image

Features

System updates are image-based and automatic. Applications are logically separated from the system by using Flatpaks for graphical applications and brew for command line applications.

Bluefin is also “An interpretation of the Ubuntu spirit built on Fedora technology”, which is a certain era of Ubuntu’s history that a significant amount of open source people grew up with, like the Classic X-men. We try to bring that vibe here, we’re the reboot. Chill vibes.

  • Ubuntu-like GNOME layout.
  • Developer Mode - Dedicated developer mode that transforms Bluefin into a powerful cloud native developer workstation.
  • Ptyxis terminal for container-focused workflows
  • Tailscale - included for VPN along with wireguard-tools
    • Use ujust toggle-tailscale to turn it off if you don’t plan on using it.
  • GNOME Extensions Manager included
  • GNOME Software with Flathub:
    • Use a familiar software center UI to install graphical software
    • Warehouse included for flatpak management
  • Quality of Life Features
  • Built on top of the the Universal Blue main image - resulting in easy sharing of benefits:
    • Extra udev rules for game controllers and other devices included out of the box
    • All multimedia codecs included
    • Many improvements from Bazzite: GNOME Triple Buffering, Switcheroo support
    • System designed for automatic staging of updates
      • If you’ve never used an image-based Linux before just use your computer normally
      • Don’t overthink it, just shut your computer off when you’re not using it

Applications

  • Mozilla Firefox, Mozilla Thunderbird, Extension Manager, DejaDup, FontDownloader, Flatseal, and the Clapper Media Player.
  • Core GNOME Applications installed from Flathub:
    • GNOME Calculator, Calendar, Characters, Connections, Contacts, Evince, Firmware, Logs, Maps, NautilusPreviewer, TextEditor, Weather, baobab, clocks, eog, and font-viewer.

Installation Requirements

Review the Fedora Silverblue installation instructions. Some points to consider:

  • Use the Fedora Media Writer to create installation media. Other creation methods may not work properly.
  • Dual booting off of the same disk is unsupported, use a dedicated drive for another operating system and use your BIOS to choose another OS to boot off of. (This is how you should probably always do it anyway)
  • We strongly recommend using automated partitioning during installation, there are known issues with manual partition on Atomic systems and is unnecessary to set up unless you are on a multi-disk system.
  • A stock Bluefin installation is 11GB. Bluefin with developer mode enabled (bluefin-dx) is 19GB.
  • Read the installation runbook below to ensure your device and use case are supported by Bluefin!

In order to set yourself up to success it’s useful to plan out your Bluefin installation into three distinct phases, mirroring the systems operations lifecycle.

Installation Runbook

Here is a short runbook for the Bluefin installation process. Read the entirety of this documentation in order to ensure survival. (In case of a raptor attack).

Day 0 - Planning

Most pain points can be addressed directly by planning ahead of time.

All Users

  • Is your hardware Linux friendly?
    • Do you understand the limitations of having an Nvidia GPU? (If applicable?)
    • Does the hardware require an out of tree kernel module? This may lead to long term maintenance issues.
    • Does the software you use require an out of tree kernel module?
      • VirtualBox and VMWare are not supported
      • Nvidia, Xbox One Controller Support, wl drivers, and v4l2loopback are supported. (These are “best effort”, in certain cases we cannot control third party software that breaks with newer versions of the Linux kernel)
    • Is your wireless card supported by Linux?
      • Poorly supported cards include Broadcom
      • Check USB-Wifi if you are not sure
    • Is your printer/scanner well supported in Linux?
  • Are the applications you depend on well supported on Flathub?
  • Does your VPN provider provide a wireguard configuration to import into Network Manager?
  • Dedicated disk ready to go?
    • Bluefin does not support dual booting from the same disk
    • Bluefin does not support rebasing from a pre-existing installation of Fedora
  • Remember that this is a custom Fedora based image, it does move at a brisk pace compared to something like Ubuntu LTS
  • Read this documentation in its entirety, here’s some associated upstream documentation:

Developers

Day 1 - Deployment and Configuration

Deployment

  • Download the right ISO from the website
  • Install the operating system
    • Use the entire disk with automatic partitioning
    • (Optional): Set up Secure Boot
    • (Optional): ujust switch-channel to move to :stable or :latest
  • Set up, test, and verify backups - While the system image is reproducible data, your user data in your home folder still needs to be backed up. Bluefin ships with two backup utilities depending on your preference. They are installed as Flatpaks so you can remove the one you don’t use. rclone and restic are also preinstalled if you prefer command line tools

Configuration

The rest of these steps are user specific configuration and something that we tend to leave up to you. Automating this step is a good place to use tools like chezmoi for dotfile configuration and syncing: brew install chezmoi

Since the user space is all in your home directory, just about any tool you use to automate this step should work as you expect. Ideally, configuration that you might have done at the system level in the past is configured at your user level now, leading to a clean seperation between user configuration and the system image.

  • Software Installation
    • Use GNOME Software to install Flatpaks
      • (Optional): Use Flatseal to manage Flatpak permissions if appropriate
    • (Optional): Install Command line applications via brew
  • Post-installation Configuration
  • (Optional) Developer Configuration
    • ujust devmode and follow the directions
    • Start VSCode and configure your settings and extensions

Day 2 - Operations and Maintenance

Bluefin strives to make maintenance as easy as possible, however many of the automated tasks can be run manually.

  • Run a System Upgrade via the menu option or ujust update to observe an update and reboot
    • ujust changelogs will show incoming changes and updates coming from Fedora
    • ujust bios will reboot the machine and enter the BIOS/UEFI menu. This is useful for booting into a Windows drive
  • Subscribe to the announcements tag on the Universal Blue forums
  • Understand rebase and rollback procedures
  • Use the Warehouse application to manage Flatpak lifecycle:
    • Pin to an old version or rollback
    • Easily remove applications at once
  • ujust clean-system to clean up old containers and unused flatpak runtimes

And one more piece of advice: The more you invest into day 0, the smoother your day 1 will be, which results in an even smoother day 2. After that, it’s all bragging rights. The fastfetch command will be there to remind you of your milestone:

image

Secure Boot

Secure Boot is supported by default providing an additional layer of security.

Universal Blue supports secure boot with our custom key

After the first installation, you will be prompted to enroll the secure boot key in the mokutil UEFI menu UI (QWERTY keyboard input and navigation).

Then, select “Enroll MOK”, and input “universalblue” as the password

If this step is not completed during the initial setup, you can manually enroll the key by running the following command in the terminal:

ujust enroll-secure-boot-key

If you’d like to enroll this key prior to installation or rebase, download the key and run the following:

sudo mokutil --timeout -1
sudo mokutil --import path/to/public_key.der

You can use mokutil --list-enrolled to confirm that the “ublue kernel” key is listed:

image

If you see ublue akmods\ listed, it is a former key that is soon to be removed. ublue kernel is the current key.

Move on to system administration