feat: system setup + groups setup

build.sh

@@ -36,6 +36,10 @@ cp /tmp/build/flatpak-setup.service /usr/lib/systemd/user/flatpak-setup.service
 #### Services
 
 systemctl enable docker.socket
+systemctl enable incus.socket
 systemctl enable podman.socket
 systemctl enable tailscaled.service
 systemctl enable -f --global flatpak-setup.service
+
+systemctl enable azure-system-setup.service
+systemctl enable azure-groups.service

files/usr/lib/systemd/system/azure-groups.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Add wheel members to docker, incus and libvirt groups
+
+[Service]
+Type=oneshot
+ExecStart=/usr/libexec/azure-groups
+Restart=on-failure
+RestartSec=30
+StartLimitInterval=0
+
+[Install]
+WantedBy=default.target

files/usr/lib/systemd/system/azure-system-setup.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Configure system
+After=rpm-ostreed.service
+Before=systemd-user-sessions.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/libexec/azure-system-setup
+
+[Install]
+WantedBy=multi-user.target

files/usr/libexec/azure-groups

@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+# SCRIPT VERSION
+GROUP_SETUP_VER=1
+GROUP_SETUP_VER_FILE="/etc/azure/groups"
+GROUP_SETUP_VER_RAN=$(cat "$GROUP_SETUP_VER_FILE")
+
+# Run script if updated
+if [[ -f $GROUP_SETUP_VER_FILE && "$GROUP_SETUP_VER" = "$GROUP_SETUP_VER_RAN" ]]; then
+  echo "Group setup has already run. Exiting..."
+  exit 0
+fi
+
+# Setup Groups
+wheelarray=($(getent group wheel | cut -d ":" -f 4 | tr  ',' '\n'))
+for user in $wheelarray
+do
+  usermod -aG docker $user
+  usermod -aG incus-admin $user
+  usermod -aG libvirt $user
+done
+
+# Prevent future executions
+echo "Writing state file"
+echo "$GROUP_SETUP_VER" > "$GROUP_SETUP_VER_FILE"

files/usr/libexec/azure-system-setup

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+mkdir -p /etc/azure