adding yafti for vm image

files/developer/libexec/dx-groups

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+# SCRIPT VERSION
+GROUP_SETUP_VER=1
+GROUP_SETUP_VER_FILE="/etc/ublue/dx-groups"
+GROUP_SETUP_VER_RAN=$(cat "$GROUP_SETUP_VER_FILE")
+
+# Run script if updated
+if [[ -f $GROUP_SETUP_VER_FILE && "$GROUP_SETUP_VER" = "$GROUP_SETUP_VER_RAN" ]]; then
+  echo "Group setup has already run. Exiting..."
+  exit 0
+fi
+
+# Setup Groups
+wheelarray=($(getent group wheel | cut -d ":" -f 4 | tr  ',' '\n'))
+for user in $wheelarray
+do
+  usermod -aG docker $user
+  usermod -aG incus-admin $user
+  usermod -aG lxd $user
+  usermod -aG libvirt $user
+done
+
+# Prevent future executions
+echo "Writing state file"
+echo "$GROUP_SETUP_VER" > "$GROUP_SETUP_VER_FILE"

files/developer/libexec/dx-kvmfr-setup

@@ -0,0 +1,108 @@
+#!/usr/bin/env bash
+source /usr/lib/ujust/ujust.sh
+
+# Required disclaimer and where to report issues first
+echo "$(Urllink "https://looking-glass.io/docs/rc/ivshmem_kvmfr/#libvirt" "This module") along with $(Urllink "https://looking-glass.io" "Looking Glass") is very experimental and not recommended for production use!"
+echo "The ublue team packages the kvmfr module only because it has to be supplied with the system image while using an atomic desktop."
+echo "If you do plan to use Looking Glass, please $(Urllink "https://universal-blue.discourse.group/docs?topic=956" "follow the guide here") on how to compile it for your system."
+echo "To use the kvmfr module after enabling it, just add and edit the xml for libvirt from the documentation in the first link."
+echo "Since we package the kvmfr module please open kvmfr related issues you have on Bluefin or Aurora and tag me"
+echo "in the $(Urllink "https://discord.gg/WEu6BdFEtp" "Universal Blue Discord") or the $(Urllink "https://github.com/ublue-os/bluefin/issues" "Bluefin Github issue tracker")."
+echo "~ @HikariKnight"
+
+CONFIRM=$(Choose Ok Cancel)
+if [ "$CONFIRM" == "Cancel" ]; then
+    exit 0
+fi
+
+# Add kvmfr to dracut so that it's modprobe file can be used
+echo ""
+echo "Setting up kvmfr module so it loads next boot"
+sudo bash -c 'cat << KVMFR_DRACUT > /etc/dracut.conf.d/kvmfr.conf
+install_items+=" /etc/modprobe.d/kvmfr.conf "
+KVMFR_DRACUT'
+
+# Add kvmfr modprobe file following upstream documentation
+sudo bash -c "cat << KVMFR_MODPROBE > /etc/modprobe.d/kvmfr.conf
+options kvmfr static_size_mb=128
+KVMFR_MODPROBE"
+
+# Add upstream udev rule for kvmfr, adjusted for fedora systems
+echo "Adding udev rule for /dev/kvmfr0"
+sudo bash -c 'cat << KVMFR_UDEV > /etc/udev/rules.d/99-kvmfr.rules
+SUBSYSTEM=="kvmfr", OWNER="'$USER'", GROUP="qemu", MODE="0660"
+KVMFR_UDEV'
+
+# Add /dev/kvmfr0 to qemu cgroup device acl list
+echo "Adding /dev/kvmfr0 to qemu cgroup_device_acl"
+# This is not ideal and if someone has a better way to do this without perl, you are welcome to change it
+sudo perl -0777 -pi -e 's/
+#cgroup_device_acl = \[
+#    "\/dev\/null", "\/dev\/full", "\/dev\/zero",
+#    "\/dev\/random", "\/dev\/urandom",
+#    "\/dev\/ptmx", "\/dev\/kvm",
+#    "\/dev\/userfaultfd"
+#\]
+/
+cgroup_device_acl = \[
+    "\/dev\/null", "\/dev\/full", "\/dev\/zero",
+    "\/dev\/random", "\/dev\/urandom",
+    "\/dev\/ptmx", "\/dev\/kvm",
+    "\/dev\/userfaultfd", "\/dev\/kvmfr0"
+\]
+/' /etc/libvirt/qemu.conf
+
+# Add SELinux context record for /dev/kvmfr0 (for simplicity we use the same one that was used for the shm)
+echo "Adding SELinux context record for /dev/kvmfr0"
+sudo semanage fcontext -a -t svirt_tmpfs_t /dev/kvmfr0
+
+# Create type enforcement for /dev/kvmfr0 as there is no existing way to access kvmfr using virt context
+echo "Adding SELinux access rules for /dev/kvmfr0"
+if [ ! -d "$HOME/.config/selinux_te/mod" ]; then
+    mkdir -p "$HOME/.config/selinux_te/mod"
+fi
+if [ ! -d "$HOME/.config/selinux_te/pp" ]; then
+    mkdir -p "$HOME/.config/selinux_te/pp"
+fi
+bash -c "cat << KVMFR_SELINUX > $HOME/.config/selinux_te/kvmfr.te
+module kvmfr 1.0;
+require {
+    type device_t;
+    type svirt_t;
+    class chr_file { open read write map };
+}
+#============= svirt_t ==============
+allow svirt_t device_t:chr_file { open read write map };
+KVMFR_SELINUX"
+
+# Tell user what type enforcement we made and how it looks like
+echo "This is the type enforcement we wrote for SELinux and you can find it in $HOME/.config/selinux_te/kvmfr.te"
+echo "#======= start of kvmfr.te ======="
+cat "$HOME/.config/selinux_te/kvmfr.te"
+echo "#======== end of kvmfr.te ========"
+checkmodule -M -m -o "$HOME/.config/selinux_te/mod/kvmfr.mod" "$HOME/.config/selinux_te/kvmfr.te"
+semodule_package -o "$HOME/.config/selinux_te/pp/kvmfr.pp" -m "$HOME/.config/selinux_te/mod/kvmfr.mod"
+sudo semodule -i "$HOME/.config/selinux_te/pp/kvmfr.pp"
+
+# Load kvmfr module into currently booted system
+echo "Loading kvmfr module so you do not have to reboot to use it the first time"
+sudo modprobe kvmfr static_size_mb=128
+sudo chown $USER:qemu /dev/kvmfr0
+
+# Final message and regenerate initramfs so kvmfr loads next boot
+echo ""
+echo "Kvmfr0 $(Urllink "https://looking-glass.io/docs/rc/install_libvirt/#determining-memory" "static size is set to 128mb by default")"
+echo "this will work with up to 4K SDR resolutiion, as most dummy plugs go up to 4K"
+echo "some games will try use the adapters max resolution on first boot and cause issues if the value is too low."
+echo "Most ghost display adapters max out at 4k, hence the default value of 128mb."
+echo ""
+echo "If you need to change it to a different value"
+echo "you can do that in /etc/modprobe.d/kvmfr.conf"
+echo "$(Urllink "https://looking-glass.io/docs/rc/ivshmem_kvmfr/#libvirt" "Please read official documentation for kvmfr for how to use it")"
+echo ""
+echo "Press OK to start the process of regenerating your initramfs, this will take a long time"
+echo "and there is no good way to track progress for it, if anything is wrong it will error out."
+echo "${b}NOTE: You can start using kvmfr right now without rebooting, but you will need to regenerate initramfs for it to auto load next boot.${n}"
+
+CONFIRM=$(Choose OK)
+rpm-ostree initramfs --enable

files/system/etc/profile.d/brew-bash-completion.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+# shellcheck shell=sh disable=SC1091,SC2039,SC2166
+# Check for interactive bash and that we haven't already been sourced.
+if [ "x${BASH_VERSION-}" != x -a "x${PS1-}" != x -a "x${BREW_BASH_COMPLETION-}" = x ]; then
+
+    # Check for recent enough version of bash.
+    if [ "${BASH_VERSINFO[0]}" -gt 4 ] ||
+        [ "${BASH_VERSINFO[0]}" -eq 4 -a "${BASH_VERSINFO[1]}" -ge 2 ]; then
+        if [ -w /home/linuxbrew/.linuxbrew ]; then
+            if ! test -L /home/linuxbrew/.linuxbrew/etc/bash_completion.d/brew; then
+                /home/linuxbrew/.linuxbrew/bin/brew completions link > /dev/null
+            fi
+        fi
+        if test -d /home/linuxbrew/.linuxbrew/etc/bash_completion.d; then
+            for rc in /home/linuxbrew/.linuxbrew/etc/bash_completion.d/*; do
+                if test -r "$rc"; then
+                . "$rc"
+                fi
+            done
+            unset rc
+        fi
+    fi
+    BREW_BASH_COMPLETION=1
+    export BREW_BASH_COMPLETION
+fi

files/system/etc/security/limits.d/30-brew-limits.conf

@@ -0,0 +1,9 @@
+#This file sets the resource limits for the users logged in via PAM,
+#more specifically, users logged in on via SSH or tty (console).
+#Limits related to terminals in Wayland/Xorg sessions depend on a
+#change to /etc/systemd/user.conf.
+#This does not affect resource limits of the system services.
+#This file overrides defaults set in /etc/security/limits.conf
+
+* soft nofile 4096
+root soft nofile 4096

files/system/etc/systemd/user.conf

@@ -0,0 +1,41 @@
+[Manager]
+#LogLevel=info
+#LogTarget=auto
+#LogColor=yes
+#LogLocation=no
+#LogTime=no
+#SystemCallArchitectures=
+#TimerSlackNSec=
+#StatusUnitFormat=combined
+#DefaultTimerAccuracySec=1min
+#DefaultStandardOutput=inherit
+#DefaultStandardError=inherit
+#DefaultTimeoutStartSec=45s
+DefaultTimeoutStopSec=15s
+#DefaultTimeoutAbortSec=
+#DefaultDeviceTimeoutSec=45s
+#DefaultRestartSec=100ms
+#DefaultStartLimitIntervalSec=10s
+#DefaultStartLimitBurst=5
+#DefaultEnvironment=
+#DefaultLimitCPU=
+#DefaultLimitFSIZE=
+#DefaultLimitDATA=
+#DefaultLimitSTACK=
+#DefaultLimitCORE=
+#DefaultLimitRSS=
+DefaultLimitNOFILE=4096:524288
+#DefaultLimitAS=
+#DefaultLimitNPROC=
+#DefaultLimitMEMLOCK=
+#DefaultLimitLOCKS=
+#DefaultLimitSIGPENDING=
+#DefaultLimitMSGQUEUE=
+#DefaultLimitNICE=
+#DefaultLimitRTPRIO=
+#DefaultLimitRTTIME=
+#DefaultMemoryPressureThresholdSec=200ms
+#DefaultMemoryPressureWatch=auto
+#DefaultSmackProcessLabel=
+#ReloadLimitIntervalSec=
+#ReloadLimitBurst

files/system/etc/yafti.yml

@@ -0,0 +1,142 @@
+title: Welcome to Hyprland
+properties:
+  mode: "run-on-change"
+screens:
+  first-screen:
+    source: yafti.screen.title
+    values:
+      title: "Welcome to Hyprland"
+      description: |
+        This guided installer will help you get started with your new system.
+  can-we-modify-your-flatpaks:
+    source: yafti.screen.consent
+    values:
+      title: Welcome, Traveler!
+      condition:
+        run: flatpak remotes --columns=name | grep fedora
+      description: |
+        We have detected the limited, Fedora-provided Flatpak remote on your system, whose applications are usually missing important codecs and other features. This step will therefore remove all basic Fedora Flatpaks from your system! We will instead switch all core Flatpak applications over to the vastly superior, unfiltered Flathub. If you don't want to do this, simply exit this installer.
+      actions:
+        - run: flatpak remote-delete --system --force fedora
+        - run: flatpak remote-delete --user --force fedora
+        - run: flatpak remove --system --noninteractive --all
+        - run: flatpak remote-add --if-not-exists --system flathub https://flathub.org/repo/flathub.flatpakrepo
+        - run: flatpak remote-add --if-not-exists --user flathub https://flathub.org/repo/flathub.flatpakrepo
+  check-system-flathub:
+    source: yafti.screen.consent
+    values:
+      title: Missing Flathub Repository (System)
+      condition:
+        run: flatpak remotes --system --columns=name | grep flathub | wc -l | grep '^0$'
+      description: |
+        We have detected that you don't have Flathub's repository on your system. We will now add that repository to your system-wide list.
+      actions:
+        - run: flatpak remote-add --if-not-exists --system flathub https://flathub.org/repo/flathub.flatpakrepo
+  check-user-flathub:
+    source: yafti.screen.consent
+    values:
+      title: Missing Flathub Repository (User)
+      condition:
+        run: flatpak remotes --user --columns=name | grep flathub | wc -l | grep '^0$'
+      description: |
+        We have detected that you don't have Flathub's repository on your current user account. We will now add that repository to your account.
+      actions:
+        - run: flatpak remote-add --if-not-exists --user flathub https://flathub.org/repo/flathub.flatpakrepo
+  applications:
+    source: yafti.screen.package
+    values:
+      title: Application Installer
+      show_terminal: true
+      package_manager: yafti.plugin.flatpak
+      package_manager_defaults:
+        user: false
+        system: true
+      groups:
+        Core GNOME Apps:
+          description: Core system applications for the GNOME desktop environment.
+          default: true
+          packages:
+            - Calculator: org.gnome.Calculator
+            - Calendar: org.gnome.Calendar
+            - Camera: org.gnome.Snapshot
+            - Characters: org.gnome.Characters
+            - Clocks: org.gnome.clocks
+            - Connections: org.gnome.Connections
+            - Contacts: org.gnome.Contacts
+            - Disk Usage Analyzer: org.gnome.baobab
+            - Document Scanner: org.gnome.SimpleScan
+            - Document Viewer: org.gnome.Evince
+            - Extension Manager: com.mattjakeman.ExtensionManager
+            - Font Viewer: org.gnome.font-viewer
+            - Image Viewer: org.gnome.Loupe
+            - Logs: org.gnome.Logs
+            - Maps: org.gnome.Maps
+            - Photos (Organizer): org.gnome.Photos
+            - Sushi (Nautilus Previewer): org.gnome.NautilusPreviewer
+            - Text Editor: org.gnome.TextEditor
+            - Videos (Player): org.gnome.Totem
+            - Weather: org.gnome.Weather
+        System Apps:
+          description: System applications for all desktop environments.
+          default: true
+          packages:
+            - Deja Dup Backups: org.gnome.DejaDup
+            - Fedora Media Writer: org.fedoraproject.MediaWriter
+            - Flatseal (Permission Manager): com.github.tchx84.Flatseal
+            - Font Downloader: org.gustavoperedo.FontDownloader
+            - Mozilla Firefox: org.mozilla.firefox
+        Web Browsers:
+          description: Additional browsers to complement or replace Firefox.
+          default: false
+          packages:
+            - Brave: com.brave.Browser
+            - GNOME Web: org.gnome.Epiphany
+            - Google Chrome: com.google.Chrome
+            - Microsoft Edge: com.microsoft.Edge
+            - Opera: com.opera.Opera
+        Gaming:
+          description: "Rock and Stone!"
+          default: false
+          packages:
+            - Bottles: com.usebottles.bottles
+            - Discord: com.discordapp.Discord
+            - Heroic Games Launcher: com.heroicgameslauncher.hgl
+            - Steam: com.valvesoftware.Steam
+            - Gamescope (Utility): org.freedesktop.Platform.VulkanLayer.gamescope
+            - MangoHUD (Utility): org.freedesktop.Platform.VulkanLayer.MangoHud//22.08
+            - SteamTinkerLaunch (Utility): com.valvesoftware.Steam.Utility.steamtinkerlaunch
+            - Proton Updater for Steam: net.davidotek.pupgui2
+        Office:
+          description: Boost your productivity.
+          default: false
+          packages:
+            - LibreOffice: org.libreoffice.LibreOffice
+            - OnlyOffice: org.onlyoffice.desktopeditors
+            - Obsidian: md.obsidian.Obsidian
+            - Slack: com.slack.Slack
+            - Standard Notes: org.standardnotes.standardnotes
+            - Thunderbird Email: org.mozilla.Thunderbird
+        Streaming:
+          description: Stream to the Internet.
+          default: false
+          packages:
+            - OBS Studio: com.obsproject.Studio
+            - VkCapture for OBS: com.obsproject.Studio.OBSVkCapture
+            - Gstreamer for OBS: com.obsproject.Studio.Plugin.Gstreamer
+            - Gstreamer VAAPI for OBS: com.obsproject.Studio.Plugin.GStreamerVaapi
+            - Boatswain for Streamdeck: com.feaneron.Boatswain
+
+  final-screen:
+    source: yafti.screen.title
+    values:
+      title: "All done!"
+      icon: "/path/to/icon"
+      links:
+        - "Made with uBlue":
+            run: /usr/bin/xdg-open https://ublue.it
+        - "Made with BlueBuild":
+            run: /usr/bin/xdg-open https://blue-build.org/
+        - "Join the Discord Community":
+            run: /usr/bin/xdg-open https://discord.gg/XjG48C7VHx
+      description: |
+        Thanks for trying this image, we hope you enjoy it!