feat: Overhaul images

These changes effectively make the structure similar to bluefin.

bazzite now serves as a base for desktop configurations and now
bazzite-deck has been introduced to add changes specific to the
Steam Deck and Steam Deck-alike configurations. Also:

- Introduce images built from main for non-Nvidia systems
- Consolidate structure (remove duplicates, merge Containerfiles)

.github/workflows/build.yml

@@ -1,13 +1,21 @@
-name: build-bazzite
+name: Build and Push Image
 on:
+  schedule:
+    - cron: '20 21 * * *' # 21:20 UTC every day
   pull_request:
     branches:
       - main
-  schedule:
-    - cron: '20 21 * * *'  # 9:20pm everyday
+    paths-ignore:
+      - '**.md'
+      - '**.txt'
   push:
     branches:
       - main
+    paths-ignore:
+      - '**.md'
+      - '**.txt'
+  merge_group:
+  workflow_dispatch:
 env:
     IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
 
@@ -22,24 +30,74 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        image_name: ['', '-desktop']
+        image_flavor: [main, nvidia]
+        base_name: [bazzite, bazzite-deck]
         major_version: [37, 38]
         include:
-          - major_version: 37
-            is_latest: false
-            is_stable: true
           - major_version: 38
-            is_latest: true
-            is_stable: true
+            is_latest_version: false
+            is_stable_version: true
+          - major_version: 38
+            is_latest_version: true
+            is_stable_version: true
     steps:
       # Checkout push-to-registry action GitHub repository
       - name: Checkout Push to Registry action
         uses: actions/checkout@v3
 
-      - name: Get current version
+      - name: Matrix Variables
+        run: |
+          if [[ "${{ matrix.image_flavor }}" == "main" ]]; then
+              echo "IMAGE_NAME=${{ matrix.base_name }}" >> $GITHUB_ENV
+          else
+              echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.base_name, matrix.image_flavor) }}" >> $GITHUB_ENV
+          fi
+
+      - name: Generate tags
+        id: generate-tags
+        shell: bash
+        run: |
+          # Generate a timestamp for creating an image version history
+          TIMESTAMP="$(date +%Y%m%d)"
+          MAJOR_VERSION="${{ matrix.major_version }}"
+          COMMIT_TAGS=()
+          BUILD_TAGS=()
+          # Have tags for tracking builds during pull request
+          SHA_SHORT="${GITHUB_SHA::7}"
+          COMMIT_TAGS+=("pr-${{ github.event.number }}-${MAJOR_VERSION}")
+          COMMIT_TAGS+=("${SHA_SHORT}-${MAJOR_VERSION}")
+          if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
+             [[ "${{ matrix.is_stable_version }}" == "true" ]]; then
+              COMMIT_TAGS+=("pr-${{ github.event.number }}")
+              COMMIT_TAGS+=("${SHA_SHORT}")
+          fi
+
+          BUILD_TAGS=("${MAJOR_VERSION}" "${MAJOR_VERSION}-${TIMESTAMP}")
+
+          if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
+             [[ "${{ matrix.is_stable_version }}" == "true" ]]; then
+              BUILD_TAGS+=("latest")
+          fi
+
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+              echo "Generated the following commit tags: "
+              for TAG in "${COMMIT_TAGS[@]}"; do
+                  echo "${TAG}"
+              done
+              alias_tags=("${COMMIT_TAGS[@]}")
+          else
+              alias_tags=("${BUILD_TAGS[@]}")
+          fi
+          echo "Generated the following build tags: "
+          for TAG in "${BUILD_TAGS[@]}"; do
+              echo "${TAG}"
+          done
+          echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
+
+      - name: Get Current Fedora Version
         id: labels
         run: |
-          ver=$(skopeo inspect docker://ghcr.io/ublue-os/kinoite-nvidia:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]')
+          ver=$(skopeo inspect docker://ghcr.io/ublue-os/kinoite-${{ matrix.image_flavor }}:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]')
           echo "VERSION=$ver" >> $GITHUB_OUTPUT
 
       # Build metadata
@@ -48,34 +106,13 @@ jobs:
         id: meta
         with:
           images: |
-            ${{ format('bazzite{0}', matrix.image_name) }}
+            ${{ env.IMAGE_NAME }}
           labels: |
-            org.opencontainers.image.title=${{ format('bazzite{0}', matrix.image_name) }}
+            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
             org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }}
             org.opencontainers.image.description=Gaming-focused builds of ublue-os with arch distrobox images for gaming, nvidia support, and future support for Valve's Steam Deck.
             io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bazzite/main/README.md
-
-      - name: Generate tags
-        id: generate-tags
-        shell: bash
-        run: |
-          echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
-          alias_tags=()
-          # Only perform the follow code when the action is spawned from a Pull Request
-          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            alias_tags+=("pr-${{ github.event.number }}")
-          else
-            # The following is run when the timer is triggered or a merge/push to main
-            echo "date=$(date +%Y%m%d)" >> $GITHUB_OUTPUT
-            alias_tags+=("${{ matrix.major_version }}")
-            if [[ "${{ matrix.is_latest }}" == "true" ]]; then
-              alias_tags+=("latest")
-            fi
-            if [[ "${{ matrix.is_stable }}" == "true" ]]; then
-              alias_tags+=("stable")
-            fi
-          fi
-          echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
+            io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4
 
       # Build image using Buildah action
       - name: Build Image
@@ -83,17 +120,18 @@ jobs:
         uses: redhat-actions/buildah-build@v2
         with:
           containerfiles: |
-            ${{ format('./Containerfile{0}', matrix.image_name) }}
-          image: ${{ format('bazzite{0}', matrix.image_name) }}
+            ./Containerfile
+          image: ${{ env.IMAGE_NAME }}
           tags: |
             ${{ steps.generate-tags.outputs.alias_tags }}
-            ${{ steps.generate-tags.outputs.date }}
-            ${{ steps.generate-tags.outputs.sha_short }}
           build-args: |
-            IMAGE_NAME=${{ matrix.image_name }}
+            IMAGE_NAME=${{ env.IMAGE_NAME }}
+            IMAGE_FLAVOR=${{ matrix.image_flavor }}
             FEDORA_MAJOR_VERSION=${{ matrix.major_version }}
           labels: ${{ steps.meta.outputs.labels }}
           oci: false
+          extra-args: |
+            --target=${{ matrix.base_name }}
 
       # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
       # https://github.com/macbre/push-to-ghcr/issues/12
@@ -119,6 +157,7 @@ jobs:
           password: ${{ env.REGISTRY_PASSWORD }}
           extra-args: |
             --disable-content-trust
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v2
         if: github.event_name != 'pull_request'
@@ -134,9 +173,7 @@ jobs:
       - name: Sign container image
         if: github.event_name != 'pull_request'
         run: |
-          echo "${{ env.COSIGN_PRIVATE_KEY }}" > cosign.key
-          wc -c cosign.key
-          cosign sign -y --key cosign.key ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS}
+          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}
         env:
           TAGS: ${{ steps.push.outputs.digest }}
           COSIGN_EXPERIMENTAL: false

Containerfile

@@ -1,47 +1,41 @@
-FROM ghcr.io/ublue-os/kinoite-nvidia:latest
+ARG BASE_IMAGE_NAME="${BASE_IMAGE_NAME:-kinoite}"
+ARG IMAGE_FLAVOR="${IMAGE_FLAVOR:-main}"
+ARG SOURCE_IMAGE="${SOURCE_IMAGE:-$BASE_IMAGE_NAME-$IMAGE_FLAVOR}"
+ARG BASE_IMAGE="ghcr.io/ublue-os/${SOURCE_IMAGE}"
+ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}"
+
+FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS bazzite
+
+ARG IMAGE_NAME="${IMAGE_NAME}"
+ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION}"
 
 COPY etc /etc
 COPY usr /usr
-RUN ln -s /usr/bin/steamos-logger /usr/bin/steamos-info && \
-    ln -s /usr/bin/steamos-logger /usr/bin/steamos-notice && \
-    ln -s /usr/bin/steamos-logger /usr/bin/steamos-warning
 
 # Add Copr repos
 RUN wget https://copr.fedorainfracloud.org/coprs/kylegospo/bazzite/repo/fedora-$(rpm -E %fedora)/kylegospo-bazzite-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-bazzite.repo && \
-    wget https://copr.fedorainfracloud.org/coprs/kylegospo/LatencyFleX/repo/fedora-$(rpm -E %fedora)/kylegospo-LatencyFleX-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-latencyflex.repo && \
+    wget https://copr.fedorainfracloud.org/coprs/kylegospo/system76-scheduler/repo/fedora-$(rpm -E %fedora)/kylegospo-system76-scheduler-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-system76-scheduler.repo && \
     wget https://copr.fedorainfracloud.org/coprs/kylegospo/hl2linux-selinux/repo/fedora-$(rpm -E %fedora)/kylegospo-hl2linux-selinux-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-hl2linux-selinux.repo
 
 # Install new packages
 RUN rpm-ostree install \
     distrobox \
-    steam \
-    gamescope \
-    gamescope-session \
-    jupiter-fan-control \
-    jupiter-hw-support-btrfs \
-    steamdeck-kde-presets \
-    gamemode \
-    latencyflex-vulkan-layer \
-    hl2linux-selinux \
+    steamdeck-kde-themes \
     wallpaper-engine-kde-plugin \
-    vkBasalt \
-    mangohud \
     duperemove \
     kdeconnectd \
+    system76-scheduler \
+    hl2linux-selinux \
     btop \
     fish \
     kate
 
-# Install dock updater, this is done manually as it has proprietary parts and cannot be built in Copr.
-RUN git clone https://github.com/KyleGospo/jupiter-dock-updater-bin.git && \
-    mv -v jupiter-dock-updater-bin/packaged/usr/lib/jupiter-dock-updater /usr/lib/jupiter-dock-updater
-
 # Remove unneeded packages
 RUN rpm-ostree override remove toolbox
 
 # Cleanup & Finalize
 RUN sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-bazzite.repo && \
-    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-latencyflex.repo && \
+    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-system76-scheduler.repo && \
     sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-hl2linux-selinux.repo && \
     sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/user.conf && \
     sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/system.conf && \
@@ -51,4 +45,59 @@ RUN sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-bazzite.re
         /tmp/* \
         /var/* && \
     mkdir -p /var/lib/duperemove && \
+    ostree container commit && \
+    mkdir -p /var/tmp && \
+    chmod -R 1777 /var/tmp
+
+FROM bazzite as bazzite-deck
+
+ARG IMAGE_NAME="${IMAGE_NAME}"
+ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION}"
+
+# Add LatencyFlex Copr
+RUN wget https://copr.fedorainfracloud.org/coprs/kylegospo/LatencyFleX/repo/fedora-$(rpm -E %fedora)/kylegospo-LatencyFleX-fedora-$(rpm -E %fedora).repo -O \
+    /etc/yum.repos.d/_copr_kylegospo-latencyflex.repo
+
+# Re-enable Copr
+RUN sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_kylegospo-bazzite.repo && \
+    sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_kylegospo-hl2linux-selinux.repo
+
+# Remove system76-scheduler
+RUN rpm-ostree override remove system76-scheduler
+RUN rm -f /usr/bin/system76-scheduler-dbus-proxy.sh
+
+# Remove steamdeck-kde-themes
+RUN rpm-ostree override remove steamdeck-kde-themes
+
+COPY deck/etc /etc
+COPY deck/usr /usr
+RUN ln -s /usr/bin/steamos-logger /usr/bin/steamos-info && \
+    ln -s /usr/bin/steamos-logger /usr/bin/steamos-notice && \
+    ln -s /usr/bin/steamos-logger /usr/bin/steamos-warning
+
+# Install new packages
+RUN rpm-ostree install \
+    steam \
+    gamescope \
+    gamescope-session \
+    jupiter-fan-control \
+    jupiter-hw-support-btrfs \
+    steamdeck-kde-presets \
+    gamemode \
+    latencyflex-vulkan-layer \
+    vkBasalt \
+    mangohud
+
+# Install dock updater, this is done manually as it has proprietary parts and cannot be built in Copr.
+RUN git clone https://github.com/KyleGospo/jupiter-dock-updater-bin.git && \
+    mv -v jupiter-dock-updater-bin/packaged/usr/lib/jupiter-dock-updater /usr/lib/jupiter-dock-updater
+
+# Cleanup & Finalize
+RUN sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-bazzite.repo && \
+    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-latencyflex.repo && \
+    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-hl2linux-selinux.repo && \
+    rm -rf \
+        /tmp/* \
+        /var/* && \
+    mkdir -p /var/lib/duperemove && \
     ostree container commit

Containerfile-desktop

@@ -1,43 +0,0 @@
-FROM ghcr.io/ublue-os/kinoite-nvidia:latest
-
-COPY etc-desktop /etc
-COPY usr-desktop /usr
-
-# Re-enable RPMFusion repos & add Copr repos
-RUN sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/rpmfusion-nonfree{,-updates}.repo && \
-    sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/rpmfusion-free{,-updates}.repo && \
-    wget https://copr.fedorainfracloud.org/coprs/kylegospo/bazzite/repo/fedora-$(rpm -E %fedora)/kylegospo-bazzite-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-bazzite.repo && \
-    wget https://copr.fedorainfracloud.org/coprs/kylegospo/system76-scheduler/repo/fedora-$(rpm -E %fedora)/kylegospo-system76-scheduler-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-system76-scheduler.repo && \
-    wget https://copr.fedorainfracloud.org/coprs/kylegospo/hl2linux-selinux/repo/fedora-$(rpm -E %fedora)/kylegospo-hl2linux-selinux-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_kylegospo-hl2linux-selinux.repo
-
-# Install new packages
-RUN rpm-ostree install \
-    distrobox \
-    steamdeck-kde-themes \
-    wallpaper-engine-kde-plugin \
-    duperemove \
-    kdeconnectd \
-    system76-scheduler \
-    hl2linux-selinux \
-    btop \
-    fish \
-    kate
-
-# Remove unneeded packages
-RUN rpm-ostree override remove toolbox
-
-# Cleanup & Finalize
-RUN sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/rpmfusion-nonfree{,-updates}.repo && \
-    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/rpmfusion-free{,-updates}.repo && \
-    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-bazzite.repo && \
-    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-system76-scheduler.repo && \
-    sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_kylegospo-hl2linux-selinux.repo && \
-    sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/user.conf && \
-    sed -i 's/#DefaultTimeoutStopSec.*/DefaultTimeoutStopSec=15s/' /etc/systemd/system.conf && \
-    sed -i 's/#AutomaticUpdatePolicy.*/AutomaticUpdatePolicy=stage/' /etc/rpm-ostreed.conf && \
-    systemctl enable rpm-ostreed-automatic.timer && \
-    rm -rf \
-        /tmp/* \
-        /var/* && \
-    mkdir -p /var/lib/duperemove && \
-    ostree container commit

README.md

@@ -2,7 +2,7 @@
 
 [![build-bazzite](https://github.com/ublue-os/bazzite/actions/workflows/build.yml/badge.svg)](https://github.com/ublue-os/bazzite/actions/workflows/build.yml)
 
-Bazzite is an OCI based off of [ublue-os/kinoite-nvidia](https://github.com/ublue-os/nvidia) that is intended to be an alternative OS for the [Steam Deck](https://www.steamdeck.com/) and a SteamOS-alike for desktops.
+Bazzite is an OCI based off of [ublue-os/kinoite](https://github.com/ublue-os/main) that is intended to be an alternative OS for the [Steam Deck](https://www.steamdeck.com/) and is a SteamOS-alike for desktops.
 
 ### Bazzite is currently in development and should not be used on real hardware under any circumstance. Feel free to test in a VM.
 ### Bazzite is not associated with Valve Software in any way, and maintainers of the Bazzite project are not liable for any damage that may occur during use of the operating system.
@@ -21,7 +21,7 @@ The `latest` tag will automatically point to the latest build.
 
 ## Features
 
-- Start with a base [ublue-os/kinoite-nvidia](https://github.com/ublue-os/nvidia) image
+- Start with a base [ublue-os/kinoite](https://github.com/ublue-os/main) image
 - Adds ported versions of Valve's Steam Deck packages
 - Adds h264 decoding out of the box via RPM Fusion
 - Supports LatencyFleX & vkBasalt out of the box

deck/etc/sysctl.conf

@@ -0,0 +1 @@
+vm.swappiness=35

deck/etc/systemd/user/distrobox-upgrade-automatic.service

@@ -4,5 +4,4 @@ Description=distrobox-upgrade Automatic Update
 [Service]
 Type=simple
 ExecStart=/usr/bin/distrobox-upgrade --all
-ExecStartPost=/usr/bin/distrobox-enter -n bazzite-arch -- '  paru -Syu --noconfirm'
 StandardOutput=null

etc-desktop/default/duperemove

@@ -1,5 +0,0 @@
-# Dir to store hash files. Each instance has own, named by $(systemd-escape <instance>).hashfile
-HashDir=/var/lib/duperemove
-# Additional options for duperemove binary
-OPTIONS="--skip-zeroes --hash=xxhash"
-

etc-desktop/sysctl.conf

@@ -1,4 +0,0 @@
-vm.swappiness=35
-vm.max_map_count=1048576
-net.core.default_qdisc=fq
-net.ipv4.tcp_congestion_control=bbr

etc-desktop/systemd/system/duperemove-weekly@.timer

@@ -1,18 +0,0 @@
-[Unit]
-# Usage: systemctl enable --now duperemove-weekly@$(systemd-escape <path>).timer
-# Utilize %J specifier for duration set.
-# One can hardlink/copy with 'weekly' part changed
-# to set other duration.
-Description=Deduplicate %I at calendar event (%J)
-After=local-fs.target
-Requires=local-fs.target
-Conflicts=shutdown.target rescue.target rescue.service emergency.service
-
-[Timer]
-Unit=duperemove@%i.service
-RandomizedDelaySec=30
-Persistent=true
-OnCalendar=%J
-
-[Install]
-WantedBy=multi-user.target

etc-desktop/systemd/system/duperemove@.service

@@ -1,22 +0,0 @@
-[Unit]
-Description=Recursive deduplication at %I
-Documentation=man:duperemove(8)
-Documentation=https://github.com/markfasheh/duperemove.git
-Conflicts=shutdown.target rescue.target rescue.service emergency.service
-After=local-fs.target
-Before=shutdown.target
-
-[Service]
-Type=simple
-Environment="HashDir=/var/lib/%p"
-EnvironmentFile=-/etc/default/%p
-MemoryHigh=1G
-IOWeight=25
-CPUWeight=25
-Nice=18
-IOSchedulingClass=idle
-CPUSchedulingPolicy=idle
-ExecStartPre=/bin/mkdir -p ${HashDir}
-ExecStartPre=-/bin/df -h %I
-ExecStart=/usr/sbin/duperemove --hashfile=${HashDir}/%i.hashfile -r -d -h $OPTIONS %I
-ExecStopPost=-/bin/df -h %I

etc-desktop/systemd/user/distrobox-upgrade-automatic.timer

@@ -1,9 +0,0 @@
-[Unit]
-Description=distrobox-upgrade Automatic Update Trigger
-
-[Timer]
-OnBootSec=1h
-OnUnitInactiveSec=1d
-
-[Install]
-WantedBy=timers.target

etc-desktop/systemd/user/flatpak-upgrade-automatic.service

@@ -1,12 +0,0 @@
-[Unit]
-Description=flatpak Automatic Update
-Documentation=man:flatpak(1)
-Wants=network-online.target
-After=network-online.target
-
-[Service]
-Type=oneshot
-ExecStart=/usr/bin/flatpak update -y
-
-[Install]
-WantedBy=multi-user.target

etc-desktop/systemd/user/flatpak-upgrade-automatic.timer

@@ -1,10 +0,0 @@
-[Unit]
-Description=flatpak Automatic Update Trigger
-Documentation=man:flatpak(1)
-
-[Timer]
-OnBootSec=1h
-OnUnitInactiveSec=1d
-
-[Install]
-WantedBy=timers.target

etc/sysctl.conf

@@ -1 +1,4 @@
 vm.swappiness=35
+vm.max_map_count=1048576
+net.core.default_qdisc=fq
+net.ipv4.tcp_congestion_control=bbr

etc/systemd/user/distrobox-upgrade-automatic.service

@@ -4,4 +4,5 @@ Description=distrobox-upgrade Automatic Update
 [Service]
 Type=simple
 ExecStart=/usr/bin/distrobox-upgrade --all
+ExecStartPost=/usr/bin/distrobox-enter -n bazzite-arch -- '  paru -Syu --noconfirm'
 StandardOutput=null