https://github.com/pliveyns/mybluebuild

Customized Silverblue image used as main OS.
https://github.com/pliveyns/mybluebuild

atomic bluebuild bluebuild-image custom-image image-based immutable linux linux-custom-image oci oci-image operating-system

Last synced: 9 months ago
JSON representation

Customized Silverblue image used as main OS.

• Host: GitHub
• URL: https://github.com/pliveyns/mybluebuild
• Owner: pliveyns
• License: apache-2.0
• Created: 2024-05-31T20:25:59.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2025-04-24T13:02:30.000Z (11 months ago)
• Last Synced: 2025-04-24T13:23:58.723Z (11 months ago)
• Topics: atomic, bluebuild, bluebuild-image, custom-image, image-based, immutable, linux, linux-custom-image, oci, oci-image, operating-system
• Language: Makefile
• Homepage:
• Size: 69.3 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
# mybluebuild   [![build-ublue](https://github.com/pliveyns/mybluebuild/actions/workflows/build.yml/badge.svg)](https://github.com/pliveyns/mybluebuild/actions/workflows/build.yml)

My customized Silverblue image based on BlueBuild.

See also the [BlueBuild docs](https://blue-build.org/how-to/setup/)

## Installation

> **Warning**  

> [This is an experimental feature](https://www.fedoraproject.org/wiki/Changes/OstreeNativeContainerStable), try at your own discretion.

To rebase an existing atomic Fedora installation to the latest build:

- First rebase to the unsigned image, to get the proper signing keys and policies installed:

  ```

  rpm-ostree rebase ostree-unverified-registry:ghcr.io/pliveyns/mybluebuild:latest

  ```

- Reboot to complete the rebase:

  ```

  systemctl reboot

  ```

- Then rebase to the signed image, like so:

  ```

  rpm-ostree rebase ostree-image-signed:docker://ghcr.io/pliveyns/mybluebuild:latest

  ```

- Reboot again to complete the installation

  ```

  systemctl reboot

  ```

The `latest` tag will automatically point to the latest build. That build will still always use the Fedora version specified in `recipe.yml`, so you won't get accidentally updated to the next major version.

## Verification

These images are signed with [Sigstore](https://www.sigstore.dev/)'s [cosign](https://github.com/sigstore/cosign). You can verify the signature by downloading the `cosign.pub` file from this repo and running the following command:

```bash

cosign verify --key cosign.pub ghcr.io/pliveyns/mybluebuild

```