📖 Landing pública: https://lobinuxsoft.github.io/yaguarete_os/ Las ISOs de cada release
:stablese publican como GitHub Release + se acumulan en items permanentes per-variant en archive.org bajo creatorlobinuxsoft(listado). Items:yaguarete-os-{base,nvidia,nvidia-open,deck}; cada nuevo stable agrega un file dated dentro del item (yaguarete_os[-VARIANT]-testing-<F>.<YYYYMMDD>-live-amd64.iso). Para usuarios bootc,bootc switch ghcr.io/lobinuxsoft/<image>:stable(o:unstablepara rolling).
A bootable, image-based Linux distribution built on top of Bazzite using the Universal Blue toolchain.
YaguareteOS combines:
- Gaming-ready base — inherits Steam, Proton-GE, GameMode, gamescope, MangoHud and the latest AMD/Mesa drivers from Bazzite.
- Image-based atomic updates — built on
bootc. Rebase, rollback, and reproducible builds out of the box. - Sovereign supply chain — built and signed in our own CI; rebase URL points to our own OCI registry (
ghcr.io/lobinuxsoft/yaguarete_os). - Argentine cultural identity — Guaraní naming (Yaguareté, Yryvu), Spanish-first defaults,
es-ARlocale, native wallpapers. Cultural, not governmental: no state-identity / fiscal / control tooling is bundled.
Production. Four image variants live on ghcr.io/lobinuxsoft/yaguarete_os{,-deck,-nvidia,-nvidia-open} with automated stable promotion from unstable → testing → stable. Weekly cadence. Pipeline includes signed container builds (cosign), ISO/qcow2 generation via bootc-image-builder, and permanent archival of every :stable release to archive.org.
Beyond the Bazzite-inherited gaming stack, YaguareteOS ships:
- Portal yafti — first-boot welcome wizard (run-once gated) plus an Apps page with install/update/uninstall for every component below. ~80 items across 8 tabs, all normalised to
install/update/uninstallwith status badges where the underlying recipe supports it. - Yaguareté Apps suite — custom installers for Yryvu (Tauri 2 Git client), Tatu (Steam backlog tracker), Eden (Switch emulator with firmware + prod.keys automation + EmuDeck SRM integration), Antigravity IDE (Google Gemini, APT repo with SHA256 verify), and Antigravity CLI.
ujust yaguarete-fsr4— auto-detect GPU (RDNA 3 / RDNA 4) and wire FSR4 upgrade with the correct Proton fork. Useful upgrade path for OneXFly / RDNA 3 handhelds.- Aurora-style image versioning —
rpm-ostree statusreports a human-readable<fedora>.<YYYYMMDD>so users can correlate updates with the release calendar. - LACT integration — manual AMDGPU control (fan curve, OC/UV, live metrics) via Flathub, one-click from the Portal.
- Multi-device target — desktop AMD (RX 9070 XT class), handhelds (Steam Deck, OneXFly, ROG Ally), NVIDIA proprietary and open kernel module variants — single source tree, one Containerfile, matrix CI across the four.
Tracked via GitHub Issues. Open items: see milestones and the next-session label for what is queued next. Sesión V (2026-05-23) brainstorm settled the post-pivot positioning on handheld-first multi-device with the Yaguareté apps ecosystem and Argentine cultural identity at the surface.
YaguareteOS does not hide its lineage. We derive from Bazzite (Apache 2.0), which itself derives from Universal Blue on top of Fedora Atomic, and we keep upstream references explicit throughout this repository.
Why we attribute openly. Digital sovereignty here means controlling the pipeline — signing keys, build infrastructure, distribution registry, project governance, branding — not hiding technical inheritance. Sibling Universal Blue derivatives such as Bluefin and Aurora attribute upstream openly; we follow the same principle. Honesty about what we inherit is what allows users to audit and trust what we add.
What is sovereign in YaguareteOS:
- The build pipeline (our CI, our runners, our policies).
- The signing keypair (
cosign.pubin this repo, private key offline). - The distribution registry (
ghcr.io/lobinuxsoft/yaguarete_os). - Branding, locale, theming and curated software layer.
- Project governance, roadmap, and release cadence.
What is inherited and credited:
- Base image: Bazzite stable.
- Build system and project layout: Universal Blue
image-template. - Atomic update model:
bootc, Fedora Atomic. - Gaming stack: Steam, Proton-GE, GameMode, gamescope, MangoHud, Mesa.
Is a free, image-based, gaming-and-development-first KDE distribution with Argentine cultural identity at the surface. Optimised for desktop and handheld play, dev tooling, and privacy-respecting defaults. Argentine because the maintainer is Argentine — Guaraní project naming, Spanish-first UI, AR locale, native wallpapers.
Is not a state-aligned platform. YaguareteOS deliberately does not ship:
- Government-issued root certificates or trust-store extensions (ONTI, etc.).
- Pre-installed shortcuts or apps tied to state identity, fiscal control, social registries or surveillance pipelines (AFIP, ANSES, Mi Argentina, billetera estatal, etc.).
- Mirrors hosted on state infrastructure as the canonical pull path.
- Compliance tooling that requires user identification to use the OS.
Privacy and freedom take precedence over locale compliance. If you want those integrations, fork — the model exists for exactly that. The maintainer's roadmap stays on dev + gaming + privacy, with a hardened variant (#25) as the natural escalation for security-conscious users.
Requires just, podman and a bootc-capable host (Bazzite, Bluefin, Aurora, or Fedora Atomic).
Verified on Bazzite Stable F43. Other bootc hosts should work but are untested.
just>= 1.47podman>= 5.8- Sudo access — the
bootc-image-builderstep writes its output as root inside a--privilegedcontainer - ~17 GB free disk — ~12 GB for the OCI image (in podman storage) and ~5 GB for the qcow2 (sparse; peaks higher mid-build)
- Storage on a real POSIX filesystem (btrfs / ext4 / xfs). NTFS via
fuseblkis not supported — qcow2 generation requires real ownership, sparse files and extended attributes - A graphical session (X11 or Wayland) for
run-vm-qcow2— it opens a QEMU window
just build # build OCI image -> localhost/yaguarete_os:latest
just build-qcow2 # build VM disk -> output/qcow2/disk.qcow2
just run-vm-qcow2 # boot the qcow2 in a QEMU VMjust build-qcow2 pulls quay.io/centos-bootc/bootc-image-builder:latest (~500 MB) on first run. Subsequent builds reuse the cached builder.
Total time on a Ryzen-class workstation with NVMe: ~6 min for build, ~5 min for build-qcow2.
See Justfile for the full task list (ISO, raw, rebuild variants, spawn-vm via systemd-vmspawn for headless hosts).
Sudo password prompt at the end of build-qcow2. Expected. The _build-bib recipe ends with sudo mv -f to relocate root-owned output from the privileged container into output/. Enter your password when prompted.
run-vm-qcow2 fails to open a window over SSH. No graphical session attached. Use just spawn-vm (systemd-vmspawn) for headless boot, or run from a local TTY with $DISPLAY / $WAYLAND_DISPLAY set.
Containerfile FROM bazzite:stable + overlay system_files/ + run build_files/build.sh
build_files/build.sh package installs and systemd unit enables (runs inside the build)
system_files/ overlay copied verbatim into the image rootfs (wallpapers, configs)
disk_config/ bootc-image-builder TOMLs for ISO / qcow2 / raw outputs
.github/workflows/ CI: build container + build disk images
docs/adr/ Architecture Decision Records (the *why* behind major choices)
Justfile task runner (build, test, run-vm, clean, etc.)
If you already run a bootc-based system (Bazzite, Bluefin, Aurora, or any Fedora Atomic image), you can rebase to YaguareteOS without reinstalling.
Branding state. Argentine branding (Plymouth boot splash, Guaraní wallpapers, locale defaults, motd) is shipped today. Visual polish (custom Plasma theme, refined press kit assets) is still in progress under #20. Expect a Bazzite-derived but YaguareteOS-branded desktop.
- A working
bootcsystem (runsudo bootc statusto confirm). - Root access on the target host.
- Network access to
ghcr.ioandraw.githubusercontent.com. cosignavailable (rpm-ostree install cosignif missing, then reboot).
YaguareteOS ships four KDE variants. Pick the one that matches your hardware:
| Image | When to use | Upstream base |
|---|---|---|
yaguarete_os |
AMD / Intel desktop. Default for most users. | bazzite:stable |
yaguarete_os-nvidia |
NVIDIA GPU with the proprietary driver. | bazzite-nvidia:stable |
yaguarete_os-nvidia-open |
NVIDIA GPU with the open kernel module (Turing+, server use). | bazzite-nvidia-open:stable |
yaguarete_os-deck |
Handheld (Steam Deck, OneXFly, ROG Ally) — boots into game mode. | bazzite-deck:stable |
GNOME variants are intentionally not offered; this is a KDE-only project. NVIDIA via nouveau is not a separate variant — users on NVIDIA hardware should pick -nvidia or -nvidia-open and stay there.
Within each variant, three channels are available:
| Tag | When to use |
|---|---|
:stable |
Recommended. Latest validated build (manually promoted from testing). What you want for daily use. |
:testing |
Rolling tip of testing. Pre-release validation. |
:unstable |
Rolling tip of unstable. Tester / contributor channel. May break. |
:<channel>-<fedora>.<YYYYMMDD> |
Pin to a specific build (e.g. :stable-44.20260514). |
The examples below use the base variant on :stable. Substitute <variant> and <tag> for your case.
Never switch to an unverified image. Pull the public key from testing and verify the target tag:
VARIANT=yaguarete_os # or yaguarete_os-nvidia | yaguarete_os-nvidia-open | yaguarete_os-deck
cosign verify \
--key https://raw.githubusercontent.com/lobinuxsoft/yaguarete_os/testing/cosign.pub \
ghcr.io/lobinuxsoft/${VARIANT}:stableA successful verification prints the signed claims (issuer, subject, digest). If it fails, stop: do not rebase.
sudo bootc switch ghcr.io/lobinuxsoft/${VARIANT}:stablebootc switch stages the new image as the next boot entry. Your current system stays untouched on disk until you reboot.
sudo systemctl rebootAfter login, verify you booted into YaguareteOS:
sudo bootc statusThe Booted image should be ghcr.io/lobinuxsoft/${VARIANT}:stable with the digest from Step 1.
bootc keeps the previous deployment as a rollback target. If anything is wrong:
sudo bootc rollback
sudo systemctl rebootThis swaps the boot order back to your previous image (e.g. Bazzite). The YaguareteOS deployment is preserved on disk and can be re-promoted with bootc rollback again.
To pin yourself permanently back to the source image, run bootc switch against its registry URL (e.g. ghcr.io/ublue-os/bazzite:stable) and reboot.
If you accidentally ran sudo bootc switch to a non-YaguareteOS ref (for example you typed ghcr.io/ublue-os/bazzite-deck:stable while testing) and want to come back without reinstalling from ISO, run:
ujust yaguarete-rescueThe command detects your hardware (handheld → deck, NVIDIA GPU → nvidia, otherwise base), shows you the target image, asks for confirmation, then stages the switch. Reboot to apply. Optional argument selects the ref (stable by default):
ujust yaguarete-rescue testing # pre-release
ujust yaguarete-rescue unstable # rollingIf you're already on YaguareteOS, the command is a no-op and points you at sudo bootc upgrade instead.
YaguareteOS enables uupd.timer (Universal Blue updater) by default. Once a day at 04:00 the timer runs hardware pre-flight checks (battery, network, memory, CPU load) and, if they pass, pulls the latest image of your current ref (:stable, :testing or :unstable) and stages it. The new deployment is applied on your next reboot — there is no forced reboot. If the system is off or suspended at 04:00, the timer fires on resume (Persistent=true).
The upstream bootc-fetch-apply-updates.timer is masked on purpose: its service runs bootc upgrade --apply which reboots the moment a new image is staged, which on :unstable (frequent CI builds) caused unexpected reboots every 1-3 h on handheld hardware.
To opt out of automatic updates:
sudo systemctl disable --now uupd.timerTo re-enable later:
sudo systemctl enable --now uupd.timerYou can still pull on demand with sudo bootc upgrade or uupd regardless of the timer state.
All images published to ghcr.io/lobinuxsoft/yaguarete_os are signed with cosign. The public key (cosign.pub) lives at the root of this repository, and is also reachable at https://raw.githubusercontent.com/lobinuxsoft/yaguarete_os/testing/cosign.pub.
# Verify any tag
cosign verify \
--key https://raw.githubusercontent.com/lobinuxsoft/yaguarete_os/testing/cosign.pub \
ghcr.io/lobinuxsoft/yaguarete_os:stableA successful verification means the image was built and signed by the official YaguareteOS CI pipeline. If verification fails, do not rebase to that image.
Significant choices about the project — base image, design philosophy, image variants — are documented as Architecture Decision Records under docs/adr/. Start with the ADR index for the catalog and the rationale behind each entry.
Apache License 2.0 — see LICENSE.
Yaguareté: the largest feline of South America, a national symbol of Argentine wildlife.