diff options
| author | Philip J Freeman <elektron@halo.nu> | 2026-04-28 22:53:17 -0700 |
|---|---|---|
| committer | Philip J Freeman <elektron@halo.nu> | 2026-04-28 22:53:17 -0700 |
| commit | 69ab83554efb0aaae69fb469d11a8a8faf4b7c45 (patch) | |
| tree | 41b02bf25637673695e4b52976c2430e64e67d89 /hooks | |
| parent | 3f32def2e2a8df3eb0f81597092b375a27765be4 (diff) | |
To: 72f96fb792b373276aded94500e9bb8bb682f60c94d748477a368e16e31fcc09
Diffstat (limited to 'hooks')
| -rwxr-xr-x | hooks/build-os-post/70-cleanup-etc | 18 | ||||
| -rwxr-xr-x | hooks/build-os/20-kernel-boot | 9 | ||||
| -rwxr-xr-x | hooks/build-os/30-packages | 19 |
3 files changed, 42 insertions, 4 deletions
diff --git a/hooks/build-os-post/70-cleanup-etc b/hooks/build-os-post/70-cleanup-etc new file mode 100755 index 0000000..97e2e8b --- /dev/null +++ b/hooks/build-os-post/70-cleanup-etc @@ -0,0 +1,18 @@ +#!/bin/bash -xe +set -o pipefail + +# remove local self-signed snakeoil certificate +find "$root"/etc/ssl/certs -maxdepth 1 -lname ssl-cert-snakeoil.pem -delete +rm -f -- \ + ssl/private/ssl-cert-snakeoil.key \ + ssl/certs/ssl-cert-snakeoil.pem + +# cleanup some additional things in etc +pushd "${root:?}"/etc +rm -f -- \ + resolv.conf \ + group- \ + gshadow- \ + passwd- \ + shadow- + diff --git a/hooks/build-os/20-kernel-boot b/hooks/build-os/20-kernel-boot index 8aca938..8139e46 100755 --- a/hooks/build-os/20-kernel-boot +++ b/hooks/build-os/20-kernel-boot @@ -1,5 +1,10 @@ #!/bin/bash -xe set -o pipefail -chroot "${root:?}" apt-get --assume-yes install firmware-linux grub-efi-amd64 \ - linux-image-amd64 ostree-boot +chroot "${root:?}" apt-get --assume-yes install \ + firmware-atheros \ + firmware-linux \ + firmware-realtek \ + grub-efi-amd64 \ + linux-image-amd64 \ + ostree-boot diff --git a/hooks/build-os/30-packages b/hooks/build-os/30-packages index e4b41a0..ca9d7a1 100755 --- a/hooks/build-os/30-packages +++ b/hooks/build-os/30-packages @@ -1,7 +1,8 @@ #!/bin/bash -xe set -o pipefail -packages=( +installs=( + bash-completion bmaptool btrfs-progs cryptsetup @@ -10,6 +11,7 @@ packages=( e2fsprogs flatpak gnome-core + gnome-software-plugin-flatpak gnome-tweaks lvm2 nethack-console @@ -21,12 +23,25 @@ packages=( systemd-container systemd-homed task-english + task-desktop + task-gnome-desktop + task-laptop + task-ssh-server udev xfsprogs xz-utils zerofree ) -chroot "${root:?}" apt-get -y --no-install-recommends install "${packages[@]}" +purges=( + anacron + chromium + firefox + firefox-esr + ) + + +chroot "${root:?}" apt-get -y install "${installs[@]}" +chroot "${root:?}" apt-get -y purge "${purges[@]}" echo 'kernel.unprivileged_userns_clone=1' > "${root:?}"/etc/sysctl.d/nspawn.conf |