openSUSE/Leap
SHA256
5
0
Fork 2
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial import of kiwi from LEAPM 6.0

Browse Source
This commit is contained in:
Lubos Kocman 2024-05-22 11:17:43 +02:00
commit c22ed7a716
7 changed files with 1205 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
LICENSE Normal file
View File

@ -0,0 +1,17 @@
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

4
Leap.changes Normal file
View File

@ -0,0 +1,4 @@
-------------------------------------------------------------------
Wed May 22 09:17:12 UTC 2024 - Lubos Kocman <lubos.kocman@suse.com>
- Initial version based on LEAPM 6.0

776
Leap.kiwi Normal file
View File

@ -0,0 +1,776 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- OBS-Profiles: @BUILD_FLAVOR@ -->
<!-- OBS-Milestone: %current_milestone -->
<!-- OBS-BcntSyncTag: Leap-Micro -->
<image schemaversion="7.5" name="openSUSE-Leap-Micro" displayname="openSUSE Leap">
<description type="system">
<author>openSUSE</author>
<contact>crc@suse.com</contact>
<specification>openSUSE Leap Micro</specification>
</description>
<profiles>
<!-- Profiles used as dependencies of actual image profiles -->
<!-- Flavors -->
<profile name="full" description="openSUSE Leap Micro as KVM and Container host"/>
<profile name="container-host" description="openSUSE Leap Micro as Container host"/>
<profile name="ecs_anywhere" description="Amazon ECS Anywhere support"/>
<!-- Platforms - support profiles -->
<profile name="bootloader" description="Bootloader files for x86_64 and aarch64"/>
<profile name="self_install" description="Self Installing ISO media"/>
<!-- Platforms -->
<profile name="x86" description="Raw disk for x86_64 - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-vmware" description="Raw disk for x86_64 - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-encrypted" description="Raw disk for x86_64 - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-self_install" description="Raw disk for x86_64 - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="aarch64-self_install" description="Raw disk for aarch64" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-legacy" description="Raw disk for x86_64 - legacy boot" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-rt" description="Raw disk for x86_64 with RT kernel - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-rt-encrypted" description="Raw disk for x86_64 with RT kernel - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-rt-self_install" description="Raw disk for x86_64 with RT kernel - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="rpi" description="Raw disk for Raspberry Pi" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="x86-qcow" description="qcow2 for x86_64 - uEFI" arch="x86_64">
<requires profile="bootloader"/>
</profile>
<profile name="aarch64-qcow" description="qcow2 for aarch64 - uEFI" arch="aarch64">
<requires profile="bootloader"/>
</profile>
<profile name="s390-kvm" description="Raw disk for s390 - DASD" arch="s390x">
<requires profile="bootloader"/>
</profile>
<profile name="s390-dasd" description="Raw disk for s390 - DASD" arch="s390x">
<requires profile="bootloader"/>
</profile>
<profile name="s390-fba" description="Raw disk for s390 - DASD" arch="s390x">
<requires profile="bootloader"/>
</profile>
<!-- Images (flavor + platform) -->
<profile name="Default" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86"/>
</profile>
<profile name="Base" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86"/>
</profile>
<profile name="Default-VMware" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-vmware"/>
</profile>
<profile name="Base-VMware" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-vmware"/>
</profile>
<profile name="Default-encrypted" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-encrypted"/>
</profile>
<profile name="Base-encrypted" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-encrypted"/>
</profile>
<profile name="Base-RT-encrypted" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-rt-encrypted"/>
</profile>
<profile name="Default-SelfInstall" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot - SelfInstall" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Base-SelfInstall" description="openSUSE Leap Micro with Podman as raw image with uEFI boot - SelfInstall" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-SelfInstall" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot - SelfInstall" arch="aarch64">
<requires profile="full"/>
<requires profile="aarch64-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Base-SelfInstall" description="openSUSE Leap Micro with Podman as raw image with uEFI boot - SelfInstall" arch="aarch64">
<requires profile="container-host"/>
<requires profile="aarch64-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="ECS-Anywhere" description="openSUSE Leap Micro with Podman and ECS Anywhere packagesas raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
<requires profile="ecs_anywhere"/>
<requires profile="x86"/>
</profile>
<profile name="ECS-Anywhere-SelfInstall" description="openSUSE Leap Micro with Podman and ECS Anywhere packages as raw image with uEFI boot - SelfInstall" arch="x86_64">
<requires profile="full"/>
<requires profile="ecs_anywhere"/>
<requires profile="x86-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot" arch="aarch64">
<requires profile="full"/>
<requires profile="rpi"/>
</profile>
<profile name="Base" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="aarch64">
<requires profile="container-host"/>
<requires profile="rpi"/>
</profile>
<profile name="Base-RT" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-rt"/>
</profile>
<profile name="Base-RT-SelfInstall" description="openSUSE Leap Micro with Podman as raw image with uEFI boot - SelfInstall" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-rt-self_install"/>
<requires profile="self_install"/>
</profile>
<profile name="Default-qcow" description="openSUSE Leap Micro with Podman and KVM as raw image for KVM on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-kvm"/>
</profile>
<profile name="Base-qcow" description="openSUSE Leap Micro with Podman as raw image for KVM on System z" arch="s390x">
<requires profile="container-host"/>
<requires profile="s390-kvm"/>
</profile>
<profile name="Default-dasd" description="openSUSE Leap Micro with Podman and KVM as raw image for KVM on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-dasd"/>
</profile>
<profile name="Base-dasd" description="openSUSE Leap Micro with Podman as raw image for KVM on System z" arch="s390x">
<requires profile="container-host"/>
<requires profile="s390-dasd"/>
</profile>
<profile name="Default-fba" description="openSUSE Leap Micro with Podman and KVM as raw image for KVM on System z" arch="s390x">
<requires profile="full"/>
<requires profile="s390-fba"/>
</profile>
<profile name="Base-fba" description="openSUSE Leap Micro with Podman as raw image for KVM on System z" arch="s390x">
<requires profile="container-host"/>
<requires profile="s390-fba"/>
</profile>
<profile name="Default-legacy" description="openSUSE Leap Micro with Podman as raw image with legacy boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-legacy"/>
</profile>
<profile name="Default-qcow" description="openSUSE Leap Micro with Podman and KVM as raw image with uEFI boot" arch="x86_64">
<requires profile="full"/>
<requires profile="x86-qcow"/>
</profile>
<profile name="Base-qcow" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="x86_64">
<requires profile="container-host"/>
<requires profile="x86-qcow"/>
</profile>
<profile name="Default-qcow" description="openSUSE Leap Micro with Podman and KMV as raw image with uEFI boot" arch="aarch64">
<requires profile="full"/>
<requires profile="aarch64-qcow"/>
</profile>
<profile name="Base-qcow" description="openSUSE Leap Micro with Podman as raw image with uEFI boot" arch="aarch64">
<requires profile="container-host"/>
<requires profile="aarch64-qcow"/>
</profile>
</profiles>
<preferences profiles="x86-encrypted,x86-rt-encrypted">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
initrd_system="dracut"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
luks_version="luks2"
luks="1234"
luks_randomize="false"
luks_pbkdf="pbkdf2"
>
<luksformat>
<option name="--cipher" value="aes"/>
</luksformat>
<bootloader name="grub2" console="gfxterm" use_disk_password="true" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/i386-pc"/>
<volume name="boot/grub2/x86_64-efi" mountpoint="boot/grub2/x86_64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">4</size>
</type>
</preferences>
<preferences profiles="x86,x86-rt">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
initrd_system="dracut"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2" console="gfxterm" timeout="3"/>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/i386-pc"/>
<volume name="boot/grub2/x86_64-efi" mountpoint="boot/grub2/x86_64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="x86-self_install,x86-rt-self_install">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
initrd_system="dracut"
installiso="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2" console="gfxterm" timeout="3" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/i386-pc"/>
<volume name="boot/grub2/x86_64-efi" mountpoint="boot/grub2/x86_64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="rpi">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
initrd_system="dracut"
installiso="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
fsmountoptions="noatime"
firmware="uefi"
kernelcmdline="console=ttyS0,115200n8 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
efipartsize="128"
editbootinstall="editbootinstall_rpi.sh"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="false"
disk_start_sector="4096"
>
<bootloader name="grub2" console="gfxterm" timeout="3" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="aarch64-self_install">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
initrd_system="dracut"
installiso="true"
filesystem="btrfs"
installboot="install"
install_continue_on_timeout="false"
firmware="uefi"
efipartsize="128"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
disk_start_sector="4096"
>
<bootloader name="grub2" console="gfxterm" timeout="3" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
</type>
</preferences>
<preferences profiles="s390-kvm">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext2"
initrd_system="dracut"
format="qcow2"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2_s390x_emu" timeout="3" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/s390x-emu" mountpoint="boot/grub2/s390x-emu"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">32</size>
</type>
</preferences>
<preferences profiles="s390-dasd">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext2"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
target_blocksize="4096"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2_s390x_emu" console="serial" timeout="3" targettype="CDL" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/s390x-emu" mountpoint="boot/grub2/s390x-emu"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">5</size>
</type>
</preferences>
<preferences profiles="s390-fba">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
filesystem="btrfs"
bootpartition="true"
bootpartsize="300"
bootfilesystem="ext2"
initrd_system="dracut"
kernelcmdline="hvc_iucv=8 TERM=dumb security=selinux selinux=1 quiet"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2_s390x_emu" console="serial" timeout="3" targettype="FBA"/>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/s390x-emu" mountpoint="boot/grub2/s390x-emu"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">5</size>
</type>
</preferences>
<preferences profiles="x86-vmware">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
filesystem="btrfs"
format="vmdk"
firmware="uefi"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2" console="gfxterm" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/i386-pc"/>
<volume name="boot/grub2/x86_64-efi" mountpoint="boot/grub2/x86_64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">24</size>
<machine memory="1024" HWversion="10" guestOS="suse-64"/>
</type>
</preferences>
<preferences profiles="x86-qcow">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
format="qcow2"
filesystem="btrfs"
firmware="uefi"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=qemu"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<bootloader name="grub2" console="gfxterm" timeout="3" />
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<!-- on tmpfs jsc#SMO-2 <volume name="tmp"/> -->
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/i386-pc"/>
<volume name="boot/grub2/x86_64-efi" mountpoint="boot/grub2/x86_64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">32</size>
</type>
</preferences>
<preferences profiles="aarch64-qcow">
<version>16.0</version>
<packagemanager>zypper</packagemanager>
<bootsplash-theme>openSUSE</bootsplash-theme>
<bootloader-theme>openSUSE</bootloader-theme>
<rpm-excludedocs>true</rpm-excludedocs>
<locale>en_US</locale>
<type
image="oem"
format="qcow2"
filesystem="btrfs"
firmware="uefi"
efipartsize="128"
kernelcmdline="console=ttyS0,115200 console=tty0 security=selinux selinux=1 quiet net.ifnames=0 ignition.platform.id=qemu"
bootpartition="false"
bootkernel="custom"
devicepersistency="by-uuid"
btrfs_root_is_snapshot="true"
btrfs_root_is_readonly_snapshot="true"
btrfs_quota_groups="true"
>
<systemdisk>
<volume name="home"/>
<volume name="root"/>
<volume name="opt"/>
<volume name="srv"/>
<volume name="boot/grub2/arm64-efi" mountpoint="boot/grub2/arm64-efi"/>
<volume name="boot/writable"/>
<volume name="usr/local"/>
<volume name="var" copy_on_write="false"/>
</systemdisk>
<size unit="G">20</size>
</type>
</preferences>
<repository type="rpm-md" >
<source path='obsrepositories:/'/>
</repository>
<packages type="image" profiles="full">
<namedCollection name="base_transactional"/>
<package name="patterns-base-transactional"/>
<namedCollection name="salt_minion"/>
<package name="patterns-base-salt_minion"/>
<namedCollection name="kvm_host"/>
<package name="patterns-base-kvm_host"/>
<package name="lzop"/>
<namedCollection name="container_runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<namedCollection name="cockpit"/>
<package name="patterns-base-cockpit"/>
<namedCollection name="selinux"/>
<package name="patterns-base-selinux"/>
<package name="suseconnect-ng"/>
<package name="Leap-Micro-release"/>
<package name="grub2-branding-openSUSE" arch="x86_64,aarch64"/>
<package name="systemd-default-settings-branding-SLE-Micro"/>
<package name="firewalld"/>
<package name="wpa_supplicant" arch="x86_64,aarch64"/>
<package name="libpwquality-tools"/>
<package name="k3s-install"/>
</packages>
<packages type="image" profiles="x86-encrypted,x86-rt-encrypted">
<!-- full disk encryption stuff -->
<package name="device-mapper"/>
<package name="cryptsetup"/>
<package name="system-user-tss"/>
<package name="libtss2-fapi1"/>
<package name="libtss2-tcti-device0"/>
<package name="tpm2.0-tools"/>
<package name="tpm2-0-tss"/>
<package name="fde-firstboot"/>
</packages>
<packages type="image" profiles="container-host">
<namedCollection name="base_transactional"/>
<package name="patterns-base-transactional"/>
<namedCollection name="container_runtime_podman"/>
<package name="patterns-container-runtime_podman"/>
<namedCollection name="cockpit"/>
<package name="patterns-base-cockpit"/>
<namedCollection name="selinux"/>
<package name="patterns-base-selinux"/>
<package name="suseconnect-ng"/>
<package name="Leap-Micro-release"/>
<package name="grub2-branding-openSUSE" arch="x86_64,aarch64"/>
<package name="systemd-default-settings-branding-SLE-Micro"/>
<package name="firewalld"/>
<package name="libpwquality-tools"/>
</packages>
<packages type="image" profiles="ecs_anywhere">
<package name="amazon-ssm-agent"/>
<package name="amazon-ecs-init"/>
<package name="aws-cli"/>
<package name="docker"/>
</packages>
<!-- Ignition / Combustion everywhere, cloud-init only in selected images
<packages type="image" profiles="aarch64-self_install,rpi,s390-dasd,s390-fba,s390-kvm,x86,x86-encrypted,x86-legacy,x86-rt,x86-rt-encrypted,x86-rt-self_install,x86-self_install"> -->
<packages type="image">
<package name="ignition"/>
<package name="combustion &gt;= 1.2"/> <!-- New firstboot mechanism -->
<package name="openSUSE-repos"/> <!-- New default repo definitions for LeapMicro 6.X -->
<package name="jeos-firstboot"/>
<package name="systemd-status-mail"/> <!-- Adds email notification screen to jeos-firstboot -->
</packages>
<packages type="image" profiles="x86-qcow,x86-vmware,aarch64-qcow">
<package name="cloud-init"/>
<package name="cloud-init-config-suse"/>
</packages>
<packages type="image">
<namedCollection name="base_transactional"/>
<package name="patterns-base-transactional"/>
<namedCollection name="hardware"/>
<package name="patterns-base-hardware"/>
<package name="grub2"/>
<package name="glibc-locale-base"/>
<package name="ca-certificates"/>
<package name="Leap-Micro-release"/>
<package name="systemd-default-settings-branding-SLE-Micro"/>
<package name="firewalld"/>
<package name="NetworkManager-tui"/>
<package name="growpart-generator"/>
<package name="suse-build-key"/>
<!-- for debugging -->
<package name="less"/>
<package name="vim-small"/>
<namedCollection name="micro_defaults"/>
<package name="patterns-micro-defaults"/>
<package name="NetworkManager"/>
<package name="NetworkManager-branding-openSUSE"/>
<package name="ModemManager"/>
<!-- FIXME does not build without control file which is obsolete
<package name="live-add-yast-repos"/> -->
<package name="parted"/> <!-- seems missing to deploy the image -->
</packages>
<packages type="image" profiles="bootloader">
<package name="grub2-i386-pc" arch="x86_64"/>
<package name="grub2-x86_64-efi" arch="x86_64"/>
<package name="grub2-arm64-efi" arch="aarch64"/>
<package name="grub2-s390x-emu" arch="s390x"/>
<package name="grub2-branding-openSUSE" bootinclude="true" arch="x86_64,aarch64"/>
<package name="grub2-snapper-plugin"/>
<package name="shim" arch="x86_64,aarch64"/>
<package name="mokutil" arch="x86_64,aarch64"/>
<!-- obsoleted by kiwi-settings
<package name="kpartx" arch="s390x"/>--> <!-- previous releases picked it always, now kiwi picks partx instead -->
</packages>
<!-- rpi kernel-default-base does not provide all necessary drivers -->
<packages type="image" profiles="x86,x86-encrypted,x86-legacy,x86-self_install,x86-vmware,x86-qcow,aarch64-qcow,s390-kvm,s390-dasd,s390-fba">
<package name="kernel-default"/>
<package name="kernel-firmware-all"/>
</packages>
<packages type="image" profiles="x86-rt,x86-rt-self_install,x86-rt-encrypted">
<package name="kernel-rt"/>
<package name="kernel-firmware-all"/>
<!-- FIXME intentionally removed from ALP code stream
<package name="cpuset"/> -->
</packages>
<!-- makes the image build, but also include kernel-default
<packages type="image" profiles="x86-rt-encrypted">
<package name="kernel-default-extra"/>
</packages> -->
<packages type="image" profiles="s390-kvm,s390-dasd,s390-fba">
<package name="dracut-kiwi-oem-repart"/>
<package name="blog"/>
</packages>
<packages type="image" profiles="x86,x86-encrypted,x86-rt-encrypted,x86-self_install,x86-legacy,x86-vmware,x86-rt,x86-rt-self_install,x86-qcow,aarch64-qcow,rpi,aarch64-self_install">
<package name="dracut-kiwi-oem-repart"/>
<package name="dracut-kiwi-oem-dump"/>
</packages>
<packages type="image" profiles="rpi,aarch64-self_install">
<package name="raspberrypi-firmware" arch="aarch64"/>
<package name="raspberrypi-firmware-config" arch="aarch64"/>
<package name="raspberrypi-firmware-dt" arch="aarch64"/>
<package name="u-boot-rpiarm64" arch="aarch64"/>
<package name="dracut-kiwi-oem-repart"/>
<package name="bcm43xx-firmware"/>
<package name="kernel-firmware-all"/><!-- Fix choice between kernel-firmware and kernel-firmware-all -->
<package name="wireless-regdb"/>
<package name="wireless-tools"/>
<package name="wpa_supplicant"/>
<package name="grub2-arm64-efi"/>
<!-- kernel-default-base does not have all required drivers -->
<package name="kernel-default"/>
</packages>
<packages type="bootstrap">
<package name="filesystem"/>
</packages>
<!-- bsc#1221936 -->
<packages type="image" profiles="x86-vmware">
<package name="open-vm-tools"/>
</packages>
<!-- bsc#1221727-->
<packages type="image" profiles="x86-qcow,aarch64-qcow">
<package name="qemu-guest-agent"/>
</packages>
</image>

8
_constraints Normal file
View File

@ -0,0 +1,8 @@
<constraints>
<hardware>
<disk>
<size unit="G">40</size>
</disk>
</hardware>
</constraints>

317
config.sh Normal file
View File

@ -0,0 +1,317 @@
#!/bin/bash
# Copyright (c) 2023 SUSE LLC
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
#======================================
# Functions...
#--------------------------------------
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile
set -euxo pipefail
mkdir /var/lib/misc/reconfig_system
#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."
#======================================
# This is a workaround - someone,
# somewhere needs to load the xts crypto
# module, otherwise luksOpen will fail while
# creating the image.
#--------------------------------------
modprobe xts || true
#======================================
# add missing fonts
#--------------------------------------
CONSOLE_FONT="eurlatgr.psfu"
#======================================
# prepare for setting root pw, timezone
#--------------------------------------
echo ** "reset machine settings"
sed -i 's/^root:[^:]*:/root:*:/' /etc/shadow
rm /etc/machine-id
rm /var/lib/zypp/AnonymousUniqueId
#======================================
# Setup baseproduct link
#--------------------------------------
suseSetupProduct
#======================================
# Specify default runlevel
#--------------------------------------
baseSetRunlevel 3
#======================================
# Add missing gpg keys to rpm
#--------------------------------------
suseImportBuildKey
#======================================
# If SELinux is installed, configure it like transactional-update setup-selinux
#--------------------------------------
if [[ -e /etc/selinux/config ]]; then
# Check if we don't have selinux already enabled.
grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q security=selinux || \
sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' "/etc/default/grub"
# Adjust selinux config
sed -i -e 's|^SELINUX=.*|SELINUX=enforcing|g' \
-e 's|^SELINUXTYPE=.*|SELINUXTYPE=targeted|g' \
"/etc/selinux/config"
# Move an /.autorelabel file from initial installation to writeable location
test -f /.autorelabel && mv /.autorelabel /etc/selinux/.autorelabel
fi
##======================================
## Enable DHCP on eth0
##--------------------------------------
#cat >/etc/sysconfig/network/ifcfg-eth0 <<EOF
#BOOTPROTO='dhcp'
#MTU=''
#REMOTE_IPADDR=''
#STARTMODE='auto'
#ETHTOOL_OPTIONS=''
#USERCONTROL='no'
#EOF
systemctl enable NetworkManager
systemctl enable ModemManager
#======================================
# Enable cloud-init
#--------------------------------------
suseInsertService cloud-init-local
suseInsertService cloud-init
suseInsertService cloud-config
suseInsertService cloud-final
# Enable chrony
suseInsertService chronyd
#======================================
# Sysconfig Update
#--------------------------------------
echo '** Update sysconfig entries...'
echo FONT="$CONSOLE_FONT" >> /etc/vconsole.conf
# fix security level (boo#1171174)
sed -e '/^PERMISSION_SECURITY=s/easy/paranoid/' /etc/sysconfig/security
chkstat --set --system
#======================================
# SSL Certificates Configuration
#--------------------------------------
echo '** Rehashing SSL Certificates...'
update-ca-certificates
#======================================
# Import trusted rpm keys
#--------------------------------------
for i in /usr/lib/rpm/gnupg/keys/gpg-pubkey*asc; do
# importing can fail if it already exists
rpm --import $i || true
done
# Temporary workaround for bsc#1212187
echo "techpreview.ZYPP_MEDIANETWORK=1" >> /etc/zypp/zypp.conf
#======================================
# Enable kubelet if installed
#--------------------------------------
if [ -e /usr/lib/systemd/system/kubelet.service ]; then
suseInsertService kubelet
fi
# Adjust zypp conf
# https://github.com/openSUSE/libzypp/issues/212
# in yast that's done in packager/cfa/zypp_conf.rb
sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf
sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf
sed -i 's/^multiversion =.*/multiversion =/g' /etc/zypp/zypp.conf
#=====================================
# Configure snapper
#-------------------------------------
if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then
echo "creating initial snapper config ..."
cp /usr/share/snapper/config-templates/default /etc/snapper/configs/root
baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root
# Adjust parameters
sed -i'' 's/^TIMELINE_CREATE=.*$/TIMELINE_CREATE="no"/g' /etc/snapper/configs/root
sed -i'' 's/^NUMBER_LIMIT=.*$/NUMBER_LIMIT="2-10"/g' /etc/snapper/configs/root
sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root
fi
# Enable jeos-firstboot if installed, disabled by combustion/ignition
if rpm -q --whatprovides jeos-firstboot >/dev/null; then
mkdir -p /var/lib/YaST2
touch /var/lib/YaST2/reconfig_system
systemctl enable jeos-firstboot.service
fi
# Enable cloud-init if installed
if rpm -q --whatprovides cloud-init >/dev/null; then
systemctl enable cloud-init
systemctl enable cloud-init-local
fi
# The %post script can't edit /etc/fstab sys due to https://github.com/OSInside/kiwi/issues/945
# so use the kiwi custom hack
cat >/etc/fstab.script <<"EOF"
#!/bin/sh
set -eux
/usr/sbin/setup-fstab-for-overlayfs
# If /var is on a different partition than /...
if [ "$(findmnt -snT / -o SOURCE)" != "$(findmnt -snT /var -o SOURCE)" ]; then
# ... set options for autoexpanding /var
gawk -i inplace '$2 == "/var" { $4 = $4",x-growpart.grow,x-systemd.growfs" } { print $0 }' /etc/fstab
fi
EOF
chmod a+x /etc/fstab.script
# To make x-systemd.growfs work from inside the initrd
cat >/etc/dracut.conf.d/50-microos-growfs.conf <<"EOF"
install_items+=" /usr/lib/systemd/systemd-growfs "
EOF
#======================================
# Add repos from control.xml
#--------------------------------------
if [ -x /usr/sbin/add-yast-repos ]; then
add-yast-repos
zypper --non-interactive rm -u live-add-yast-repos
fi
#======================================
# Configure SelfInstall specifics
#--------------------------------------
if [[ "$kiwi_profiles" == *"SelfInstall"* ]]; then
cat > /etc/systemd/system/selfinstallbootloader.service <<-EOF
[Unit]
Description=
After=systemd-machine-id-commit.service
Before=jeos-firstboot.service
[Service]
Type=oneshot
ExecStart=rm /etc/systemd/system/selfinstallbootloader.service
ExecStart=rm /etc/systemd/system/default.target.wants/selfinstallbootloader.service
ExecStart=/sbin/transactional-update bootloader
ExecStart=/sbin/transactional-update apply
[Install]
WantedBy=default.target
EOF
ln -s /etc/systemd/system/selfinstallbootloader.service /etc/systemd/system/default.target.wants/selfinstallbootloader.service
fi
#======================================
# Boot TimeOut Configuration for iSCSI
#--------------------------------------
cat > /etc/systemd/system/iscsi-init-delay.service <<-EOF
[Unit]
# Workaround for boo#1198457 delay gen-initiatorname after local-fs
Description=One time delay for the iscsid.service
ConditionPathExists=!/etc/iscsi/initiatorname.iscsi
ConditionPathExists=/sbin/iscsi-gen-initiatorname
DefaultDependencies=no
RequiresMountsFor=/etc/iscsi
After=local-fs.target
Before=iscsi-init.service
[Install]
WantedBy=default.target
[Service]
Type=oneshot
RemainAfterExit=no
ExecStart=/sbin/iscsi-gen-initiatorname
EOF
ln -s /etc/systemd/system/iscsi-init-delay.service /etc/systemd/system/default.target.wants/iscsi-init-delay.service
#======================================
# Configure Pine64 specifics
#--------------------------------------
if [[ "$kiwi_profiles" == *"Pine64" ]]; then
echo 'add_drivers+=" fixed sunxi-mmc axp20x-regulator axp20x-rsb "' > /etc/dracut.conf.d/sunxi_modules.conf
fi
#======================================
# Configure Raspberry Pi specifics
#--------------------------------------
if [[ "$kiwi_profiles" == *"RaspberryPi"* ]]; then
# Add necessary kernel modules to initrd (will disappear with bsc#1084272)
echo 'add_drivers+=" bcm2835_dma dwc2 "' > /etc/dracut.conf.d/raspberrypi_modules.conf
# Add necessary kernel modules to initrd (will disappear with boo#1162669)
echo 'add_drivers+=" pcie-brcmstb "' >> /etc/dracut.conf.d/raspberrypi_modules.conf
# Work around network issues
cat > /etc/modprobe.d/50-rpi3.conf <<-EOF
# Prevent too many page allocations (bsc#1012449)
options smsc95xx turbo_mode=N
EOF
cat > /usr/lib/sysctl.d/50-rpi3.conf <<-EOF
# Avoid running out of DMA pages for smsc95xx (bsc#1012449)
vm.min_free_kbytes = 2048
EOF
fi
#======================================
# Configure Vagrant specifics
#--------------------------------------
if [[ "$kiwi_profiles" == *"Vagrant"* ]]; then
# create vagrant user
useradd vagrant
# allow password-less sudo
echo "vagrant ALL=(ALL)NOPASSWD:ALL" > /etc/sudoers.d/vagrant
# add vagrant's insecure key
mkdir -p /home/vagrant/.ssh
chmod 0700 /home/vagrant/.ssh
cat > /home/vagrant/.ssh/authorized_keys << EOF
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
EOF
chmod 0600 /home/vagrant/.ssh/authorized_keys
chown -R vagrant /home/vagrant
fi
#======================================
# cloud-init specific settings
#--------------------------------------
# We do not want cloud-init to run in an environment when there is no data
# source found. bsc#1222113
if [[ "$kiwi_profiles" =~ ^(x86-qcow|x86-vmware|aarch64-qcow)$ ]]; then
echo "policy: search,found=all,maybe=disabled,notfound=disabled" > /etc/cloud/ds-identify.cfg
fi
exit 0

39
editbootinstall_pine64.sh Normal file
View File

@ -0,0 +1,39 @@
#!/bin/bash
set -euxo pipefail
diskname=$1
devname="$2"
loopname="${devname%*p?}"
loopdev=/dev/${loopname#/dev/mapper/*}
#==========================================
# The GPT spans the first 33 sectors, but we need to write our
# at sector 16. Shrink the GPT to only span 5 sectors
# (16 partitions) to give us some space.
#------------------------------------------
# echo -e 'x\ns\n16\nw\ny' > gdisk.tmp
# Shrink GPT does not work anymore, so let's use legacy MBR for now
cat > gdisk.tmp <<-'EOF'
x
r
g
t
1
c
w
y
EOF
dd if=$loopdev of=mbrid.bin bs=1 skip=440 count=4
gdisk $loopdev < gdisk.tmp
dd of=$loopdev if=mbrid.bin bs=1 seek=440 count=4
rm -f mbrid.bin
rm -f gdisk.tmp
#==========================================
# Installing All-in-one U-Boot/SPL
#------------------------------------------
echo "Installing All-in-one U-Boot/SPL..."
if ! dd if=boot/u-boot-sunxi-with-spl.bin of=$diskname bs=1024 seek=8 conv=notrunc; then
echo "Couldn't install SPL on $diskname"
exit 1
fi

44
editbootinstall_rpi.sh Normal file
View File

@ -0,0 +1,44 @@
#!/bin/bash
set -euxo pipefail
diskname=$1
devname="$2"
loopname="${devname%*p?}"
loopdev=/dev/${loopname#/dev/*}
#==========================================
# copy Raspberry Pi firmware to EFI partition
#------------------------------------------
echo "RPi EFI system, installing firmware on ESP"
mkdir -p ./mnt-pi
mount ${loopname}p1 ./mnt-pi
( cd boot/vc; tar c . ) | ( cd ./mnt-pi/; tar x )
umount ./mnt-pi
rmdir ./mnt-pi
#==========================================
# Change partition label type to MBR
#------------------------------------------
#
# The target system doesn't support GPT, so let's move it to
# MBR partition layout instead.
#
# Also make sure to set the ESP partition to type 0xc so that
# broken firmware (Rpi) detects it as FAT.
#
# Use tabs, "<<-" strips tabs, but no other whitespace!
cat > gdisk.tmp <<-'EOF'
x
r
g
t
1
c
w
y
EOF
dd if=$loopdev of=mbrid.bin bs=1 skip=440 count=4
gdisk $loopdev < gdisk.tmp
dd of=$loopdev if=mbrid.bin bs=1 seek=440 count=4
rm -f mbrid.bin
rm -f gdisk.tmp