phyllomeos/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg
2023-12-31 18:33:05 +01:00

344 lines
11 KiB
INI

# Generated by pykickstart v3.47
#version=DEVEL
# Firewall configuration
firewall --enabled --service=mdns
# Keyboard layouts
keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
repo --name="rpmfusion-nonfree" --mirrorlist=https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-$releasever&arch=$basearch --includepkgs="rpmfusion-nonfree-release"
repo --name="rpmfusion-nonfree-updates" --mirrorlist=https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-updates-released-$releasever&arch=$basearch --includepkgs="rpmfusion-nonfree-release"
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --disabled
# System services
services --disabled="sshd" --enabled="NetworkManager,libvirtd"
# System timezone
timezone Europe/Paris --utc
# Use network installation
url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
# X Window System configuration information
xconfig --defaultdesktop=GNOME --startxonboot
# System bootloader configuration
bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --size=7750
part / --fstype="ext4" --size=5120
%post
# Import RPM Fusion PGP Key. Courtesy of https://github.com/rpmfusion/rpmfusion-nonfree-remix-kickstarts/blob/master/rpmfusion-nonfree-live-base.ks
echo "== RPM Fusion Nonfree: Base section =="
echo "Importing RPM Fusion keys"
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-nonfree-fedora-*-primary
echo "List of packages from RPM Fusion Nonfree:"
rpm -qa --qf '%{NAME} %{SIGGPG:pgpsig} %{SIGPGP:pgpsig} \n' | grep -e 3DE8C682E38EE9BC0FDFEA47FCAE2EA87F858107 | awk ' { print $1 } ' | sort
echo "List of incuded RPM Fusion packages with their size:"
rpm -q --qf '%{SIZE} %{NAME}\n' $(rpm -qa --qf '%{NAME} %{SIGGPG:pgpsig} %{SIGPGP:pgpsig} \n' | grep -e 3DE8C682E38EE9BC0FDFEA47FCAE2EA87F858107 | awk ' { print $1 } ') | sort -n
echo
%end
%post
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
# make it so that we don't do writing to the overlay for things which
# are just tmpdirs/caches
# note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
cat >> /etc/fstab << EOF
vartmp /var/tmp tmpfs defaults 0 0
EOF
# work around for poor key import UI in PackageKit
rm -f /var/lib/rpm/__db*
echo "Packages within this LiveCD"
rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn
# Note that running rpm recreates the rpm db files which aren't needed or wanted
rm -f /var/lib/rpm/__db*
# go ahead and pre-make the man -k cache (#455968)
/usr/bin/mandb
# make sure there aren't core files lying around
rm -f /core*
# remove random seed, the newly installed instance should make it's own
rm -f /var/lib/systemd/random-seed
# convince readahead not to collect
# FIXME: for systemd
echo 'File created by kickstart. See systemd-update-done.service(8).' \
| tee /etc/.updated >/var/.updated
# Drop the rescue kernel and initramfs, we don't need them on the live media itself.
# See bug 1317709
rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
# cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
# [org.gnome.desktop.background]
# picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg'
# EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF
[org.gnome.desktop.media-handling]
automount-open=false
autorun-never=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF
[org.gnome.Terminal.Legacy.Profile]
font='DejaVu Sans Mono 12'
use-system-font=false
audible-bell=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF
[org.gnome.desktop.wm.preferences]
button-layout=':minimize,maximize,close'
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF
[org.gnome.desktop.a11y]
always-show-universal-access-status=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF
[org.gnome.desktop.interface]
enable-animations=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF
[org.gnome.desktop.privacy]
remove-old-temp-files=true
remember-recent-files=false
remember-app-usage=false
disable-camera=true
disable-microphone=true
disable-sound-output=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF
[org.gnome.desktop.search-providers]
disable-external=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF
[org.gnome.desktop.notifications.application]
enable-sound-alerts=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF
[org.gnome.desktop.sound]
event-sounds=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF
[org.gnome.desktop.thumbnailers]
disable-all=true
EOF
glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome-virtual-machine-manager.log
# Create a file to autostart virt-manager
cat > /mnt/sysimage/etc/xdg/autostart/virt-manager.desktop << EOF
[Desktop Entry]
Type=Application
Name=Virtual Machine Manager
Exec=virt-manager
EOF
# Modify the default virt-manager behavior for misc. options
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.virt-manager.virt-manager.gschema.override<< EOF
# Modify the default virt-manager behavior for misc. options
[org.virt-manager.virt-manager]
xmleditor-enabled=true
manager-window-height=600
manager-window-width=200
# Libvirt URIs listed in the manager window
[org.virt-manager.virt-manager.connections]
uris=['qemu:///system', 'qemu:///session']
autoconnect=['qemu:///session']
# Show usage in the domain list
[org.virt-manager.virt-manager.vmlist-fields]
cpu-usage=false
# Settings related to statistics
[org.virt-manager.virt-manager.stats]
update-interval=3
enable-disk-poll=true
enable-memory-poll=true
enable-net-poll=true
# Default behavior for the console
[org.virt-manager.virt-manager.console]
scaling=2
resize-guest=1
autoconnect=false
# Do not show toolbar
[org.virt-manager.virt-manager.details]
show-toolbar=false
# Modify default values for new VMs
[org.virt-manager.virt-manager.new-vm]
storage-format='raw'
cpu-default='host-model'
graphics-type='spice'
# Modify the default virt-manager behavior for confirmation dialogues
[org.virt-manager.virt-manager.confirm]
forcepoweroff=false
removedev=false
unapplied-dev=false
EOF
glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
echo "vfio" > /mnt/sysimage/etc/modules-load.d/vfio.conf
echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
mkdir /mnt/sysimage/var/lib/libvirt/isos # Create a directory to store iso images. SELinux is already taking this one into account.
# wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/isos/ # fetch netboot.xyz iso and store it to the newly created iso directory
# # virsh commands fail in a kickstart environment (chroot or not it seems). would need to fetch a script and execute post-launch with a delay, for example using a systemd unit
# virsh pool-define-as isos dir - - - - /mnt/sysimage/var/lib/libvirt/isos/ # Make libvirt aware of this new directory by creating a so-called 'pool'.
# virsh pool-build isos # Build the pool
# virsh pool-start isos # Start it
# virsh pool-autostart isos # Set-it to autostart
# fetch custom script and make it executable
# wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
# chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh
# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/linux.xml
# virsh define linux.xml
# wget https://raw.githubusercontent.com/PhyllomeOS/xml-definition-for-domains/main/xml/system/windows.xml
# virsh define windows.xml
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelcpu.log
sed -i 's/\(quiet\)/\1 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB.
echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-intelgpu.log
sed -i 's/\(vfio-pci\)/\1 i915.enable_gvt=1/i' /mnt/sysimage/etc/default/grub # Load kernel modules in grub.
# Load extra kernel modules to enable vfio-mdev on selected hardware
echo "kvmgt" > /mnt/sysimage/etc/modules-load.d/kvmgt.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm)
echo "vfio-mdev" > /mnt/sysimage/etc/modules-load.d/vfio-mdev.conf # Load specific kernel modules kvmgt and vfio-mdev, for Intel (tm) GVT-g and Nvidia (tm)
%end
%packages --exclude-weakdeps
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
guestfs-tools
kernel
kernel-modules
kernel-modules-extra
libguestfs-tools
libusb
libvirt
libvirt-daemon-config-network
libvirt-daemon-kvm
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
python3-libguestfs
qemu-kvm
usbutils
virt-install
virt-manager
virt-top
wget
wpa_supplicant
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end