???

image-base.yaml

@@ -15,7 +15,7 @@ extra-kargs:
 ignition-network-kcmdline: []
 
 # Optional remote by which to prefix the deployed OSTree ref
-ostree-remote: rockylinux
+ostree-remote: rocky
 
 # opt in to using the `metadata_csum_seed` feature of the ext4 filesystem
 # for the /boot filesystem. Support for this was only recently added to grub
@@ -31,7 +31,3 @@ vmware-os-type: fedora64Guest
 # We use the newest version allowed by the oldest non-EOL VMware
 # Workstation/Player/Fusion/ESXi release: https://lifecycle.vmware.com/
 vmware-hw-version: 13
-
-# After this, we plan to add support for the Ignition
-# storage/filesystems sections.  (Although one can do
-# that on boot as well)

manifest.yaml

@@ -1,19 +1,5 @@
-ref: rocky/${basearch}/ostree/${stream}
-rojig:
-  name: rocky-ostree
-  summary: "Rocky Linux OSTree ${stream}"
-  license: MIT
-
-add-commit-metadata:
-  rocky-core.stream: ${stream}
-
-packages:
-  - rocky-release
-
 releasever: 9
 
-recommends: false
-
 variables:
   stream: testing
   prod: false
@@ -22,49 +8,4 @@ repos:
   - appstream 
   - baseos
 
-include:
+include: manifests/core-coreos.yaml
-  - manifests/rocky-ostree-base.yaml
-  - manifests/rocky-ostree-system_tools.yaml
-  - manifests/rocky-ostree-post.yaml
-
-
-automatic-version-prefix: "${releasever}.<date:%Y%m%d>.dev"
-mutate-os-release: "${releasever}"
-
-remove-from-packages:
-  # Drop NetworkManager support for ifcfg files, see also corresponding
-  # overlay.d/14NetworkManager-plugins
-  - [NetworkManager, /usr/lib64/NetworkManager/.*/libnm-settings-plugin-ifcfg-rh.so]
-  # Drop some buggy sysusers fragments which do not match static IDs allocation:
-  # https://bugzilla.redhat.com/show_bug.cgi?id=2105177
-  - [dbus-common, /usr/lib/sysusers.d/dbus.conf]
-
-remove-files:
-  # We don't ship man(1) or info(1)
-  - usr/share/info
-  - usr/share/man
-  # Drop text docs too
-  - usr/share/doc
-
-# Things we don't expect to ship on the host.  We currently
-# have recommends: false so these could only come in via
-# hard requirement, in which case the build will fail.
-exclude-packages:
-  - python
-  - python2
-  - python2-libs
-  # - python3
-  # - python3-libs
-  - perl
-  - perl-interpreter
-  - nodejs
-  - dnf
-  - grubby
-  - cowsay  # Just in case
-  # Let's make sure initscripts doesn't get pulled back in
-  # https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
-  - initscripts
-  # For (datacenter/cloud oriented) servers, we want to see the details by default.
-  # https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
-  - plymouth
-

manifests/rocky-coreos-base.yaml

@@ -1,24 +1,25 @@
+# Inherits from "Core"
+
+
 include:
   - ignition-and-ostree.yaml
   - shared-el9.yaml
   - shared-workarounds.yaml
+  - system-configuration.yaml
   - user-experience.yaml
 
+conditional-include:
+  - if: releasever <= 8
+    include: fallback-hostname.yaml
+
 ostree-layers:
   - overlay/05core
   - overlay/08nouveau
   - overlay/09misc
-  - overlay/15fcos
   - overlay/20platform-chrony
 
 
-conditional-include:
+recommends: false
-  - if: releasever <= 8
-    include: fallback-hostname.yaml
-  - if: basearch != "s390x"
-    # And remove some cruft from grub2
-    include: grub2-removals.yaml
-
 packages:
   - rpm
   - policycoreutils
@@ -34,7 +35,6 @@ packages:
   - polkit
   - coreos-installer
 
-
 ignore-removed-users:
   - root
 ignore-removed-groups:
@@ -46,7 +46,6 @@ etc-group-members:
   - adm
   - docker
 
-
 check-passwd:
   type: "file"
   filename: "passwd"
@@ -58,3 +57,5 @@ check-groups:
 arch-include:
   x86_64: bootupd.yaml
   aarch64: bootupd.yaml
+
+default-target: multi-user.target

manifests/rocky-coreos.yaml

@@ -0,0 +1,60 @@
+ref: rocky/${basearch}/ostree/${stream}
+rojig:
+  name: rocky-ostree
+  summary: "Rocky Linux OSTree ${stream}"
+  license: MIT
+
+add-commit-metadata:
+  rocky-core.stream: ${stream}
+
+include:
+  - manifests/rocky-coreos-base.yaml
+
+conditional-include:
+  - if: basearch != "s390x"
+    # And remove some cruft from grub2
+    include: grub2-removals.yaml
+
+ostree-layers:
+  - overlay/15fcos
+
+automatic-version-prefix: "${releasever}.<date:%Y%m%d>.dev"
+mutate-os-release: "${releasever}"
+
+remove-from-packages:
+  # Drop NetworkManager support for ifcfg files, see also corresponding
+  # overlay.d/14NetworkManager-plugins
+  - [NetworkManager, /usr/lib64/NetworkManager/.*/libnm-settings-plugin-ifcfg-rh.so]
+  # Drop some buggy sysusers fragments which do not match static IDs allocation:
+  # https://bugzilla.redhat.com/show_bug.cgi?id=2105177
+  - [dbus-common, /usr/lib/sysusers.d/dbus.conf]
+
+remove-files:
+  # We don't ship man(1) or info(1)
+  - usr/share/info
+  - usr/share/man
+  # Drop text docs too
+  - usr/share/doc
+
+# Things we don't expect to ship on the host.  We currently
+# have recommends: false so these could only come in via
+# hard requirement, in which case the build will fail.
+exclude-packages:
+  - python
+  - python2
+  - python2-libs
+  # - python3
+  # - python3-libs
+  - perl
+  - perl-interpreter
+  - nodejs
+  - dnf
+  - grubby
+  - cowsay  # Just in case
+  # Let's make sure initscripts doesn't get pulled back in
+  # https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
+  - initscripts
+  # For (datacenter/cloud oriented) servers, we want to see the details by default.
+  # https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
+  - plymouth
+

manifests/rocky-ostree-post.yaml

@@ -1,6 +0,0 @@
-postprocess:
-  - |
-    #!/usr/bin/env bash
-    set -xeuo pipefail
-
-    # Placeholder for commands

manifests/rocky-ostree-system_tools.yaml

@@ -1,14 +0,0 @@
-# config/manifests/rocky-ostree-system_tools.yaml
-# 
-# Contains system (tools) packages which are often used on a regular
-# system, but not needed for the base system to work
-packages:
-  - NetworkManager
-  - iproute
-  - iputils
-  - openssh-clients
-  - openssh-server
-  - less
-  - vim
-  - strace
-  - lsof

manifests/system-configuration.yaml

@@ -0,0 +1,50 @@
+# These are packages that are related to configuring parts of the system.
+# It is intended to be kept generic so that it may be shared downstream with
+# RHCOS.
+
+packages:
+  # Configuring SSH keys, cloud provider check-in, etc
+  - afterburn afterburn-dracut
+  # NTP support
+  - chrony
+  # Installing CoreOS itself
+  - coreos-installer coreos-installer-bootinfra
+  # Storage configuration/management
+  ## cloud-utils-growpart - For growing root partition
+  - cifs-utils
+  - cloud-utils-growpart
+  - cryptsetup
+  - device-mapper-multipath
+  - e2fsprogs
+  - iscsi-initiator-utils
+  - lvm2
+  - mdadm
+  - sg3_utils
+  - xfsprogs
+  # User configuration
+  - passwd
+  - shadow-utils
+  - acl
+  # SELinux policy
+  - selinux-policy-targeted
+  # There are things that write outside of the journal still (such as the
+  # classic wtmp, etc.). auditd also writes outside the journal but it has its
+  # own log rotation.
+  # Anything package layered will also tend to expect files dropped in
+  # /etc/logrotate.d to work. Really, this is a legacy thing, but if we don't
+  # have it then people's disks will slowly fill up with logs.
+  - logrotate
+  # Boost starving threads
+  # https://github.com/coreos/fedora-coreos-tracker/issues/753
+  - stalld
+
+postprocess:
+  # Make kdump work on firstboot
+  - |
+    #!/usr/bin/env bash
+    # Make kdump ignore `ignition.firstboot` when copying kargs from
+    # the running kernel to the kdump kernel when passing to be kexec.
+    # This makes it so kdump can be set up on the very first boot.
+    # Upstream request to have this upstream so we can stop carrying it here:
+    # https://lists.fedoraproject.org/archives/list/kexec@lists.fedoraproject.org/thread/5P4WIJLW2TSGF4PZGRZGOXYML4RXZU23/
+    sed -i -e 's/KDUMP_COMMANDLINE_REMOVE="/KDUMP_COMMANDLINE_REMOVE="ignition.firstboot /' /etc/sysconfig/kdump