suggestions to be included in recommedation list of repo/program

[boredsquirrel]

Rstudio:

sudo rpm-ostree install R rstudio-desktop

[boredsquirrel]

Waydroid seems to be in Fedora repos now!

[boredsquirrel]

lm_sensors

[boredsquirrel]

Another repo for EPEL9 packages (namingly ffmpeg handbrake jpegxl jellyfin jellyfin-web (packages can be found here):

sudo touch /etc/yum.repos.d/lucamagrone-epel-9-extended-epel-9.repo

sudo nano /etc/yum.repos.d/lucamagrone-epel-9-extended-epel-9.repo

# insert this:

[copr:copr.fedorainfracloud.org:lucamagrone:epel-9-extended]
name=Copr repo for epel-9-extended owned by lucamagrone
baseurl=https://download.copr.fedorainfracloud.org/results/lucamagrone/epel-9-extended/epel-9-$basearch/
type=rpm-md
skip_if_unavailable=True
gpgcheck=1
gpgkey=https://download.copr.fedorainfracloud.org/results/lucamagrone/epel-9-extended/pubkey.gpg
repo_gpgcheck=0
enabled=1
enabled_metadata=1

[boredsquirrel]

I switched back to RPM firefox, Zotero and KeepassXC. This will solve the interprocess communication problems I dont have the time to fix manually.

Firefox needs ffmpeg installed too, this is included in the Epel 9 COPR repo so maybe no RPMFusion needed?

We should compare both repos and decide for one.

[iaacornus]

shouldnt some of these better be installed in toolbox instead of layering it directly in the system?

I switched back to RPM firefox, Zotero and KeepassXC. This will solve the interprocess communication problems I dont have the time to fix manually.

so #27 should is closed now?

[iaacornus]

the codecs needed by firefox are in #15 although im not sure what are these for handbrake jpegxl jellyfin jellyfin-web.

[boredsquirrel]

I would avoid toolbox for any GUI apps running normally. You could create an appstarter

open toolbox
executing command
listening if program closes
if closes, close toolbox too

yes it is nice for using RPMs but sucks a bit. I mean you could do that, maybe it works well, I can try these custom appstarters. But Desktop integration, default browser etc. will probably not work?

[boredsquirrel]

I will look into the codecs. My problem is that libav conflicts with ffmpeg?

handbrake is a video encoder, doesnt work with DVDs as Flatpak afaik.

jpegxl I couldnt find in the repo but it is listed, probably not nessecary. Its a new awesome image format, fixing all jpeg issues.

jellyfin is the media server, for having your music on your laptop and streaming to the phone

[boredsquirrel]

No dont close #27 its still important, as the solution is not just avoiding flatpaks randomly. It also still doesnt work for me using RPMs lol.

[iaacornus]

No dont close https://github.com/iaacornus/Fedora-OSTree-Setup/issues/27 its still important, as the solution is not just avoiding flatpaks randomly. It also still doesnt work for me using RPMs lol.

noted.

[iaacornus]

I would avoid toolbox for any GUI apps running normally. You could create an appstarter

open toolbox
executing command
listening if program closes
if closes, close toolbox too

yes it is nice for using RPMs but sucks a bit. I mean you could do that, maybe it works well, I can try these custom appstarters. But Desktop integration, default browser etc. will probably not work?

Not sure in other applications, but Ive used vscode in toolbox box before and create a desktop entry, haven't noticed any issues. But I'll look more into it, since in my preference, I don't like layering alot of applications in the system, although I'll add these applications in the recommendation list which can be selected by the user.

[boredsquirrel]

We could create a tool for layering apps right?

You enter a packagename, a toolbox called "apps" is created and the app is installed there. A bash script is written

#!/bin/sh
/usr/bin/toolbox enter apps
$appname

Then a desktop file executing that script is created. For some reason I could just write commands with "&&" in .desktop files on (K)ubuntu, but not on Fedora. So the annoying .desktop-pointing-to-bash-script is needed.

[boredsquirrel]

Here is a nice COPR with rather new packages for secure Fedora:

does sudo rpm-ostree copr enable samsepi0l/HardHatOS work?

otherwise:

printf """[copr:copr.fedorainfracloud.org:samsepi0l:HardHatOS]
name=Copr repo for HardHatOS owned by samsepi0l
baseurl=https://download.copr.fedorainfracloud.org/results/samsepi0l/HardHatOS/fedora-$releasever-$basearch/
type=rpm-md
skip_if_unavailable=True
gpgcheck=1
gpgkey=https://download.copr.fedorainfracloud.org/results/samsepi0l/HardHatOS/pubkey.gpg
repo_gpgcheck=0
enabled=1
enabled_metadata=1""" | sudo tee /etc/yum.repos.d/hardhatos.repo

Thats the right command right? Printf deals with linebreaks better than echo but cant use sudo it seems.

[iaacornus]

We could create a tool for layering apps right?

You enter a packagename, a toolbox called "apps" is created and the app is installed there. A bash script is written

#!/bin/sh
/usr/bin/toolbox enter apps
$appname

Then a desktop file executing that script is created. For some reason I could just write commands with "&&" in .desktop files on (K)ubuntu, but not on Fedora. So the annoying .desktop-pointing-to-bash-script is needed.

we can simplify this with

toolbox --container apps run sudo dnf install $appname

[iaacornus]

Here is a nice COPR with rather new packages for secure Fedora:

does sudo rpm-ostree copr enable samsepi0l/HardHatOS work?

otherwise:

printf """[copr:copr.fedorainfracloud.org:samsepi0l:HardHatOS]
name=Copr repo for HardHatOS owned by samsepi0l
baseurl=https://download.copr.fedorainfracloud.org/results/samsepi0l/HardHatOS/fedora-$releasever-$basearch/
type=rpm-md
skip_if_unavailable=True
gpgcheck=1
gpgkey=https://download.copr.fedorainfracloud.org/results/samsepi0l/HardHatOS/pubkey.gpg
repo_gpgcheck=0
enabled=1
enabled_metadata=1""" | sudo tee /etc/yum.repos.d/hardhatos.repo

Thats the right command right? Printf deals with linebreaks better than echo but cant use sudo it seems.

from what i know copr repo can be enabled with ostree command, but not rpm-ostree, although ill need to look this up further.

[boredsquirrel]

Here is how to install the hardened kernel instead of the normal one. Ostree is so great for that, just remove the layering and you got your old kernel back. If something breaks, just boot into the old state.

sudo rpm-ostree override remove kernel kernel-core kernel-modules kernel-modules-extra --install kernel-hardened

[boredsquirrel]

yes you can add a .repo with

sudo ostree repo-add <name> <adress>

But I dont know the exact adress. Will try with the adress of the .repo file soon.

[boredsquirrel]

To run rust code, which is an important security feature, it seems the package cargo is useful, afaik its something like pip.

There is a script allowing to convert SDDM themes to rpm packages, making them installable on Kinoite, as otherwise you are stuck with the ugly looking one, as SDDM is write only.

This script is in rust though, and I have no idea how to run it.

[iaacornus]

To run rust code, which is an important security feature, it seems the package cargo is useful, afaik its something like pip.

rust has rustc and cargo which can be easily installed with script provided in their website

[boredsquirrel]

We could create a tool for layering apps right? You enter a packagename, a toolbox called "apps" is created and the app is installed there. A bash script is written

#!/bin/sh
/usr/bin/toolbox enter apps
$appname

Then a desktop file executing that script is created. For some reason I could just write commands with "&&" in .desktop files on (K)ubuntu, but not on Fedora. So the annoying .desktop-pointing-to-bash-script is needed.

we can simplify this with

toolbox --container apps run sudo dnf install $appname

Okay thats pretty good. We could think about using this only, even though I have no real problem layering some base packages.

I tried using toolbox for sqlitestudio and it randomly stutters or even crashes. I dont want to set things that may break user experience.

[boredsquirrel]

distrobox

for running other Distros and packages on the stable system. Fully containerized and you have access to all packages from Ubuntu, AUR, etc.

This is so awesome! So many packages that are not available as Flatpak

[iaacornus]

still unsure about waydroid, lm_sensors, and rstudio, not many uses those, moreover, they can also simply include it in the config file so it would be installed automatically.

How about the repos tho? the epel and other copr repos does not look necessary for me, as well as the other codecs, those seem to be overworking the problem, as well as the rust compiler and its project manager, cargo, which is not really used

[boredsquirrel]

Waydroid is complicated to install. If we implement fixes for that it may get obsolete in the future or even misbehave if they implement it themselves. It is not easy to install at all

• custom init command because idk fedora
• setting up folders to avoid needing root access
• setting up keyboard language (I am german, still really weird, when I have time I try to implement that)
• setting up appstarters starting the container, starting the window and best even removing all that stuff if you dont want it anymore. This doesnt exist at all, its completely CLI at the moment afaik

---

lm_sensors I thought was nessecary for some widgets displaying CPU temp. This still doesnt work for me so yeah just leave it out.

Rstudio is unnessecary thats right, available in the normal repos. But its difficult to find as rpm-ostree has no search and its called rstudio-desktop R and not in any way installable if you write it wrong. This may be fixed by fedora though, but I am not sure, as rpm-ostree has no focus on layering I guess.

The EPEL repo has some nice packages but may not be that nessecary.

Lots of packages have dependencies on ffmpeg and its also difficult to install, as it conflicts with so many packages. So this can perfectly be a question "Do you want to replace the free codecs with full ffmpeg, containing non-free parts? This will require to replace some packages".

On all these packages you can just say no and maybe if thats possible if its cli "Enter" will also standard to "no". So I would keep them all in, maybe not the Repos.

cryptfs is weird, I think it may be unmaintained as noone wanted it, so it needs to be delivered through a COPR, but thats also not really good. Its needed for KVaults, the best of the encryption possibilities afaik. Otherwise KVaults will not work. This of course then is also non-trivial to install. We can warn about it being unmaintained.

There is an Android app called DroidFS, using cryptfs. Somehow KVault cant view that folder, but in theory you should be able to use encryption through Syncthing with that, as Cryptomator Android is paid.

Syncthing we should also keep in mind, syncthingy is the only Flatpak available. It is up to date though.

The ffmpeg bundle does a lot, adding RPMFusion free and nonfree, of course this is pretty much bloat as you dont need the rest at all on silverblue. I know some python libs depending on ffmpeg.

Lol just found out you can use the ffmpeg integrated in the FF Flatpak. This may solve some things, if permissions are right. Because dealing with flatpak cli permissions is also nontrivial.

flatpak enter org.mozilla.firefox sh
ffmpeg

[iaacornus]

Waydroid is complicated to install. If we implement fixes for that it may get obsolete in the future or even misbehave if they implement it themselves. It is not easy to install at all

* custom init command because idk fedora

* setting up folders to avoid needing root access

* setting up keyboard language (I am german, still really weird, when I have time I try to implement that)

* setting up appstarters starting the container, starting the window and best even removing all that stuff if you dont want it anymore. This doesnt exist at all, its completely CLI at the moment afaik

what is it for in the first place? i've never used it so no idea on my end

lm_sensors I thought was nessecary for some widgets displaying CPU temp. This still doesnt work for me so yeah just leave it out.

Rstudio is unnessecary thats right, available in the normal repos. But its difficult to find as rpm-ostree has no search and its called rstudio-desktop R and not in any way installable if you write it wrong. This may be fixed by fedora though, but I am not sure, as rpm-ostree has no focus on layering I guess.

*

for the search, toolbox run dnf search $appname should work, since both fedora silverblue and workstation shares the same repo by default.

The EPEL repo has some nice packages but may not be that nessecary.

*

Lots of packages have dependencies on ffmpeg and its also difficult to install, as it conflicts with so many packages. So this can perfectly be a question "Do you want to replace the free codecs with full ffmpeg, containing non-free parts? This will require to replace some packages".

On all these packages you can just say no and maybe if thats possible if its cli "Enter" will also standard to "no". So I would keep them all in, maybe not the Repos.

yes the enter defaults to no.

cryptfs is weird, I think it may be unmaintained as noone wanted it, so it needs to be delivered through a COPR, but thats also not really good. Its needed for KVaults, the best of the encryption possibilities afaik. Otherwise KVaults will not work. This of course then is also non-trivial to install. We can warn about it being unmaintained.

perhaps this is included in kinoite? if you use kinoite maybe you can provide the output of rpm -qa, so we can know the packages that are already installed by default or not.

The ffmpeg bundle does a lot, adding RPMFusion free and nonfree, of course this is pretty much bloat as you dont need the rest at all on silverblue. I know some python libs depending on ffmpeg.

rpmfusion free and nonfree is optional in the 3rd repository install

Lol just found out you can use the ffmpeg integrated in the FF Flatpak. This may solve some things, if permissions are right. Because dealing with flatpak cli permissions is also nontrivial.

flatpak enter org.mozilla.firefox sh
ffmpeg

i'll include the ffmpeg in suggested codecs, then lm_sensors as well as R and r studio in the recommended rpm apps (config), since we won't be handling gnome extensions or other extensions, we would just indicate the possible use of lm_sensors in its description.

As for the epel repo, instead of installing it by default, it can also be included in the suggested repository where the user can agree by default. Also then it would be nice if you can include some program that it provides in config/app_for_install.json so it can be added automatically if the user would choose a program that it provides.

[iaacornus]

turns out lm_sensors are required for #25

[boredsquirrel]

Waydroid is an android emulator but I think its running on real hardware, thats also why some apps dont run. Its very popular among linux phones, but still useful.

cryptfs is not included.

Nice structure, yes I can add it. Maybe ffmpeg is not actually needed for all the codecs, I dont know. I would just leave it in there, as I already figured out how to install it.

What could provide the needed codecs is just libavcodec-freeworld also hosted by RPMfusion. Dont know yet what repo hosts it.

Distrobox is the better alternative to toolbox for most users I think, what I realized though is that its completely bare-bones, there are no repositories at all in the fedora image.

[iaacornus]

Waydroid is an android emulator but I think its running on real hardware, thats also why some apps dont run. Its very popular among linux phones, but still useful.

yeah it's in recommendation

cryptfs is not included.

Nice structure, yes I can add it. Maybe ffmpeg is not actually needed for all the codecs, I dont know. I would just leave it in there, as I already figured out how to install it.

it's also in the recommendation for codecs, although i've fragmented it, either install ffmpeg-libs or the whole ffmpeg, since the ffmpeg-libs is the bare minimum to fix firefox rpm video playblack.

What could provide the needed codecs is just libavcodec-freeworld also hosted by RPMfusion. Dont know yet what repo hosts it.

Distrobox is the better alternative to toolbox for most users I think, what I realized though is that its completely bare-bones, there are no repositories at all in the fedora image.

34

[boredsquirrel]

flatseal is no longer needed on KDE ! The KDE internal settings replace it 1:1 and even have more features like read-write/read/create access

[iaacornus]

duplicated in #53

[iaacornus]

duplicated in #53