More layered approach

2024-10-25 02:42:48 +03:00 · 2024-10-25 02:42:48 +03:00 · b0d58c8616
commit b0d58c8616
parent eed013d284
3 changed files with 147 additions and 166 deletions
--- a/102
+++ b/102
@ -15,12 +15,104 @@ ENV DEBIAN_FRONTEND=noninteractive \
 		DONT_PROMPT_WSL_INSTALL="No_Prompt_please" \
 		INST_DIR=$STARTUPDIR/install

-# Copy install scripts
-COPY ./install-stuff.sh $INST_DIR
-
-# Run installations
+# Setup repos
+RUN \
+	wget https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg -O /usr/share/keyrings/vscodium-archive-keyring.asc \
+	&& echo 'deb [ signed-by=/usr/share/keyrings/vscodium-archive-keyring.asc ] https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/debs vscodium main' | tee /etc/apt/sources.list.d/vscodium.list \
+	&& apt-get update \
+	&& apt-get upgrade -y
+
+# Fonts whee
+RUN apt-get install -y fonts-recommended fonts-symbola fonts-glasstty fonts-firacode
+# Essential stuff
+RUN apt-get install -y \
+	xdotool nano zip wget curl htop iotop \
+	vlc \
+	git \
+	build-essential \
+	python-is-python3
+# Java
+RUN apt-get install -y default-jre
+# Firefox
+RUN apt-get install -y firefox-esr firefox-esr-l10n-fi
+COPY firefox-policies.json /etc/firefox/policies/policies.json
+# Thunderbird
+RUN apt-get install -y thunderbird thunderbird-l10n-fi
+# Libreoffice
+RUN apt-get install -y libreoffice libreoffice-l10n-fi
+# GIMP
+RUN apt-get install -y gimp
+# VSCodium
+RUN \
+	apt-get install codium \
+	&& sed -i 's#/usr/share/codium/codium#/usr/share/codium/codium --no-sandbox##' /usr/share/applications/codium.desktop
+
+
+
+# Desktop icons
+RUN \
+	cp \
+	/usr/share/applications/codium.desktop \
+	/usr/share/applications/thunderbird.desktop \
+	/usr/share/applications/libreoffice-startcenter.desktop \
+	/usr/share/applications/gimp.desktop \
+	/usr/share/applications/firefox-esr.desktop \
+	/usr/share/applications/xfce4-terminal.desktop \
+	$HOME/Desktop \
+	&& chmod +x $HOME/Desktop/*.desktop \
+	&& chown 1000:1000 $HOME/Desktop/*.desktop
+
+# Cleanup and stuff
+# Services we don't want to start disable in xfce init
+RUN \
+	rm -f \
+		/etc/xdg/autostart/blueman.desktop \
+		/etc/xdg/autostart/geoclue-demo-agent.desktop \
+		/etc/xdg/autostart/gnome-keyring-pkcs11.desktop \
+		/etc/xdg/autostart/gnome-keyring-secrets.desktop \
+		/etc/xdg/autostart/gnome-keyring-ssh.desktop \
+		/etc/xdg/autostart/gnome-shell-overrides-migration.desktop \
+		/etc/xdg/autostart/light-locker.desktop \
+		/etc/xdg/autostart/org.gnome.Evolution-alarm-notify.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.A11ySettings.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Color.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Datetime.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Housekeeping.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Keyboard.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.MediaKeys.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Power.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.PrintNotifications.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Rfkill.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.ScreensaverProxy.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Sharing.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Smartcard.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Sound.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.UsbProtection.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Wacom.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.Wwan.desktop \
+		/etc/xdg/autostart/org.gnome.SettingsDaemon.XSettings.desktop \
+		/etc/xdg/autostart/pulseaudio.desktop \
+		/etc/xdg/autostart/xfce4-power-manager.desktop \
+		/etc/xdg/autostart/xfce4-screensaver.desktop \
+		/etc/xdg/autostart/xfce-polkit.desktop \
+		/etc/xdg/autostart/xscreensaver.desktop
+# Bins we don't want in the final image
+RUN \
+	if which gnome-keyring-daemon; then \
+  		rm -f $(which gnome-keyring-daemon); \
+	fi
+# File cleanups
+RUN \
+	rm -Rf \
+		/home/kasm-default-profile/.cache \
+		/home/kasm-user/.cache \
+		/tmp \
+		/var/lib/apt/lists/* \
+		/var/tmp/* \
+	&& mkdir -m 1777 /tmp
+
+# Finalize
 RUN \
-	bash ${INST_DIR}/install-stuff.sh || exit 1; \
 	$STARTUPDIR/set_user_permission.sh $HOME && \
 	rm -f /etc/X11/xinit/Xclients && \
 	chown 1000:0 $HOME && \
--- a/firefox-policies.json
+++ b/firefox-policies.json
@ -0,0 +1,50 @@
+{
+	"policies": {
+		"DisableTelemetry":true,
+		"NoDefaultBookmarks": true,
+		"OverrideFirstRunPage": "",
+		"OverridePostUpdatePage": "",
+		"RequestedLocales": "fi,en-US",
+		"SearchSuggestEnabled": true,
+		"ExtensionUpdate": true,
+		"ExtensionSettings": {
+			"{26ffe8a2-401b-4bf0-a79c-501c361de5af}": {
+				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/firefox-alpenglow/latest.xpi",
+				"installation_mode": "force_installed"
+			},
+			"@testpilot-containers": {
+				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi",
+				"installation_mode": "force_installed"
+			},
+			"uBlock0@raymondhill.net": {
+				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi",
+				"installation_mode": "force_installed"
+			},
+			"{446900e4-71c2-419f-a6a7-df9c091e268b}": {
+				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi",
+				"installation_mode": "force_installed"
+			}
+		},
+		"SearchEngines": {
+			"Default": "Brave",
+			"PreventInstalls": true,
+			"Add": [
+				{
+					"Name": "Brave",
+					"URLTemplate": "https://search.brave.com/search?q={searchTerms}",
+					"Method": "GET",
+					"IconURL": "https://brave.com/static-assets/images/brave-favicon.png",
+					"Description": "Has privacy, yeahh",
+					"SuggestURLTemplate": "https://search.brave.com/api/suggest?q={searchTerms}"
+				}
+			],
+			"Remove": [
+				"Google",
+				"Bing",
+				"DuckDuckGo",
+				"Wikipedia (en)",
+				"Wikipedia (fi)"
+			]
+		}
+	}
+}
--- a/install-stuff.sh
+++ b/install-stuff.sh
@ -1,161 +0,0 @@
-#/usr/bin/env bash
-set -ex
-
-# VSCodium repo
-wget https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg -O /usr/share/keyrings/vscodium-archive-keyring.asc
-echo 'deb [ signed-by=/usr/share/keyrings/vscodium-archive-keyring.asc ] https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/debs vscodium main' | tee /etc/apt/sources.list.d/vscodium.list
-
-
-
-apt-get update
-apt-get upgrade -y
-
-# Software yay
-apt-get install -y \
-	xdotool nano zip wget curl htop iotop \
-	vlc \
-	git \
-	build-essential \
-	firefox-esr \
-	firefox-esr-l10n-fi \
-	thunderbird \
-	thunderbird-l10n-fi \
-	libreoffice \
-	libreoffice-l10n-fi \
-	python-is-python3 \
-	gimp \
-	codium
-
-# Fonts whee
-apt-get install -y \
-	fonts-recommended \
-	fonts-symbola \
-	fonts-glasstty \
-	fonts-firacode
-
-# Customize Firefox
-mkdir -p /etc/firefox/policies
-cat > /etc/firefox/policies/policies.json <<EOF
-{
-	"policies": {
-		"DisableTelemetry":true,
-		"NoDefaultBookmarks": true,
-		"OverrideFirstRunPage": "",
-		"OverridePostUpdatePage": "",
-		"RequestedLocales": "fi,en-US",
-		"SearchSuggestEnabled": true,
-		"ExtensionUpdate": true,
-		"ExtensionSettings": {
-			"{26ffe8a2-401b-4bf0-a79c-501c361de5af}": {
-				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/firefox-alpenglow/latest.xpi",
-				"installation_mode": "force_installed"
-			},
-			"@testpilot-containers": {
-				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi",
-				"installation_mode": "force_installed"
-			},
-			"uBlock0@raymondhill.net": {
-				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi",
-				"installation_mode": "force_installed"
-			},
-			"{446900e4-71c2-419f-a6a7-df9c091e268b}": {
-				"install_url": "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi",
-				"installation_mode": "force_installed"
-			}
-		},
-		"SearchEngines": {
-			"Default": "Brave",
-			"PreventInstalls": true,
-			"Add": [
-				{
-					"Name": "Brave",
-					"URLTemplate": "https://search.brave.com/search?q={searchTerms}",
-					"Method": "GET",
-					"IconURL": "https://brave.com/static-assets/images/brave-favicon.png",
-					"Description": "Has privacy, yeahh",
-					"SuggestURLTemplate": "https://search.brave.com/api/suggest?q={searchTerms}"
-				}
-			],
-			"Remove": [
-				"Google",
-				"Bing",
-				"DuckDuckGo",
-				"Wikipedia (en)",
-				"Wikipedia (fi)"
-			]
-		}
-	}
-}
-EOF
-
-
-
-# Fix VSCodium
-sed -i 's#/usr/share/codium/codium#/usr/share/codium/codium --no-sandbox##' /usr/share/applications/codium.desktop
-
-
-
-# Desktop entries
-cp \
-	/usr/share/applications/codium.desktop \
-	/usr/share/applications/thunderbird.desktop \
-	/usr/share/applications/libreoffice-startcenter.desktop \
-	/usr/share/applications/gimp.desktop \
-	/usr/share/applications/firefox-esr.desktop \
-	/usr/share/applications/xfce4-terminal.desktop \
-	$HOME/Desktop
-chmod +x $HOME/Desktop/*.desktop
-chown 1000:1000 $HOME/Desktop/*.desktop
-
-
-
-# Clean up
-apt-get autoremove -y
-apt-get autoclean -y
-
-# File cleanups
-rm -Rf \
-  /home/kasm-default-profile/.cache \
-  /home/kasm-user/.cache \
-  /tmp \
-  /var/lib/apt/lists/* \
-  /var/tmp/*
-mkdir -m 1777 /tmp
-
-# Services we don't want to start disable in xfce init
-rm -f \
-  /etc/xdg/autostart/blueman.desktop \
-  /etc/xdg/autostart/geoclue-demo-agent.desktop \
-  /etc/xdg/autostart/gnome-keyring-pkcs11.desktop \
-  /etc/xdg/autostart/gnome-keyring-secrets.desktop \
-  /etc/xdg/autostart/gnome-keyring-ssh.desktop \
-  /etc/xdg/autostart/gnome-shell-overrides-migration.desktop \
-  /etc/xdg/autostart/light-locker.desktop \
-  /etc/xdg/autostart/org.gnome.Evolution-alarm-notify.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.A11ySettings.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Color.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Datetime.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Housekeeping.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Keyboard.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.MediaKeys.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Power.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.PrintNotifications.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Rfkill.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.ScreensaverProxy.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Sharing.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Smartcard.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Sound.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.UsbProtection.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Wacom.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.Wwan.desktop \
-  /etc/xdg/autostart/org.gnome.SettingsDaemon.XSettings.desktop \
-  /etc/xdg/autostart/pulseaudio.desktop \
-  /etc/xdg/autostart/xfce4-power-manager.desktop \
-  /etc/xdg/autostart/xfce4-screensaver.desktop \
-  /etc/xdg/autostart/xfce-polkit.desktop \
-  /etc/xdg/autostart/xscreensaver.desktop
-
-# Bins we don't want in the final image
-if which gnome-keyring-daemon; then
-  rm -f $(which gnome-keyring-daemon)
-fi