From 681f3455f59a04c0a2dec24a598494a698fe9743 Mon Sep 17 00:00:00 2001 From: qoijjj <129108030+qoijjj@users.noreply.github.com> Date: Fri, 22 Dec 2023 09:21:59 -0800 Subject: [PATCH] Add bluefin images --- .github/workflows/build.yml | 8 +++++++ README.md | 8 +++++++ config/common/bluefin-packages.yml | 14 +++++++++++ config/common/bluefin-scripts.yml | 3 +++ config/common/common-packages.yml | 2 -- config/common/remove-firefox.yml | 9 ++++++++ .../desktop/recipe-bluefin-main-userns.yml | 20 ++++++++++++++++ .../recipes/desktop/recipe-bluefin-main.yml | 22 ++++++++++++++++++ .../desktop/recipe-bluefin-nvidia-userns.yml | 20 ++++++++++++++++ .../recipes/desktop/recipe-bluefin-nvidia.yml | 22 ++++++++++++++++++ .../desktop/recipe-kinoite-main-userns.yml | 1 + .../recipes/desktop/recipe-kinoite-main.yml | 1 + .../desktop/recipe-kinoite-nvidia-userns.yml | 1 + .../recipes/desktop/recipe-kinoite-nvidia.yml | 1 + .../desktop/recipe-lazurite-main-userns.yml | 1 + .../recipes/desktop/recipe-lazurite-main.yml | 1 + .../desktop/recipe-lazurite-nvidia-userns.yml | 1 + .../desktop/recipe-lazurite-nvidia.yml | 1 + .../desktop/recipe-sericea-main-userns.yml | 1 + .../recipes/desktop/recipe-sericea-main.yml | 1 + .../desktop/recipe-sericea-nvidia-userns.yml | 1 + .../recipes/desktop/recipe-sericea-nvidia.yml | 1 + .../desktop/recipe-silverblue-main-userns.yml | 1 + .../desktop/recipe-silverblue-main.yml | 1 + .../recipe-silverblue-nvidia-userns.yml | 1 + .../desktop/recipe-silverblue-nvidia.yml | 1 + .../recipe-bluefin-main-laptop-userns.yml | 21 +++++++++++++++++ .../laptop/recipe-bluefin-main-laptop.yml | 23 +++++++++++++++++++ .../recipe-bluefin-nvidia-laptop-userns.yml | 21 +++++++++++++++++ .../laptop/recipe-bluefin-nvidia-laptop.yml | 23 +++++++++++++++++++ .../recipe-kinoite-main-laptop-userns.yml | 1 + .../laptop/recipe-kinoite-main-laptop.yml | 1 + .../recipe-kinoite-nvidia-laptop-userns.yml | 1 + .../laptop/recipe-kinoite-nvidia-laptop.yml | 1 + .../recipe-lazurite-main-laptop-userns.yml | 1 + .../laptop/recipe-lazurite-main-laptop.yml | 1 + .../recipe-lazurite-nvidia-laptop-userns.yml | 1 + .../laptop/recipe-lazurite-nvidia-laptop.yml | 1 + .../recipe-sericea-main-laptop-userns.yml | 1 + .../laptop/recipe-sericea-main-laptop.yml | 1 + .../recipe-sericea-nvidia-laptop-userns.yml | 1 + .../laptop/recipe-sericea-nvidia-laptop.yml | 1 + .../recipe-silverblue-main-laptop-userns.yml | 1 + .../laptop/recipe-silverblue-main-laptop.yml | 1 + ...recipe-silverblue-nvidia-laptop-userns.yml | 1 + .../recipe-silverblue-nvidia-laptop.yml | 1 + config/scripts/disabletailscale.sh | 8 +++++++ 47 files changed, 254 insertions(+), 2 deletions(-) create mode 100644 config/common/bluefin-packages.yml create mode 100644 config/common/bluefin-scripts.yml create mode 100644 config/common/remove-firefox.yml create mode 100644 config/recipes/desktop/recipe-bluefin-main-userns.yml create mode 100644 config/recipes/desktop/recipe-bluefin-main.yml create mode 100644 config/recipes/desktop/recipe-bluefin-nvidia-userns.yml create mode 100644 config/recipes/desktop/recipe-bluefin-nvidia.yml create mode 100644 config/recipes/laptop/recipe-bluefin-main-laptop-userns.yml create mode 100644 config/recipes/laptop/recipe-bluefin-main-laptop.yml create mode 100644 config/recipes/laptop/recipe-bluefin-nvidia-laptop-userns.yml create mode 100644 config/recipes/laptop/recipe-bluefin-nvidia-laptop.yml create mode 100644 config/scripts/disabletailscale.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 488e280..b808395 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -45,6 +45,8 @@ jobs: - recipes/desktop/recipe-silverblue-nvidia.yml - recipes/desktop/recipe-kinoite-main.yml - recipes/desktop/recipe-kinoite-nvidia.yml + - recipes/desktop/recipe-bluefin-main.yml + - recipes/desktop/recipe-bluefin-nvidia.yml - recipes/desktop/recipe-lazurite-main.yml - recipes/desktop/recipe-lazurite-nvidia.yml - recipes/desktop/recipe-sericea-main.yml @@ -54,6 +56,8 @@ jobs: - recipes/laptop/recipe-silverblue-nvidia-laptop.yml - recipes/laptop/recipe-kinoite-main-laptop.yml - recipes/laptop/recipe-kinoite-nvidia-laptop.yml + - recipes/laptop/recipe-bluefin-main-laptop.yml + - recipes/laptop/recipe-bluefin-nvidia-laptop.yml - recipes/laptop/recipe-lazurite-main-laptop.yml - recipes/laptop/recipe-lazurite-nvidia-laptop.yml - recipes/laptop/recipe-sericea-main-laptop.yml @@ -67,6 +71,8 @@ jobs: - recipes/desktop/recipe-silverblue-nvidia-userns.yml - recipes/desktop/recipe-kinoite-main-userns.yml - recipes/desktop/recipe-kinoite-nvidia-userns.yml + - recipes/desktop/recipe-bluefin-main-userns.yml + - recipes/desktop/recipe-bluefin-nvidia-userns.yml - recipes/desktop/recipe-lazurite-main-userns.yml - recipes/desktop/recipe-lazurite-nvidia-userns.yml - recipes/desktop/recipe-sericea-main-userns.yml @@ -76,6 +82,8 @@ jobs: - recipes/laptop/recipe-silverblue-nvidia-laptop-userns.yml - recipes/laptop/recipe-kinoite-main-laptop-userns.yml - recipes/laptop/recipe-kinoite-nvidia-laptop-userns.yml + - recipes/laptop/recipe-bluefin-main-laptop-userns.yml + - recipes/laptop/recipe-bluefin-nvidia-laptop-userns.yml - recipes/laptop/recipe-lazurite-main-laptop-userns.yml - recipes/laptop/recipe-lazurite-nvidia-laptop-userns.yml - recipes/laptop/recipe-sericea-main-laptop-userns.yml diff --git a/README.md b/README.md index ad6b741..c55c38c 100644 --- a/README.md +++ b/README.md @@ -60,6 +60,8 @@ For more info on uBlue, check out the [uBlue homepage](https://universal-blue.or ##### desktop - kinoite-main-hardened - kinoite-nvidia-hardened +- bluefin-main-hardened +- bluefin-nvidia-hardened - lazurite-main-hardened - lazurite-nvidia-hardened - silverblue-main-hardened @@ -70,6 +72,8 @@ For more info on uBlue, check out the [uBlue homepage](https://universal-blue.or ##### laptop - kinoite-main-laptop-hardened - kinoite-nvidia-laptop-hardened +- bluefin-main-laptop-hardened +- bluefin-nvidia-laptop-hardened - lazurite-main-laptop-hardened - lazurite-nvidia-laptop-hardened - silverblue-main-laptop-hardened @@ -86,6 +90,8 @@ For more info on uBlue, check out the [uBlue homepage](https://universal-blue.or ##### desktop - kinoite-main-userns-hardened - kinoite-nvidia-userns-hardened +- bluefin-main-userns-hardened +- bluefin-nvidia-userns-hardened - lazurite-main-userns-hardened - lazurite-nvidia-userns-hardened - silverblue-main-userns-hardened @@ -96,6 +102,8 @@ For more info on uBlue, check out the [uBlue homepage](https://universal-blue.or ##### laptop - kinoite-main-laptop-userns-hardened - kinoite-nvidia-laptop-userns-hardened +- bluefin-main-laptop-userns-hardened +- bluefin-nvidia-laptop-userns-hardened - lazurite-main-laptop-userns-hardened - lazurite-nvidia-laptop-userns-hardened - silverblue-main-laptop-userns-hardened diff --git a/config/common/bluefin-packages.yml b/config/common/bluefin-packages.yml new file mode 100644 index 0000000..7f35d7a --- /dev/null +++ b/config/common/bluefin-packages.yml @@ -0,0 +1,14 @@ +type: rpm-ostree +remove: + - gnome-shell-extension-gsconnect + - nautilus-gsconnect + - samba-common-tools + - samba-dcerpc + - samba-ldb-ldap-modules + - samba-winbind + - samba-winbind-clients + - samba-winbind-modules + - samba + - usbmuxd + - cockpit-bridge + - gvfs-afc diff --git a/config/common/bluefin-scripts.yml b/config/common/bluefin-scripts.yml new file mode 100644 index 0000000..9161608 --- /dev/null +++ b/config/common/bluefin-scripts.yml @@ -0,0 +1,3 @@ +type: script +scripts: + - disabletailscale.sh \ No newline at end of file diff --git a/config/common/common-packages.yml b/config/common/common-packages.yml index ee36087..5e32ec2 100644 --- a/config/common/common-packages.yml +++ b/config/common/common-packages.yml @@ -12,8 +12,6 @@ install: - bubblejail remove: - - firefox - - firefox-langpacks - virtualbox-guest-additions - open-vm-tools - open-vm-tools-desktop diff --git a/config/common/remove-firefox.yml b/config/common/remove-firefox.yml new file mode 100644 index 0000000..8f358c6 --- /dev/null +++ b/config/common/remove-firefox.yml @@ -0,0 +1,9 @@ +type: rpm-ostree +remove: + - firefox + - firefox-langpacks + + + + + diff --git a/config/recipes/desktop/recipe-bluefin-main-userns.yml b/config/recipes/desktop/recipe-bluefin-main-userns.yml new file mode 100644 index 0000000..281abe8 --- /dev/null +++ b/config/recipes/desktop/recipe-bluefin-main-userns.yml @@ -0,0 +1,20 @@ +# image will be published to ghcr.io// +name: bluefin-main-userns-hardened +# description will be included in the image's metadata +description: "Bluefin main with some hardening applied" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-bluefin-main.yml b/config/recipes/desktop/recipe-bluefin-main.yml new file mode 100644 index 0000000..808297e --- /dev/null +++ b/config/recipes/desktop/recipe-bluefin-main.yml @@ -0,0 +1,22 @@ +# image will be published to ghcr.io// +name: bluefin-main-hardened +# description will be included in the image's metadata +description: "Bluefin main with some hardening applied" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - from-file: common/disableuserns-packages.yml + - from-file: common/disableuserns-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-bluefin-nvidia-userns.yml b/config/recipes/desktop/recipe-bluefin-nvidia-userns.yml new file mode 100644 index 0000000..81556b7 --- /dev/null +++ b/config/recipes/desktop/recipe-bluefin-nvidia-userns.yml @@ -0,0 +1,20 @@ +# image will be published to ghcr.io// +name: bluefin-nvidia-userns-hardened +# description will be included in the image's metadata +description: "Bluefin nvidia with some hardening applied" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin-nvidia +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-bluefin-nvidia.yml b/config/recipes/desktop/recipe-bluefin-nvidia.yml new file mode 100644 index 0000000..89551dc --- /dev/null +++ b/config/recipes/desktop/recipe-bluefin-nvidia.yml @@ -0,0 +1,22 @@ +# image will be published to ghcr.io// +name: bluefin-nvidia-hardened +# description will be included in the image's metadata +description: "Bluefin nvidia with some hardening applied" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin-nvidia +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - from-file: common/disableuserns-packages.yml + - from-file: common/disableuserns-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-kinoite-main-userns.yml b/config/recipes/desktop/recipe-kinoite-main-userns.yml index 32d36de..fa51086 100644 --- a/config/recipes/desktop/recipe-kinoite-main-userns.yml +++ b/config/recipes/desktop/recipe-kinoite-main-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-kinoite-main.yml b/config/recipes/desktop/recipe-kinoite-main.yml index af538ad..5944745 100644 --- a/config/recipes/desktop/recipe-kinoite-main.yml +++ b/config/recipes/desktop/recipe-kinoite-main.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-kinoite-nvidia-userns.yml b/config/recipes/desktop/recipe-kinoite-nvidia-userns.yml index d471378..5ef15cb 100644 --- a/config/recipes/desktop/recipe-kinoite-nvidia-userns.yml +++ b/config/recipes/desktop/recipe-kinoite-nvidia-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-kinoite-nvidia.yml b/config/recipes/desktop/recipe-kinoite-nvidia.yml index 0d4a0a6..64f3368 100644 --- a/config/recipes/desktop/recipe-kinoite-nvidia.yml +++ b/config/recipes/desktop/recipe-kinoite-nvidia.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-lazurite-main-userns.yml b/config/recipes/desktop/recipe-lazurite-main-userns.yml index e9e01c0..a053883 100644 --- a/config/recipes/desktop/recipe-lazurite-main-userns.yml +++ b/config/recipes/desktop/recipe-lazurite-main-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti diff --git a/config/recipes/desktop/recipe-lazurite-main.yml b/config/recipes/desktop/recipe-lazurite-main.yml index 045eb94..8325f4f 100644 --- a/config/recipes/desktop/recipe-lazurite-main.yml +++ b/config/recipes/desktop/recipe-lazurite-main.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-lazurite-nvidia-userns.yml b/config/recipes/desktop/recipe-lazurite-nvidia-userns.yml index 90b9555..1c6b6cc 100644 --- a/config/recipes/desktop/recipe-lazurite-nvidia-userns.yml +++ b/config/recipes/desktop/recipe-lazurite-nvidia-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-lazurite-nvidia.yml b/config/recipes/desktop/recipe-lazurite-nvidia.yml index 5973da4..0de713a 100644 --- a/config/recipes/desktop/recipe-lazurite-nvidia.yml +++ b/config/recipes/desktop/recipe-lazurite-nvidia.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-sericea-main-userns.yml b/config/recipes/desktop/recipe-sericea-main-userns.yml index 460726d..92dfdab 100644 --- a/config/recipes/desktop/recipe-sericea-main-userns.yml +++ b/config/recipes/desktop/recipe-sericea-main-userns.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-sericea-main.yml b/config/recipes/desktop/recipe-sericea-main.yml index 9c71c7e..da042ed 100644 --- a/config/recipes/desktop/recipe-sericea-main.yml +++ b/config/recipes/desktop/recipe-sericea-main.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-sericea-nvidia-userns.yml b/config/recipes/desktop/recipe-sericea-nvidia-userns.yml index 5bd0865..a2fb935 100644 --- a/config/recipes/desktop/recipe-sericea-nvidia-userns.yml +++ b/config/recipes/desktop/recipe-sericea-nvidia-userns.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-sericea-nvidia.yml b/config/recipes/desktop/recipe-sericea-nvidia.yml index 588c4f3..aa89e3a 100644 --- a/config/recipes/desktop/recipe-sericea-nvidia.yml +++ b/config/recipes/desktop/recipe-sericea-nvidia.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-silverblue-main-userns.yml b/config/recipes/desktop/recipe-silverblue-main-userns.yml index 40eb966..c8d7bbd 100644 --- a/config/recipes/desktop/recipe-silverblue-main-userns.yml +++ b/config/recipes/desktop/recipe-silverblue-main-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-silverblue-main.yml b/config/recipes/desktop/recipe-silverblue-main.yml index 04f1ab0..180c729 100644 --- a/config/recipes/desktop/recipe-silverblue-main.yml +++ b/config/recipes/desktop/recipe-silverblue-main.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/desktop/recipe-silverblue-nvidia-userns.yml b/config/recipes/desktop/recipe-silverblue-nvidia-userns.yml index ec2fad8..aed8e34 100644 --- a/config/recipes/desktop/recipe-silverblue-nvidia-userns.yml +++ b/config/recipes/desktop/recipe-silverblue-nvidia-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - type: yafti \ No newline at end of file diff --git a/config/recipes/desktop/recipe-silverblue-nvidia.yml b/config/recipes/desktop/recipe-silverblue-nvidia.yml index 72fe2e1..fa8e7ac 100644 --- a/config/recipes/desktop/recipe-silverblue-nvidia.yml +++ b/config/recipes/desktop/recipe-silverblue-nvidia.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: common/common-scripts.yml - from-file: common/disableuserns-packages.yml diff --git a/config/recipes/laptop/recipe-bluefin-main-laptop-userns.yml b/config/recipes/laptop/recipe-bluefin-main-laptop-userns.yml new file mode 100644 index 0000000..23b8616 --- /dev/null +++ b/config/recipes/laptop/recipe-bluefin-main-laptop-userns.yml @@ -0,0 +1,21 @@ +# image will be published to ghcr.io// +name: bluefin-main-laptop-userns-hardened +# description will be included in the image's metadata +description: "Bluefin main with some hardening applied, for laptops" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: recipes/laptop/laptop-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/laptop/recipe-bluefin-main-laptop.yml b/config/recipes/laptop/recipe-bluefin-main-laptop.yml new file mode 100644 index 0000000..63f29dc --- /dev/null +++ b/config/recipes/laptop/recipe-bluefin-main-laptop.yml @@ -0,0 +1,23 @@ +# image will be published to ghcr.io// +name: bluefin-main-laptop-hardened +# description will be included in the image's metadata +description: "Bluefin main with some hardening applied, for laptops" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: recipes/laptop/laptop-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - from-file: common/disableuserns-packages.yml + - from-file: common/disableuserns-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/laptop/recipe-bluefin-nvidia-laptop-userns.yml b/config/recipes/laptop/recipe-bluefin-nvidia-laptop-userns.yml new file mode 100644 index 0000000..f2c5ea3 --- /dev/null +++ b/config/recipes/laptop/recipe-bluefin-nvidia-laptop-userns.yml @@ -0,0 +1,21 @@ +# image will be published to ghcr.io// +name: bluefin-nvidia-laptop-userns-hardened +# description will be included in the image's metadata +description: "Bluefin nvidia with some hardening applied, for laptops" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin-nvidia +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: recipes/laptop/laptop-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/laptop/recipe-bluefin-nvidia-laptop.yml b/config/recipes/laptop/recipe-bluefin-nvidia-laptop.yml new file mode 100644 index 0000000..30cc479 --- /dev/null +++ b/config/recipes/laptop/recipe-bluefin-nvidia-laptop.yml @@ -0,0 +1,23 @@ +# image will be published to ghcr.io// +name: bluefin-nvidia-laptop-hardened +# description will be included in the image's metadata +description: "Bluefin nvidia with some hardening applied, for laptops" + +# the base image to build on top of (FROM) and the version tag to use +base-image: ghcr.io/ublue-os/bluefin-nvidia +image-version: 39 + +# list of modules, executed in order +# you can include multiple instances of the same module +modules: + - from-file: common/common-files.yml + - from-file: common/bluefin-packages.yml + - from-file: common/gui-packages.yml + - from-file: common/common-packages.yml + - from-file: common/common-bling.yml + - from-file: recipes/laptop/laptop-bling.yml + - from-file: common/common-scripts.yml + - from-file: common/bluefin-scripts.yml + - from-file: common/disableuserns-packages.yml + - from-file: common/disableuserns-scripts.yml + - type: yafti \ No newline at end of file diff --git a/config/recipes/laptop/recipe-kinoite-main-laptop-userns.yml b/config/recipes/laptop/recipe-kinoite-main-laptop-userns.yml index 42d523b..b568848 100644 --- a/config/recipes/laptop/recipe-kinoite-main-laptop-userns.yml +++ b/config/recipes/laptop/recipe-kinoite-main-laptop-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-kinoite-main-laptop.yml b/config/recipes/laptop/recipe-kinoite-main-laptop.yml index 3fc7057..0100e0a 100644 --- a/config/recipes/laptop/recipe-kinoite-main-laptop.yml +++ b/config/recipes/laptop/recipe-kinoite-main-laptop.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-kinoite-nvidia-laptop-userns.yml b/config/recipes/laptop/recipe-kinoite-nvidia-laptop-userns.yml index 464818e..ec55f37 100644 --- a/config/recipes/laptop/recipe-kinoite-nvidia-laptop-userns.yml +++ b/config/recipes/laptop/recipe-kinoite-nvidia-laptop-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-kinoite-nvidia-laptop.yml b/config/recipes/laptop/recipe-kinoite-nvidia-laptop.yml index 430003d..f60292d 100644 --- a/config/recipes/laptop/recipe-kinoite-nvidia-laptop.yml +++ b/config/recipes/laptop/recipe-kinoite-nvidia-laptop.yml @@ -14,6 +14,7 @@ modules: - from-file: common/kinoite-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-lazurite-main-laptop-userns.yml b/config/recipes/laptop/recipe-lazurite-main-laptop-userns.yml index 6bae8bc..d83eee9 100644 --- a/config/recipes/laptop/recipe-lazurite-main-laptop-userns.yml +++ b/config/recipes/laptop/recipe-lazurite-main-laptop-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-lazurite-main-laptop.yml b/config/recipes/laptop/recipe-lazurite-main-laptop.yml index e1f302b..178f446 100644 --- a/config/recipes/laptop/recipe-lazurite-main-laptop.yml +++ b/config/recipes/laptop/recipe-lazurite-main-laptop.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-lazurite-nvidia-laptop-userns.yml b/config/recipes/laptop/recipe-lazurite-nvidia-laptop-userns.yml index 939bed2..d86d019 100644 --- a/config/recipes/laptop/recipe-lazurite-nvidia-laptop-userns.yml +++ b/config/recipes/laptop/recipe-lazurite-nvidia-laptop-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-lazurite-nvidia-laptop.yml b/config/recipes/laptop/recipe-lazurite-nvidia-laptop.yml index cba2dac..a9dac93 100644 --- a/config/recipes/laptop/recipe-lazurite-nvidia-laptop.yml +++ b/config/recipes/laptop/recipe-lazurite-nvidia-laptop.yml @@ -14,6 +14,7 @@ modules: - from-file: common/gui-packages.yml - from-file: common/lazurite-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-sericea-main-laptop-userns.yml b/config/recipes/laptop/recipe-sericea-main-laptop-userns.yml index 44237a6..d406841 100644 --- a/config/recipes/laptop/recipe-sericea-main-laptop-userns.yml +++ b/config/recipes/laptop/recipe-sericea-main-laptop-userns.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-sericea-main-laptop.yml b/config/recipes/laptop/recipe-sericea-main-laptop.yml index 50c8edc..cdbad73 100644 --- a/config/recipes/laptop/recipe-sericea-main-laptop.yml +++ b/config/recipes/laptop/recipe-sericea-main-laptop.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-sericea-nvidia-laptop-userns.yml b/config/recipes/laptop/recipe-sericea-nvidia-laptop-userns.yml index dafb918..168c1a6 100644 --- a/config/recipes/laptop/recipe-sericea-nvidia-laptop-userns.yml +++ b/config/recipes/laptop/recipe-sericea-nvidia-laptop-userns.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-sericea-nvidia-laptop.yml b/config/recipes/laptop/recipe-sericea-nvidia-laptop.yml index 168656e..d883c93 100644 --- a/config/recipes/laptop/recipe-sericea-nvidia-laptop.yml +++ b/config/recipes/laptop/recipe-sericea-nvidia-laptop.yml @@ -13,6 +13,7 @@ modules: - from-file: common/common-files.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-silverblue-main-laptop-userns.yml b/config/recipes/laptop/recipe-silverblue-main-laptop-userns.yml index b67dc1d..a0223ca 100644 --- a/config/recipes/laptop/recipe-silverblue-main-laptop-userns.yml +++ b/config/recipes/laptop/recipe-silverblue-main-laptop-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-silverblue-main-laptop.yml b/config/recipes/laptop/recipe-silverblue-main-laptop.yml index 7e1855a..95672f9 100644 --- a/config/recipes/laptop/recipe-silverblue-main-laptop.yml +++ b/config/recipes/laptop/recipe-silverblue-main-laptop.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-silverblue-nvidia-laptop-userns.yml b/config/recipes/laptop/recipe-silverblue-nvidia-laptop-userns.yml index 96e5ed2..1fef4f2 100644 --- a/config/recipes/laptop/recipe-silverblue-nvidia-laptop-userns.yml +++ b/config/recipes/laptop/recipe-silverblue-nvidia-laptop-userns.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/recipes/laptop/recipe-silverblue-nvidia-laptop.yml b/config/recipes/laptop/recipe-silverblue-nvidia-laptop.yml index bdeca25..bef03c4 100644 --- a/config/recipes/laptop/recipe-silverblue-nvidia-laptop.yml +++ b/config/recipes/laptop/recipe-silverblue-nvidia-laptop.yml @@ -14,6 +14,7 @@ modules: - from-file: common/silverblue-packages.yml - from-file: common/gui-packages.yml - from-file: common/common-packages.yml + - from-file: common/remove-firefox.yml - from-file: common/common-bling.yml - from-file: recipes/laptop/laptop-bling.yml - from-file: common/common-scripts.yml diff --git a/config/scripts/disabletailscale.sh b/config/scripts/disabletailscale.sh new file mode 100644 index 0000000..be83ad1 --- /dev/null +++ b/config/scripts/disabletailscale.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +# Tell build process to exit if there are any errors. +set -oue pipefail + +echo "Disabling tailscale" +systemctl disable tailscaled +systemctl mask tailscaled