From 0bb92c79d830489c9d74114f6c97f5a20dd84ebe Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Sat, 2 May 2026 12:38:10 -0300 Subject: [PATCH 01/13] skip linting on unsupported kernel --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1e61e87..cd35155 100644 --- a/Dockerfile +++ b/Dockerfile @@ -94,5 +94,4 @@ RUN systemctl enable waydroid-choose-intel-gpu.service RUN cd /usr/bin && wget https://raw.githubusercontent.com/CachyOS/CachyOS-Settings/refs/heads/master/usr/bin/kerver && chmod +x kerver -RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp && \ - bootc container lint +RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp \ No newline at end of file From 26066d2b15356c3297dc4731ced9238194b5f6d6 Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Sat, 2 May 2026 12:49:03 -0300 Subject: [PATCH 02/13] remove signing --- .forgejo/workflows/os.yml | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/.forgejo/workflows/os.yml b/.forgejo/workflows/os.yml index 9d6a648..f648922 100644 --- a/.forgejo/workflows/os.yml +++ b/.forgejo/workflows/os.yml @@ -24,7 +24,6 @@ jobs: permissions: contents: read packages: write - id-token: write # Påkrævet til cosign keyless signering steps: @@ -60,10 +59,6 @@ jobs: --label "org.opencontainers.image.source=https://forge.pc-rytteren.dk/${{ github.repository }}" \ -t raw-img . - # Gem det primære tag til signering (vi tager det første fra listen) - PRIMARY_TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n 1) - echo "primary_tag=$PRIMARY_TAG" >> $FORGEJO_OUTPUT - - name: Push to Forgejo Container Registry if: github.event_name != 'pull_request' run: | @@ -73,18 +68,3 @@ jobs: buildah push "$tag" done - - name: Install cosign - if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@v3.3.0 - - - name: Log into Forgejo Container Registry (Cosign) - if: github.event_name != 'pull_request' - run: | - cosign login ${{ env.REGISTRY }} -u ${{ github.actor }} -p ${{ secrets.PACKAGE_TOKEN }} - - - name: Sign image - if: github.event_name != 'pull_request' - run: | - # Vi signerer det primære tag. - # Vi bruger --yes til at acceptere betingelserne automatisk. - cosign sign --yes "${{ steps.build-image.outputs.primary_tag }}" From 8d7d28d36b01e4b6c56262424c56f43c1a97de4a Mon Sep 17 00:00:00 2001 From: anders Date: Sat, 2 May 2026 18:14:41 +0000 Subject: [PATCH 03/13] Add comment to tearfree --- etc/X11/xorg.conf.d/20-modesetting.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/X11/xorg.conf.d/20-modesetting.conf b/etc/X11/xorg.conf.d/20-modesetting.conf index 96ed85d..ce0c1d9 100644 --- a/etc/X11/xorg.conf.d/20-modesetting.conf +++ b/etc/X11/xorg.conf.d/20-modesetting.conf @@ -3,5 +3,5 @@ Section "Device" Driver "modesetting" Option "ShadowFB" "false" # you don't need on recent hardware Option "Atomic" "true" #only effective on Xlibre, or Xorg-git with a special patch - Option "TearFree" "false" + Option "TearFree" "false" # Compositor is being used so TearFree is not needed EndSection From 64f64a2c045e33969424b87da731d28de4ec9050 Mon Sep 17 00:00:00 2001 From: anders Date: Sat, 2 May 2026 18:18:21 +0000 Subject: [PATCH 04/13] Slet .github/workflows/cleanup.yml --- .github/workflows/cleanup.yml | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 .github/workflows/cleanup.yml diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml deleted file mode 100644 index 453e642..0000000 --- a/.github/workflows/cleanup.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Ryd op i GHCR - -on: - schedule: - - cron: '0 0 * * 0' # Kører hver søndag ved midnat - workflow_dispatch: # Gør det muligt at køre den manuelt - -jobs: - delete-old-images: - runs-on: ubuntu-latest - permissions: - packages: write - steps: - - name: Slet gamle versioner - uses: actions/delete-package-versions@v5 - with: - package-name: 'my-ostree-os' # Skift til dit image navn - package-type: 'container' - min-versions-to-keep: 50 - delete-only-untagged-versions: 'false' - token: ${{ secrets.GITHUB_TOKEN }} From 31d1837aff752fcb30f7c8d056485485828837f2 Mon Sep 17 00:00:00 2001 From: anders Date: Mon, 4 May 2026 04:42:57 +0000 Subject: [PATCH 05/13] Install rclone and remove kerver since it's already installed by cachyos-settings --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index cd35155..5e6ef57 100644 --- a/Dockerfile +++ b/Dockerfile @@ -84,6 +84,8 @@ RUN dnf install vlc vlc-plugins-freeworld vlc-plugin-pipewire -y RUN dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo -y RUN dnf install brave-browser -y +RUN dnf install rclone -y + RUN systemctl enable docker RUN systemctl enable scx_loader @@ -92,6 +94,4 @@ COPY usr /usr RUN systemctl enable waydroid-choose-intel-gpu.service -RUN cd /usr/bin && wget https://raw.githubusercontent.com/CachyOS/CachyOS-Settings/refs/heads/master/usr/bin/kerver && chmod +x kerver - RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp \ No newline at end of file From 18a96fa8d7c3da1f172259f884672fa837d69574 Mon Sep 17 00:00:00 2001 From: anders Date: Mon, 4 May 2026 04:46:01 +0000 Subject: [PATCH 06/13] Change image source label --- .forgejo/workflows/os.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/os.yml b/.forgejo/workflows/os.yml index f648922..e4d6fd2 100644 --- a/.forgejo/workflows/os.yml +++ b/.forgejo/workflows/os.yml @@ -56,7 +56,7 @@ jobs: run: | # Vi bygger med 'raw-img' lokalt buildah bud \ - --label "org.opencontainers.image.source=https://forge.pc-rytteren.dk/${{ github.repository }}" \ + --label "org.opencontainers.image.source=https://pc-rytteren.dk/forge/${{ github.repository }}" \ -t raw-img . - name: Push to Forgejo Container Registry From 3ead6efe65b0c738937865c8f867eea3344708e5 Mon Sep 17 00:00:00 2001 From: anders Date: Mon, 4 May 2026 21:02:47 +0000 Subject: [PATCH 07/13] rebuild --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5e6ef57..d5d145d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM quay.io/almalinuxorg/atomic-desktop-kde:10 - + ARG KERNEL=kernel-cachyos ENV KERNEL=${KERNEL} From f334e61ebd182c499255c4587897b5181778055c Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Thu, 7 May 2026 09:55:15 -0300 Subject: [PATCH 08/13] disable SELinux --- Dockerfile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index d5d145d..6a2d04b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM quay.io/almalinuxorg/atomic-desktop-kde:10 - + ARG KERNEL=kernel-cachyos ENV KERNEL=${KERNEL} @@ -94,4 +94,7 @@ COPY usr /usr RUN systemctl enable waydroid-choose-intel-gpu.service -RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp \ No newline at end of file +# Disable SELinux +RUN sed -i "s/^SELINUX=.*$/SELINUX=permissive/g" /etc/sysconfig/selinux && sed -i "s/^SELINUX=.*$/SELINUX=permissive/g" /etc/selinux/config + +RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp From 75569b3b3b00db5f4a2c745d5e36a19993cc2a2c Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Thu, 7 May 2026 17:41:34 -0300 Subject: [PATCH 09/13] Install Mergerfs --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 6a2d04b..6700c79 100644 --- a/Dockerfile +++ b/Dockerfile @@ -86,6 +86,8 @@ RUN dnf install brave-browser -y RUN dnf install rclone -y +RUN dnf install https://github.com/trapexit/mergerfs/releases/download/2.41.1/mergerfs-2.41.1-1.el10.x86_64.rpm -y + RUN systemctl enable docker RUN systemctl enable scx_loader From 77d4ee0f381cd1ca0d9a8cc68e75768388ef46b3 Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Thu, 7 May 2026 22:32:55 -0300 Subject: [PATCH 10/13] Add cleanup action --- .forgejo/workflows/cleanup.yml | 43 ++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .forgejo/workflows/cleanup.yml diff --git a/.forgejo/workflows/cleanup.yml b/.forgejo/workflows/cleanup.yml new file mode 100644 index 0000000..a911a55 --- /dev/null +++ b/.forgejo/workflows/cleanup.yml @@ -0,0 +1,43 @@ +name: Clean up Forgejo Container Registry + +on: + schedule: + - cron: '0 0 * * 0' # Runs every Sunday at midnight + workflow_dispatch: # Allows manual triggering + +jobs: + delete-old-images: + runs-on: almalinux-10 + steps: + - name: Delete old versions + run: | + REGISTRY="forge.pc-rytteren.dk" + OWNER="${{ github.repository_owner }}" + IMAGE="my-ostree-os" + MIN_KEEP=50 + TOKEN="${{ secrets.PACKAGE_TOKEN }}" + + # Fetch all container packages with this name, sorted oldest first (by id) + # API returns a list of package objects, each with "id" and "version" + RAW=$(curl -s -H "Authorization: token ${TOKEN}" \ + "https://${REGISTRY}/api/v1/packages/${OWNER}?type=container&q=${IMAGE}&limit=200") + + # Filter only packages with the correct name and extract id, sort oldest first + IDS=$(echo "$RAW" | tr '{' '\n' | grep "\"name\":\"${IMAGE}\"" | \ + sed 's/.*"id":\([0-9]*\).*/\1/' | sort -n) + + TOTAL=$(echo "$IDS" | grep -c '[0-9]' || true) + echo "Found ${TOTAL} packages total, keeping ${MIN_KEEP}" + + if [ "$TOTAL" -le "$MIN_KEEP" ]; then + echo "No packages to delete" + exit 0 + fi + + # Delete the oldest (lowest ids) beyond MIN_KEEP + TO_DELETE=$(echo "$IDS" | head -n $(( TOTAL - MIN_KEEP ))) + for ID in $TO_DELETE; do + echo "Deleting package id: ${ID}" + curl -s -X DELETE -H "Authorization: token ${TOKEN}" \ + "https://${REGISTRY}/api/v1/packages/${OWNER}/${ID}" + done \ No newline at end of file From 42b3fa6c84495529e7c9f29ffd08e68fe80a7574 Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Fri, 8 May 2026 10:36:48 -0300 Subject: [PATCH 11/13] add branch name for scheduled builds --- .forgejo/workflows/os.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/os.yml b/.forgejo/workflows/os.yml index e4d6fd2..688a6d9 100644 --- a/.forgejo/workflows/os.yml +++ b/.forgejo/workflows/os.yml @@ -43,6 +43,7 @@ jobs: tags: | type=ref,event=branch type=raw,value=latest,enable={{is_default_branch}} + type=raw,value=${{ github.ref_name }} type=raw,value=${{ github.ref_name }}-10 type=raw,value=${{ github.ref_name }}-10.${{ steps.date.outputs.date }} From 41cedf9f9ecd1812513bba3a11896070698d1482 Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Fri, 8 May 2026 10:38:14 -0300 Subject: [PATCH 12/13] test --- .forgejo/workflows/os.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/os.yml b/.forgejo/workflows/os.yml index 688a6d9..1eccfa8 100644 --- a/.forgejo/workflows/os.yml +++ b/.forgejo/workflows/os.yml @@ -2,7 +2,7 @@ name: os on: schedule: - - cron: '0 5 8,18,28 * *' + - cron: '40 13 8,18,28 * *' push: paths: - 'Dockerfile' From 790f5316751c58e4795df04d5d6b23069d4ebe8b Mon Sep 17 00:00:00 2001 From: Anders da Silva Rytter Hansen Date: Fri, 8 May 2026 12:25:13 -0300 Subject: [PATCH 13/13] Revert "test" This reverts commit 41cedf9f9ecd1812513bba3a11896070698d1482. --- .forgejo/workflows/os.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/os.yml b/.forgejo/workflows/os.yml index 1eccfa8..688a6d9 100644 --- a/.forgejo/workflows/os.yml +++ b/.forgejo/workflows/os.yml @@ -2,7 +2,7 @@ name: os on: schedule: - - cron: '40 13 8,18,28 * *' + - cron: '0 5 8,18,28 * *' push: paths: - 'Dockerfile'