remove custom chromium config

This reverts commit 6edd7c97f8.

.forgejo/workflows/os.yml

@@ -0,0 +1,71 @@
+name: os
+
+on:
+  schedule:
+    - cron: '0 5 8,18,28 * *'
+  push:
+    paths:
+      - 'Dockerfile'
+      - 'etc/**'
+      - 'usr/**'
+      - 'repo/**'
+      - '.forgejo/workflows/os.yml'
+      - 'buildinstallxfce.sh'
+      - 'buildinstallxfceaddons.sh'
+  workflow_dispatch:
+
+env:
+  REGISTRY: forge.pc-rytteren.dk
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: almalinux-10
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y%m%d')" >> $FORGEJO_OUTPUT
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          # Vi konstruerer tags her med branch-navnet som præfiks
+          tags: |
+            type=ref,event=branch
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=raw,value=${{ github.ref_name }}
+            type=raw,value=${{ github.ref_name }}-10
+            type=raw,value=${{ github.ref_name }}-10.${{ steps.date.outputs.date }}
+
+      - name: Log into Forgejo Container Registry
+        if: github.event_name != 'pull_request'
+        run: |
+          buildah login -u ${{ github.actor }} -p ${{ secrets.PACKAGE_TOKEN }} ${{ env.REGISTRY }}
+
+      - name: Build image with Buildah
+        id: build-image
+        run: |
+          # Vi bygger med 'raw-img' lokalt
+          buildah bud \
+            --label "org.opencontainers.image.source=https://pc-rytteren.dk/forge/${{ github.repository }}" \
+            -t raw-img .
+
+      - name: Push to Forgejo Container Registry
+        if: github.event_name != 'pull_request'
+        run: |
+          for tag in $(echo "${{ steps.meta.outputs.tags }}"); do
+            echo "Tagging and pushing: $tag"
+            buildah tag raw-img "$tag"
+            buildah push "$tag"
+          done
+

.github/workflows/os.yml

@@ -1,114 +0,0 @@
-name: os
-
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-on:
-  schedule:
-    - cron: '0 5 * * *'  # 5 am every day
-  push:
-    paths:
-        - 'Dockerfile'
-        - 'etc/**'
-        - 'usr/**'
-        - 'repo/**'
-
-env:
-  # Use docker.io for Docker Hub if empty
-  REGISTRY: ghcr.io
-  # github.repository as <account>/<repo>
-  IMAGE_NAME: ${{ github.repository }}
-  IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
-
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      # This is used to complete the identity challenge
-      # with sigstore/fulcio when running outside of PRs.
-      id-token: write
-
-    steps:
-      - name: Maximize build space
-        uses: AdityaGarg8/remove-unwanted-software@v1
-        with:
-          remove-dotnet: 'true'
-          remove-android: 'true'
-          remove-haskell: 'true'
-
-      - name: Get current date
-        id: date
-        run: echo "::set-output name=date::$(date +'%Y%m%d')"
-
-      - name: Test with environment variables
-        run: echo $DATE
-        env:
-          DATE: ${{ steps.date.outputs.date }}
-
-      - name: Checkout repository
-        uses: actions/checkout@v3
-
-      # Install the cosign tool except on PR
-      # https://github.com/sigstore/cosign-installer
-      - name: Install cosign
-        if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
-        with:
-          cosign-release: 'v2.1.1'
-
-      # Workaround: https://github.com/docker/build-push-action/issues/461
-      - name: Setup Docker buildx
-        uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
-
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
-      - name: Log into registry ${{ env.REGISTRY }}
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
-      - name: Extract Docker metadata
-        id: meta
-        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
-      - name: Build and push Docker image
-        id: build-and-push
-        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
-        with:
-          context: .
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.meta.outputs.tags }}, ${{ steps.meta.outputs.tags }}-10, ${{ steps.meta.outputs.tags }}-10.${{ steps.date.outputs.date }}
-       #   labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-
-
-      # Sign the resulting Docker image digest except on PRs.
-      # This will only write to the public Rekor transparency log when the Docker
-      # repository is public to avoid leaking data.  If you would like to publish
-      # transparency data even for private images, pass --force to cosign below.
-      # https://github.com/sigstore/cosign
-      - name: Sign the published Docker image
-        if: ${{ github.event_name != 'pull_request' }}
-        env:
-          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
-          TAGS: ${{ steps.meta.outputs.tags }}
-          DIGEST: ${{ steps.build-and-push.outputs.digest }}
-        # This step uses the identity token to provision an ephemeral certificate
-        # against the sigstore community Fulcio instance.
-        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

Dockerfile

@@ -1,34 +1,25 @@
 FROM quay.io/almalinuxorg/atomic-desktop-kde:10
-ARG CACHEBUST=1
-
-ARG KERNEL=kernel-cachyos
-ENV KERNEL=${KERNEL}
-
-# Get list of kernels from my repo. If the list has been updated, then the image will be rebuilt. If it hasn't been updated, then caching of the previous build will be used.
-ADD "https://copr.fedorainfracloud.org/api_3/build/list?ownername=andersrh&projectname=my-ostree-os&packagename=kernel" /tmp/builds.txt
-
-RUN echo 'omit_drivers+=" nouveau "' | tee /etc/dracut.conf.d/blacklist-nouveau.conf
 
 COPY bin/set_next_version.sh /tmp
 RUN /tmp/set_next_version.sh
 
 COPY repo/*.repo /etc/yum.repos.d/
-RUN dnf config-manager --add-repo=https://negativo17.org/repos/epel-nvidia.repo -y
 
-RUN dnf copr enable bieszczaders/kernel-cachyos -y
-
-RUN dnf install -y ${KERNEL} ${KERNEL}-devel-matched
-
-RUN dnf remove -y kernel kernel-core kernel-modules kernel-modules-core kernel-modules-extra kernel-tools kernel-tools-libs
+# This is necessary for the speakers and internal microphone
+RUN dnf install -y alsa-sof-firmware
 
 RUN dnf install --nogpgcheck -y https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-$(rpm -E %rhel).noarch.rpm https://mirrors.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-$(rpm -E %rhel).noarch.rpm
 
-RUN dnf install -y fish distrobox nvtop intel-media-driver libva-intel-driver
-RUN dnf install -y https://github.com/TheAssassin/AppImageLauncher/releases/download/v2.2.0/appimagelauncher-2.2.0-travis995.0f91801.x86_64.rpm
+RUN dnf config-manager --add-repo https://copr.fedorainfracloud.org/coprs/andersrh/sonicDE/repo/rhel+epel-10/andersrh-sonicDE-rhel+epel-10.repo -y
+RUN dnf config-manager --add-repo https://copr.fedorainfracloud.org/coprs/g/xlibre/xlibre-xserver/repo/rhel+epel-10/group_xlibre-xlibre-xserver-rhel+epel-10.repo -y
+RUN dnf config-manager --add-repo https://copr.fedorainfracloud.org/coprs/skip77/MateDesktop-EL10/repo/rhel+epel-10/skip77-MateDesktop-EL10-rhel+epel-10.repo -y
 
-# Install Negativo17 Nvidia driver
-RUN dnf install -y dkms-nvidia nvidia-driver nvidia-persistenced opencl-filesystem libva-nvidia-driver
-RUN dkms install nvidia/$(ls /usr/src/ | grep nvidia- | cut -d- -f2-) -k $(rpm -q --queryformat "%{VERSION}-%{RELEASE}.%{ARCH}\n" kernel-cachyos)
+RUN dnf install sonic-workspace-x11 sonic-win sonic-interface-libraries sonic-workspace --allowerasing -y
+
+RUN dnf groupinstall "MATE-Desktop" -y
+
+RUN dnf install -y fish distrobox nvtop intel-media-driver libva-intel-driver htop
+RUN dnf install -y https://github.com/TheAssassin/AppImageLauncher/releases/download/v2.2.0/appimagelauncher-2.2.0-travis995.0f91801.x86_64.rpm
 
 # Remove plocate to avoid updatedb going crazy with scanning the file system once a day
 RUN dnf remove -y plocate
@@ -39,20 +30,31 @@ RUN dnf install libheif-freeworld -y
 # Install proprietary codecs
 RUN dnf swap libavcodec-free libavcodec-freeworld --allowerasing -y
 
-RUN dnf -y install gwenview haruna kalk okular
+# Install HPLIP for HP printer support
+RUN dnf install hplip -y
+
+RUN dnf -y install gwenview vlc kalk okular
 RUN dnf -y install chromium firefox
-# Delete default Chromium config so it can be replaced by my own
-RUN rm -f /etc/chromium/chromium.conf
+
+# Enable CachyOS addons EL10 fork repo
+RUN dnf copr enable andersrh/kernel-cachyos-addons-el10 -y
+RUN dnf install -y scx-scheds cachyos-settings
+
+# replace noopenh264 with real openh264 files
+RUN rm -f /usr/lib64/libopenh264.so.2.4.1 /usr/lib64/libopenh264.so.7
+RUN rpm -Uvh --nodeps https://codecs.fedoraproject.org/openh264/42/x86_64/Packages/o/openh264-2.5.1-1.fc42.x86_64.rpm https://codecs.fedoraproject.org/openh264/42/x86_64/Packages/m/mozilla-openh264-2.5.1-1.fc42.x86_64.rpm
+
+RUN dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo
+RUN dnf install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
+
+RUN dnf install xorg-x11-xinit xkbcomp xinput xlibre-xserver-Xorg xlibre-xf86-input-libinput -y
 
 # Add rule to SELinux allowing modules to be loaded into custom kernel
 RUN setsebool -P domain_kernel_load_modules on
 
-RUN dnf install -y alsa-sof-firmware
+RUN systemctl enable docker
 
 COPY etc /etc
 COPY usr /usr
 
-RUN cd /usr/bin && wget https://raw.githubusercontent.com/CachyOS/CachyOS-Settings/refs/heads/master/usr/bin/kerver && chmod +x kerver
-
-RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp && \
-bootc container lint
+RUN rm -rf /tmp/* /var/* && mkdir -p /var/tmp && chmod -R 1777 /var/tmp

etc/X11/xorg.conf.d/20-modesetting.conf

@@ -0,0 +1,7 @@
+Section "Device"
+    Identifier    "Intel Graphics"
+    Driver        "modesetting"
+    Option        "ShadowFB" "false" # you don't need on recent hardware
+    Option        "Atomic" "true" #only effective on Xlibre, or Xorg-git with a special patch
+    Option        "TearFree" "true"
+EndSection

etc/X11/xorg.conf.d/90-touchpad-tap.conf

@@ -0,0 +1,19 @@
+Section "InputClass"
+    Identifier "Touchpad Tap"
+    # Matcher alle touchpads der bruger libinput
+    MatchIsTouchpad "on"
+    MatchDevicePath "/dev/input/event*"
+    Driver "libinput"
+
+    # Korrigerer hastigheden til 2x (til 4K / 200% skalering)
+    Option "TransformationMatrix" "5 0 0 0 5 0 0 0 2"
+
+    # Bruger den ergonomiske 'adaptive' profil (1 0 er Adaptive)
+    #Option "AccelProfile" "adaptive"
+    
+    # Holder grundhastigheden neutral (0.0)
+    #Option "AccelSpeed" "0"
+
+    # Valgfrit: Slå tap-to-click til, hvis du foretrækker det
+    Option "Tapping" "on"
+EndSection

etc/chromium/chromium.conf

@@ -1,76 +0,0 @@
-# system wide chromium flags
-
-ARCH="$(arch)"
-MODE="$(systemd-detect-virt)"
-
-# GRAPHIC_DRIVER=[amd|intel|nvidia|default]
-GRAPHIC_DRIVER=intel
-
-# WEB_DARKMODE=[on|off]
-WEB_DARKMODE=off
-
-# NATIVE_WAYLAND=[on|off]
-# chromium >=141 switched to --ozone-platform-hint=auto
-if [ ! -z "$WAYLAND_DISPLAY" ]; then
-   NATIVE_WAYLAND=on
-else
-   NATIVE_WAYLAND=off
-fi
-
-DISABLE_FEATURES="LensOverlay,ExtensionManifestV2Unsupported,ExtensionManifestV2Disabled"
-ENABLE_FEATURES="AllowQt"
-CHROMIUM_FLAGS=" --enable-chrome-browser-cloud-management"
-if [ "$NATIVE_WAYLAND" == "on" ] ; then
-   ENABLE_FEATURES+=",WaylandLinuxDrmSyncobj,WaylandPerSurfaceScale,WaylandUiScale"
-   CHROMIUM_FLAGS+=" --ozone-platform=wayland"
-else
-   CHROMIUM_FLAGS+=" --enable-gpu-memory-buffer-video-frames"
-   CHROMIUM_FLAGS+=" --enable-zero-copy"
-   CHROMIUM_FLAGS+=" --ignore-gpu-blocklist --disable-gpu-driver-bug-workaround"
-   CHROMIUM_FLAGS+=" --enable-gpu-rasterization"
-fi
-
-ENABLE_FEATURES+=",AcceleratedVideoDecodeLinuxGL,AcceleratedVideoDecodeLinuxZeroCopyGL"
-
-case "$GRAPHIC_DRIVER" in
-   amd|intel)
-      # Need new mesa with AMD multi planes support, is supported in fedora >= 40 (mesa-24.1.1 or newer)
-      # see https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/26165
-      CHROMIUM_FLAGS+=" --enable-accelerated-video-decode"
-      ENABLE_FEATURES+=",VaapiIgnoreDriverChecks,UseMultiPlaneFormatForHardwareVideo"
-      ;;
-   nvidia)
-      # The NVIDIA VaAPI drivers are known to not support Chromium
-      # see https://crbug.com/1492880. This feature switch is
-      # provided for developers to test VaAPI drivers on NVIDIA GPUs
-      ENABLE_FEATURES+=",VaapiOnNvidiaGPUs"
-      export CUDA_DISABLE_PERF_BOOST=1
-      ;;
-   *)
-      ENABLE_FEATURES+=",AcceleratedVideoEncoder"
-      ;;
-esac
-
-if [ "$MODE" != "none" ] ; then
-   # chromium in VM, running with standard setting
-   CHROMIUM_FLAGS=""
-   DISABLE_FEATURES=""
-   ENABLE_FEATURES=""
-fi
-
-# Set gtk version to 3 by default
-# todo: switch to gtk4 in the future
-CHROMIUM_FLAGS+=" --gtk-version=3"
-
-# Web Dark mode
-if [ "$WEB_DARKMODE" == "on" ] ; then
-   darktype="WebContentsForceDark:inversion_method/cielab_based/image_behavior/none/foreground_lightness_threshold/150/background_lightness_threshold/205"
-   if [ -z "$ENABLE_FEATURES" ] ; then
-       ENABLE_FEATURES+="$darktype"
-   else
-       ENABLE_FEATURES+=",$darktype"
-   fi
-fi
-
-[ -z "$DISABLE_FEATURES" ] || CHROMIUM_FLAGS+=" --disable-features=$DISABLE_FEATURES"
-[ -z "$ENABLE_FEATURES" ] || CHROMIUM_FLAGS+=" --enable-features=$ENABLE_FEATURES"

repo/andersrh-myostree-os-rhel+epel.repo

@@ -8,4 +8,3 @@ gpgkey=https://download.copr.fedorainfracloud.org/results/andersrh/my-ostree-os/
 repo_gpgcheck=0
 enabled=1
 enabled_metadata=1
-priority=98