From fd4ea2b275fd7b62b89fa05e229671ac33db74a6 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Fri, 19 Jan 2024 18:13:50 -0600 Subject: [PATCH] feat: add ublue-os public signing key to fedora-coreos images Since the fedora-coreos images built here specifically are built with our custom kmod builds of nvidia and zfs, the public signing key should be provided to provide those users the ability to easily import the key as a MOK should they wish to run SecureBoot --- fedora-coreos/Containerfile | 1 + fedora-coreos/install.sh | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/fedora-coreos/Containerfile b/fedora-coreos/Containerfile index c32db33..36e9fa1 100644 --- a/fedora-coreos/Containerfile +++ b/fedora-coreos/Containerfile @@ -9,6 +9,7 @@ ARG NVIDIA_TAG="${NVIDIA_TAG}" ARG ZFS_TAG="${ZFS_TAG}" ARG KMOD_SRC="${KMOD_SRC:-ghcr.io/ublue-os/ucore-kmods:${COREOS_VERSION}}" +COPY --from=${KMOD_SRC} /rpms/kmods/*.rpm /tmp/rpms/ COPY --from=${KMOD_SRC} /rpms/kmods/nvidia/*.rpm /tmp/rpms/nvidia/ COPY --from=${KMOD_SRC} /rpms/kmods/zfs/*.rpm /tmp/rpms/zfs/ diff --git a/fedora-coreos/install.sh b/fedora-coreos/install.sh index 3554b8b..f0559f4 100755 --- a/fedora-coreos/install.sh +++ b/fedora-coreos/install.sh @@ -23,7 +23,9 @@ sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/fedora-cisco-openh264.repo # inspect to see what RPMS we copied in find /tmp/rpms/ -## CONDITIONAL: install ZFS (and sanoid deps) +rpm-ostree install /tmp/rpms/ublue-os-ucore-addons-*.rpm + +## CONDITIONAL: install ZFS if [[ "-zfs" == "${ZFS_TAG}" ]]; then rpm-ostree install pv /tmp/rpms/zfs/*.rpm # for some reason depmod ran automatically with zfs 2.1 but not with 2.2