My customized ParticleOS configuration

             @@ -2,9 +2,9 @@     2      2     3      3[ParticleOS](https://github.com/systemd/particleos) is an extremely cool     4      4meta-distribution from the systemd project. It's my favorite thing in software     5       since I discovered IPv6. Concretely, it's a configuration for systemd's     6       [`mkosi` tool](https://mkosi.systemd.io/) that you use to build your own     7       ParticleOS images. As described in the readme:            5since getting into IPv6. Concretely, it's a configuration for systemd's [`mkosi`            6tool](https://mkosi.systemd.io/) that you use to build your own ParticleOS            7images. As described in the readme:     8      8     9      9> ParticleOS is a fully customizable immutable distribution implementing the    10     10concepts described in [Fitting Everything             @@ -16,15 +16,14 @@    16     16  - A/B partitions for worry-free upgrades and rollbacks    17     17  - Block-level integrity provided by    18     18    [dm-verity](https://wiki.archlinux.org/title/Dm-verity)    19         - Authenticity provided by a signature on the dm-verity data, done with    20           your own keys           19  - Authenticity provided by a signature on the dm-verity data, with signing           20    done by your own keys    21     21- Is easily hacked on, just like traditional mutable OSes    22     22  - Essentially *is* a traditional OS (one of Arch, Debian, or Fedora), built    23           fully from regular distro packages    24         - Hacking on `/usr` is done at image build-time, rather than during OS    25           runtime           23    from regular distro packages           24  - Hacking on `/usr` is done at image build-time, rather than during OS runtime    26     25- Is signed with your own SecureBoot keys    27       - LUKS-encrypted root partition with TPM-stored key for automatic unlocking           26- LUKS-encrypted root partition with TPM-bound key for automatic unlocking    28     27- LUKS-encrypted home directory managed by    29     28  [`systemd-homed`](https://systemd.io/HOME_DIRECTORY/)    30     29             @@ -31,6 +30,9 @@    31     30This here is my own customized version/soft fork of ParticleOS. It's the Fedora    32     31variant.    33     32           33See [here](https://www.cgl.sh/blog/posts/particleos.html) for my blog post on           34ParticleOS and mkosi.           35    34     36## Notable files/directories    35     37    36     38- [makefile](makefile)—contains most important commands. `build` and

             @@ -1,4 +1,5 @@     1      1[Content]            2Hostname=     2      3Packages=     3      4        # keyrings for building other distro images     4      5        archlinux-keyring             @@ -94,6 +95,7 @@    94     95        osc    95     96        # needed for bell fish function    96     97        ocean-sound-theme           98        oxygen-sounds    97     99        pre-commit    98    100        python3-neovim    99    101        nmap             @@ -124,7 +126,6 @@   124    126        sqlite   125    127        stgit   126    128        tcpdump   127               # not yet available for fedora 43   128    129        terraform-ls   129    130        tmux   130    131        toolbox             @@ -141,7 +142,6 @@   141    142        wireshark   142    143        yubikey-manager   143    144        gnupg2-scdaemon   144               kernel   145    145        # repository directory comes from mkosi.packages   146    146        repository/opensnitch_ui.rpm   147    147        repository/opensnitch.rpm