https://github.com/kristiandrucker/ublue

https://github.com/kristiandrucker/ublue

Last synced: about 2 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/kristiandrucker/ublue
• Owner: kristiandrucker
• License: apache-2.0
• Created: 2024-06-01T08:47:12.000Z (11 months ago)
• Default Branch: main
• Last Pushed: 2025-03-10T18:28:05.000Z (about 2 months ago)
• Last Synced: 2025-03-10T18:30:18.028Z (about 2 months ago)
• Language: Shell
• Size: 84 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# BlueBuild Template   [![build-ublue](https://github.com/kristiandrucker/ublue/actions/workflows/build.yml/badge.svg)](https://github.com/kristiandrucker/ublue/actions/workflows/build.yml)

See the [BlueBuild docs](https://blue-build.org/how-to/setup/) for quick setup instructions for setting up your own repository based on this template.

After setup, it is recommended you update this README to describe your custom image.

## Installation

> **Warning**  

> [This is an experimental feature](https://www.fedoraproject.org/wiki/Changes/OstreeNativeContainerStable), try at your own discretion.

To rebase an existing atomic Fedora installation to the latest build:

- First rebase to the unsigned image, to get the proper signing keys and policies installed:

  ```

  rpm-ostree rebase ostree-unverified-registry:ghcr.io/kristiandrucker/ublue:latest

  ```

- Reboot to complete the rebase:

  ```

  systemctl reboot

  ```

- Then rebase to the signed image, like so:

  ```

  rpm-ostree rebase ostree-image-signed:docker://ghcr.io/kristiandrucker/ublue:latest

  ```

- Reboot again to complete the installation

  ```

  systemctl reboot

  ```

The `latest` tag will automatically point to the latest build. That build will still always use the Fedora version specified in `recipe.yml`, so you won't get accidentally updated to the next major version.

## ISO

If build on Fedora Atomic, you can generate an offline ISO with the instructions available [here](https://blue-build.org/learn/universal-blue/#fresh-install-from-an-iso). These ISOs cannot unfortunately be distributed on GitHub for free due to large sizes, so for public projects something else has to be used for hosting.

## Verification

These images are signed with [Sigstore](https://www.sigstore.dev/)'s [cosign](https://github.com/sigstore/cosign). You can verify the signature by downloading the `cosign.pub` file from this repo and running the following command:

```bash

cosign verify --key cosign.pub ghcr.io/kristiandrucker/ublue

```