mkosi: Adapt configuration to take into account configuration rework

In https://github.com/systemd/mkosi/pull/2847, the '@' specifier is
removed, CLI arguments take priority over configuration files again
and the "main" image is defined at the top level instead of in
mkosi.images/. Additionally, not every setting from the top level
configuration is inherited by the images in mkosi.images/ anymore,
only settings which make sense to be inherited are inherited.

This commit gets rid of all the usages of '@', moves the "main" image
configuration from mkosi.images/system to the top level and gets rid
of various hacks we had in place to deal with quirks of the old
configuration parsing logic.

We also remove usages of Images= and --append as these options are
removed by the mentioned PR.

1 files changed, 95 insertions, 12 deletions

diff --git a/mkosi.conf b/mkosi.conf
index 38d6e8331a..c90f5bfc77 100644
--- a/mkosi.conf
+++ b/mkosi.conf
@@ -1,17 +1,28 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
 
 [Config]
-@Images=system
 MinimumVersion=23~devel
+InitrdInclude=mkosi.initrd/
 
 [Output]
-@OutputDirectory=build/mkosi.output
-@BuildDirectory=build/mkosi.builddir
-@CacheDirectory=build/mkosi.cache
+RepartDirectories=mkosi.repart
+OutputDirectory=build/mkosi.output
+BuildDirectory=build/mkosi.builddir
+CacheDirectory=build/mkosi.cache
 
 [Content]
-@SELinuxRelabel=no
+SELinuxRelabel=no
 BuildSourcesEphemeral=yes
+Autologin=yes
+
+PostInstallationScripts=mkosi.sanitizers.chroot
+ExtraTrees=
+        mkosi.crt:/usr/lib/verity.d/mkosi.crt # sysext verification key
+        mkosi.leak-sanitizer-suppressions:/usr/lib/systemd/leak-sanitizer-suppressions
+        mkosi.coredump-journal-storage.conf:/usr/lib/systemd/coredump.conf.d/10-coredump-journal-storage.conf
+
+Environment=
+        SYSTEMD_REPART_OVERRIDE_FSTYPE_ROOT=%F
 
 # Adding more kernel command line arguments is likely to hit the kernel command line limit (512 bytes) in
 # various scenarios. Consider adding support for a credential instead if possible and using that.
@@ -43,13 +54,85 @@ KernelCommandLine=systemd.crash_shell
 KernelModulesInitrdExclude=.*
 KernelModulesInitrdInclude=default
 
+ExtraTrees=
+        %O/minimal-0.root-%a.raw:/usr/share/minimal_0.raw
+        %O/minimal-0.root-%a-verity.raw:/usr/share/minimal_0.verity
+        %O/minimal-0.root-%a-verity-sig.raw:/usr/share/minimal_0.verity.sig
+        %O/minimal-1.root-%a.raw:/usr/share/minimal_1.raw
+        %O/minimal-1.root-%a-verity.raw:/usr/share/minimal_1.verity
+        %O/minimal-1.root-%a-verity-sig.raw:/usr/share/minimal_1.verity.sig
+        %O/minimal-base:/usr/share/TEST-13-NSPAWN-container-template
+        %O/exitrd:/exitrd
+
+InitrdPackages=
+        btrfs-progs
+        findutils
+        grep
+        sed
+
+Packages=
+        acl
+        attr
+        bash-completion
+        bpftrace
+        btrfs-progs
+        clang
+        coreutils
+        curl
+        diffutils
+        dnsmasq
+        dosfstools
+        e2fsprogs
+        findutils
+        gdb
+        grep
+        gzip
+        jq
+        kbd
+        kexec-tools
+        kmod
+        knot
+        less
+        lld
+        llvm
+        lvm2
+        man
+        mdadm
+        mtools
+        nano
+        nftables
+        nvme-cli
+        opensc
+        openssl
+        p11-kit
+        pciutils
+        python3
+        qrencode
+        radvd
+        rsync
+        sed
+        socat
+        strace
+        systemd
+        tar
+        tmux
+        tree
+        udev
+        util-linux
+        valgrind
+        which
+        wireguard-tools
+        xfsprogs
+        zsh
+        zstd
+
 [Host]
 Credentials=journal.storage=persistent
-@Incremental=yes
-@RuntimeBuildSources=yes
-@RuntimeScratch=no
-@QemuSmp=2
-@QemuSwtpm=yes
-@QemuVsock=yes
-@QemuKvm=yes
+Incremental=yes
+RuntimeBuildSources=yes
+RuntimeScratch=no
+QemuSmp=2
+QemuSwtpm=yes
+QemuVsock=yes
+QemuKvm=yes
 ToolsTreePackages=virtiofsd