Skip to content

Commit

Permalink
Merge branch 'template' of https://github.com/ublue-os/startingpoint
Browse files Browse the repository at this point in the history
…into ublue-os-template-2
  • Loading branch information
gerblesh committed Jul 21, 2023
2 parents 5f101e3 + 50c6629 commit b251a7a
Showing 1 changed file with 20 additions and 11 deletions.
31 changes: 20 additions & 11 deletions README-uBlue.md
Original file line number Diff line number Diff line change
Expand Up @@ -88,16 +88,32 @@ If you want to completely disable yafti, simply set the recipe's `firstboot.yaft

To rebase an existing Silverblue/Kinoite installation to the latest build:

```
sudo rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/startingpoint:latest
```
- First rebase to the image unsigned, to get the proper signing keys and policies installed:
```
sudo rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/startingpoint:latest
```
- Reboot to complete the rebase:
```
systemctl reboot
```
- Then rebase to the signed image, like so:
```
sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/startingpoint:latest
```
- Reboot again to complete the installation
```
systemctl reboot
```


This repository builds date tags as well, so if you want to rebase to a particular day's build:

```
sudo rpm-ostree rebase ostree-unverified-registry:ghcr.io/ublue-os/startingpoint:20230403
sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/startingpoint:20230403
```

This repository by default also supports signing

The `latest` tag will automatically point to the latest build. That build will still always use the Fedora version specified in `recipe.yml`, so you won't get accidentally updated to the next major version.

## Just
Expand Down Expand Up @@ -131,10 +147,3 @@ After doing that, you'll be able to run the following commands:

Check the [just website](https://just.systems) for tips on modifying and adding your own recipes.

## Verification

These images are signed with sisgstore's [cosign](https://docs.sigstore.dev/cosign/overview/). You can verify the signature by downloading the `cosign.pub` key from this repo and running the following command:

cosign verify --key cosign.pub ghcr.io/ublue-os/startingpoint

If you're forking this repo, the uBlue website has [instructions](https://universal-blue.org/tinker/make-your-own/) for setting up signing properly.

0 comments on commit b251a7a

Please sign in to comment.