I have been using bazzite for a year now and have transferred my desktop computers to custom ublue images. The love for bootc and immutable distros have made me want to make my servers immutable too using bootc.
I want suggestions and warnings in using this technology.
I am currently using github actions and the github container repository to host the desktop images, however, I feel like this is insecure and allows a bad actor to also integrate tracking software into the image if they got a hold of my keys. I also don’t fully trust ublue. This is the other reason why I want to make my own bootc image from scratch.
Is it safe to continue using the github container repository or should I host my own?
Also, are there any good examples of Containerfiles for a bootc image?
giacomo@lemmy.dbzer0.com 3 weeks ago
ive been using ublue’s ucore server for about a year without any real complaints. Fedora coreos would also work fine as a base if you wanted to not use ublue’s opinionated ucore.
you could also checkout bootc-image-builder and make your own, on your own hardware so you’re not relying on github.
HappyFrog@lemmy.blahaj.zone 3 weeks ago
If I host my own registry on a server, can it update itself?
giacomo@lemmy.dbzer0.com 3 weeks ago
Sure! You could use systemd timer or cron if you want to automate builds.