Merge pull request #31 from ohaukeboe/fix-merge-conflict

[pull] main from bluefin-main

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,5 @@
 blank_issues_enabled: true
 contact_links:
   - name: Questions and Feedback
-    url: https://github.com/orgs/ublue-os/discussions/categories/bluefin
+    url: https://universal-blue.discourse.group/c/bluefin/6
     about: Ask a question, share tips, and help others

.github/workflows/build-fedora-toolbox.yml

@@ -85,7 +85,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@v3.1.2
+      - uses: sigstore/cosign-installer@v3.2.0
         if: github.event_name != 'pull_request'
 
       - name: Sign container image

.github/workflows/build-ubuntu-toolbox.yml

@@ -85,7 +85,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@v3.1.2
+      - uses: sigstore/cosign-installer@v3.2.0
         if: github.event_name != 'pull_request'
 
       - name: Sign container image

.github/workflows/build-wolfi-toolbox.yml

@@ -85,7 +85,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@v3.1.2
+      - uses: sigstore/cosign-installer@v3.2.0
         if: github.event_name != 'pull_request'
 
       - name: Sign container image

.github/workflows/build.yml

@@ -184,7 +184,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@v3.1.2
+      - uses: sigstore/cosign-installer@v3.2.0
         if: github.event_name != 'pull_request'
 
       - name: Sign container image

Containerfile

@@ -145,13 +145,11 @@ RUN wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubectx -O /usr
     wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubens -O /usr/bin/kubens && \
     chmod +x /usr/bin/kubectx /usr/bin/kubens
 
-# Install Charm VHS & dependencies
-RUN rpm-ostree install $(curl https://api.github.com/repos/charmbracelet/vhs/releases/latest | jq -r '.assets[] | select(.name| test(".*.x86_64.rpm$")).browser_download_url') && \
-    wget https://github.com/tsl0922/ttyd/releases/latest/download/ttyd.x86_64 -O /tmp/ttyd && \
-    install -c -m 0755 /tmp/ttyd /usr/bin/ttyd
+# Install Charm gum 
+RUN rpm-ostree install $(curl https://api.github.com/repos/charmbracelet/gum/releases/latest | jq -r '.assets[] | select(.name| test(".*.x86_64.rpm$")).browser_download_url') 
 
-# Install Charm gum
-RUN rpm-ostree install $(curl https://api.github.com/repos/charmbracelet/gum/releases/latest | jq -r '.assets[] | select(.name| test(".*.x86_64.rpm$")).browser_download_url')
+# Install Charm glow
+RUN rpm-ostree install $(curl https://api.github.com/repos/charmbracelet/glow/releases/latest | jq -r '.assets[] | select(.name| test(".*.x86_64.rpm$")).browser_download_url') 
 
 # Set up services
 RUN systemctl enable podman.socket && \

README.md

@@ -18,7 +18,7 @@ A familiar(ish) Ubuntu desktop for Fedora Silverblue. It strives to cover these
 # Documentation
 
 1. [Bluefin](https://universal-blue.org/images/bluefin/)
-2. [Discussions and Announcements](https://github.com/orgs/ublue-os/discussions/categories/bluefin) - strongly recommended!
-3. [Developer Experience Edition](https://universal-blue.org/images/bluefin/developer-experience/)
-4. [Administrator's Guide](https://universal-blue.org/images/bluefin/admin/)
+2. [Discussions and Announcements](https://universal-blue.discourse.group/c/bluefin/6) - strongly recommended!
+3. [Developer Experience Edition](https://universal-blue.org/images/bluefin/developer-experience)
+4. [Administrator's Guide](https://universal-blue.discourse.group/docs?topic=40)
 5. [Framework Images](https://universal-blue.org/images/framework/)

just/custom.just

@@ -166,14 +166,32 @@ podmansh:
   sudo cp /usr/share/ublue-os/quadlets/podmansh.container /etc/containers/systemd/users/${UID}/podmansh.container
   sudo usermod $USER --shell /usr/bin/podmansh
   printf "${USER}'s shell is now %s." "$(cat /etc/passwd | grep ":$UID:" | cut '-d:' '-f7')"
+  systemctl --user start podman.socket
+  loginctl enable-linger $(whoami)
+
   podman pull ghcr.io/ublue-os/ubuntu-toolbox:latest
 
   systemctl --user daemon-reload
   systemctl --user stop podmansh.service
   systemctl --user start podmansh.service
-  echo "Shell now switched to podmansh. Spawn a new terminal to get going!"
-  echo "By default, the shell will be Bash. To override it, create ~/.profile with your preferred shell"
-  echo "Note: That shell must exist in the toolbox!"
+
+  @echo "Shell now switched to podmansh. Spawn a new terminal to get going!"
+  @echo "By default, the shell will be Bash. To override it, create ~/.profile with your preferred shell"
+  @echo "Note: That shell must exist in the toolbox!"
+  @echo "To ensure a smooth experience within VSCode, please add the following to your settings.json:"
+  @echo "---"
+  @echo "\"terminal.integrated.profiles.linux\": {"
+  @echo "  \"podmansh zsh\": {"
+  @echo "     \"path\": \"podmansh\","
+  @echo "     \"args\": [\"-c\", \"cd \${workspaceFolder}; exec zsh\"]"
+  @echo "  }"
+  @echo "}"
+  @echo "---"
+  @echo "Please make sure you have the following environment variable set WITHIN the container:"
+  @echo "---"
+  @echo "export DOCKER_HOST=unix:///var/run/podman/podman.sock"
+  @echo "---"
+  @echo "Happy Podmansh'ing!"
 
 # Switch podmansh to another image (EXPERIMENTAL)
 podmansh-switch IMAGE:

usr/lib/sysctl.d/80-inotify.conf

@@ -0,0 +1,2 @@
+fs.inotify.max_user_instances=8192
+fs.inotify.max_user_watches=524288

usr/share/ublue-os/quadlets/podmansh.container

@@ -2,6 +2,14 @@
 Description=The Podmansh container
 After=local-fs.target
 
+[Service]
+# Restart service when sleep finishes
+Restart=always
+# Extend Timeout to allow time to pull the image
+TimeoutStartSec=900
+# Ensure there's a userland podman.sock
+ExecStartPre=/bin/systemctl --user enable podman.socket
+
 [Container]
 Image=ghcr.io/ublue-os/ubuntu-toolbox:latest
 ContainerName=podmansh
@@ -13,35 +21,33 @@ NoNewPrivileges=no
 Exec=sleep infinity
 WorkingDir=%h
 
-Volume=%h:%h
+Volume=/var/home:/var/home
+Volume=/var/home/linuxbrew:/home/linuxbrew
 Volume=/:/run/host:rslave
 Volume=/dev:/dev:rslave
 Volume=/sys:/sys:rslave
 Volume=/tmp:/tmp:rslave
-Volume=/etc/passwd:/etc/passwd:rslave
-Volume=/etc/passwd-:/etc/passwd-:rslave
-Volume=/etc/group:/etc/group:rslave
-Volume=/etc/group-:/etc/group-:rslave
-Volume=/tmp:/tmp:rslave
 Volume=/sys/fs/selinux
 Volume=/etc/selinux:/etc/selinux:rslave
 Volume=/var/log/journal
 Volume=/run/user/%U:/run/user/%U:rslave
-Volume=/etc/hosts:/etc/hosts:ro
-Volume=/etc/resolv.conf:/etc/resolv.conf:ro
+Volume=/etc/hosts:/etc/hosts
+Volume=/etc/resolv.conf:/etc/resolv.conf
+Volume=/run/user/1000/podman/podman.sock:/var/run/podman/podman.sock
 
 Environment=ENV=%h/.profile
 
 PodmanArgs=--env-host
 PodmanArgs=--privileged
 PodmanArgs=--mount=type=devpts,destination=/dev/pts
-PodmanArgs=--userns=host
+PodmanArgs=--userns=keep-id
+PodmanArgs=--group-add=keep-groups 
 PodmanArgs=--ulimit=host
 PodmanArgs=--security-opt=label=disable
-PodmanArgs=--cgroupns=private
+PodmanArgs=--cgroupns=host
 PodmanArgs=--log-level=debug
 
 Annotation=run.oci.keep_original_groups=1
 
 [Install]
-RequiredBy=default.target
+RequiredBy=default.target