked # Lock the root account. Can still be undone by end-user during initial setup
-selinux --disabled # Disable SELinux ; other option: --enable
-firewall --disabled # Disable firewall
+rootpw --plaintext 1234 --allow-ssh # Root account is enabled with weak password and allow ssh
+selinux --disabled # Disable SELinux
+firewall --enabled --ssh # Reject incoming connections that are not in response to outbound requests except SSH

ingredients/core-security-on.cfg

@@ -1,3 +1,3 @@
-rootpw --lock --iscrypted locked # Lock the root account. Can still be undone by end-user during initial setup
-selinux --enabled # Enable SELinux ; other option: --disabled
+rootpw --lock # No root login from the console
+selinux --enforcing # Set SELinux to enforcing mode
 firewall --enabled # Enable firewall

ingredients/core-services.cfg

@@ -1 +1 @@
-services --enabled=NetworkManager # List of comma-separated systemd services that can be explicitly enabled
+services --enabled=NetworkManager,systemd-resolved # List of comma-separated systemd services that can be explicitly enabled

ingredients/core-storage.cfg

@@ -1,6 +1,6 @@
 zerombr # Destroy all the contents of disks with invalid partition tables or other formatting unrecognizable to the installer
 clearpart --all --initlabel # Erase all partitions and Initializes the disk label to the default for the target architecture
 
-part /boot/efi --fstype="efi" --size=1024 --fsoptions="umask=0077,shortname=winnt" --label=efi # Creates an 1 GB EFI system partition
+part /boot/efi --fstype="efi" --size=2048 --fsoptions="umask=0077,shortname=winnt" --label=efi # Creates a 2 GB EFI system partition
 part /boot --fstype="ext4" --size=512 --label=boot # Creates a 512 MiB ext4 boot partition
-part / --fstype="ext4" --grow --label=root # Create a single root partition with the remaining space
+part / --fstype="ext4" --grow --label=root --mkfsoptions="-O encrypt,fast_commit" # Create a single root partition with the remaining space

ingredients/live-core-bootloader-grub.cfg

@@ -1,10 +1 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart ingredient provides GNU GRUB for live systems
-
 bootloader --location=none --timeout=1 # Set the GNU GRUB bootloader timeout to 1 and to location to none

ingredients/live-core-bootloader-systemd-boot.cfg

@@ -0,0 +1 @@
+bootloader --sdboot --location=none --timeout=1 # Use systemd-boot and set location to none

ingredients/live-core-mandatory-packages.cfg

@@ -1,12 +1,3 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file provides a basic block to build a minimal, live system
-
 %packages # Beginning of the package section. Include weak dependencies. Description courtesy of the Fedora project
 
 @anaconda-tools

ingredients/live-core-post-live-session.cfg

@@ -1,12 +1,3 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart ingredients allows for scripts to be executed after the installations
-
 %post --log=/mnt/sysimage/root/post-live-session.log # Beginning of the post-installation section. Add logging.
 
 # set livesys session type

ingredients/live-core-post.cfg

@@ -1,13 +1,4 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart ingredients allows for scripts to be executed after the installation 
-
-%post --log=/mnt/sysimage/root/post.log # Beginning of the post-installation section. Add logging.
+%post --log=/mnt/sysimage/root/post-live-core.log # Beginning of the post-installation section. Add logging.
 
 # Enable livesys services
 systemctl enable livesys.service

ingredients/live-core-storage.cfg

@@ -1,15 +1,5 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-
-# What ? This kickstart file provides a basic partition layout for live systems, without encryption. 
-
 zerombr # WARNING : Dangerous command ! Will clear the Master Boot Record
 clearpart --all --initlabel # Partition clearing information. This setup uses GPT by default.
-bootloader --timeout=1 # Set the GNU GRUB bootloader timeout to 1
 
 part / --fstype="ext4" --size=5120 # Create a root partition of around 7GB
-part / --size=8576
+part / --size=8576

ingredients/live-core.cfg

@@ -1,12 +1 @@
-#            __          ____                        ____  _____
-#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
-#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
-#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
-#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
-# /_/          /____/
-#
-# What ? This kickstart ingredient defines the installation method for live systems
-
-#text # Undefine an installation mode
-
 poweroff # Shut down the system after a successful installation

recipes/desktop-hypervisor-amdcpu.cfg

@@ -9,17 +9,15 @@
 
 %include ../ingredients/core.cfg # Text mode for automated installation
 %include ../ingredients/core-storage.cfg # Storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-generic.cfg # Make it a generic distribution
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Provides extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Post configuration script
 %include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
 %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment

recipes/desktop-hypervisor-intelcpu-intelgpu.cfg

@@ -10,17 +10,15 @@
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
 %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment

recipes/desktop-hypervisor-intelcpu.cfg

@@ -9,17 +9,15 @@
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
 %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment

recipes/desktop-hypervisor.cfg

@@ -9,17 +9,15 @@
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
 %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment

recipes/desktop.cfg

@@ -5,20 +5,19 @@
 #  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
 # /_/          /____/
 
-# A recipe for a virtual desktop
+# A recipe for a generic desktop hypervisor
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
-%include ../ingredients/core-initial-setup-server.cfg # For headless systems
-%include ../ingredients/base-guest-agents.cfg # Guest agents
+%include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
+%include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment

recipes/live-desktop-hypervisor.cfg

@@ -9,18 +9,16 @@
 
 %include ../ingredients/live-core.cfg # For live systems only
 %include ../ingredients/live-core-storage.cfg # For live systems only
-%include ../ingredients/live-core-bootloader-grub.cfg # GNU GRUB for live systems
+%include ../ingredients/live-core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/live-core-mandatory-packages.cfg # For live systems
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/live-core-post.cfg # Post configuration script for a live system only
 %include ../ingredients/live-core-post-live-session.cfg # Live session script

recipes/live-desktop.cfg

@@ -9,18 +9,16 @@
 
 %include ../ingredients/live-core.cfg # For live systems only
 %include ../ingredients/live-core-storage.cfg # For live systems only
-%include ../ingredients/live-core-bootloader-grub.cfg # GNU GRUB for live systems
+%include ../ingredients/live-core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/live-core-mandatory-packages.cfg # For live systems
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/live-core-post.cfg # Post configuration script for a live system only
 %include ../ingredients/live-core-post-live-session.cfg # Live session script

recipes/live-server-hypervisor.cfg

@@ -9,18 +9,16 @@
 
 %include ../ingredients/live-core.cfg # For live systems only
 %include ../ingredients/live-core-storage.cfg # For live systems only
-%include ../ingredients/live-core-bootloader-grub.cfg # GNU GRUB for live systems
+%include ../ingredients/live-core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/live-core-mandatory-packages.cfg # For live systems
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
 %include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/live-core-post.cfg # Post configuration script for a live system only
 %include ../ingredients/live-core-post-live-session.cfg # Live session script

recipes/live-server.cfg

@@ -9,17 +9,15 @@
 
 %include ../ingredients/live-core.cfg # For live systems only
 %include ../ingredients/live-core-storage.cfg # For live systems only
-%include ../ingredients/live-core-bootloader-grub.cfg # GNU GRUB for live systems
+%include ../ingredients/live-core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/live-core-mandatory-packages.cfg # For live systems
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/live-core-post.cfg # Post configuration script for a live system only
 %include ../ingredients/live-core-post-live-session.cfg # Live session script

recipes/virtual-desktop-hypervisor.cfg

@@ -5,23 +5,22 @@
 #  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
 # /_/          /____/
 
-# A recipe for virtual desktop hypervisor
+# A recipe for a virtual desktop hypervisor
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
 %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment
 %include ../ingredients/base-desktop-virtual-machine-manager.cfg # Virtual Machine Manager
 %include ../ingredients/base-hypervisor.cfg # Base hypervisor
-%include ../ingredients/base-guest-agents.cfg # Guest agents
+%include ../ingredients/base-guest-agents.cfg # Guest agents

recipes/virtual-desktop-hypervisor_devel.cfg

@@ -0,0 +1,23 @@
+#            __          ____                        ____  _____
+#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
+#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
+#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
+#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
+# /_/          /____/
+
+# Unsafe. Development-only. A recipe for a virtual desktop hypervisor
+
+%include ../ingredients/core.cfg # Text mode
+%include ../ingredients/core-storage.cfg # ext4-based storage configuration
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
+%include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
+%include ../ingredients/core-security-off.cfg # Enable root account, disable firewall and SELinux
+%include ../ingredients/core-services.cfg # Required systemd services
+%include ../ingredients/core-network.cfg # Network configuration
+%include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
+%include ../ingredients/core-packages-default.cfg # Default but not necessary packages
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
+%include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment
+%include ../ingredients/base-desktop-virtual-machine-manager.cfg # Virtual Machine Manager
+%include ../ingredients/base-hypervisor.cfg # Base hypervisor
+%include ../ingredients/base-guest-agents.cfg # Guest agents

recipes/virtual-desktop.cfg

@@ -9,17 +9,18 @@
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-on.cfg # Lock root account, enable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
+%include ../ingredients/core-packages-hardware-support.cfg # Extended hardware support 
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/core-post.cfg # Triggered after the installation
 %include ../ingredients/core-initial-setup-desktop.cfg # OEM setup for GNOME Shell
 %include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment
+%include ../ingredients/base-desktop-virtual-machine-manager.cfg # Virtual Machine Manager
+%include ../ingredients/base-hypervisor.cfg # Base hypervisor
 %include ../ingredients/base-guest-agents.cfg # Guest agents

recipes/virtual-desktop_devel.cfg

@@ -5,18 +5,17 @@
 #  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
 # /_/          /____/
 
-# A recipe for a virtual a very small nano server
+# Unsafe. Development-only. A recipe for a virtual desktop
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-systemd-boot.cfg # systemd-boot
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-off.cfg # Enable root account, disable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
-%include ../ingredients/core-packages-mandatory-trimming-attempt.cfg # Trimming attempt for the mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
-%include ../ingredients/core-post.cfg # Triggered after the installation
-%include ../ingredients/core-initial-setup-server.cfg # For headless systems
+%include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
+%include ../ingredients/core-packages-default.cfg # Default but not necessary packages
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
+%include ../ingredients/base-desktop-gnome.cfg # A GNOME Shell-based desktop environment
 %include ../ingredients/base-guest-agents.cfg # Guest agents

recipes/virtual-server-hypervisor_devel.cfg

@@ -5,21 +5,17 @@
 #  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
 # /_/          /____/
 
-# A recipe for a virtual headless hypervisor
+# # Unsafe. Development-only. A recipe for a virtual headless hypervisor
 
 %include ../ingredients/core.cfg # Text mode
 %include ../ingredients/core-storage.cfg # ext4-based storage configuration
-%include ../ingredients/core-bootloader-grub.cfg # GNU GRUB
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
 %include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
-%include ../ingredients/core-security-off.cfg # Lock root account, disable firewall and SELinux
+%include ../ingredients/core-security-off.cfg # Enable root account, disable firewall and SELinux
 %include ../ingredients/core-services.cfg # Required systemd services
 %include ../ingredients/core-network.cfg # Network configuration
 %include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
-%include ../ingredients/core-packages-generic.cfg # Generic
 %include ../ingredients/core-packages-default.cfg # Default but not necessary packages
-%include ../ingredients/core-packages-custom.cfg # Hand-picked packages
-%include ../ingredients/core-fedora-repo.cfg # Offical repositories for Fedora
-%include ../ingredients/core-post.cfg # Triggered after the installation
-%include ../ingredients/core-initial-setup-server.cfg # For headless systems
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
 %include ../ingredients/base-hypervisor.cfg # Base hypervisor
 %include ../ingredients/base-guest-agents.cfg # Guest agents

recipes/virtual-server_devel.cfg

@@ -0,0 +1,20 @@
+#            __          ____                        ____  _____
+#     ____  / /_  __  __/ / /___  ____ ___  ___     / __ \/ ___/
+#    / __ \/ __ \/ / / / / / __ \/ __ `__ \/ _ \   / / / /\__ \
+#   / /_/ / / / / /_/ / / / /_/ / / / / / /  __/  / /_/ /___/ /
+#  / .___/_/ /_/\__, /_/_/\____/_/ /_/ /_/\___/   \____//____/
+# /_/          /____/
+
+# # Unsafe. Development-only. A recipe for a virtual server
+
+%include ../ingredients/core.cfg # Text mode
+%include ../ingredients/core-storage.cfg # ext4-based storage configuration
+%include ../ingredients/core-bootloader-grub.cfg # Set bootloader to GRUB
+%include ../ingredients/core-locale.cfg # System locale set to Swiss French as keyboard layout and English as language
+%include ../ingredients/core-security-off.cfg # Enable root account, disable firewall and SELinux
+%include ../ingredients/core-services.cfg # Required systemd services
+%include ../ingredients/core-network.cfg # Network configuration
+%include ../ingredients/core-packages-mandatory.cfg # Mandatory packages 
+%include ../ingredients/core-packages-default.cfg # Default but not necessary packages
+%include ../ingredients/core-fedora-repo-rawhide.cfg # Offical repositories for Fedora Rawhide
+%include ../ingredients/base-guest-agents.cfg # Guest agents

scripts/core-count.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Get the core count using nproc --all
+core_count=$(nproc --all)
+
+# Check if nproc --all returns a numerical value greater than 2
+if (( core_count < 2 )); then
+  echo "Warning: System has only $core_count core)."
+  echo "The script requires at least four cores"
+  exit 1  # Exit with an error code to indicate the condition is not met
+fi

scripts/deploy-distro.sh

@@ -0,0 +1,168 @@
+#!/bin/bash
+
+# Default values
+DEFAULT_MEMORY=4096
+DEFAULT_DISK_SIZE=10
+
+# Function to find Fedora ISO
+find_fedora_iso() {
+    local iso_dir="/var/lib/libvirt/isos"
+    local fedora_iso=""
+    
+    # Check if directory exists
+    if [ -d "$iso_dir" ]; then
+        # Find the first Fedora-Server*.iso file
+        fedora_iso=$(find "$iso_dir" -maxdepth 1 -name "Fedora-Server*.iso" -type f | head -n 1)
+        
+        # If found, return the full path
+        if [ -n "$fedora_iso" ] && [ -f "$fedora_iso" ]; then
+            echo "$fedora_iso"
+            return 0
+        fi
+    fi
+    
+    # Return empty if no ISO found
+    echo ""
+    return 1
+}
+
+# Prompt user for VM memory size
+read -r -p "Provide desired VM memory in MB or press Enter to keep default value of $DEFAULT_MEMORY MB): " memory_size
+memory_size=${memory_size:-$DEFAULT_MEMORY}
+
+# Validate memory size
+if ! [[ "$memory_size" =~ ^[0-9]+$ ]] || (( memory_size < 2048 )); then
+    echo "Invalid memory size.  Must be a number greater than or equal to 2048. Using default value of $DEFAULT_MEMORY MB."
+    memory_size=$DEFAULT_MEMORY
+fi
+
+# Prompt user for VM disk size
+read -r -p "Provide desired disk size of VM in GB or press Enter to use default disk size of $DEFAULT_DISK_SIZE GB: " disk_size
+disk_size=${disk_size:-$DEFAULT_DISK_SIZE}
+
+# Validate disk size
+if ! [[ "$disk_size" =~ ^[0-9]+$ ]] || (( disk_size < 10 )); then
+    echo "Invalid disk size.  Must be a number greater than or equal to 10 GiB. Using default value of $DEFAULT_DISK_SIZE."
+    disk_size=$DEFAULT_DISK_SIZE
+fi
+
+# Set the choices
+CHOICE_SYSTEM="qemu:///system"
+CHOICE_SESSION="qemu:///session"
+
+# Display the choices to the user
+echo "Please select an option or press Enter to keep default value of $CHOICE_SESSION):"
+echo "1) $CHOICE_SYSTEM (system-based or rootfull virtual machine)"
+echo "2) $CHOICE_SESSION (session-based or rootless virtual machine)"
+
+# Prompt the user for input
+IFS= read -r -p "Enter your choice (1 or 2): " user_choice
+
+# Validate the user's input
+if [[ ! "$user_choice" =~ ^[12]$ ]]; then
+  echo "Invalid choice.  Defaulting to session-based VM."
+  uri="$CHOICE_SESSION"  # Default to session-based if input is invalid
+else
+  # Determine the selected option
+  case "$user_choice" in
+    1)
+      uri="$CHOICE_SYSTEM"
+      ;;
+    2)
+      uri="$CHOICE_SESSION"
+      ;;
+    *)
+      echo "Unexpected error: Invalid choice. This should not happen due to validation."
+      exit 1
+      ;;
+  esac
+
+  # Conditional variable assignment based on URI
+  if [[ "$uri" == "qemu:///system" ]]; then
+    disk_path="/var/lib/libvirt/images/"
+    network_type="default"
+  elif [[ "$uri" == "qemu:///session" ]]; then
+    disk_path="$HOME/.local/share/libvirt/images/"
+    network_type="user"
+  fi
+fi
+
+# Display the selected option (optional)
+echo "You selected: $uri"
+
+# Get a list of files in "dishes" directory
+mapfile -t dish_name < <(find "dishes/" -maxdepth 1 -type f \( -name "virtual*" \) -printf "%f\n" | sed 's/\.[^.]*$//')
+
+# Check if there are any files
+if [ ${#dish_name[@]} -eq 0 ]; then
+  echo "No files found in the directory ../dishes."
+  exit 1
+fi
+
+# Display the files with numbered options
+echo "Available files:"
+for i in "${!dish_name[@]}"; do
+  echo "$((i + 1)). ${dish_name[$i]}"
+done
+
+# Prompt the user to select a file
+read -r -p "Enter the number of the file you want to select: " choice
+
+# Validate the user's choice
+if ! [[ "$choice" =~ ^[0-9]+$ ]] || (( choice < 1 )) || (( choice > ${#dish_name[@]} )); then
+  echo "Invalid choice. Please enter a number from 1 to ${#dish_name[@]}."
+  exit 1
+fi
+
+# Get the selected filename
+vm_name="${dish_name[$((choice - 1))]}"
+
+# Output the selected filename
+echo "You selected: $vm_name"
+
+# Find Fedora ISO or use default location
+fedora_iso=$(find_fedora_iso)
+if [ -n "$fedora_iso" ]; then
+    location_param="$fedora_iso"
+    echo "Using local ISO: $fedora_iso"
+else
+    location_param="https://download.fedoraproject.org/pub/fedora/linux/releases/43/Everything/x86_64/os/"
+    echo "Using default online repository"
+fi
+
+# virt-install command with user-defined VM name
+virt-install \
+    --connect "$uri" \
+    --os-variant fedora41 \
+    --virt-type kvm \
+    --arch x86_64 \
+    --machine q35 \
+    --name "$vm_name" \
+    --boot uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no \
+    --cpu host-model,topology.sockets=1,topology.cores=1,topology.threads=1 \
+    --vcpus 1 \
+    --cpu host-passthrough,cache.mode=passthrough \
+    --memory "$memory_size" \
+    --video virtio \
+    --graphics spice,listen=0.0.0.0 \
+    --channel unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \
+    --autoconsole none \
+    --console pty,target.type=virtio \
+    --sound none \
+    --network type="$network_type",model=virtio \
+    --controller type=virtio-serial \
+    --controller type=usb,model=none \
+    --controller type=scsi,model=virtio-scsi \
+    --input type=keyboard,bus=virtio \
+    --input type=mouse,bus=virtio \
+    --rng /dev/urandom,model=virtio \
+    --tpm none \
+    --iommu model=virtio \
+    --watchdog none \
+    --memballoon none \
+    --disk path="${disk_path}/${vm_name}.img",format=raw,bus=virtio,cache=writeback,size="$disk_size" \
+    --location="$location_param" \
+    --initrd-inject ./dishes/"$vm_name".cfg \
+    --extra-args "inst.ks=file:/$vm_name.cfg" 
+
+echo "virt-install command executed with VM name: $vm_name"

scripts/install-prerequisites-on-linux.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# Check if virt-manager is already installed
+if command -v virt-manager &> /dev/null; then
+  exit 0
+fi
+
+# Detect the Linux distribution
+if [[ -f /etc/os-release ]]; then
+    . /etc/os-release
+    DISTRO="$ID"
+else
+    echo "Unable to determine Linux distribution. Exiting."
+    exit 1
+fi
+
+echo "Detected distribution: $DISTRO"
+
+# Install prerequisites based on distribution
+case "$DISTRO" in
+    ubuntu|debian)
+        echo "Installing prerequisites for Debian/Ubuntu..."
+        apt-get update
+        apt-get install -y qemu-system libvirt-daemon-system virt-manager
+        ;;
+    fedora|rhel|centos)
+        echo "Installing prerequisites for Fedora/RHEL/CentOS..."
+        dnf install -y qemu-kvm libvirt virt-manager
+        ;;
+    arch)
+        echo "Installing prerequisites for Arch Linux..."
+        pacman -S --noconfirm qemu-desktop libvirt virt-manager
+        ;;
+    opensuse-tumbleweed)
+        echo "Installing prerequisites for openSUSE Tumbleweed..."  
+        zypper -n install qemu libvirt virt-manager
+        ;;
+    *)
+        echo "Unsupported distribution: $DISTRO.  Manual installation required."
+        exit 1
+        ;;
+esac
+ 

scripts/system-memory.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# Read the total memory from /proc/meminfo in MiB
+total_memory=$(awk '/MemTotal/ {print $2}' /proc/meminfo)
+
+# Convert to MiB by dividing by 1024 (since MemTotal is in KiB)
+total_memory_mb=$(( total_memory / 1024 ))
+
+if [[ "$total_memory_mb" -lt "4096" ]]; then
+    echo "Not enough RAM: The system has only ${total_memory_mb}MiB of RAM, but at least 4096 is required."
+    exit 1
+fi