vauxite-build/README.org
2024-03-03 23:13:54 -06:00

67 lines
3.9 KiB
Org Mode

#+title: vauxite-build
This is my personalized Vauxite configuration. Vauxite is an unofficial Xfce variant of ostree-based Fedora. I'm currently working with Fedora developers to make it an official variant. There is already a sort-of-official treefile for Vauxite at https://pagure.io/workstation-ostree-config, as well as an experimental Vauxite container image hosted at https://quay.io/repository/fedora-ostree-desktops/vauxite.
The ~vauxite.json~ treefile and under the ~src~ directory contains my personal customizations and differ from the [[https://pagure.io/workstation-ostree-config][upstream one]], so they may not be suitable for everyone.
** How I use this repository
*** Setup GitLab runner with Podman
1. Install [[https://docs.gitlab.com/16.9/runner/install/linux-manually.html][GitLab Runner]].
2. Create a new runner from the GitLab UI.
3. Use the authentication token from the GitLab UI to register a new runner on the machine hosting the runner. Select the Docker executor.
#+begin_src shell
sudo systemctl enable --now gitlab-runner.service
sudo gitlab-runner register --url https://git.hyperreal.coffee --token <TOKEN>
#+end_src
4. Add the following lines to ~/etc/gitlab-runner/config.toml~ for Podman:
#+begin_quote
We need to set ~privileged = true~ in order to create new namespaces inside the runner container. See https://github.com/coreos/rpm-ostree/pull/429
#+end_quote
#+begin_src toml
[[runners]]
environment = ["FF_NETWORK_PER_BUILD=1"]
[runners.docker]
host = "unix:///run/podman/podman.sock"
tls_verify = false
image = "registry.fedoraproject.org/fedora:latest"
privileged = true
volumes = ["/build-repo", "/cache", "/source-repo"]
#+end_src
5. Restart the gitlab-runner:
#+begin_src shell
sudo gitlab-runner restart
#+end_src
We should now be ready to use the Podman runner.
*** Additional notes about ~.gitlab-ci.yml~
- The package ~container-selinux~ is required for the vauxite-compose-job so SELinux works inside the runner container. I'm considering having a custom image built on a weekly basis from registry.fedoraproject.org/fedora:latest that contains updated packages and the required dependencies, which I would then just use as the runner's container image. The registry.fedoraproject.org/fedora:latest image doesn't seem to be updated at all.
- BUILD_REPO and SOURCE_REPO are the directories ~/build-repo~ and ~/source-repo~. If these values are changed, then we would need make equivalent changes to the ~volumes~ directive in ~/etc/gitlab-runner/config.toml~ if we want to keep persistent storage of those repos across pipeline runs. Eventually there will be a conditional in the ~.gitlab-ci.yml~ to clean these volumes if another variable (say CLEAN_BUILD) is set to true.
** How I previously used this repository
- I run Fedora Server in a VM on my homelab machine. This Fedora Server has the ~ostree~ and ~rpm-ostree~ commands installed.
- I clone this repository as root under ~/var/local/vauxite-build~.
- I then run the ~ostree-engine~ script to build and deploy a new commit for the given reference branch (e.g. ~vauxite/f39/x86_64/main~). The ~rsync-repos~ command is used in the ~ostree-engine~ script to deploy the resulting OSTree repository to a web server root, which serves as the remote repository.
To add the repository as a remote on my local client machine:
#+begin_src shell
sudo ostree remote add --no-gpg-verify vauxite <URL of web server>
#+end_src
I then rebase to the vauxite branch:
#+begin_src shell
rpm-ostree rebase vauxite:vauxite/f39/x86_64/main
#+end_src
To build new commits that contain updates, I put this in ~/etc/cron.d/ostree-engine~ on the Fedora Server:
#+begin_src shell
0 0 * * 2 root /var/local/vauxite-build/ostree-engine
#+end_src
This will run the ~ostree-engine~ script every Tuesday at midnight. Then I can update my local client machine like this:
#+begin_src shell
rpm-ostree update
#+end_src