rework

2 months ago · e7a36487dc
75 changed files with 229 additions and 234 deletions
--- a/bootc/baremetal/Containerfile
+++ b/bootc/baremetal/Containerfile
@ -0,0 +1,22 @@
 FROM edge-registry.itix.fr/demo-edge-retail/base:latest
 RUN <<EOF
 set -Eeuo pipefail
 # Install virtualization packages
 dnf install -y cockpit-machines libvirt libvirt-daemon-kvm virt-install virt-top \
               libguestfs-tools genisoimage smartmontools hdparm rclone virt-v2v \
               virt-v2v-bash-completion libguestfs-winsupport
 dnf clean all
 EOF
 ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
 # Enable systemd services and sockets
 systemctl enable libvirtd.service libvirt-guests.service
 EOF
--- a/bootc/baremetal/root/etc/libvirt/qemu/hooks/qemu
+++ b/bootc/baremetal/root/etc/libvirt/qemu/hooks/qemu
--- a/bootc/scenario1/root/etc/containers/systemd/configs/redis-session.ini
+++ b/bootc/scenario1/root/etc/containers/systemd/configs/redis-session.ini
--- a/bootc/baremetal/root/etc/libvirt/qemu/networks/autostart/default.xml
+++ b/bootc/baremetal/root/etc/libvirt/qemu/networks/autostart/default.xml
--- a/bootc/baremetal/root/etc/libvirt/qemu/networks/default.xml
+++ b/bootc/baremetal/root/etc/libvirt/qemu/networks/default.xml
--- a/bootc/base/Containerfile
+++ b/bootc/base/Containerfile
@ -6,15 +6,17 @@ ARG ADMIN_USERNAME=demo \
 RUN <<EOF
 set -Eeuo pipefail
 # Enable EPEL and Ansible AAP repos
 dnf config-manager --enable ansible-automation-platform-2.5-for-rhel-9-$(arch)-rpms
 dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
-dnf install -y mkpasswd podman skopeo flightctl-agent cockpit cockpit-machines cockpit-podman \
+
-               cockpit-files cockpit-ostree cockpit-pcp cockpit-system libvirt libvirt-daemon-kvm \
+# Install packages
-               virt-install virt-top libguestfs-tools genisoimage greenboot greenboot-default-health-checks \
+dnf install -y mkpasswd podman skopeo flightctl-agent cockpit cockpit-podman cockpit-files \
-               stress-ng yq podman-compose tmux smartmontools hdparm tcpdump rclone virt-v2v \
+               cockpit-ostree cockpit-pcp cockpit-system greenboot greenboot-default-health-checks \
-               virt-v2v-bash-completion libguestfs-winsupport
+               stress-ng yq podman-compose tmux tcpdump
 dnf clean all
 # Create admin user if specified
 if [ -n "$ADMIN_USERNAME" ]; then
  useradd -m -G wheel -p "$(echo -n "$ADMIN_PASSWORD" | mkpasswd -m bcrypt --stdin)" "$ADMIN_USERNAME"
 fi
@ -24,12 +26,18 @@ ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
-systemctl enable flightctl-agent.service cockpit.socket libvirtd.service libvirt-guests.service
+
 # Enable systemd services and sockets
 systemctl enable flightctl-agent.service cockpit.socket
 # Make sure the flightctl-agent is the only one that can apply updates
 systemctl mask bootc-fetch-apply-updates.timer
 # Set proper ownership and SELinux context on SSH authorized keys
 if [ -n "$ADMIN_USERNAME" -a -f "/etc/ssh/authorized_keys/$ADMIN_USERNAME.keys" ]; then
  chown "$ADMIN_USERNAME:$ADMIN_USERNAME" "/etc/ssh/authorized_keys/$ADMIN_USERNAME.keys"
 fi
 semanage fcontext -a -t ssh_home_t "/etc/ssh/authorized_keys(/.*)?"
 restorecon -Rf /etc/ssh/authorized_keys
-install -d -m 0700 -o root -g root /var/lib/private/flightctl
+
 EOF
--- a/bootc/scenario1/Containerfile
+++ b/bootc/scenario1/Containerfile
@ -1,8 +0,0 @@
 FROM edge-registry.itix.fr/demo-edge-retail/base:latest
 ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
 systemctl enable nextcloud.target
 EOF
--- a/bootc/scenario1/root/etc/flightctl/hooks.d/afterupdating/30-nextcloud.yaml
+++ b/bootc/scenario1/root/etc/flightctl/hooks.d/afterupdating/30-nextcloud.yaml
@ -1,10 +0,0 @@
 - if:
  - path: /etc/containers/systemd/configs/nextcloud-config.env
    op: [created, updated]
  run: systemctl restart nextcloud.target
  timeout: 5m
 - if:
  - path: /etc/containers/systemd/configs/nextcloud-config.env
    op: [removed]
  run: /bin/sh -c 'if [ -f /etc/systemd/system/nextcloud.target ]; then systemctl stop nextcloud.target; fi'
  timeout: 5m
--- a/bootc/scenario2/Containerfile
+++ b/bootc/scenario2/Containerfile
@ -1,8 +0,0 @@
 FROM edge-registry.itix.fr/demo-edge-retail/base:latest
 ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
 systemctl enable migrate-vm@printserver.service
 EOF
--- a/bootc/scenario3a/Containerfile
+++ b/bootc/scenario3a/Containerfile
@ -1,8 +0,0 @@
 FROM edge-registry.itix.fr/demo-edge-retail/base:latest
 ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
 systemctl enable bootstrap-vm@nextcloud.service
 EOF
--- a/bootc/scenario3a/root/etc/libvirt/qemu/networks/autostart/default.xml
+++ b/bootc/scenario3a/root/etc/libvirt/qemu/networks/autostart/default.xml
@ -1 +0,0 @@
 ../default.xml
--- a/bootc/scenario3a/root/etc/libvirt/qemu/networks/default.xml
+++ b/bootc/scenario3a/root/etc/libvirt/qemu/networks/default.xml
@ -1,19 +0,0 @@
 <network>
  <name>default</name>
  <bridge name="virbr0" stp="on" delay="5" />
  <forward mode='nat' />
  <domain name="libvirt.test" />
  <dns>
    <host ip='192.168.122.1'>
      <hostname>host</hostname>
    </host>
  </dns>
  <ip address="192.168.122.1" netmask="255.255.255.0" localPtr="yes">
    <dhcp>
      <range start="192.168.122.100" end="192.168.122.200">
        <lease expiry='24' unit='hours'/>
      </range>
      <host mac="04:00:00:00:00:01" name="nextcloud" ip="192.168.122.2" />
    </dhcp>
  </ip>
 </network>
--- a/bootc/scenario4/Containerfile
+++ b/bootc/scenario4/Containerfile
@ -1,8 +0,0 @@
 FROM edge-registry.itix.fr/demo-edge-retail/base:latest
 ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
 systemctl enable odoo.target
 EOF
--- a/bootc/scenario4/root/etc/flightctl/hooks.d/afterupdating/30-odoo.yaml
+++ b/bootc/scenario4/root/etc/flightctl/hooks.d/afterupdating/30-odoo.yaml
@ -1,10 +0,0 @@
 - if:
  - path: /etc/containers/systemd/configs/odoo-config.env
    op: [created, updated]
  run: systemctl restart odoo.target
  timeout: 5m
 - if:
  - path: /etc/containers/systemd/configs/odoo-config.env
    op: [removed]
  run: /bin/sh -c 'if [ -f /etc/systemd/system/odoo.target ]; then systemctl stop odoo.target; fi'
  timeout: 5m
--- a/bootc/scripts/build-image.sh
+++ b/bootc/scripts/build-image.sh
@ -0,0 +1,54 @@
 #!/bin/bash
 set -Eeuo pipefail
 if [[ "$UID" -ne 0 ]]; then
  echo "This command must be run as root!"
  exit 1
 fi
 if [ "$#" -lt 1 ]; then
  echo "Usage: $0 <bootc-target-image> [qcow2-target-image]"
  exit 1
 fi
 TARGET_IMAGE="$1"
 OCI_REGISTRY="${TARGET_IMAGE%%/*}"
 SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
 PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
 if [ ! -f "$PROJECT_DIR/signing-key.pass" ]; then
  openssl rand -base64 30 > "$PROJECT_DIR/signing-key.pass"
  chmod 600 "$PROJECT_DIR/signing-key.pass"
 fi
 if [ ! -f "$PROJECT_DIR/signing-key.pub" ]; then
  skopeo generate-sigstore-key --output-prefix "$PROJECT_DIR/signing-key" --passphrase-file "$PROJECT_DIR/signing-key.pass"
 fi
 if [ ! -f "/etc/containers/registries.d/${OCI_REGISTRY}.yaml" ]; then
  tee "/etc/containers/registries.d/${OCI_REGISTRY}.yaml" > /dev/null <<EOF
 docker:
  ${OCI_REGISTRY}:
    use-sigstore-attachments: true
 EOF
 fi
 export REGISTRY_AUTH_FILE="$PROJECT_DIR/auth.json"
 if [ ! -f "$REGISTRY_AUTH_FILE" ]; then
  echo "Please enter your credentials for ${OCI_REGISTRY}:"
  podman login "${OCI_REGISTRY}"
  echo "Please enter your credentials for registry.redhat.io:"
  podman login registry.redhat.io
 fi
 if [ -x "$PWD/custom.sh" ]; then
  echo "Running custom.sh..."
  "$PWD/custom.sh"
 fi
 echo "Building and pushing image $TARGET_IMAGE..."
 podman build --no-cache -t "${TARGET_IMAGE}" .
 podman push --sign-by-sigstore-private-key "$PROJECT_DIR/signing-key.private" --sign-passphrase-file "$PROJECT_DIR/signing-key.pass" "${TARGET_IMAGE}"
--- a/bootc/scripts/build-qcow2.sh
+++ b/bootc/scripts/build-qcow2.sh
@ -35,41 +35,12 @@ OCI_REGISTRY="${TARGET_IMAGE%%/*}"
 SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
 PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
 if [ ! -f "$PROJECT_DIR/signing-key.pass" ]; then
  openssl rand -base64 30 > "$PROJECT_DIR/signing-key.pass"
  chmod 600 "$PROJECT_DIR/signing-key.pass"
 fi
 if [ ! -f "$PROJECT_DIR/signing-key.pub" ]; then
  skopeo generate-sigstore-key --output-prefix "$PROJECT_DIR/signing-key" --passphrase-file "$PROJECT_DIR/signing-key.pass"
 fi
 if [ ! -f "/etc/containers/registries.d/${OCI_REGISTRY}.yaml" ]; then
  tee "/etc/containers/registries.d/${OCI_REGISTRY}.yaml" > /dev/null <<EOF
 docker:
  ${OCI_REGISTRY}:
    use-sigstore-attachments: true
 EOF
 fi
 export REGISTRY_AUTH_FILE="$PROJECT_DIR/auth.json"
 if [ ! -f "$REGISTRY_AUTH_FILE" ]; then
  echo "Please enter your credentials for ${OCI_REGISTRY}:"
  podman login "${OCI_REGISTRY}"
  echo "Please enter your credentials for registry.redhat.io:"
  podman login registry.redhat.io
 fi
 if [ -x "$PWD/custom.sh" ]; then
  echo "Running custom.sh..."
  "$PWD/custom.sh"
 fi
 echo "Building and pushing image $TARGET_IMAGE..."
 podman build --no-cache -t "${TARGET_IMAGE}" .
 podman push --sign-by-sigstore-private-key "$PROJECT_DIR/signing-key.private" --sign-passphrase-file "$PROJECT_DIR/signing-key.pass" "${TARGET_IMAGE}"
 echo "Building and pushing image $QCOW2_TARGET_IMAGE..."
 temp_dir="$(mktemp -d)"
 trap 'rm -rf "$temp_dir"' EXIT
--- a/bootc/scripts/buildall.sh
+++ b/bootc/scripts/buildall.sh
@ -12,13 +12,17 @@ PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
 . "$PROJECT_DIR/config.env"
-for dir in "$PROJECT_DIR"/{base,scenario*}; do
+for dir in "$PROJECT_DIR"/{base,hypervisor,virtualmachine}; do
  if [ -d "$dir" -a -f "$dir/Containerfile" ]; then
    export SCENARIO="${dir##*/}"
    TARGET_IMAGE="$(echo -n "$TARGET_IMAGE_TEMPLATE" | envsubst)"
    echo "Building container image $TARGET_IMAGE from $SCENARIO..."
    pushd "$dir" > /dev/null
-    "$SCRIPT_DIR/build.sh" "$TARGET_IMAGE"
+    "$SCRIPT_DIR/build-image.sh" "$TARGET_IMAGE"
    if [[ "$SCENARIO" == "virtualmachine" ]]; then
      echo "Building qcow2 image for $TARGET_IMAGE..."
      "$SCRIPT_DIR/build-qcow2.sh" "$TARGET_IMAGE"
    fi
    popd > /dev/null
  fi
 done
--- a/bootc/virtualmachine/Containerfile
+++ b/bootc/virtualmachine/Containerfile
@ -0,0 +1,20 @@
 FROM edge-registry.itix.fr/demo-edge-retail/base:latest
 RUN <<EOF
 set -Eeuo pipefail
 # Install the Qemu guest agent
 dnf install -y qemu-guest-agent
 dnf clean all
 EOF
 ADD --chown=root:root root /
 RUN <<EOF
 set -Eeuo pipefail
 # The flightctl-agent configuration will be injected here by the hypervisor
 install -d -m 0700 -o root -g root /var/lib/private/flightctl
 EOF
--- a/bootc/virtualmachine/root/etc/systemd/system/flightctl-agent.service.d/override.conf
+++ b/bootc/virtualmachine/root/etc/systemd/system/flightctl-agent.service.d/override.conf
--- a/flightctl/apps/edge-vm/etc/default/bootstrap-vm-nextcloud.env
+++ b/flightctl/apps/edge-vm/etc/default/bootstrap-vm-nextcloud.env
@ -3,6 +3,6 @@ DOMAIN_RAM=8192
 DOMAIN_DISK_SIZE=100
 DOMAIN_OS_VARIANT=rhel9.6
 DOMAIN_MAC_ADDRESS=04:00:00:00:00:01
-FLIGHTCTL_LABELS_OVERRIDE={ "type": "virtualmachine", "vm.name": "nextcloud", "scenario": "scenario1" }
+FLIGHTCTL_LABELS_OVERRIDE={ "type": "virtualmachine", "vm.name": "nextcloud" }
-DOMAIN_DISK_SOURCE=edge-registry.itix.fr/demo-edge-retail/scenario1-qcow2:latest
+DOMAIN_DISK_SOURCE=edge-registry.itix.fr/demo-edge-retail/virtualmachine:latest
 REGISTRY_AUTH_FILE=/etc/ostree/auth.json
--- a/flightctl/apps/edge-vm/etc/flightctl/hooks.d/afterupdating/30-edge-vm.yaml
+++ b/flightctl/apps/edge-vm/etc/flightctl/hooks.d/afterupdating/30-edge-vm.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/default/bootstrap-vm-nextcloud.env
    op: [created, updated]
  run: /bin/sh -Eeuo pipefail -c 'systemctl enable bootstrap-vm@nextcloud.service ; systemctl restart bootstrap-vm@nextcloud.service'
  timeout: 5m
--- a/flightctl/apps/edge-vm/etc/flightctl/hooks.d/beforeupdating/30-edge-vm.yaml
+++ b/flightctl/apps/edge-vm/etc/flightctl/hooks.d/beforeupdating/30-edge-vm.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/default/bootstrap-vm-nextcloud.env
    op: [removed]
  run: /bin/sh -c 'if [ -f /etc/systemd/system/bootstrap-vm@.service ]; then systemctl stop bootstrap-vm@nextcloud.service ; systemctl disable bootstrap-vm@nextcloud.service ; fi'
  timeout: 5m
--- a/flightctl/apps/edge-vm/etc/greenboot/check/required.d/30_nextcloud_check.sh
+++ b/flightctl/apps/edge-vm/etc/greenboot/check/required.d/30_nextcloud_check.sh
--- a/flightctl/apps/edge-vm/etc/libvirt/hooks/qemu.d/nextcloud/iptables
+++ b/flightctl/apps/edge-vm/etc/libvirt/hooks/qemu.d/nextcloud/iptables
--- a/flightctl/apps/edge-vm/etc/systemd/system/bootstrap-vm@.service
+++ b/flightctl/apps/edge-vm/etc/systemd/system/bootstrap-vm@.service
--- a/flightctl/apps/edge-vm/usr/local/bin/bootstrap-vm.sh
+++ b/flightctl/apps/edge-vm/usr/local/bin/bootstrap-vm.sh
--- a/flightctl/apps/hyperv-migration/etc/default/migrate-vm-printserver.env
+++ b/flightctl/apps/hyperv-migration/etc/default/migrate-vm-printserver.env
--- a/flightctl/apps/hyperv-migration/etc/flightctl/hooks.d/afterupdating/30-hyperv-migration.yaml
+++ b/flightctl/apps/hyperv-migration/etc/flightctl/hooks.d/afterupdating/30-hyperv-migration.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/default/migrate-vm-printserver.env
    op: [created, updated]
  run: /bin/sh -Eeuo pipefail -c 'systemctl enable migrate-vm@printserver.service ; systemctl restart migrate-vm@printserver.service'
  timeout: 5m
--- a/flightctl/apps/hyperv-migration/etc/flightctl/hooks.d/beforeupdating/30-hyperv-migration.yaml
+++ b/flightctl/apps/hyperv-migration/etc/flightctl/hooks.d/beforeupdating/30-hyperv-migration.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/default/migrate-vm-printserver.env
    op: [removed]
  run: /bin/sh -c 'if [ -f /etc/systemd/system/migrate-vm@.service ]; then systemctl stop migrate-vm@printserver.service ; systemctl disable migrate-vm@printserver.service ; fi'
  timeout: 5m
--- a/flightctl/apps/hyperv-migration/etc/greenboot/check/required.d/30_printserver_check.sh
+++ b/flightctl/apps/hyperv-migration/etc/greenboot/check/required.d/30_printserver_check.sh
--- a/flightctl/apps/hyperv-migration/etc/systemd/system/migrate-vm@.service
+++ b/flightctl/apps/hyperv-migration/etc/systemd/system/migrate-vm@.service
--- a/flightctl/apps/hyperv-migration/usr/local/bin/migrate-vm.sh
+++ b/flightctl/apps/hyperv-migration/usr/local/bin/migrate-vm.sh
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-app.container
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-app.container
@ -8,7 +8,7 @@ Requires=nextcloud-db.service nextcloud-redis.service
 After=nextcloud-db.service nextcloud-redis.service
 # Only start if Nextcloud has been configured
-ConditionPathExists=/etc/containers/systemd/configs/nextcloud-config.env
+ConditionPathExists=/etc/containers/systemd/nextcloud/nextcloud-config.env
 # Start/stop this unit when the target is started/stopped
 PartOf=nextcloud.target
@ -25,8 +25,8 @@ Network=host
 AddCapability=CAP_NET_BIND_SERVICE
 # Environment variables from secrets and config
-EnvironmentFile=/etc/containers/systemd/configs/nextcloud-app.env
+EnvironmentFile=/etc/containers/systemd/nextcloud/nextcloud-app.env
-EnvironmentFile=/etc/containers/systemd/configs/nextcloud-config.env
+EnvironmentFile=/etc/containers/systemd/nextcloud/nextcloud-config.env
 # Volume mounts
 Volume=/var/lib/nextcloud/data:/var/www/html:z
@ -48,8 +48,8 @@ TimeoutStopSec=30
 # Skaffold filesystem + fix permissions
 ExecStartPre=/bin/bash -Eeuo pipefail -c 'install -m 0700 -o 82 -g 82 -d /var/lib/nextcloud/data /var/lib/nextcloud/config ; \
-  install -m 0700 -o 82 -g 82 /etc/containers/systemd/configs/www.conf /var/lib/nextcloud/config/www.conf ; \
+  install -m 0700 -o 82 -g 82 /etc/containers/systemd/nextcloud/www.conf /var/lib/nextcloud/config/www.conf ; \
-  install -m 0700 -o 82 -g 82 /etc/containers/systemd/configs/redis-session.ini /var/lib/nextcloud/config/redis-session.ini'
+  install -m 0700 -o 82 -g 82 /etc/containers/systemd/nextcloud/redis-session.ini /var/lib/nextcloud/config/redis-session.ini'
 # Wait for PostgreSQL to be ready
 ExecStartPre=/bin/sh -c 'exec 2>/dev/null; for try in $(seq 0 12); do if ! /bin/true 5<> /dev/tcp/127.0.0.1/5432; then echo "Waiting for PostgreSQL to be available..."; sleep 5; else exit 0; fi; done; exit 1'
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-db.container
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-db.container
@ -4,7 +4,7 @@ Documentation=https://www.postgresql.org/
 After=network.target
 # Only start if Nextcloud has been configured
-ConditionPathExists=/etc/containers/systemd/configs/nextcloud-config.env
+ConditionPathExists=/etc/containers/systemd/nextcloud/nextcloud-config.env
 # Start/stop this unit when the target is started/stopped
 PartOf=nextcloud.target
@ -17,10 +17,10 @@ Image=docker.io/library/postgres:17-alpine
 Network=host
 # Environment variables from config
-EnvironmentFile=/etc/containers/systemd/configs/nextcloud-db.env
+EnvironmentFile=/etc/containers/systemd/nextcloud/nextcloud-db.env
 # Volume mounts
-Volume=/var/lib/postgresql/data:/var/lib/postgresql/data:Z
+Volume=/var/lib/postgresql/data-nextcloud:/var/lib/postgresql/data:Z
 # Health check
 HealthCmd=pg_isready -U nextcloud -d nextcloud
@ -36,7 +36,7 @@ TimeoutStartSec=120
 TimeoutStopSec=30
 # Skaffold filesystem + fix permissions
-ExecStartPre=install -m 0700 -o 70 -g 70 -d /var/lib/postgresql/data
+ExecStartPre=install -m 0700 -o 70 -g 70 -d /var/lib/postgresql/data-nextcloud
 [Install]
 WantedBy=nextcloud.target
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-nginx.container
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-nginx.container
@ -4,7 +4,7 @@ Documentation=https://nextcloud.com/
 After=network.target
 # Only start if Nextcloud has been configured
-ConditionPathExists=/etc/containers/systemd/configs/nextcloud-config.env
+ConditionPathExists=/etc/containers/systemd/nextcloud/nextcloud-config.env
 # Start/stop this unit when the target is started/stopped
 PartOf=nextcloud.target
@ -22,7 +22,7 @@ User=82:82
 # Volume mounts
 Volume=/var/lib/nextcloud/data:/var/www/html:z
-Volume=/etc/containers/systemd/configs/nginx.conf:/etc/nginx/nginx.conf:ro
+Volume=/etc/containers/systemd/nextcloud/nginx.conf:/etc/nginx/nginx.conf:ro
 # Health check (equivalent to readiness probe)
 HealthCmd=curl -f http://localhost:80/status.php
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-redis.container
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud-redis.container
@ -4,7 +4,7 @@ Documentation=https://redis.io/
 After=network.target 
 # Only start if Nextcloud has been configured
-ConditionPathExists=/etc/containers/systemd/configs/nextcloud-config.env
+ConditionPathExists=/etc/containers/systemd/nextcloud/nextcloud-config.env
 # Start/stop this unit when the target is started/stopped
 PartOf=nextcloud.target
@ -20,11 +20,11 @@ Network=host
 Exec=redis-server /usr/local/etc/redis/redis.conf
 # Environment variables
-EnvironmentFile=/etc/containers/systemd/configs/nextcloud-redis.env
+EnvironmentFile=/etc/containers/systemd/nextcloud/nextcloud-redis.env
 # Volume mounts for data persistence
 Volume=/var/lib/redis:/data:Z
-Volume=/etc/containers/systemd/configs/redis.conf:/usr/local/etc/redis/redis.conf:ro
+Volume=/etc/containers/systemd/nextcloud/redis.conf:/usr/local/etc/redis/redis.conf:ro
 # Health check
 HealthCmd=redis-cli ping | grep -q PONG
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-app.env
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-app.env
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-config.env.tmpl
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-config.env.tmpl
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-db.env
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-db.env
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-redis.env
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nextcloud-redis.env
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nginx.conf
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/nginx.conf
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/redis-session.ini
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/redis-session.ini
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/redis.conf
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/redis.conf
--- a/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/www.conf
+++ b/flightctl/apps/nextcloud/etc/containers/systemd/nextcloud/www.conf
--- a/flightctl/apps/nextcloud/etc/flightctl/hooks.d/afterupdating/30-nextcloud.yaml
+++ b/flightctl/apps/nextcloud/etc/flightctl/hooks.d/afterupdating/30-nextcloud.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/containers/systemd/nextcloud/nextcloud-config.env
    op: [created, updated]
  run: /bin/sh -Eeuo pipefail -c 'systemctl enable nextcloud.target ; systemctl restart nextcloud.target'
  timeout: 5m
--- a/flightctl/apps/nextcloud/etc/flightctl/hooks.d/beforeupdating/30-nextcloud.yaml
+++ b/flightctl/apps/nextcloud/etc/flightctl/hooks.d/beforeupdating/30-nextcloud.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/containers/systemd/nextcloud/nextcloud-config.env
    op: [removed]
  run: /bin/sh -c 'if [ -f /etc/systemd/system/nextcloud.target ]; then systemctl stop nextcloud.target ; systemctl disable nextcloud.target ; fi'
  timeout: 5m
--- a/flightctl/apps/nextcloud/etc/greenboot/check/required.d/30_nextcloud_check.sh
+++ b/flightctl/apps/nextcloud/etc/greenboot/check/required.d/30_nextcloud_check.sh
--- a/flightctl/apps/nextcloud/etc/systemd/system/nextcloud.target
+++ b/flightctl/apps/nextcloud/etc/systemd/system/nextcloud.target
--- a/bootc/scenario4/root/etc/containers/systemd/odoo-app.container
+++ b/bootc/scenario4/root/etc/containers/systemd/odoo-app.container
@ -7,7 +7,7 @@ Requires=odoo-init.service odoo-db.service
 After=odoo-init.service odoo-db.service
 # Only start if Odoo has been configured
-ConditionPathExists=/etc/containers/systemd/configs/odoo-config.env
+ConditionPathExists=/etc/containers/systemd/odoo/odoo-config.env
 # Only start if initialization has completed
 ConditionPathExists=/var/lib/odoo/initialized
@ -43,7 +43,7 @@ TimeoutStartSec=600
 TimeoutStopSec=30
 # Wait for PostgreSQL to be ready
-ExecStartPre=/bin/sh -c 'exec 2>/dev/null; for try in $(seq 0 12); do if ! /bin/true 5<> /dev/tcp/127.0.0.1/5432; then echo "Waiting for PostgreSQL to be available..."; sleep 5; else exit 0; fi; done; exit 1'
+ExecStartPre=/bin/sh -c 'exec 2>/dev/null; for try in $(seq 0 12); do if ! /bin/true 5<> /dev/tcp/127.0.0.1/5433; then echo "Waiting for PostgreSQL to be available..."; sleep 5; else exit 0; fi; done; exit 1'
 [Install]
 WantedBy=odoo.target
--- a/bootc/scenario4/root/etc/containers/systemd/odoo-db.container
+++ b/bootc/scenario4/root/etc/containers/systemd/odoo-db.container
@ -4,7 +4,7 @@ Documentation=https://www.postgresql.org/
 After=network.target
 # Only start if Odoo has been configured
-ConditionPathExists=/etc/containers/systemd/configs/odoo-config.env
+ConditionPathExists=/etc/containers/systemd/odoo/odoo-config.env
 # Start/stop this unit when the target is started/stopped
 PartOf=odoo.target
@ -17,13 +17,13 @@ Image=docker.io/library/postgres:17-alpine
 Network=host
 # Environment variables from config
-EnvironmentFile=/etc/containers/systemd/configs/odoo-db.env
+EnvironmentFile=/etc/containers/systemd/odoo/odoo-db.env
 # Volume mounts
-Volume=/var/lib/postgresql/data:/var/lib/postgresql/data:Z
+Volume=/var/lib/postgresql/data-odoo:/var/lib/postgresql/data:Z
 # Health check
-HealthCmd=pg_isready -U odoo -d postgres
+HealthCmd=pg_isready -U odoo -d postgres -p 5433
 HealthInterval=30s
 HealthTimeout=10s
 HealthStartPeriod=60s
@ -36,7 +36,7 @@ TimeoutStartSec=120
 TimeoutStopSec=30
 # Skaffold filesystem + fix permissions
-ExecStartPre=install -m 0700 -o 70 -g 70 -d /var/lib/postgresql/data
+ExecStartPre=install -m 0700 -o 70 -g 70 -d /var/lib/postgresql/data-odoo
 [Install]
 WantedBy=odoo.target
--- a/bootc/scenario4/root/etc/containers/systemd/odoo-init.container
+++ b/bootc/scenario4/root/etc/containers/systemd/odoo-init.container
@ -7,7 +7,7 @@ After=odoo-db.service
 Before=odoo-app.service
 # Only start if Odoo has been configured
-ConditionPathExists=/etc/containers/systemd/configs/odoo-config.env
+ConditionPathExists=/etc/containers/systemd/odoo/odoo-config.env
 # Prevent running if already initialized
 ConditionPathExists=!/var/lib/odoo/initialized
@ -24,7 +24,7 @@ Network=host
 AddCapability=CAP_NET_BIND_SERVICE
 # Environment variables from secrets and config
-EnvironmentFile=/etc/containers/systemd/configs/odoo-config.env
+EnvironmentFile=/etc/containers/systemd/odoo/odoo-config.env
 # Volume mounts
 Volume=/etc/odoo:/etc/odoo:ro
@ -48,7 +48,7 @@ ExecStartPost=/bin/touch /var/lib/odoo/initialized
 ExecStartPre=install -m 0700 -o 101 -g 101 -d /var/lib/odoo/data /var/lib/odoo/addons /var/log/odoo
 # Wait for PostgreSQL to be ready
-ExecStartPre=/bin/sh -c 'exec 2>/dev/null; for try in $(seq 0 12); do if ! /bin/true 5<> /dev/tcp/127.0.0.1/5432; then echo "Waiting for PostgreSQL to be available..."; sleep 5; else exit 0; fi; done; exit 1'
+ExecStartPre=/bin/sh -c 'exec 2>/dev/null; for try in $(seq 0 12); do if ! /bin/true 5<> /dev/tcp/127.0.0.1/5433; then echo "Waiting for PostgreSQL to be available..."; sleep 5; else exit 0; fi; done; exit 1'
 [Install]
 WantedBy=odoo.target
--- a/bootc/scenario4/root/etc/containers/systemd/configs/odoo-config.env.tmpl
+++ b/bootc/scenario4/root/etc/containers/systemd/configs/odoo-config.env.tmpl
--- a/bootc/scenario4/root/etc/containers/systemd/configs/odoo-db.env
+++ b/bootc/scenario4/root/etc/containers/systemd/configs/odoo-db.env
@ -3,3 +3,4 @@ POSTGRES_PASSWORD=odoo
 POSTGRES_DB=postgres
 POSTGRES_HOST_AUTH_METHOD=scram-sha-256
 POSTGRES_INITDB_ARGS=--auth-host=scram-sha-256
 PGPORT=5433
--- a/flightctl/apps/odoo/etc/flightctl/hooks.d/afterupdating/30-odoo.yaml
+++ b/flightctl/apps/odoo/etc/flightctl/hooks.d/afterupdating/30-odoo.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/containers/systemd/odoo/odoo-config.env
    op: [created, updated]
  run: /bin/sh -Eeuo pipefail -c 'systemctl enable odoo.target ; systemctl restart odoo.target'
  timeout: 5m
--- a/flightctl/apps/odoo/etc/flightctl/hooks.d/beforeupdating/30-odoo.yaml
+++ b/flightctl/apps/odoo/etc/flightctl/hooks.d/beforeupdating/30-odoo.yaml
@ -0,0 +1,5 @@
 - if:
  - path: /etc/containers/systemd/odoo/odoo-config.env
    op: [removed]
  run: /bin/sh -c 'if [ -f /etc/systemd/system/odoo.target ]; then systemctl stop odoo.target ; systemctl disable odoo.target ; fi'
  timeout: 5m
--- a/bootc/scenario4/root/etc/greenboot/check/required.d/30_odoo_check.sh
+++ b/bootc/scenario4/root/etc/greenboot/check/required.d/30_odoo_check.sh
--- a/bootc/scenario4/root/etc/odoo/init.sh
+++ b/bootc/scenario4/root/etc/odoo/init.sh
--- a/bootc/scenario4/root/etc/odoo/odoo.conf
+++ b/bootc/scenario4/root/etc/odoo/odoo.conf
--- a/bootc/scenario4/root/etc/systemd/system/odoo.target
+++ b/bootc/scenario4/root/etc/systemd/system/odoo.target
--- a/flightctl/fleets.yaml
+++ b/flightctl/fleets.yaml
@ -1,29 +1,5 @@
 apiVersion: flightctl.io/v1alpha1
 kind: Fleet
 metadata:
  annotations: {}
  labels:
    scenario: 'base'
  name: base
 spec:
  selector:
    matchLabels:
      scenario: 'base'
  template:
    metadata:
      labels:
        fleet: base
    spec:
      applications: []
      config: []
      os:
        image: edge-registry.itix.fr/demo-edge-retail/base:latest
      systemd:
        matchPatterns:
          - greenboot-healthcheck.service
 ---
 apiVersion: flightctl.io/v1alpha1
 kind: Fleet
 metadata:
  annotations: {}
  labels:
--- a/flightctl/fleets/baremetal/sites/default/etc/motd.d/unconfigured
+++ b/flightctl/fleets/baremetal/sites/default/etc/motd.d/unconfigured
--- a/flightctl/fleets/baremetal/sites/paris-wagram/etc/containers/systemd/configs/nextcloud-config.env
+++ b/flightctl/fleets/baremetal/sites/paris-wagram/etc/containers/systemd/configs/nextcloud-config.env
--- a/flightctl/fleets/baremetal/sites/paris-wagram/etc/containers/systemd/configs/odoo-config.env
+++ b/flightctl/fleets/baremetal/sites/paris-wagram/etc/containers/systemd/configs/odoo-config.env
--- a/flightctl/fleets/baremetal/sites/villeneuve-d-ascq/etc/containers/systemd/configs/nextcloud-config.env
+++ b/flightctl/fleets/baremetal/sites/villeneuve-d-ascq/etc/containers/systemd/configs/nextcloud-config.env
--- a/flightctl/fleets/baremetal/sites/villeneuve-d-ascq/etc/containers/systemd/configs/odoo-config.env
+++ b/flightctl/fleets/baremetal/sites/villeneuve-d-ascq/etc/containers/systemd/configs/odoo-config.env
--- a/flightctl/fleets/virtualmachines/sites/default/etc/motd.d/unconfigured
+++ b/flightctl/fleets/virtualmachines/sites/default/etc/motd.d/unconfigured
--- a/flightctl/fleets/virtualmachines/sites/paris-wagram/etc/containers/systemd/configs/nextcloud-config.env
+++ b/flightctl/fleets/virtualmachines/sites/paris-wagram/etc/containers/systemd/configs/nextcloud-config.env
@ -0,0 +1,16 @@
 ##
 ## Nextcloud Configuration Environment Variables
 ##
 # Nextcloud domain configuration
 NEXTCLOUD_TRUSTED_DOMAINS=optiplex-7000.itix.fr
 OVERWRITEHOST=optiplex-7000.itix.fr
 OVERWRITEPROTOCOL=http
 OVERWRITECLIURL=http://optiplex-7000.itix.fr
 # Nextcloud admin credentials
 NEXTCLOUD_ADMIN_USER=admin
 NEXTCLOUD_ADMIN_PASSWORD=nextcloud
 # Nextcloud server info token
 NEXTCLOUD_SERVERINFO_TOKEN=S3cr3t!
--- a/flightctl/fleets/virtualmachines/sites/villeneuve-d-ascq/etc/containers/systemd/configs/nextcloud-config.env
+++ b/flightctl/fleets/virtualmachines/sites/villeneuve-d-ascq/etc/containers/systemd/configs/nextcloud-config.env
@ -0,0 +1,16 @@
 ##
 ## Nextcloud Configuration Environment Variables
 ##
 # Nextcloud domain configuration
 NEXTCLOUD_TRUSTED_DOMAINS=adlink-dlap-4001.itix.fr
 OVERWRITEHOST=adlink-dlap-4001.itix.fr
 OVERWRITEPROTOCOL=http
 OVERWRITECLIURL=http://adlink-dlap-4001.itix.fr
 # Nextcloud admin credentials
 NEXTCLOUD_ADMIN_USER=admin
 NEXTCLOUD_ADMIN_PASSWORD=nextcloud
 # Nextcloud server info token
 NEXTCLOUD_SERVERINFO_TOKEN=S3cr3t!
--- a/flightctl/scenario4/sites/default/etc/motd.d/unconfigured
+++ b/flightctl/scenario4/sites/default/etc/motd.d/unconfigured
@ -1,6 +0,0 @@
 HEADS UP !!!
 This system is not configured !
--- a/flightctl/scenario4/sites/paris-wagram/etc/containers/systemd/configs/odoo-config.env
+++ b/flightctl/scenario4/sites/paris-wagram/etc/containers/systemd/configs/odoo-config.env
@ -1,4 +0,0 @@
 DATABASE=redhat
 ADMIN_PASSWORD=R3dH4t!
 RIBBON_COLOR=rgba(255,0,0,.6)
 RIBBON_NAME=Paris Wagram<br/>({db_name})
--- a/flightctl/scenario4/sites/villeneuve-d-ascq/etc/containers/systemd/configs/odoo-config.env
+++ b/flightctl/scenario4/sites/villeneuve-d-ascq/etc/containers/systemd/configs/odoo-config.env
@ -1,4 +0,0 @@
 DATABASE=redhat
 ADMIN_PASSWORD=R3dH4t!
 RIBBON_COLOR=rgba(0,0,255,.6)
 RIBBON_NAME=Villeneuve d'Ascq<br/>({db_name})
--- a/pxe-boot/install.sh
+++ b/pxe-boot/install.sh
@ -42,26 +42,20 @@ function install_directories() {
    done
 }
 # This function templates a kickstart file by replacing placeholders with actual values.
 # The templates are located in the www/ks directory.
 # The output files are written to /var/www/ks.
 # The placeholders are in the format expected by envsubst.
-# For each template file, eight versions are created: base + scenario{1,2,3a,3b,4,5,6}.
+# The output files are named as /var/www/ks/<template>/baremetal.ks.
 # The output files are named as /var/www/ks/<template>/<scenario>.ks.
 function template_kickstart_files() {
    local templates_dir="${SCRIPT_DIR}/www/ks"
    local output_dir="/var/www/ks"
    local scenarios=("base" "scenario1" "scenario2" "scenario3a" "scenario3b" "scenario4" "scenario5" "scenario6")
    for template in "$templates_dir"/*.ks; do
        local template_name="$(basename "$template" .ks)"
-        for scenario in "${scenarios[@]}"; do
+        install -d -m 0755 -o root -g root -Z "$output_dir/${template_name}"
-            install -d -m 0755 -o root -g root -Z "$output_dir/${template_name}"
+        template_kickstart_file "$template" "edge-registry.itix.fr/demo-edge-retail/baremetal:latest"
            template_kickstart_file "$template" "$scenario"
        done
    done
 }
@ -70,19 +64,19 @@ function template_kickstart_files() {
 # It uses envsubst to replace placeholders with actual values.
 function template_kickstart_file () {
    local template="$1"
-    local scenario="$2"
+    local bootc_image="$2"
    local template_name="$(basename "$template" .ks)"
-    local output_file="$output_dir/${template_name}/${scenario}.ks"
+    local output_file="$output_dir/${template_name}/${type}.ks"
    echo "Templating $template_name to $output_file"
    (
-        export SCENARIO_NAME="$scenario"
+        export BOOTC_IMAGE="$bootc_image"
        if [ -f "auth.json" ]; then
            export AUTH_JSON_CONTENT="$(cat auth.json)"
        fi
        if [ -f "config.yaml" ]; then
            declare -n device_labels=${mac_labels[$template_name]}
-            local labels_json="{ \"scenario\": \"$scenario\""
+            local labels_json="{ \"demo\": \"retail\""
            for label in "${!device_labels[@]}"; do
                labels_json+=", \"$label\": \"${device_labels[$label]}\""
            done
@ -90,7 +84,7 @@ function template_kickstart_file () {
            export FLIGHTCTL_CONFIG_CONTENT="$(yq e ".default-labels += $labels_json" config.yaml)"
        fi
        envsubst < "$template" > "/tmp/tmp.$$.ks"
-        declare +x AUTH_JSON_CONTENT FLIGHTCTL_CONFIG_CONTENT SCENARIO_NAME
+        declare +x AUTH_JSON_CONTENT FLIGHTCTL_CONFIG_CONTENT BOOTC_IMAGE
    )
    install -m 0644 -o root -g root "/tmp/tmp.$$.ks" "$output_file"
 }
--- a/pxe-boot/tftpboot/menu.ipxe
+++ b/pxe-boot/tftpboot/menu.ipxe
@ -4,14 +4,7 @@ isset ${menu_default} || set menu_default rhde
 isset ${menu_timeout} || set menu_timeout 30000
 menu iPXE Menu
-item --key 0 rhde                  [0] Install Red Hat Device Edge - Base
+item --key 0 rhde-baremetal        [0] Install Red Hat Device Edge - Baremetal
 item --key 1 rhde-scenario1        [1] Install Red Hat Device Edge - Scenario 1
 item --key 2 rhde-scenario2        [2] Install Red Hat Device Edge - Scenario 2
 item --key 3 rhde-scenario3a       [3] Install Red Hat Device Edge - Scenario 3a
 item --key 4 rhde-scenario4        [4] Install Red Hat Device Edge - Scenario 4
 item --key 5 rhde-scenario5        [5] Install Red Hat Device Edge - Scenario 5
 item --key 6 rhde-scenario6        [6] Install Red Hat Device Edge - Scenario 6
 item --key 7 rhde-scenario3b       [7] Install Red Hat Device Edge - Scenario 3b
 item
 item --key r reboot                [R] Reboot computer
 item --key x exit                  [X] Exit iPXE and continue BIOS boot
@ -24,42 +17,8 @@ reboot
 :exit
 exit
-:rhde
+:rhde-baremetal
 initrd ${rhel9_url}/images/pxeboot/initrd.img
-kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/base.ks ${rhde_options}
+kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/baremetal.ks ${rhde_options}
 boot
 :rhde-scenario1
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario1.ks ${rhde_options}
 boot
 :rhde-scenario2
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario2.ks ${rhde_options}
 boot
 :rhde-scenario3a
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario3a.ks ${rhde_options}
 boot
 :rhde-scenario3b
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario3b.ks ${rhde_options}
 boot
 :rhde-scenario4
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario4.ks ${rhde_options}
 boot
 :rhde-scenario5
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario5.ks ${rhde_options}
 boot
 :rhde-scenario6
 initrd ${rhel9_url}/images/pxeboot/initrd.img
 kernel ${rhel9_url}/images/pxeboot/vmlinuz initrd=initrd.img ip=dhcp inst.repo=${rhel9_url} inst.ks=${kickstart_url}/scenario6.ks ${rhde_options}
 boot
--- a/pxe-boot/www/ks/mac-00190f440391.ks
+++ b/pxe-boot/www/ks/mac-00190f440391.ks
@ -61,7 +61,7 @@ chmod 0600 /etc/ostree/auth.json
 ##
 rootpw --lock
-ostreecontainer --url="edge-registry.itix.fr/demo-edge-retail/${SCENARIO_NAME}:latest" --transport=registry --no-signature-verification
+ostreecontainer --url="${BOOTC_IMAGE}" --transport=registry --no-signature-verification
 ##
 ## Post-installation
--- a/pxe-boot/www/ks/mac-00be43ec5619.ks
+++ b/pxe-boot/www/ks/mac-00be43ec5619.ks
@ -61,7 +61,7 @@ chmod 0600 /etc/ostree/auth.json
 ##
 rootpw --lock
-ostreecontainer --url="edge-registry.itix.fr/demo-edge-retail/${SCENARIO_NAME}:latest" --transport=registry --no-signature-verification
+ostreecontainer --url="${BOOTC_IMAGE}" --transport=registry --no-signature-verification
 ##
 ## Post-installation
	`@ -1,6 +0,0 @@`


		`HEADS UP !!!`

		`This system is not configured !`