generated from Vanilla-OS/custom-image
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrecipe.yml
92 lines (79 loc) · 2.97 KB
/
recipe.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
name: Packet Mix
id: packetmix
stages:
- id: build
base: ghcr.io/vanilla-os/desktop:main # Optionally, Replace this image URL with a different one i.e. nvidia:main, etc
singlelayer: false
labels:
maintainer: "Freshly Baked <[email protected]>" # Optionally, Replace this with your name
args:
DEBIAN_FRONTEND: noninteractive # Set the image environment as non-interactive
# Commands to run first before building the modules
runs:
commands:
- echo 'APT::Install-Recommends "1";' > /etc/apt/apt.conf.d/01norecommends
modules:
- name: init-setup
type: shell
commands:
- lpkg --unlock
- apt-get update
# Put your custom actions below this comment
- name: example-packages # Sample module using the built-in Apt module to install packages
type: apt
source:
packages:
- vim
- name: tailscale # Install Tailscale
# Based on GitHub user RickBrewer's tailscale install section
type: shell
commands:
- mkdir -p --mode=0755 /usr/share/keyrings
- curl -fsSL https://pkgs.tailscale.com/stable/debian/sid.noarmor.gpg | tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
- curl -fsSL https://pkgs.tailscale.com/stable/debian/sid.tailscale-keyring.list | tee /etc/apt/sources.list.d/tailscale.list
- apt-get update && apt-get install -y tailscale
- name: disable-privileged-ports # Allow anyone, including non-root users, to start services on ports below 1024
type: shell
commands:
- mkdir -p --mode=0755 /etc/sysctl.d/
- echo "net.ipv4.ip_unprivileged_port_start = 0" | tee /etc/sysctl.d/disable-privileged-ports.conf
- name: example-commands # Sample module demonstrating the Shell module with custom commands
type: shell
commands:
- echo Example output
- name: example-modules # Sample module demonstrating importing local and remote modules
type: includes
includes:
- modules/50-install-debs.yml # Sample local module present in this repository
- gh:vanilla-os/dev-image:main:modules/00-basics.yml # Sample GitHub remote module in the format: `gh:your-name/your-repo:branch:modules/file.yml`
- https://raw.githubusercontent.com/Vanilla-OS/dev-image/main/modules/05-go.yml # Sample full URL remote module
# Put your custom actions above this comment
- name: set-image-name-abroot
type: includes
includes:
- modules/80-set-image-abroot-config.yml
- name: cleanup
type: shell
commands:
- apt-get autoremove -y
- apt-get clean
- lpkg --lock
- name: fsguard
type: fsguard
CustomFsGuard: false
FsGuardLocation: "/usr/sbin/FsGuard"
GenerateKey: true
FilelistPaths: ["/usr/bin"]
modules:
- name: remove-prev-fsguard
type: shell
commands:
- rm -rf /FsGuard
- rm -f ./minisign.pub ./minisign.key
- chmod +x /usr/sbin/init
- name: cleanup2
type: shell
commands:
- rm -rf /tmp/*
- rm -rf /var/tmp/*
- rm -rf /sources