Since I'm (Sneexy) the only one who actually uses this, it's kind of a waste to try and keep this specific repository existing, especially since the setup here is a mess to keep working whenever bluebuild makes a change.
If you're still interested in my images, I've migrated mine to my repository, bluebuild-custom.
Custom Universal Blue Powered Images, built with BlueBuild. Built by Sernik members for their own use-cases.
This repository by default supports signing.
Repository ran and maintained by @sneexy-boi, owned by @Rexogamer.
Warning
This is an experimental feature, try at your own discretion.
Important
Type IMAGE_NAME=<image_name>
into your console, replacing <image_name>
with an available image found in packages, before running these commands.
To rebase an existing atomic Fedora installation to the latest build:
- First rebase to the unsigned image, to get the proper signing keys and policies installed:
rpm-ostree rebase ostree-unverified-registry:ghcr.io/sernik-tech/$IMAGE_NAME:latest
- Reboot to complete the rebase:
systemctl reboot
- Then rebase to the signed image, like so:
rpm-ostree rebase ostree-image-signed:docker://ghcr.io/sernik-tech/$IMAGE_NAME:latest
- Reboot again to complete the installation
systemctl reboot
The latest
tag will automatically point to the latest build. That build will still always use the Fedora version specified in recipe.yml
, so you won't get accidentally updated to the next major version.
Refer to BlueBuild's "Installing an image based on Universal Blue" to learn how to generate an ISO with the image you want to use.
If you already use a Universal Blue based image, or have podman installed:
IMAGE_NAME=<name of image, from https://github.com/orgs/sernik-tech/packages?repo_name=member-images>
IMAGE_VARIANT=Silverblue
# ^ should match the varient of your image (changes the first time/boot medium installer)
sudo podman run --rm --privileged --volume .:/isogenerator/output --security-opt label=disable --pull=newer \
-e IMAGE_REPO="ghcr.io/sernik-tech" -e IMAGE_NAME="$IMAGE_NAME" -e IMAGE_TAG="latest" -e VARIANT="$IMAGE_VARIANT" \
ghcr.io/ublue-os/isogenerator:40
These images are signed with Sigstore's cosign. You can verify the signature by downloading the cosign.pub
file from this repo and running the following command:
cosign verify --key cosign.pub ghcr.io/sernik-tech/$IMAGE_NAME
Refer to the BlueBuild documentation to learn on how to customize your image.
For more information about the project this repository is based on, check out the Universal Blue homepage and the BlueBuild homepage.
You can refer to both the main BlueBuild GitHub and Universal Blue GitHub if you want to see what more than be done.