### Switching to Custom Bootc Image Source: https://context7.com/ublue-os/image-template/llms.txt Instructions on how to switch a running bootc system to use a custom-built container image. It provides examples for switching to a specific image name, a tagged version, and commands to check the status and reboot. ```bash # Switch to your custom image (replace placeholders) sudo bootc switch ghcr.io// # Example with specific user and image sudo bootc switch ghcr.io/myuser/my-custom-bazzite # Switch to specific tag sudo bootc switch ghcr.io/myuser/my-custom-bazzite:stable # Check current status sudo bootc status # Reboot to apply changes systemctl reboot ``` -------------------------------- ### Configure Anaconda Installer for GNOME ISO Source: https://context7.com/ublue-os/image-template/llms.txt This TOML configuration snippet defines settings for the Anaconda installer within a GNOME ISO image. It specifies kickstart content for post-installation scripts and enables/disables specific Anaconda modules to tailor the installation environment. ```toml [customizations.installer.kickstart] contents = """ %post bootc switch --mutate-in-place --transport registry ghcr.io/ublue-os/image-template:latest %end " [customizations.installer.modules] enable = [ "org.fedoraproject.Anaconda.Modules.Storage", "org.fedoraproject.Anaconda.Modules.Runtime" ] disable = [ "org.fedoraproject.Anaconda.Modules.Network", "org.fedoraproject.Anaconda.Modules.Security", "org.fedoraproject.Anaconda.Modules.Services", "org.fedoraproject.Anaconda.Modules.Users", "org.fedoraproject.Anaconda.Modules.Subscription", "org.fedoraproject.Anaconda.Modules.Timezone" ] ``` -------------------------------- ### Customize Image Build Script Source: https://context7.com/ublue-os/image-template/llms.txt A shell script executed during the container build process to install packages, enable system services, and apply configuration files. ```bash #!/bin/bash set -ouex pipefail ### Install packages from Fedora repos dnf5 install -y tmux htop vim neofetch ### Enable system services systemctl enable podman.socket ### Add custom configuration files # cp /ctx/my-config.conf /etc/my-app/config.conf ``` -------------------------------- ### Run Virtual Machines for Testing Source: https://context7.com/ublue-os/image-template/llms.txt Commands to launch virtual machines from built disk images for testing purposes, including support for systemd-vmspawn. ```bash # Run VM from QCOW2 image just run-vm-qcow2 # Run with systemd-vmspawn (alternative VM runner) just spawn-vm rebuild="0" type="qcow2" ram="6G" ``` -------------------------------- ### Generate Bootable Disk Images Source: https://context7.com/ublue-os/image-template/llms.txt Commands to create bootable disk images (QCOW2, RAW, ISO) using Bootc Image Builder. Includes options for rebuilding the container before generating the disk image. ```bash # Build a QCOW2 virtual machine image just build-qcow2 # Build a RAW disk image just build-raw # Build an ISO installer image just build-iso # Rebuild commands (rebuilds container first, then disk image) just rebuild-qcow2 ``` -------------------------------- ### Build Container Images Locally Source: https://context7.com/ublue-os/image-template/llms.txt Commands to build container images locally using Podman and the Just task runner. Supports custom image names and tags. ```bash # Build with default settings (image-template:latest) just build # Build with custom image name and tag just build my-custom-os stable # Check current base image sudo bootc status ``` -------------------------------- ### Utility Commands with Justfile Source: https://context7.com/ublue-os/image-template/llms.txt This section lists various utility commands available through the project's Justfile, designed for code quality checks and repository maintenance. Commands include linting, formatting, syntax checking, cleaning build artifacts, and listing all available commands. ```bash # Lint all bash scripts with shellcheck just lint # Format all bash scripts with shfmt just format # Check Justfile syntax just check # Fix Justfile syntax issues just fix # Clean build artifacts just clean # List all available commands just --list # Example output: # Available recipes: # build target_image tag # Build container image # build-iso target_image tag # Build ISO image # build-qcow2 target_image tag # Build QCOW2 image # build-raw target_image tag # Build RAW image # check # Check Just syntax # clean # Clean repository # fix # Fix Just syntax # format # Format bash scripts # lint # Lint bash scripts # run-vm-iso target_image tag # Run VM from ISO # run-vm-qcow2 target_image tag # Run VM from QCOW2 # run-vm-raw target_image tag # Run VM from RAW ``` -------------------------------- ### GitHub Actions Workflow Configuration Source: https://context7.com/ublue-os/image-template/llms.txt This YAML snippet shows key environment variable configurations within the `.github/workflows/build.yml` file for CI/CD automation. It outlines variables for image description, keywords, logo, name, registry, and default tags, along with triggers for the workflow. ```yaml # .github/workflows/build.yml - Key configuration env: IMAGE_DESC: "My Customized Universal Blue Image" IMAGE_KEYWORDS: "bootc,ublue,universal-blue" IMAGE_LOGO_URL: "https://example.com/logo.png" IMAGE_NAME: "${{ github.event.repository.name }}" IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}" DEFAULT_TAG: "latest" # Build triggers: # - Push to main branch # - Pull requests to main # - Daily schedule (10:05 UTC) # - Manual workflow dispatch # Image tags generated: # - latest # - latest.YYYYMMDD # - YYYYMMDD # - SHA (for pull requests) ``` -------------------------------- ### Configure Disk Image Filesystem Source: https://context7.com/ublue-os/image-template/llms.txt TOML configuration for defining disk image properties such as mount points and minimum partition sizes. ```toml [[customizations.filesystem]] mountpoint = "/" minsize = "20 GiB" ``` -------------------------------- ### Container Signing with Cosign Source: https://context7.com/ublue-os/image-template/llms.txt This section details how to use Cosign for signing container images within the project. It includes commands for generating a key pair, securely storing the private key as a GitHub secret, and adding the public key to the repository for verification. ```bash # Generate a signing key pair (no password for CI usage) COSIGN_PASSWORD="" cosign generate-key-pair # Files created: # - cosign.key (PRIVATE - never commit!) # - cosign.pub (public, safe to commit) # Add private key to GitHub secrets via CLI gh secret set SIGNING_SECRET < cosign.key # Or via GitHub web interface: # Settings -> Secrets and Variables -> Actions # Create new secret named: SIGNING_SECRET # Paste contents of cosign.key # Add public key to repository git add cosign.pub git commit -m "Add Cosign public key" git push ``` -------------------------------- ### S3 Upload Configuration for Disk Images Source: https://context7.com/ublue-os/image-template/llms.txt This bash snippet outlines the necessary GitHub secrets required to configure S3 uploads for distributing disk images via the `build-disk.yml` workflow. It lists secrets for provider, bucket name, access keys, region, and endpoint, along with supported S3 providers via rclone. ```bash # Required GitHub Secrets for S3 upload: gh secret set S3_PROVIDER # e.g., "Cloudflare", "AWS", "DigitalOcean" gh secret set S3_BUCKET_NAME # Your bucket name gh secret set S3_ACCESS_KEY_ID # S3 access key gh secret set S3_SECRET_ACCESS_KEY # S3 secret key gh secret set S3_REGION # e.g., "auto", "us-east-1" gh secret set S3_ENDPOINT # Provider-specific endpoint URL # Supported S3 providers (via rclone): # - AWS S3 # - Cloudflare R2 # - DigitalOcean Spaces # - Backblaze B2 # - MinIO # - And many more: https://rclone.org/s3/ ``` -------------------------------- ### Define Containerfile for Bootc Image Source: https://context7.com/ublue-os/image-template/llms.txt Configures a multi-stage Dockerfile to build a custom bootc image. It uses a context stage to bind build scripts and applies customizations to a base Universal Blue image. ```dockerfile # Allow build scripts to be referenced without being copied into the final image FROM scratch AS ctx COPY build_files / # Base Image - Choose your preferred distribution FROM ghcr.io/ublue-os/bazzite:stable # Run build script with proper caching RUN --mount=type=bind,from=ctx,source=/,target=/ctx \ --mount=type=cache,dst=/var/cache \ --mount=type=cache,dst=/var/log \ --mount=type=tmpfs,dst=/tmp \ /ctx/build.sh # Verify final image RUN bootc container lint ``` -------------------------------- ### Configure GitHub Secrets for Signing Source: https://github.com/ublue-os/image-template/blob/main/README.md Uploads the private signing key to GitHub repository secrets to enable automated image signing. This command requires the GitHub CLI tool. ```bash gh secret set SIGNING_SECRET < cosign.key ``` -------------------------------- ### Check Current System Bootc Status Source: https://github.com/ublue-os/image-template/blob/main/README.md Displays information about the currently running bootc image. This is used to identify the correct base image for the Containerfile. ```bash sudo bootc status ``` -------------------------------- ### Generate Cosign Signing Keys Source: https://github.com/ublue-os/image-template/blob/main/README.md Generates a passwordless key pair for signing container images. This is required for GitHub Actions workflows to successfully build and sign images. ```bash COSIGN_PASSWORD="" cosign generate-key-pair ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.