Use fedora base image and install nodejs, docker, and docker-buildx

.github/workflows/build-composite.yml

@@ -0,0 +1,224 @@
+name: "BlueBuild"
+description: "Build a custom OS image"
+inputs:
+  recipe:
+    description: |
+      The [recipe](https://blue-build.org/reference/recipe/) file to build the image from, relative to the `config/` or `recipes/` directory.
+    required: true
+    default: "recipe.yml"
+  cosign_private_key:
+    description: |
+      The Sigstore/cosign secret used to sign the image.
+
+      Example: `${{ secrets.SIGNING_SECRET }}`
+    required: true
+  registry_token:
+    description: |
+      The token used to sign into the container registry.
+
+      Example: `${{ github.token }}`
+    required: false
+    default: ""
+  registry_username:
+    description: |
+      The username used to sign into the container registry.
+    required: false
+    default: ${{ github.repository_owner }}
+  pr_event_number:
+    description: |
+      The event number used to tag images pushed from pull requests.
+
+      Example: `${{ github.event.number }}`
+    required: true
+  maximize_build_space:
+    description: |
+      Whether to run the unwanted software remover to maximize build space in the GitHub builder.
+      Disable this with 'false' if your image doesn't take up a lot of space and you'd rather have shorter build times.
+    required: false
+    default: "true"
+  use_unstable_cli:
+    description: |
+      If true, this action pulls the `main` branch of blue-build/cli instead of the stable version the current action version is configured to use by default. 
+      This feature is useful for testing new features, but should not be used in production.
+      Input must match the string 'true' for the unstable version to be used.
+    required: false
+    default: "false"
+  cli_version:
+    description: |
+      Set this with a tag, sha, or branch name for the blue-build/cli repo to use that particular version of the CLI tool. This will override the `use_unstable_cli` input for the action.
+    required: false
+  registry:
+    description: |
+      The container registry to push the built image to.
+    required: false
+    default: "ghcr.io"
+  registry_namespace:
+    description: |
+      The namespace on the registry to push to.
+
+      Example: `ublue-os`
+    required: false
+    default: ${{ github.repository_owner }}
+  rechunk:
+    description: |
+      Rechunk the ostree-based result images with [github.com/hhd-dev/rechunk](https://github.com/hhd-dev/rechunk) for more efficient diffs and updates. (lower image size, better download speed, better update resuming)
+
+      Will make your builds considerably slower. This is an experimental option, as it can cause issues with file permissions in some scenarios, so enable on your own risk.
+
+      Internally builds squashed images with podman to further reduce the image size.
+    required: false
+    default: "false"
+  use_cache:
+    description: |
+      Make use of layer cache by pushing the layers to the registry. Input must match the string 'true' for the step to be enabled.
+    required: false
+    default: "true"
+  squash:
+    description: |
+      Uses buildah to squash the build's layers into a single layer. Use of this option
+      disables cache. Conflicts with adding `--build-driver` or `--squash` to the build opts.
+    required: false
+    default: "false"
+  build_opts:
+    description: |
+      Provide options to the call to the BlueBuild CLI build command. If you use this with
+      the squash input set to true and provide either of the `--build-driver` or `--squash` flags
+      an error will occur and the action will not run.
+    required: false
+    default: " "
+  working_directory:
+    description: |
+      Changes working directory for whole build.
+      For example, setting this to `./abc/` would cause for the recipe to be read from `./abc/recipes/recipe.yml`.
+    required: false
+    default: ./
+  skip_checkout:
+    description: |
+      Set to true to skip doing the actions/checkout step.
+      This allows you to checkout manually before calling bluebuild/github-action
+      and to modify files (such as supplying build information to other scripts) before building.
+    required: false
+    default: "false"
+
+runs:
+  using: "composite"
+  steps:
+    - name: Validate inputs
+      shell: bash
+      run: "${{ github.action_path }}/build_opts_check.sh"
+      env:
+        SQUASH_INPUT_VALUE: "${{ inputs.squash }}"
+        BUILD_OPTS: "${{ inputs.build_opts }}"
+    # building custom images might take a lot of space,
+    # so it's best to remove unneeded softawre
+    - name: Maximize build space
+      uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
+      if: ${{ inputs.maximize_build_space == 'true' }}
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@18ce135bb5112fa8ce4ed6c17ab05699d7f3a5e0 # v3.11.0
+      if: ${{ inputs.squash != 'true' && inputs.rechunk != 'true' }}
+      with:
+        install: true
+        driver: docker-container
+        cache-binary: ${{ inputs.use_cache }}
+
+    - name: Get Ubuntu version
+      id: ubuntu_version
+      shell: bash
+      run: |
+        VERSION=$(awk -F= '/^VERSION_ID=/ {gsub(/"/, "", $2); print $2}' /etc/os-release)
+        echo "Ubuntu version is $VERSION"
+        echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+    # that is compatible with BlueBuild
+    - name: Setup Podman
+      if: ${{ (inputs.squash == 'true' || inputs.rechunk == 'true') && steps.ubuntu_version.outputs.version == '22.04' }}
+      shell: bash
+      run: |
+        # from https://askubuntu.com/questions/1414446/whats-the-recommended-way-of-installing-podman-4-in-ubuntu-22-04
+        ubuntu_version='22.04'
+        key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key"
+        sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}"
+        echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel-kubic-libcontainers-unstable.list
+        curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
+        sudo apt-get update
+        sudo apt-get install -y podman
+
+    - uses: sigstore/cosign-installer@sigstore/cosign-installer # v3.9.0
+      with:
+        install-dir: /usr/bin
+        use-sudo: true
+
+    # clones user's repo
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      if: ${{ inputs.skip_checkout == 'false' }}
+
+    - name: Determine Vars
+      id: build_vars
+      shell: bash
+      env:
+        RECIPE: ${{ inputs.recipe }}
+      run: |
+        if [[ "${{ inputs.use_unstable_cli }}" == "true" && -z "${{ inputs.cli_version }}" ]]; then
+          CLI_VERSION_TAG="main"
+        elif [ -n "${{ inputs.cli_version }}" ]; then
+          CLI_VERSION_TAG="${{ inputs.cli_version }}"
+        else
+          CLI_VERSION_TAG="v0.9"
+        fi
+        echo "cli_version=${CLI_VERSION_TAG}" >> ${GITHUB_OUTPUT}
+
+        RECIPE_PATH=""
+        if [ -f "./config/${RECIPE}" ]; then
+          RECIPE_PATH="./config/${RECIPE}"
+        else
+          RECIPE_PATH="./recipes/${RECIPE}"
+        fi
+        echo "recipe_path=${RECIPE_PATH}" >> ${GITHUB_OUTPUT}
+
+    - name: Install BlueBuild
+      shell: bash
+      env:
+        CLI_VERSION_TAG: ${{ steps.build_vars.outputs.cli_version }}
+      run: |
+        sudo docker create \
+          --name blue-build-installer \
+          ghcr.io/blue-build/cli:${{ env.CLI_VERSION_TAG }}-installer
+        sudo docker cp blue-build-installer:/out/bluebuild /usr/bin/bluebuild
+        sudo docker rm blue-build-installer
+        bluebuild --version
+
+    # blue-build/cli does the heavy lifting
+    - name: Build Image
+      shell: bash
+      working-directory: ${{ inputs.working_directory }}
+      env:
+        COSIGN_PRIVATE_KEY: ${{ inputs.cosign_private_key }}
+        GH_TOKEN: ${{ inputs.registry_token }}
+        BB_PASSWORD: ${{ inputs.registry_token }}
+        BB_USERNAME: ${{ inputs.registry_username }}
+        BB_REGISTRY: ${{ inputs.registry }}
+        BB_REGISTRY_NAMESPACE: ${{ inputs.registry_namespace }}
+        GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }}
+        BB_CACHE_LAYERS: ${{ inputs.use_cache }}
+        RECIPE_PATH: ${{ steps.build_vars.outputs.recipe_path }}
+        RUST_LOG_STYLE: always
+        CLICOLOR_FORCE: "1"
+        BUILD_OPTS: ${{ inputs.build_opts }}
+      run: |
+        if [ "${{ inputs.squash }}" = "true" ]; then
+          BUILD_OPTS="--build-driver podman --squash $BUILD_OPTS"
+        fi
+
+        RUN_SUDO=""
+        if [ "${{ inputs.rechunk }}" = "true" ]; then
+          RUN_SUDO=1
+          BUILD_OPTS="--rechunk $BUILD_OPTS"
+        fi
+
+        if [ -n "$RUN_SUDO" ]; then
+          sudo -E bluebuild build -v --push ${BUILD_OPTS} ${RECIPE_PATH}
+        else
+          bluebuild build -v --push ${BUILD_OPTS} ${RECIPE_PATH}
+        fi

.github/workflows/build-nvidia.yml

@@ -0,0 +1,30 @@
+name: bluebuild-nvidia
+on:
+  workflow_dispatch: # allow manually triggering builds
+jobs:
+  bluebuild:
+    name: Build Custom Image
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    strategy:
+      fail-fast: false # stop GH from cancelling all matrix builds if one fails
+      matrix:
+        recipe:
+          # !! Add your recipes here
+          - recipe_nvidia.yml
+    steps:
+      # the build is fully handled by the reusable github action
+      - name: Build Custom Image
+        uses: blue-build/github-action@v1.8
+        with:
+          recipe: ${{ matrix.recipe }}
+          cosign_private_key: ${{ secrets.SIGNING_SECRET }}
+          registry: 'git.hydrosaber.com'
+          registry_token: ${{ secrets.PACKAGE_BUILDER_TOKEN }}
+          pr_event_number: ${{ github.event.number }}
+
+          # enabled by default, disable if your image is small and you want faster builds
+          maximize_build_space: true

.github/workflows/build.yml

@@ -9,37 +9,88 @@ on:
       - main
     paths-ignore: # don't rebuild if only documentation has changed
       - "**.md"
+      - ".github/workflows/build-nvidia.yml"
+      - "files/scripts/nvidia/**"
+      - "recipes/components/nvidia-module.yml"
+      - "recipes/recipe_nvidia.yml"
   pull_request:
   workflow_dispatch: # allow manually triggering builds
-concurrency:
-  # only run one build at a time
-  group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
-  cancel-in-progress: true
 jobs:
   bluebuild:
     name: Build Custom Image
-    runs-on: ubuntu-latest
+    runs-on: fedora-latest
     permissions:
       contents: read
       packages: write
       id-token: write
     strategy:
-      fail-fast: false # stop GH from cancelling all matrix builds if one fails
       matrix:
         recipe:
-          # !! Add your recipes here
           - recipe.yml
     steps:
+      - name: Install required packages
+        shell: bash
+        run: |
+          sudo dnf install -y nodejs docker-cli docker-buildx containerd
       
-      # the build is fully handled by the reusable github action
-      - name: Build Custom Image
-        uses: blue-build/github-action@v1.8
+      - uses: sigstore/cosign-installer@v3.9.0
         with:
-          recipe: ${{ matrix.recipe }}
-          cosign_private_key: ${{ secrets.SIGNING_SECRET }}
-          registry: 'git.hydrosaber.com'
-          registry_token: ${{ secrets.PACKAGE_BUILDER_TOKEN }}
-          pr_event_number: ${{ github.event.number }}
+          install-dir: /usr/bin
+          use-sudo: true
 
-          # enabled by default, disable if your image is small and you want faster builds
-          maximize_build_space: true
+      # clones user's repo
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Determine Vars
+        id: build_vars
+        shell: bash
+        env:
+          RECIPE: ${{ matrix.recipe }}
+        run: |
+          if [[ "${{ inputs.use_unstable_cli }}" == "true" && -z "${{ inputs.cli_version }}" ]]; then
+            CLI_VERSION_TAG="main"
+          elif [ -n "${{ inputs.cli_version }}" ]; then
+            CLI_VERSION_TAG="${{ inputs.cli_version }}"
+          else
+            CLI_VERSION_TAG="v0.9"
+          fi
+          echo "cli_version=${CLI_VERSION_TAG}" >> ${GITHUB_OUTPUT}
+
+          RECIPE_PATH=""
+          if [ -f "./config/${RECIPE}" ]; then
+            RECIPE_PATH="./config/${RECIPE}"
+          else
+            RECIPE_PATH="./recipes/${RECIPE}"
+          fi
+          echo "recipe_path=${RECIPE_PATH}" >> ${GITHUB_OUTPUT}
+      
+      - name: Install BlueBuild
+        shell: bash
+        env:
+          CLI_VERSION_TAG: ${{ steps.build_vars.outputs.cli_version }}
+        run: |
+          sudo docker create \
+            --name blue-build-installer \
+            ghcr.io/blue-build/cli:${{ env.CLI_VERSION_TAG }}-installer
+          sudo docker cp blue-build-installer:/out/bluebuild /usr/bin/bluebuild
+          sudo docker rm blue-build-installer
+          bluebuild --version
+        
+      # blue-build/cli does the heavy lifting
+      - name: Build Image
+        shell: bash
+        working-directory: ${{ inputs.working_directory }}
+        env:
+          COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
+          GH_TOKEN: ${{ secrets.PACKAGE_BUILDER_TOKEN }}
+          BB_PASSWORD: ${{ inputs.registry_token }}
+          BB_USERNAME: ${{ github.repository_owner }}
+          BB_REGISTRY: 'git.hydrosaber.com'
+          BB_REGISTRY_NAMESPACE: ${{ github.repository_owner }}
+          GH_PR_EVENT_NUMBER: ${{ github.event.number }}
+          BB_CACHE_LAYERS: false
+          RECIPE_PATH: ${{ steps.build_vars.outputs.recipe_path }}
+          RUST_LOG_STYLE: always
+          CLICOLOR_FORCE: "1"
+        run: |
+          sudo -E bluebuild build -v --push ${RECIPE_PATH}

cosign.pub

@@ -1,4 +1,4 @@
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDgbLqIZdNv3Lx7jEKq3l6UImgXi/
-MdQ51/79s4zfI2f4wQ8ran/sZO3y91hhsImytGqfSpNZmMV8T0rmOAAXkg==
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzzK2nfqN5MlTqBitNsehDVnITGSF
+r9FQRKI6dNDXRjlKgcMaa88Mb9FdfqFVHSPesN1mHz3/QfZIPG/s7mJAfw==
 -----END PUBLIC KEY-----

files/dnf/codium.repo

@@ -1,8 +0,0 @@
-[gitlab.com_paulcarroty_vscodium_repo]
-name=download.vscodium.com
-baseurl=https://download.vscodium.com/rpms/
-enabled=1
-gpgcheck=1
-repo_gpgcheck=1
-gpgkey=https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/-/raw/master/pub.gpg
-metadata_expire=1h

files/scripts/installdkmsmodules.sh

@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-# Tell build process to exit if there are any errors.
-set -oue pipefail
-
-echo "INFO: grab kernel module"
-KERNEL_VER=$(ls /lib/modules | head -n 1)
-echo $KERNEL_VER
-
-echo "INFO: list all modules"
-ls /usr/src
-
-echo "INFO: grab xpad modules"
-XPAD_MODULE_VER=$(ls /usr/src | grep xpadneo |  sed 's/-/\//')
-echo $XPAD_MODULE_VER
-
-echo "INFO: grab open razer modules"
-RAZER_MODULE_VER=$(ls /usr/src | grep razer | sed -E 's/(.*)-/\1\//')
-echo $RAZER_MODULE_VER
-
-echo "INFO: build and install xpadneo"
-sudo dkms build -m $XPAD_MODULE_VER -k $KERNEL_VER
-sudo dkms install -m $XPAD_MODULE_VER -k $KERNEL_VER
-
-echo "INFO: build and install openrazer"
-sudo dkms build -m $RAZER_MODULE_VER -k $KERNEL_VER
-sudo dkms install -m $RAZER_MODULE_VER -k $KERNEL_VER

files/scripts/nvidia/installtoolkitpolicy.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+# Tell build process to exit if there are any errors.
+set -oue pipefail
+
+semodule --verbose --install /usr/share/selinux/packages/nvidia-container.pp

files/scripts/nvidia/removeunusedrepos.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+# Tell build process to exit if there are any errors.
+set -oue pipefail
+
+rm -f /etc/yum.repos.d/negativo17-fedora-nvidia.repo
+rm -f /etc/yum.repos.d/negativo17-fedora-multimedia.repo
+rm -f /etc/yum.repos.d/eyecantcu-supergfxctl.repo
+rm -f /etc/yum.repos.d/_copr_ublue-os-akmods.repo
+rm -f /etc/yum.repos.d/nvidia-container-toolkit.repo

files/scripts/nvidia/setdrmvariables.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+# Tell build process to exit if there are any errors.
+set -oue pipefail
+
+
+echo '
+
+# Nvidia modesetting support. Set to 0 or comment to disable kernel modesetting
+# support. This must be disabled in case of SLI Mosaic.
+
+options nvidia-drm modeset=1 fbdev=1
+
+' > /usr/lib/modprobe.d/nvidia-modeset.conf
+
+cp /usr/lib/modprobe.d/nvidia-modeset.conf /etc/modprobe.d/nvidia-modeset.conf

files/scripts/nvidia/setearlyloading.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+# Tell build process to exit if there are any errors.
+set -oue pipefail
+
+sed -i 's@omit_drivers@force_drivers@g' /usr/lib/dracut/dracut.conf.d/99-nvidia.conf
+sed -i 's@ nvidia @ i915 amdgpu nvidia @g' /usr/lib/dracut/dracut.conf.d/99-nvidia.conf

files/system/etc/firewalld/services/grayjay.xml

@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<service>
-  <port port="12315" protocol="tcp"/>
-</service>

files/system/etc/firewalld/services/localsend.xml

@@ -1,5 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<service>
-  <port port="53317" protocol="tcp"/>
-  <port port="53317" protocol="udp"/>
-</service>

files/system/etc/modules-load.d/asus-sensor.conf

@@ -1 +0,0 @@
-nct6775

files/system/etc/modules-load.d/ntsync.conf

@@ -1 +0,0 @@
-ntsync

files/system/usr/share/applications/codium.desktop

@@ -1,27 +0,0 @@
-[Desktop Entry]
-Name=VSCodium
-Comment=Code Editing. Redefined.
-GenericName=Text Editor
-Exec=/usr/share/codium/codium --ozone-platform=wayland %F
-Icon=vscodium
-Type=Application
-StartupNotify=false
-StartupWMClass=VSCodium
-Categories=TextEditor;Development;IDE;
-MimeType=text/plain;inode/directory;application/x-codium-workspace;
-Actions=new-empty-window;
-Keywords=vscodium;codium;vscode;
-
-[Desktop Action new-empty-window]
-Name=New Empty Window
-Name[de]=Neues leeres Fenster
-Name[es]=Nueva ventana vacía
-Name[fr]=Nouvelle fenêtre vide
-Name[it]=Nuova finestra vuota
-Name[ja]=新しい空のウィンドウ
-Name[ko]=새 빈 창
-Name[ru]=Новое пустое окно
-Name[zh_CN]=新建空窗口
-Name[zh_TW]=開新空視窗
-Exec=/usr/share/codium/codium --new-window %F
-Icon=vscodium

files/systemd/user/hyprpanel.service

@@ -1,5 +1,6 @@
 [Unit]
 Description=A panel bar branched from AGS maintained by Hyprland devs.
+Documentation=man:waybar(5)
 # order startup after WM
 After=graphical-session.target
 
@@ -7,7 +8,7 @@ After=graphical-session.target
 Type=exec
 # Repurpose XDG Autostart filtering
 ExecCondition=/lib/systemd/systemd-xdg-autostart-condition "wlroots:sway:Wayfire:labwc:Hyprland" ""
-ExecStart=/usr/bin/quickshell
+ExecStart=/usr/bin/hyprpanel
 Restart=on-failure
 Slice=app-graphical.slice
 

recipes/components/default-flatpak.yml

@@ -1,19 +1,14 @@
 modules:
   - type: default-flatpaks
-    configurations:
-      - scope: user
-        repo:
-          title: Flathub (user)
-        install:
-          - one.ablaze.floorp
-          - io.github.equicord.equibop
-      - scope: system
-        repo:
-          title: Flathub
-        notify: true
-        install:
-          - com.github.tchx84.Flatseal
-          - io.missioncenter.MissionCenter
-          - io.github.flattool.Ignition
-          - net.davidotek.pupgui2
-          - org.gnome.Loupe
+    notify: true
+    system:
+      install:
+        - com.github.tchx84.Flatseal
+        - io.missioncenter.MissionCenter
+        - io.github.flattool.Ignition
+        - net.davidotek.pupgui2
+        - org.gnome.Loupe
+    user:
+      install:
+        - one.ablaze.floorp
+        - io.github.equicord.equibop

recipes/components/dnf-module.yml

@@ -1,8 +1,146 @@
 modules:
-  - from-file: dnf/multimedia.yml
-  - from-file: dnf/sddm.yml
-  - from-file: dnf/hyprland.yml
-  - from-file: dnf/environment.yml
-  - from-file: dnf/applications.yml
-  - from-file: dnf/themes.yml
-  - from-file: dnf/drivers.yml
+  - type: dnf
+    repos:
+      copr:
+        - ublue-os/packages
+        - solopasha/hyprland
+        - atim/xpadneo
+        - peterwu/rendezvous
+      nonfree: rpmfusion
+    install:
+      skip-unavailable: true
+      packages:
+      # sddm
+        - sddm
+        - sddm-themes
+        - qt5-qtgraphicaleffects
+        - qt5-qtquickcontrols2
+        - qt5-qtsvg
+
+      # password keeper
+        - kf6-kwallet
+        - kwalletmanager
+        - pam-kwallet
+      
+      # hyprland
+        - hyprland-git
+        - hyprpanel
+        - hyprpolkitagent
+        - hyprshot
+
+      # ublue udev rules and signing
+        - ublue-os-udev-rules
+        - ublue-os-signing
+      
+      # environment
+        # power profiles like
+        - tuned-ppd
+        # xwayland
+        - xorg-x11-server-Xwayland
+        # headset control
+        - headsetcontrol
+        # media related
+        - mediainfo
+        - playerctl
+        - alsa-firmware
+        # zip utilities
+        - p7zip
+        # qt libraries
+        - qt5-qtwayland
+        - qt6-qtwayland
+        # vulkan
+        - vulkan-tools
+        - vulkan-validation-layers
+
+        # polkit
+        - polkit
+      
+        # sound
+        - wireplumber
+        - pipewire
+        - headsetcontrol
+      
+        # networking
+        - bluez
+        - bluez-tools
+        - firewall-config
+      
+        # power
+        - powerstat
+      
+      # applications
+        # fuzzy finder
+        - fzf
+      
+        # dmenu runner
+        - fuzzel
+      
+        # file manager
+        - nautilus
+        - file-roller
+        - file-roller-nautilus
+
+        # text editor
+        - neovim
+      
+        # software store
+        - gnome-software
+
+        # disk management
+        - gnome-disk-utility
+
+        # kdeconnect
+        - kde-connect
+      
+      # settings apps
+        # qt
+        - qt5ct
+        - qt6ct
+
+        # gtk
+        - nwg-look
+      
+      # Themes and fonts
+        # emoji fonts
+        - google-noto-emoji-fonts
+      
+        # theme and GUI
+        - fontawesome-fonts-all
+        - gnome-themes-extra
+        - papirus-icon-theme
+        - bibata-cursor-themes
+
+      # zsh
+        - zsh
+        # zoxide for z stuff
+        - zoxide
+
+      # steam
+        - steam
+        # for game mode and big picture mode
+        - gamescope
+        # for performance view
+        - mangohud
+        # controller
+        - xpadneo
+
+    remove:
+      packages:
+        # remove firefox
+        - firefox
+        - firefox-langpacks
+    
+    replace:
+      - from-repo: rpmfusion-nonfree
+        packages:
+          - libheif
+          - libva
+          - libva-intel-media-driver
+          - mesa-dri-drivers
+          - mesa-filesystem
+          - mesa-libEGL
+          - mesa-libGL
+          - mesa-libgbm
+          - mesa-va-drivers
+          - mesa-vulkan-drivers
+          - gstreamer1-plugin-libav

recipes/components/nvidia-module.yml

@@ -0,0 +1,16 @@
+modules:
+  - type: containerfile
+    snippets:
+      - COPY --from=ghcr.io/ublue-os/akmods-nvidia:main-42 /rpms/ /tmp/rpms
+      - RUN find /tmp/rpms
+      - RUN rpm-ostree install /tmp/rpms/ublue-os/ublue-os-nvidia*.rpm
+      - RUN sed -i '0,/enabled=0/{s/enabled=0/enabled=1/}' /etc/yum.repos.d/nvidia-container-toolkit.repo
+      - RUN sed -i '0,/enabled=0/{s/enabled=0/enabled=1\npriority=90/}' /etc/yum.repos.d/negativo17-fedora-nvidia.repo   
+      - RUN rpm-ostree install /tmp/rpms/kmods/kmod-nvidia*.rpm libnvidia-fbc libva-nvidia-driver nvidia-driver nvidia-modprobe nvidia-persistenced nvidia-settings nvidia-container-toolkit 
+    
+  - type: script
+    scripts:
+      - nvidia/installtoolkitpolicy.sh
+      - nvidia/removeunusedrepos.sh
+      - nvidia/setearlyloading.sh
+      - nvidia/setdrmvariables.sh

recipes/components/systemd-module.yml

@@ -8,5 +8,5 @@ modules:
       enabled:
         - flatpak-user-update.timer
         - swww.service
-        - quickshell.service
+        - hyprpanel.service
         - hyprpolkitagent.service

recipes/dnf/applications.yml

@@ -1,70 +0,0 @@
-modules:
-  - type: dnf
-    repos:
-      nonfree: rpmfusion
-      files:
-        - codium.repo
-      copr:
-        - mavit/discover-overlay
-      keys:
-        - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/-/raw/master/pub.gpg
-    install:
-      packages:
-      # applications
-        # fuzzy finder
-        - fzf
-      
-        # dmenu runner
-        - fuzzel
-      
-        # file manager
-        - nautilus
-        - file-roller
-        - file-roller-nautilus
-
-        - ffmpegthumbnailer
-
-        # music / video player
-        - vlc
-
-        # text editor
-        - neovim
-        - codium
-      
-        # software store
-        - gnome-software
-
-        # disk management
-        - gnome-disk-utility
-
-        # kdeconnect
-        - kde-connect
-
-        # discord overlay
-        - discover-overlay
-      
-      # settings apps
-        # qt
-        - qt5ct
-        - qt6ct
-
-        # gtk
-        - nwg-look
-
-      # zsh
-        - zsh
-        # zoxide for z stuff
-        - zoxide
-
-      # steam
-        - steam
-        # for game mode and big picture mode
-        - gamescope
-        # for performance view
-        - mangohud
-  
-    remove:
-      packages:
-        # remove firefox
-        - firefox
-        - firefox-langpacks

recipes/dnf/drivers.yml

@@ -1,17 +0,0 @@
-modules:
-  - type: dnf
-    repos:
-      files:
-        - https://negativo17.org/repos/fedora-steam.repo
-        - https://openrazer.github.io/hardware:razer.repo
-    install:
-      packages:
-        - dkms
-        - openrazer-meta
-        - repo: fedora-steam
-          packages:
-            - dkms-xpadneo
-
-  - type: script
-    scripts:
-      - installdkmsmodules.sh

recipes/dnf/environment.yml

@@ -1,47 +0,0 @@
-modules:
-  - type: dnf
-    repos:
-      files:
-        - codium.repo
-      copr:
-        - ublue-os/packages
-    install:
-      packages:
-      # ublue udev rules and signing
-        - ublue-os-udev-rules
-        - ublue-os-signing
-      
-      # environment
-        # xwayland
-        - xorg-x11-server-Xwayland
-        # headset control
-        - headsetcontrol
-        # media related
-        - mediainfo
-        - playerctl
-        - alsa-firmware
-        # zip utilities
-        - p7zip
-        # qt libraries
-        - qt5-qtwayland
-        - qt6-qtwayland
-        # vulkan
-        - vulkan-tools
-        - vulkan-validation-layers
-        # xdg-desktop-portals
-        - xdg-desktop-portal
-        - xdg-desktop-portal-gtk
-        - xdg-desktop-portal-gnome
-
-        # polkit
-        - polkit
-      
-        # sound
-        - wireplumber
-        - pipewire
-        - headsetcontrol
-      
-        # networking
-        - bluez
-        - bluez-tools
-        - firewall-config

recipes/dnf/hyprland.yml

@@ -1,20 +0,0 @@
-modules:
-  - type: dnf
-    repos:
-      copr:
-        - solopasha/hyprland
-        - errornointernet/quickshell
-    install:
-      packages:
-        - aquamarine
-        - hyprland-git
-        - hyprpolkitagent
-        - hyprshot
-        - hyprland-qt-support
-        - hyprland-qtutils
-        - xdg-desktop-portal-hyprland
-        - swww
-        - matugen
-
-        # quickshell
-        - quickshell

recipes/dnf/multimedia.yml

@@ -1,38 +0,0 @@
-modules:
-  - type: dnf
-    repos:
-      nonfree: rpmfusion
-    install:
-      packages:
-      # other multimedia
-        - gstreamer1-plugin-libav
-        - gstreamer1-plugins-bad-free-extras
-        - gstreamer1-plugins-bad-freeworld
-        - gstreamer1-plugins-ugly
-        - gstreamer1-vaapi
-  
-    remove:
-      packages:
-        # old codecs
-        - fdk-aac-free
-        - libavcodec-free
-        - libavdevice-free
-        - libavfilter-free
-        - libavformat-free
-        - libavutil-free
-        - libpostproc-free
-        - libswresample-free
-        - libswscale-free 
-        - ffmpeg-free
-
-    replace:
-      - from-repo: rpmfusion-free-updates
-        packages:
-          - old: mesa-va-drivers
-            new: mesa-va-drivers-freeworld
-    
-  - type: dnf
-    install:
-      packages:
-        - ffmpeg
-        - mesa-vdpau-drivers-freeworld

recipes/dnf/sddm.yml

@@ -1,28 +0,0 @@
-modules:
-  - type: dnf
-    install:
-      packages:
-      # sddm
-        - sddm
-        - sddm-themes
-        - qt5-qtgraphicaleffects
-        - qt5-qtquickcontrols2
-        - qt5-qtsvg
-
-        # added libraries for quickshell
-        - qt5-qtimageformats
-        - qt5-qtmultimedia
-        - qt6-qtquickcontrols2
-        - qt6-qtsvg
-        - qt6-qtimageformats
-        - qt6-qtmultimedia
-        - qt6-qt5compat
-
-        # added for editing quickshell (qmlls)
-        - qt5-qtdeclarative-devel
-        - qt6-qtdeclarative-devel
-
-      # password keeper
-        - kf6-kwallet
-        - kwalletmanager
-        - pam-kwallet

recipes/dnf/themes.yml

@@ -1,17 +0,0 @@
-modules:
-  - type: dnf
-    repos:
-      copr:
-        - peterwu/rendezvous
-    install:
-      packages:
-      # Themes and fonts
-        # emoji fonts
-        - google-noto-emoji-fonts
-      
-        # theme and GUI
-        - fontawesome-fonts-all
-        - gnome-themes-extra
-        - papirus-icon-theme
-        - bibata-cursor-themes
-        - material-icons-fonts

recipes/recipe_nvidia.yml

@@ -0,0 +1,25 @@
+---
+# yaml-language-server: $schema=https://schema.blue-build.org/recipe-v1.json
+# image will be published to ghcr.io/<user>/<name>
+name: hydro-os-nvidia
+# description will be included in the image's metadata
+description: This is my personal OS image.
+
+# the base image to build on top of (FROM) and the version tag to use
+base-image: quay.io/fedora-ostree-desktops/base-atomic
+image-version: 42 # latest is also supported if you want new updates ASAP
+
+# module configuration, executed in order
+# you can include multiple instances of the same module
+modules:
+  - from-file: components/dnf-module.yml
+  - from-file: components/script-module.yml
+  - from-file: components/sys-files-module.yml
+  - from-file: components/systemd-module.yml
+  - from-file: components/nvidia-module.yml
+  - from-file: components/default-flatpak.yml
+  - from-file: components/chezmoi-module.yml
+  - type: initramfs
+
+  - type: signing
+