Initial commit

.github/workflows/build.yml

@@ -0,0 +1,26 @@
+name: Build the Core image
+
+on:
+  push:
+    branches: [ main ]
+  workflow_dispatch: {}
+  schedule:
+    - cron: '0 4 * * *'
+
+jobs:
+  build:
+    runs-on: [dev, amd64]
+    env:
+      IMAGE: gitea.ceperka.net/cx/core
+      TAG: "43"
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Log in to registry
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login gitea.ceperka.net -u ${{ github.actor }} --password-stdin
+      
+      - name: Build
+        run: docker build -t $IMAGE:$TAG .
+      
+      - name: Push
+        run: docker push $IMAGE:$TAG

Dockerfile

@@ -0,0 +1,10 @@
+FROM quay.io/fedora/fedora-coreos:testing
+
+RUN dnf install -y vim htop duf zstd tmux incus rsync fish parted distrobox qemu lxc fastfetch && dnf clean all
+
+RUN echo "root:1000000:1000000000" > /etc/subgid && \
+    echo "root:1000000:1000000000" > /etc/subuid && \
+    echo "kernel.keys.maxkeys = 2590720" > /etc/sysctl.d/99-sysctl.conf && \
+    echo "fs.inotify.max_user_instances = 1024" >> /etc/sysctl.d/99-sysctl.conf
+
+RUN bootc container lint

config.bu

@@ -0,0 +1,26 @@
+variant: fcos
+version: 1.6.0
+passwd:
+  users:
+    - name: core
+      ssh_authorized_keys:
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGCOv+lN/VqSpxz8mgL0r2ptR6jAnMHcFJvdi2o089cN cx@envy.ceperka.net
+      password_hash: [PASSWORD_HASH]
+storage:
+  filesystems:
+    - device: /dev/mapper/root
+      format: btrfs
+      label: root # This labels is important
+      wipe_filesystem: true # This is needed for reinstallation
+      mount_options:
+      - compress=zstd:1
+  luks:
+  - clevis:
+      tpm2: true
+    key_file:
+      inline: [LUKS_PASSWORD]
+    device: /dev/disk/by-partlabel/root
+    discard: true
+    wipe_volume: true # Also for reinstallation
+    label: luks-root
+    name: root