Add AlmaLinux

gbraad · gbraad · commit 22defa166177 · 2025-02-22T17:22:38.000+08:00
diff --git a/.devcontainer/almalinux/Containerfile b/.devcontainer/almalinux/Containerfile
@@ -0,0 +1,76 @@
+ARG BASE_IMAGE="almalinux"
+ARG BASE_VERSION="9"
+
+FROM ${BASE_IMAGE}:${BASE_VERSION}
+
+ARG USER="gbraad"
+ARG USER_PASSWD
+ARG HOMEBASE="/home"
+ARG USERHOME="${HOMEBASE}/${USER}"
+ARG ROOTHOME="/root"
+ARG ARCH="x86_64"
+
+RUN dnf install -y \
+        systemd \
+        sudo \
+        git \
+        dnf-plugins-core \
+    && dnf install -y --allowerasing --nobest \
+        util-linux \
+        util-linux-user \
+    && dnf install -y \
+        epel-release \
+        epel-next-release \
+    && dnf clean all \
+    && rm -rf /var/cache/yum
+
+# fix for PAM/SSH
+RUN chmod 0640 /etc/shadow
+
+RUN useradd -l -u 1000 -G wheel -md ${USERHOME} -s /bin/bash -p ${USER} ${USER} \
+    && sed -i.bkp -e 's/%wheel\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%wheel ALL=NOPASSWD:ALL/g' /etc/sudoers \
+    && if [ -n "${USER_PASSWD}" ] ; then \
+        echo "gbraad:${USER_PASSWD}" | sudo chpasswd && echo "Password set to: ${USER_PASSWD}"; \
+    fi
+
+USER ${USER}
+
+RUN git clone https://github.com/gbraad-dotfiles/upstream.git ${USERHOME}/.dotfiles --depth 2 \
+    && cd ${USERHOME}/.dotfiles \
+    && sh ./install.sh
+
+RUN mkdir -p ~/.ssh/ \
+    && curl https://github.com/${USER}.keys | tee -a ~/.ssh/authorized_keys
+
+USER root
+
+RUN git clone https://github.com/gbraad-dotfiles/upstream.git ${ROOTHOME}/.dotfiles --depth 2 \
+    && cd ${ROOTHOME}/.dotfiles \
+    && . ./zsh/.zshrc.d/dotfiles.zsh \
+    && stow config \
+    && dotfiles restow
+
+RUN chsh -s /usr/bin/zsh ${USER} \
+    && chsh -s /usr/bin/zsh
+
+# install tailscale (or use https://github.com/spotsnel/tailscale-systemd/)
+RUN dnf config-manager --add-repo https://pkgs.tailscale.com/stable/rhel/9/tailscale.repo \
+    && dnf install -y \
+        tailscale \
+    && dnf clean all \
+    && rm -rf /var/cache/yum \
+    && mkdir -p /var/run/tailscale /var/cache/tailscale /var/lib/tailscale \
+    && systemctl enable tailscaled
+
+# install cloudflared (or use https://github.com/spotsnel/cloudflared-systemd/)
+RUN dnf install -y \
+        systemd \
+    && curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-${ARCH}.rpm -o /tmp/cloudflared.rpm \
+    && dnf install -y \
+        /tmp/cloudflared.rpm \
+    && dnf clean all \
+    && rm -rf /var/cache/yum \
+    && rm -f /tmp/cloudflared.rpm
+
+# Enable systemd
+ENTRYPOINT [ "/sbin/init" ]
diff --git a/.devcontainer/almalinux/devcontainer.json b/.devcontainer/almalinux/devcontainer.json
@@ -0,0 +1,17 @@
+{
+    "name": "AlmaLinux dotfiles environment",
+    "image": "ghcr.io/gbraad-dotfiles/centos:latest",
+
+    "runArgs": [ "--cap-add=NET_ADMIN", "--cap-add=NET_RAW", "--device=/dev/net/tun", "--device=/dev/fuse"],
+    "overrideCommand": false,
+    "privileged": true,
+    "remoteUser": "gbraad",
+
+    "customizations": {
+        "vscode": {
+            "extensions": [
+                "ms-vscode.Theme-TomorrowKit"
+            ]
+        }
+    }
+}
diff --git a/.devcontainer/ubi9/Containerfile b/.devcontainer/ubi9/Containerfile
@@ -58,7 +58,7 @@ RUN chsh -s /usr/bin/zsh ${USER} \
     && chsh -s /usr/bin/zsh
 
 # install tailscale (or use https://github.com/spotsnel/tailscale-systemd/)
-RUN dnf config-manager --add-repo https://pkgs.tailscale.com/stable/centos/9/tailscale.repo \
+RUN dnf config-manager --add-repo https://pkgs.tailscale.com/stable/rhel/9/tailscale.repo \
     && dnf install -y \
         tailscale \
     && dnf clean all \
diff --git a/.github/workflows/build-container-almalinux-bootc.yml b/.github/workflows/build-container-almalinux-bootc.yml
@@ -0,0 +1,42 @@
+name: build container - almalinux-bootc
+run-name: Building container - AlmaLinux bootc
+
+on:
+  workflow_dispatch:
+
+jobs:
+  build:
+    name: build-container-almalinux-bootc
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - ubuntu-latest
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      - name: Run podman build - almalinux-bootc
+        run: |
+          podman build -t ghcr.io/gbraad-dotfiles/almalinux-bootc:latest \
+            --build-arg=BASE_IMAGE="quay.io/almalinuxorg/almalinux-bootc" \
+            --build-arg=BASE_VERSION=9 \
+            --build-arg=HOMEBASE="/var/home" \
+            --build-arg=USER_PASSWD="password" \
+            --build-arg=ROOTHOME="/var/roothome" \
+            -f .devcontainer/almalinux/Containerfile .
+
+      - name: Tag and push image to ghcr.io - almalinux-bootc
+        run: |
+          DATE=$(date +"%y%m%d")
+          podman tag ghcr.io/gbraad-dotfiles/almalinux-bootc:latest \
+            ghcr.io/gbraad-dotfiles/almalinux-bootc:9
+          podman tag ghcr.io/gbraad-dotfiles/almalinux-bootc:latest \
+            ghcr.io/gbraad-dotfiles/almalinux-bootc:${DATE}
+          podman login ghcr.io -u ${{ github.actor }} \
+            -p ${{ secrets.GITHUB_TOKEN }}
+          podman push ghcr.io/gbraad-dotfiles/almalinux-bootc:${DATE}
+          podman push ghcr.io/gbraad-dotfiles/almalinux-bootc:stream9
+          podman push ghcr.io/gbraad-dotfiles/almalinux-bootc:latest
diff --git a/.github/workflows/build-container-almalinux.yml b/.github/workflows/build-container-almalinux.yml
@@ -0,0 +1,40 @@
+name: build container - almalinux
+run-name: Building container - AlmaLinux
+
+on:
+  workflow_dispatch:
+
+jobs:
+  build:
+    name: build-container-almalinux
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - ubuntu-latest
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      - name: Run podman build - almalinux
+        run: |
+          podman build -t ghcr.io/gbraad-dotfiles/almalinux:latest \
+            --build-arg=BASE_IMAGE="ghcr.io/almalinux/9-init" \
+            --build-arg=BASE_VERSION="9" \
+            -f .devcontainer/almalinux/Containerfile .
+
+      - name: Tag and push image to ghcr.io - almalinux
+        run: |
+          DATE=$(date +"%y%m%d")
+          podman tag ghcr.io/gbraad-dotfiles/almalinux:latest \
+            ghcr.io/gbraad-dotfiles/almalinux:9
+          podman tag ghcr.io/gbraad-dotfiles/almalinux:latest \
+            ghcr.io/gbraad-dotfiles/almalinux:${DATE}
+          podman login ghcr.io -u ${{ github.actor }} \
+            -p ${{ secrets.GITHUB_TOKEN }}
+          podman push ghcr.io/gbraad-dotfiles/almalinux:${DATE}
+          podman push ghcr.io/gbraad-dotfiles/almalinux:9
+          podman push ghcr.io/gbraad-dotfiles/almalinux:latest
+
diff --git a/.github/workflows/build-diskimage-almalinux-upload.yml b/.github/workflows/build-diskimage-almalinux-upload.yml
@@ -0,0 +1,76 @@
+name: build diskimage - almalinux-bootc - upload
+run-name: building diskimage - almalinux-bootc - upload
+on:
+  workflow_dispatch:
+
+env:
+    DISK_TYPE: qcow2
+    ROOTFS: xfs
+    ARCH: amd64
+    BIB_IMAGE: quay.io/centos-bootc/bootc-image-builder:latest
+
+jobs:
+  build:
+    name: Build qcow2 diskimage - dotfiles
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - ubuntu-24.04
+
+    steps:
+    - name: Remove unwanted stuff
+      uses: gbraad-actions/remove-unwanted@v1
+
+    - uses: actions/checkout@v4
+
+    - name: Workaround podman issues in GH actions
+      run: |
+        # see https://github.com/osbuild/bootc-image-builder/issues/446
+        sudo rm -rf /var/lib/containers/storage
+        sudo mkdir -p /etc/containers
+        echo -e "[storage]\ndriver = \"overlay\"\nrunroot = \"/run/containers/storage\"\ngraphroot = \"/var/lib/containers/storage\"" | sudo tee /etc/containers/storage.conf
+
+    - name: Workarounds for GH runner diskspace
+      run: |
+        sudo mkdir -p /mnt/var/lib/containers
+        sudo mount -o bind /mnt/var/lib/containers /var/lib/containers
+        sudo mkdir /var/lib/containers/storage
+
+    - name: Create empty user configuration
+      run: touch config.toml
+
+    - name: Build image - centos
+      id: build-image-dotfiles
+      run: |
+        mkdir -p ./output
+        sudo podman pull ${{ env.IMAGE_NAME }}
+        sudo podman run \
+          --rm \
+          -it \
+          --privileged \
+          --pull=newer \
+          --security-opt label=type:unconfined_t \
+          -v ./config.toml:/config.toml:ro \
+          -v ./output:/output \
+          -v /var/lib/containers/storage:/var/lib/containers/storage \
+          ${{ env.BIB_IMAGE }} \
+          --target-arch ${{ env.ARCH }} \
+          --type ${{ env.DISK_TYPE }} \
+          --rootfs ${{ env.ROOTFS }} \
+          --local \
+          ${{ env.IMAGE_NAME }}
+      env:
+        IMAGE_NAME: ghcr.io/gbraad-dotfiles/almalinux-bootc:latest
+
+    - name: Rename output file - dotfiles
+      run: sudo mv ./output/qcow2/disk.qcow2 ./output/qcow2/almalinux-disk.qcow2
+
+    - name: Upload Artifact - dotfiles
+      uses: actions/upload-artifact@v4
+      with:
+        name: dotfiles-disk
+        path: |
+          ./output/qcow2/almalinux-disk.qcow2
+        retention-days: 5
diff --git a/.github/workflows/build-diskimages-release.yml b/.github/workflows/build-diskimages-release.yml
@@ -44,7 +44,8 @@ jobs:
     - name: Create shared user configuration
       run: touch config.toml
 
-    - name: Build image - fedora
+
+    - name: Build image - Fedora
       id: build-image-fedora
       run: |
         mkdir -p ./output
@@ -67,10 +68,11 @@ jobs:
       env:
         IMAGE_NAME: ghcr.io/gbraad-dotfiles/fedora-bootc:latest
 
-    - name: Rename output file - dotfiles
+    - name: Rename output file - Fedora
       run: sudo mv ./output/qcow2/disk.qcow2 ./output/qcow2/fedora-disk.qcow2
 
-    - name: Build image - centos
+
+    - name: Build image - CentOS
       id: build-image-centos
       run: |
         mkdir -p ./output
@@ -93,9 +95,37 @@ jobs:
       env:
         IMAGE_NAME: ghcr.io/gbraad-dotfiles/centos-bootc:latest
 
-    - name: Rename output file - dotfiles
+    - name: Rename output file - CentOS
       run: sudo mv ./output/qcow2/disk.qcow2 ./output/qcow2/centos-disk.qcow2
 
+
+    - name: Build image - AlmaLinux
+      id: build-image-almalinux
+      run: |
+        mkdir -p ./output
+        sudo podman pull ${{ env.IMAGE_NAME }}
+        sudo podman run \
+          --rm \
+          -it \
+          --privileged \
+          --pull=newer \
+          --security-opt label=type:unconfined_t \
+          -v ./config.toml:/config.toml:ro \
+          -v ./output:/output \
+          -v /var/lib/containers/storage:/var/lib/containers/storage \
+          ${{ env.BIB_IMAGE }} \
+          --target-arch ${{ env.ARCH }} \
+          --type ${{ env.DISK_TYPE }} \
+          --rootfs ${{ env.ROOTFS }} \
+          --local \
+          ${{ env.IMAGE_NAME }}
+      env:
+        IMAGE_NAME: ghcr.io/gbraad-dotfiles/almalinux-bootc:latest
+
+    - name: Rename output file - AlmaLinux
+      run: sudo mv ./output/qcow2/disk.qcow2 ./output/qcow2/almalinux-disk.qcow2
+
+
     - name: Set release tag
       run: echo "TAG=$(date +'%y%m%d')" >> $GITHUB_ENV
 
diff --git a/.github/workflows/build-process.yml b/.github/workflows/build-process.yml
