At the moment I am using Debian Bookworm and I can setup/configure 100% of my setup automatically everything via Ansible. (Only thing left after the Ansible script is login to my online accounts/email which I would rather not automate.)
Is there a way/does anyone have this working/running on Silverblue?
To be more concrete: After I install Silverblue with default settings, I want to automatically install all needed flatpaks, configure them (and link configuration files to a github repository) and also setup some toolboxes for development. With one command/step, like running Ansible.
Check ublue approach like for example in this repo: https://github.com/ublue-os/beyond
In other words, leverage native OCI containers.
Thank you, looks very interesting.
According to the readme one has to login and issue commands at the shell - is there a way to use a kickstart file/some kind of provisioning tool like Ansible with native support for rpm-ostree?
Yeah, look at the examples here: https://github.com/coreos/layering-examples for an ansible example.
Though some modules don’t work (the flatpak one doesn’t work unfortunately). This is also useful: https://github.com/j1mc/ansible-silverblue
Hope it helps!
Thanks a lot, will check your links tonight. I’ll try to wrap my head around why Ansible doesn’t work OOTB, given Red Hats involvement with Fedora and Ansible. Am I the only who tries to use Silverblue as cattle instead of a desktop pet?!
I was curious and I was able to use ansible to install a list of flatpaks without problem
Very nice, thanks for giving it a try! :-)
No problem. If you can’t get it working hit me up and I’ll see what I can do to help.
The OCI features are pretty new (they won’t hit Fedora until F40) so there’s catching up to do still. They’ll get there at some point, there’s just a vast amount of existing work out there that they need to account for.
Yes, I do this with Ansible :).
There are Flatpak modules and gsettings modules to set up Gnome to your liking.
I also build my own toolbox using ansible-container.
Perfect, this was the answer I was looking for! :-)
deleted by creator
Have you looked into NixOS instead of silverblue?
Came here to say this. NixOS does exactly what you want built in and has a lot of the same advantages as silverblue
Thirded – OP described a usecase for NixOS perfectly.
Reusing my other answer: Thanks, I am mostly motivated by having less work using an immutable operating system. ;-)
To elaborate more: By now I want an OS that is stable, has updates automatically in the background and just a reboot away. NiXOS sounds like too much work for too little benefit for my current usage/use cases.
If you want to automate your installation there’s going to be work involved no matter what you use to achieve it
NixOS is actually quite stable provided you don’t use the unstable branch
lol … I give up - installing NixOS in a VM right now. ;-)
You can see Universal Blue’s custom images feature to set up an automatic image building system. You would no longer need to layer stuff since it would get cleanly built into your image already, and you can modify a list of Flatpaks to be installed on install time. You can then use Fleek with Nix to manage your dotfiles.
Definitely OT, but at this point you may want to checkout NixOS.
In fedora podcast #30 just a week or so ago there was some discussion about ansible and silverblue. I don’t think it specifically answers your questions, but may be an interesting listen since you’re looking into this. https://fedoraproject.org/podcast/
Nice! Listening right now, and didn’t even know about this podcast! :-)
If your not scared of poor documentation, a born tinkerer, and have a lot of time on your hands, you should try Nix
Thanks, I am mostly motivated by having less work using an immutable operating system. ;-)
Maybe I don’t understand the question, but what prevents you from adapting your Ansible playbooks to Fedora Silverblue? I assume for Debian at some point you have a “install packages” section which you should rewrite to use rpm-ostree or flatpak instead of apt-get; your dotfiles section should remain the same etc etc.
It seems mostly a lack of understanding on my part.
I have a quite customized Debian setup (Ansible script grown over 10 years now), much more elaborate than just installing a handful of packages from the default repositories. With Ansible, I figured out how automate all but everything, setting up one of my desktops is typing one command, getting a coffee and stuff just works.
For Silverblue now, it looks like the way to configure/use it is a mix of rpm-ostree, overlays, installing applications into toolbox containers (and moving their desktop files to the host system) … in theory, it sounds like a very nice separation/clean, in practice it sounds like a lot of work to arrive where I am right now with Debian.
So… my big question: Has anyone using Silverblue an elaborate custom setup and an easy way to automate it to create cattle… or is Silverblue more like a pet thingy.