From 9ea512d5c1f0afc1a431e962b034e636af5aea350775ff10b82eb26a6fa4b8d7 Mon Sep 17 00:00:00 2001
From: Richard Brown <rbrown@suse.com>
Date: Wed, 8 May 2024 13:05:55 +0000
Subject: [PATCH] Accepting request 1172751 from devel:microos:aeon:installer

OBS-URL: https://build.opensuse.org/request/show/1172751
OBS-URL: https://build.opensuse.org/package/show/devel:microos:aeon:images/openSUSE-Aeon?expand=0&rev=1
---
 .gitattributes        |  23 ++++
 .gitignore            |   1 +
 LICENSE               |  17 +++
 _constraints          |   8 ++
 config.sh             | 237 ++++++++++++++++++++++++++++++++++++++++++
 disk.sh               |  19 ++++
 openSUSE-Aeon.changes |   4 +
 openSUSE-Aeon.kiwi    |  69 ++++++++++++
 8 files changed, 378 insertions(+)
 create mode 100644 .gitattributes
 create mode 100644 .gitignore
 create mode 100644 LICENSE
 create mode 100644 _constraints
 create mode 100644 config.sh
 create mode 100644 disk.sh
 create mode 100644 openSUSE-Aeon.changes
 create mode 100644 openSUSE-Aeon.kiwi

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9b03811
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..57affb6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..2b62e4c
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,17 @@
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/_constraints b/_constraints
new file mode 100644
index 0000000..02ada4a
--- /dev/null
+++ b/_constraints
@@ -0,0 +1,8 @@
+<constraints>
+ <hardware>
+  <disk>
+   <size unit="G">20</size>
+  </disk>
+ </hardware>
+</constraints>
+
diff --git a/config.sh b/config.sh
new file mode 100644
index 0000000..8f2d27a
--- /dev/null
+++ b/config.sh
@@ -0,0 +1,237 @@
+#!/bin/bash
+# Copyright (c) 2020 SUSE LLC
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+# 
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# 
+#======================================
+# Functions...
+#--------------------------------------
+
+test -f /.kconfig && . /.kconfig
+test -f /.profile && . /.profile
+
+set -euxo pipefail
+
+echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."
+
+# Systemd controls the console font now
+echo FONT="eurlatgr.psfu" >> /etc/vconsole.conf
+
+#======================================
+# prepare for setting root pw, timezone
+#--------------------------------------
+echo "** reset machine settings"
+rm -f /etc/machine-id \
+      /var/lib/zypp/AnonymousUniqueId \
+      /var/lib/systemd/random-seed
+
+#======================================
+# Specify default systemd target
+#--------------------------------------
+baseSetRunlevel graphical.target
+
+#======================================
+# Import trusted rpm keys
+#--------------------------------------
+suseImportBuildKey
+
+#======================================
+# Set hostname by DHCP
+#--------------------------------------
+baseUpdateSysConfig /etc/sysconfig/network/dhcp DHCLIENT_SET_HOSTNAME yes
+
+# Add repos from /etc/YaST2/control.xml
+if [ -x /usr/sbin/add-yast-repos ]; then
+	add-yast-repos
+	zypper --non-interactive rm -u live-add-yast-repos
+fi
+
+# Adjust zypp conf
+sed -i 's/^multiversion =.*/multiversion =/g' /etc/zypp/zypp.conf
+
+#=====================================
+# Configure snapper
+#-------------------------------------
+if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then
+        echo "creating initial snapper config ..."
+        cp /etc/snapper/config-templates/default /etc/snapper/configs/root \
+		|| cp /usr/share/snapper/config-templates/default /etc/snapper/configs/root
+        baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root
+
+	# Adjust parameters
+	sed -i'' 's/^TIMELINE_CREATE=.*$/TIMELINE_CREATE="no"/g' /etc/snapper/configs/root
+	sed -i'' 's/^NUMBER_LIMIT=.*$/NUMBER_LIMIT="2-10"/g' /etc/snapper/configs/root
+	sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root
+fi
+
+#=====================================
+# Enable chrony if installed
+#-------------------------------------
+if [ -f /etc/chrony.conf ]; then
+	systemctl enable chronyd
+fi
+
+#=====================================
+# Storage configuration
+#-------------------------------------
+
+# The %post script can't edit /etc/fstab sys due to https://github.com/OSInside/kiwi/issues/945
+# so use the kiwi custom hack
+cat >/etc/fstab.script <<"EOF"
+#!/bin/sh
+set -eux
+
+/usr/sbin/setup-fstab-for-overlayfs
+# ... set options for autoexpanding /home
+gawk -i inplace '$2 == "/home" { $4 = $4",x-systemd.growfs" } { print $0 }' /etc/fstab
+EOF
+
+cat >>/etc/fstab.script <<"EOF"
+# Relabel /etc. While kiwi already relabelled it earlier, there are some files created later (boo#1210604).
+# The "gawk -i inplace" above also removes the label on /etc/fstab.
+if [ -e /etc/selinux/config ]; then
+	. /etc/selinux/config
+	touch /etc/sysconfig/bootloader # Make sure this exists so it gets labelled
+	setfiles -e /proc -e /sys -e /dev /etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts /etc
+fi
+EOF
+
+chmod a+x /etc/fstab.script
+
+# Use the btrfs storage driver. This is usually detected in %post, but with kiwi
+# that happens outside of the final FS.
+if [ -e /etc/containers/storage.conf ]; then
+	sed -i 's/driver = "overlay"/driver = "btrfs"/g' /etc/containers/storage.conf
+fi
+
+#======================================
+# Enable NetworkManager
+#--------------------------------------
+systemctl enable NetworkManager
+
+#======================================
+# Disable recommends on virtual images (keep hardware supplements, see bsc#1089498)
+#--------------------------------------
+sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf
+
+#======================================
+# Disable installing documentation
+#--------------------------------------
+sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf
+
+#======================================
+# Add default kernel boot options
+#--------------------------------------
+serialconsole='console=ttyS0,115200'
+
+cmdline=('quiet' 'loglevel=2' 'systemd.show_status=0' "${serialconsole}" 'console=tty0' 'vt.global_cursor_default=0')
+
+ignition_platform='metal'
+
+if [ -n "${ignition_platform}" ]; then
+	cmdline+=("ignition.platform.id=${ignition_platform}")
+fi
+
+#======================================
+# If SELinux is installed, configure it like transactional-update setup-selinux
+#--------------------------------------
+if [[ -e /etc/selinux/config ]]; then
+	cmdline+=("security=selinux selinux=1")
+	# Adjust selinux config
+	sed -i -e 's|^SELINUX=.*|SELINUX=enforcing|g' \
+	    -e 's|^SELINUXTYPE=.*|SELINUXTYPE=targeted|g' \
+	    "/etc/selinux/config"
+
+	# Move an /.autorelabel file from initial installation to writeable location
+	test -f /.autorelabel && mv /.autorelabel /etc/selinux/.autorelabel
+fi
+
+if [ -e /etc/default/grub ]; then
+	sed -i "s#^GRUB_CMDLINE_LINUX_DEFAULT=.*\$#GRUB_CMDLINE_LINUX_DEFAULT=\"${cmdline[*]}\"#" /etc/default/grub
+else
+	echo "${cmdline[*]}" > /etc/kernel/cmdline
+fi
+
+#======================================
+# tik specifics
+#--------------------------------------
+
+mkdir -p /ignition
+
+useradd -m tik
+usermod -aG wheel tik
+
+cat >> /etc/sudoers.d/51-tik << "EOF"
+tik ALL = (root) NOPASSWD: ALL
+EOF
+
+cat >> /etc/polkit-1/rules.d/10-tik.rules << "EOF"
+polkit.addRule(function(action, subject) {
+    if (subject.user == "tik") {
+        return polkit.Result.YES;
+    }
+});
+EOF
+
+chown tik:users /ignition
+
+# SHOULD BE IN GNOME-BRANDING-TIK
+cat >> /usr/share/glib-2.0/schemas/31_tik.gschema.override << "EOF"
+[org.gnome.shell]
+favorite-apps=['']
+
+[org.gnome.desktop.screensaver]
+lock-enabled=false
+user-switch-enabled=false
+
+[org.gnome.desktop.lockdown]
+disable-lock-screen=true
+disable-log-out=true
+disable-printing=true
+disable-print-setup=true
+disable-user-switching=true
+user-administration-disabled=true
+EOF
+
+glib-compile-schemas /usr/share/glib-2.0/schemas/
+# GNOME-BRANDING-TIK end
+
+# tik-config-Aeon
+mkdir -p /home/tik/.local/share/applications/
+chown -R tik:users /home/tik/.local/
+cat >> /home/tik/.local/share/applications/org.opensuse.tik.desktop << "EOF"
+[Desktop Entry]
+Name=openSUSE Aeon Installer
+Comment=Installs openSUSE Aeon
+Exec=/usr/bin/tik
+Icon=distributor-logo-Aeon-symbolic
+Type=Application
+Categories=System;
+Name[en_GB]=openSUSE Aeon Installer
+EOF
+# tik-config-Aeon
+
+ln -s /home/tik/.local/share/applications/org.opensuse.tik.desktop /home/tik/.config/autostart/org.opensuse.tik.desktop
+rm /home/tik/.config/autostart/aeon-firstboot.desktop
+
+mkdir -p /home/tik/.config/gtk-3.0
+echo "file:///ignition" >> /home/tik/.config/gtk-3.0/bookmarks
+
+sed -i 's/DISPLAYMANAGER_AUTOLOGIN=""/DISPLAYMANAGER_AUTOLOGIN="tik"/' /etc/sysconfig/displaymanager
+
diff --git a/disk.sh b/disk.sh
new file mode 100644
index 0000000..5ea7f14
--- /dev/null
+++ b/disk.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+set -euxo pipefail
+[ -x /usr/bin/sdbootutil ] || exit 0
+echo "#######DISK"
+rootuuid=$(findmnt / -n --output uuid)
+sed -i -e "s,\$, root=UUID=$rootuuid," /etc/kernel/cmdline
+arch="$(uname -m)"
+case "$arch" in
+	x86_64) arch=x64 ;;
+	*) echo "Unsupported arch for Aeon - $arch"; exit 1 ;;
+esac
+echo "install boot loader"
+sdbootutil -v --no-random-seed --arch "$arch" --esp-path /boot/efi --entry-token=auto --no-variables install
+echo "add kernels"
+export hostonly_l=no # for dracut
+sdbootutil -v --arch "$arch" --esp-path /boot/efi --entry-token=auto add-all-kernels
+echo "##### AFTER ####"
+rm -f /boot/mbrid
+find /boot
diff --git a/openSUSE-Aeon.changes b/openSUSE-Aeon.changes
new file mode 100644
index 0000000..b425b0d
--- /dev/null
+++ b/openSUSE-Aeon.changes
@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Wed Apr 10 07:51:11 UTC 2024 - Richard Brown <rbrown@suse.com>
+
+- Initial Packaging 
diff --git a/openSUSE-Aeon.kiwi b/openSUSE-Aeon.kiwi
new file mode 100644
index 0000000..95782b6
--- /dev/null
+++ b/openSUSE-Aeon.kiwi
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="utf-8"?>
+<image schemaversion="7.6" name="openSUSE-Aeon-Installer" displayname="openSUSE Aeon Installer">
+    <description type="system">
+        <author>Richard Brown</author>
+        <contact>rbrownsuse@opensuse.org</contact>
+        <specification>openSUSE Aeon Installer</specification>
+    </description>
+    <preferences>
+        <version>0.1.0</version>
+        <packagemanager>zypper</packagemanager>
+        <rpm-excludedocs>true</rpm-excludedocs>
+        <locale>en_US</locale>
+        <type
+            image="oem"
+            filesystem="btrfs"
+            fsmountoptions="compress=zstd:1"
+            firmware="uefi"
+            bootpartition="false"
+            bootkernel="custom"
+            devicepersistency="by-uuid"
+            btrfs_root_is_subvolume="true"
+            btrfs_root_is_snapshot="true"
+            btrfs_root_is_readonly_snapshot="true"
+            btrfs_quota_groups="true"
+            rootfs_label="TIKINSTALL"
+        >
+	    <bootloader name="grub2" console="gfxterm"/>
+	    <oemconfig>
+                <oem-resize>false</oem-resize>
+            </oemconfig>
+            <systemdisk>
+                <volume name="home"/>
+                <volume name="root"/>
+                <volume name="opt"/>
+		<volume name="srv"/>
+                <volume name="boot/grub2/i386-pc"/>
+                <volume name="boot/grub2/x86_64-efi" mountpoint="boot/grub2/x86_64-efi"/>
+                <volume name="boot/writable"/>
+                <volume name="usr/local"/>
+                <volume name="var" copy_on_write="false"/>
+            </systemdisk>
+            <partitions>
+                <partition name="ignition" size="1G" mountpoint="/ignition" filesystem="ext4"/>
+            </partitions>
+        </type>
+    </preferences>
+    <repository type="rpm-md">
+        <source path="obsrepositories:/"/>
+    </repository>
+    <packages type="image">
+        <package name="live-add-yast-repos"/>
+        <package name="patterns-tik-base"/>
+    </packages>
+    <packages type="bootstrap">
+        <!-- Avoid that zypper picks the busybox-foo variant for those, that would fail later -->
+        <package name="coreutils"/>
+        <package name="gawk"/>
+        <package name="gzip"/>
+        <package name="hostname"/>
+        <!-- Avoid libressl -->
+        <package name="openssl"/>
+        <package name="filesystem"/>
+        <package name="glibc-locale-base"/>
+        <!-- So that https repos work for image package downloads -->
+        <package name="ca-certificates-mozilla"/>
+        <!-- TODO: Use the proper flavors once available -->
+        <package name="Aeon-release"/>
+    </packages>
+</image>