Compare commits
8 commits
114d14fc2f
...
89c2339b02
Author | SHA1 | Date | |
---|---|---|---|
89c2339b02 | |||
d8d1909662 | |||
6cf5a0a60c | |||
12913beee3 | |||
f639da06c2 | |||
5da830e227 | |||
2607bcf82e | |||
9434c95c47 |
|
@ -1,9 +1,11 @@
|
|||
[Distribution]
|
||||
Distribution=arch
|
||||
Architecture=x86-64
|
||||
PackageManagerTrees=mkosi.pacman
|
||||
|
||||
[Config]
|
||||
Images=server
|
||||
MinimumVersion=20.2
|
||||
|
||||
[Validation]
|
||||
# Use RSA 2048 keys for wide UEFI compatibility
|
||||
|
|
|
@ -81,4 +81,9 @@ Packages=
|
|||
# Programmable completion for the bash shell
|
||||
bash-completion
|
||||
# Fork of Vim aiming to improve user experience, plugins, and GUIs
|
||||
neovim
|
||||
neovim
|
||||
|
||||
# A utility for reading man pages
|
||||
man-db
|
||||
# Linux man pages
|
||||
man-pages
|
|
@ -1,7 +1,6 @@
|
|||
# based on PKGBUILD of package apparmor
|
||||
|
||||
# setup /etc
|
||||
d /etc/apparmor.d/ 0755 root root
|
||||
d /etc/apparmor/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
# based on PKGBUILD of package audit
|
||||
|
||||
# setup /etc
|
||||
d /etc/audit/ 0755 root root
|
||||
d /etc/audit/plugins.d/ 0755 root root
|
||||
d /etc/audit/rules.d/ 0755 root root
|
||||
|
||||
|
|
|
@ -19,8 +19,8 @@ C /etc/ssl/certs/java/README
|
|||
|
||||
# Compatibility link for OpenSSL using /etc/ssl as CAdir
|
||||
# Used in preference to the individual links in /etc/ssl/certs
|
||||
L /etc/ssl/cert.pem - - - /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
||||
L /etc/ssl/cert.pem - - - - /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
||||
# Compatibility link for legacy bundle (Debian)
|
||||
L /etc/ssl/certs/ca-certificates.crt - - - /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
||||
L /etc/ssl/certs/ca-certificates.crt - - - - /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
||||
# Compatibility link for legacy bundle (RHEL/Fedora)
|
||||
L /etc/ssl/certs/ca-bundle.crt - - - /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
||||
L /etc/ssl/certs/ca-bundle.crt - - - - /etc/ca-certificates/extracted/tls-ca-bundle.pem
|
|
@ -13,7 +13,6 @@ d /etc/profile.d/ 0755 root root
|
|||
|
||||
# copy from factory when missing
|
||||
C /etc/profile.d/locale.sh
|
||||
C /etc/resolv.conf
|
||||
|
||||
# link from factory
|
||||
L+ /etc/arch-release
|
||||
|
@ -21,11 +20,8 @@ L /etc/protocols
|
|||
L /etc/services
|
||||
|
||||
# setup /var
|
||||
d /var/cache/ 0755 root root
|
||||
d /var/local/ 0755 root root
|
||||
d /var/opt/ 0755 root root
|
||||
d /var/log/ 0755 root root
|
||||
d /var/lib/ 0755 root root
|
||||
d /var/lib/misc/ 0755 root root
|
||||
d /var/empty/ 0755 root root
|
||||
d /var/tmp/ 1777 root root
|
||||
|
@ -33,6 +29,4 @@ d /var/spool/mail/ 1777 root root
|
|||
|
||||
# allow setgid games (gid 50) to write scores
|
||||
d /var/games/ 0775 root games
|
||||
L /var/mail/ - - - spool/mail/
|
||||
L /var/run/ - - - /run/
|
||||
L /var/lock/ - - - /run/lock/
|
||||
L /var/mail/ - - - - spool/mail/
|
|
@ -5,7 +5,8 @@ d /etc/iptables/ 0755 root root
|
|||
|
||||
# copy from factory when missing
|
||||
C /etc/ethertypes
|
||||
C /etc/iptables/empty.rules
|
||||
C /etc/iptables/ip6tables.rules
|
||||
C /etc/iptables/iptables.rules
|
||||
C /etc/iptables/simple_firewall.rules
|
||||
|
||||
L /etc/iptables/empty.rules - - - - /usr/share/iptables/empty.rules
|
||||
L /etc/iptables/simple_firewall.rules - - - - /usr/share/iptables/empty.rules
|
|
@ -1,7 +1,4 @@
|
|||
# based on PKGBUILD of package kbd
|
||||
|
||||
# setup /etc
|
||||
d /etc/pam.d/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
C /etc/pam.d/vlock
|
|
@ -0,0 +1,4 @@
|
|||
# based on PKGBUILD of package man-db
|
||||
|
||||
# copy from factory when missing
|
||||
C /etc/man_db.conf
|
|
@ -3,8 +3,6 @@
|
|||
# setup /etc
|
||||
# pam
|
||||
d /etc/security/ 0755 root root
|
||||
# pambase
|
||||
d /etc/pam.d/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
# pam
|
||||
|
|
|
@ -1,8 +1,4 @@
|
|||
# based on PKGBUILD of package polkit
|
||||
|
||||
# setup /etc
|
||||
d /etc/pam.d/ 0755 root root
|
||||
d /etc/polkit-1/rules.d/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
C /etc/pam.d/polit-1
|
||||
d /etc/polkit-1/rules.d/ 0755 root root
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
# setup /etc
|
||||
d /etc/default/ 0755 root root
|
||||
d /etc/pam.d/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
C /etc/login.defs
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
# based on PKGBUILD of package sudo
|
||||
|
||||
# setup /etc
|
||||
d /etc/pam.d/ 0755 root root
|
||||
d /etc/sudoers.d/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
|
|
|
@ -1,10 +1,7 @@
|
|||
# based on PKGBUILD of package systemd
|
||||
|
||||
# setup /etc
|
||||
d /etc/pam.d/ 0755 root root
|
||||
d /etc/binfmt.d/ 0755 root root
|
||||
d /etc/credstore.encrypted/ 0755 root root
|
||||
d /etc/credstore/ 0755 root root
|
||||
d /etc/kernel/ 0755 root root
|
||||
d /etc/kernel/install.d/ 0755 root root
|
||||
d /etc/modules-load.d/ 0755 root root
|
||||
|
@ -17,9 +14,6 @@ d /etc/tmpfiles.d/ 0755 root root
|
|||
d /etc/udev/ 0755 root root
|
||||
d /etc/udev/hwdb.d/ 0755 root root
|
||||
d /etc/udev/rules.d/ 0755 root root
|
||||
d /etc/xdg/ 0755 root root
|
||||
d /etc/xdg/systemd/ 0755 root root
|
||||
d /etc/xdg/systemd/user/ 0755 root root
|
||||
|
||||
# copy from factory when missing
|
||||
C /etc/X11/xinit/xinitrc.d/50-systemd-user.sh
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
# Use systemd-resolved as dns backend (auto-detected)
|
||||
L+ /etc/resolv.conf - - - /run/systemd/resolve/stub-resolv.conf
|
|
@ -233,6 +233,5 @@ cp -af /etc/gnutls/config $ETC_FACTORY_DIR/gnutls/
|
|||
install -d -m0755 $ETC_FACTORY_DIR/modules-load.d/
|
||||
cp -af /etc/modules-load.d/gnutls.conf $ETC_FACTORY_DIR/modules-load.d/
|
||||
|
||||
# copy files provided by package polkit to factory
|
||||
install -d -m0755 $ETC_FACTORY_DIR/pam.d/
|
||||
cp -af /etc/pam.d/polkit-1 $ETC_FACTORY_DIR/pam.d/
|
||||
# copy files provided by package man-db to factory
|
||||
cp -af /etc/man_db.conf $ETC_FACTORY_DIR/
|
|
@ -9,6 +9,7 @@ SplitArtifacts=yes
|
|||
ManifestFormat=json,changelog
|
||||
ImageId=rafeOS
|
||||
SectorSize=4096
|
||||
RepartOffline=yes
|
||||
# For Reproducible Builds
|
||||
Seed=834dd70f55be43cc9934b20fc0b7f7be
|
||||
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
[Partition]
|
||||
Type=root
|
||||
Format=btrfs
|
||||
FactoryReset=true
|
||||
Label=%M-root
|
||||
Encrypt=key-file
|
||||
SizeMinBytes=5G
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
[Partition]
|
||||
Type=swap
|
||||
Format=swap
|
||||
FactoryReset=true
|
||||
Encrypt=key-file
|
||||
SizeMinBytes=1G
|
||||
SizeMaxBytes=4G
|
||||
|
|
|
@ -4,4 +4,5 @@ SplitName=-
|
|||
SizeMinBytes=1G
|
||||
SizeMaxBytes=1G
|
||||
Format=vfat
|
||||
CopyFiles=/efi:/
|
||||
CopyFiles=/efi:/
|
||||
CopyFiles=/boot:/
|
58
mkosi.pacman/etc/pacman.d/mirrorlist
Normal file
58
mkosi.pacman/etc/pacman.d/mirrorlist
Normal file
|
@ -0,0 +1,58 @@
|
|||
################################################################################
|
||||
################# Arch Linux mirrorlist generated by Reflector #################
|
||||
################################################################################
|
||||
|
||||
# With: reflector @/etc/xdg/reflector/reflector.conf
|
||||
# When: 2024-01-25 18:23:11 UTC
|
||||
# From: https://archlinux.org/mirrors/status/json/
|
||||
# Retrieved: 2024-01-25 18:20:02 UTC
|
||||
# Last Check: 2024-01-25 18:01:16 UTC
|
||||
|
||||
Server = https://mirror.selfnet.de/archlinux/$repo/os/$arch
|
||||
Server = https://arch.kurdy.org/$repo/os/$arch
|
||||
Server = https://archlinux.mailtunnel.eu/$repo/os/$arch
|
||||
Server = https://mirror.bethselamin.de/$repo/os/$arch
|
||||
Server = https://mirror.ibakerserver.pt/Arch/$repo/os/$arch
|
||||
Server = https://mirror.cmt.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.sunred.org/archlinux/$repo/os/$arch
|
||||
Server = https://archlinux.homeinfo.de/$repo/os/$arch
|
||||
Server = https://mirror.moson.org/arch/$repo/os/$arch
|
||||
Server = https://pkg.fef.moe/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.fra10.de.leaseweb.net/archlinux/$repo/os/$arch
|
||||
Server = https://mirrors.niyawe.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.23m.com/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.dogado.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.metalgamer.eu/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.netcologne.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.hugo-betrugo.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirrors.jtremesay.org/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.pagenotfound.de/archlinux/$repo/os/$arch
|
||||
Server = https://archlinux.richard-neumann.de/$repo/os/$arch
|
||||
Server = https://ftp.fau.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirrors.n-ix.net/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.f4st.host/archlinux/$repo/os/$arch
|
||||
Server = https://arch.unixpeople.org/$repo/os/$arch
|
||||
Server = https://mirrors.xtom.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.iusearchbtw.nl/$repo/os/$arch
|
||||
Server = https://mirrors.eric.ovh/arch/$repo/os/$arch
|
||||
Server = https://os.codefionn.eu/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.wormhole.eu/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.cyberbits.eu/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.kumi.systems/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.sysa.tech/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.informatik.tu-freiberg.de/arch/$repo/os/$arch
|
||||
Server = https://mirror.clientvps.com/archlinux/$repo/os/$arch
|
||||
Server = https://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch
|
||||
Server = https://ftp.agdsn.de/pub/mirrors/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.its-tps.fr/archlinux/$repo/os/$arch
|
||||
Server = https://arch.yourlabs.org/$repo/os/$arch
|
||||
Server = https://arch.mirror.zachlge.org/$repo/os/$arch
|
||||
Server = https://mirror.ubrco.de/archlinux/$repo/os/$arch
|
||||
Server = https://archlinux.thaller.ws/$repo/os/$arch
|
||||
Server = https://mirrors.celianvdb.fr/archlinux/$repo/os/$arch
|
||||
Server = https://ftp.wrz.de/pub/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.thekinrar.fr/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.oldsql.cc/archlinux/$repo/os/$arch
|
||||
Server = https://dist-mirror.fem.tu-ilmenau.de/archlinux/$repo/os/$arch
|
||||
Server = https://mirrors.gandi.net/archlinux/$repo/os/$arch
|
||||
Server = https://mirror.nekos.host/$repo/os/$arch
|
|
@ -104,8 +104,8 @@ for file in "${IMAGE_ID}-${IMAGE_VARIANT}_$version_string".raw \
|
|||
fi
|
||||
done
|
||||
|
||||
# Delete unneeded files ending in <VERSION>.initrd and <VERSION>.vmlinuz
|
||||
rm -f "${IMAGE_ID}-server_$version_string".{initrd,vmlinuz}
|
||||
# Delete unneeded files
|
||||
rm -f "${IMAGE_ID}-server_$version_string".{initrd,vmlinuz,changelog}
|
||||
|
||||
echo "Calculate SHA256 checksums for all files in the release directory..."
|
||||
sha256sum * > "SHA256SUMS"
|
||||
|
|
Loading…
Reference in a new issue