From 1606a88bb08c69f80b266e09556ea83cc05b1fe8 Mon Sep 17 00:00:00 2001
From: Bot der Unbrot <unbrot@obel1x.de>
Date: Tue, 21 Apr 2026 12:17:01 +0200
Subject: [PATCH] Anaconda provisioning: Many fixes, first working autoinstall

---
 ks.cfg                                |  72 +++++++++++++++-----
 ks_base_profiles/basic_pre_script.inc |   8 +--
 system_setup/setup_skel.sh            |   3 +-
 system_setup/setup_system.inc.sh      |   0
 system_setup/setup_system_full.sh     |  93 +++++++++++++++-----------
 system_setup/skel.tar.zst             | Bin 1945 -> 1319 bytes
 system_setup/sync_client_software.sh  |   1 +
 7 files changed, 116 insertions(+), 61 deletions(-)
 mode change 100644 => 100755 system_setup/setup_system.inc.sh

diff --git a/ks.cfg b/ks.cfg
index e60ad5e..5aa913c 100644
--- a/ks.cfg
+++ b/ks.cfg
@@ -1,8 +1,15 @@
-
+#Basic settings:
 graphical
 text
-skipx
-cdrom
+
+# Configure installation method
+url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-43&arch=x86_64"
+repo --name=fedora-updates --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f43&arch=x86_64" --cost=0
+repo --name=fedora-cisco-openh264 --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-cisco-openh264-43&arch=x86_64" --install
+repo --name=rpmfusion-free --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-43&arch=x86_64"
+repo --name=rpmfusion-free-updates --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-updates-released-43&arch=x86_64" --cost=0
+repo --name=rpmfusion-nonfree --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-43&arch=x86_64"
+repo --name=rpmfusion-nonfree-updates --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-updates-released-43&arch=x86_64" --cost=0
 
 # Keyboard layouts
 keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)'
@@ -11,23 +18,53 @@ lang de_DE.UTF-8
 # System timezone
 timezone Europe/Berlin --utc
 
+%pre --log=/root/ks-pre.log
+mkdir /mnt/anaconda_pre
+mount -L OEMDRV /mnt/anaconda_pre
+/bin/sh /mnt/anaconda_pre/ks_base_profiles/basic_pre_script.inc
+%end
+
 %packages
 #@^kde-desktop-environment
+@core
 @admin-tools
 @domain-client
 @system-tools
+@kde-desktop
+@kde-media
+@kde-spin-initial-setup
+@libreoffice
+@office
+@sound-and-video
+@vlc
+openssh-server
+bash
+sudo
+gocryptfs
+htop
+mc
+mediawriter
+pykickstart
+@editors
+@firefox
+thunderbird
+xrdp
+xorgxrdp
+plasma-workspace-x11
+xterm
+flatpak
+btrfs-assistant
+btrbk
+ktorrent
 #@development-tools
-#@editors
-#@firefox
-#@kde-apps
-#@kde-desktop
-#@kde-media
-#@kde-spin-initial-setup
-#@libreoffice
-#@office
-#@sound-and-video
-#@vlc
-
+kdevelop
+git
+ffmpeg
+-kpat
+-kmines
+#Needed by SSSD
+oddjob-mkhomedir
+nss-pam-ldapd
 %end
 
 # System authorization information
@@ -36,8 +73,6 @@ authselect enable-feature with-fingerprint
 # Run the Setup Agent on first boot
 firstboot --enable
 
-timesource --ntp-server=_gateway
-
 # Generated using Blivet version 3.12.1
 ignoredisk --only-use=sda
 # Partition clearing information
@@ -50,5 +85,8 @@ autopart --type=btrfs
 rootpw --iscrypted $y$j9T$jpKVkxaFqL6GH6GAgB0Yb/$oc.rfZgnHNlTAIj/boJeI.ZFf1QHvMF7fymZww9bzE3
 
 %post --log=/root/ks-post.log
-/bin/sh /mnt/tmp/system_setup/setup_system_full.sh install
+mkdir /opt/sys_config
+mount -L OEMDRV /opt/sys_config
+/bin/sh /opt/sys_config/system_setup/setup_system_full.sh install
+umount /opt/sys_config
 %end
diff --git a/ks_base_profiles/basic_pre_script.inc b/ks_base_profiles/basic_pre_script.inc
index 359ecc8..3f0deff 100644
--- a/ks_base_profiles/basic_pre_script.inc
+++ b/ks_base_profiles/basic_pre_script.inc
@@ -24,16 +24,16 @@ fi
 
 # Usually, the pre section is run in the sh- shell, the OEMDRV will be mountet at /mnt/tmp
 # So we need to check if this is the case
-FQFILENAME="/mnt/tmp/ks_base_profiles/basic_pre_script.inc"
+FQFILENAME="/mnt/anaconda_pre/ks_base_profiles/basic_pre_script.inc"
 if [ ! -f ${FQFILENAME} ]; then
     echo "* Error finding the expeted Directory/File structure: Missing File"
     echo "${FQFILENAME}"
-    echo "* Please check to run from Kickstart- Installation, or mount the OEMDRV with this File in /mnt/tmp before."
+    echo "* Please check to run from Kickstart- Installation, or mount the OEMDRV with this File in /mnt/anaconda_pre before."
     exit 1
 fi
 
 # Check if there is a Partition OEMDRV and on which Drive
-source /mnt/tmp/system_setup/setup_system.conf
+/mnt/anaconda_pre/system_setup/setup_system.inc.sh
 OEMDRVINFO=$(blkid | grep 'LABEL="OEMDRV"')
 if [ "${OEMDRVINFO}." == "." ] ; then
     echo "* Error: Required partition with label 'OEMDRV' is not found."
@@ -78,7 +78,7 @@ if [ "${REMPARTS}." != "." ]; then
         for (( i=0; i<${#REMPART}; i++ )); do
             CHAR="${REMPART:$i:1}"
             if [[ "${CHAR}" =~ [0-9] ]]; then
-                PARTNR+="${CHAR}"  # Append if it's a digit
+                PARTNR+="${CHAR}"  # Append if its a digit
             else
                 PARTNR=""  # Reset if a non-digit is encountered
             fi
diff --git a/system_setup/setup_skel.sh b/system_setup/setup_skel.sh
index 9d1d70a..7e5b749 100755
--- a/system_setup/setup_skel.sh
+++ b/system_setup/setup_skel.sh
@@ -14,11 +14,10 @@ cd /etc
 sudo rm -f -r /etc/skel
 sudo tar -xf ${SRCFILE}
 if [ $? -eq 0 ]; then
-    echo "Sucessfully wrote skel new"
+    echo "Sucessfully wrote skel."
     sudo chown -R root:root /etc/skel
     sudo setfacl -R -m u::rwX,g::rX,o::rX /etc/skel
 else
     echo "Something went wrong, please check Output"
 fi
 cd ${EXECDIR}
-
diff --git a/system_setup/setup_system.inc.sh b/system_setup/setup_system.inc.sh
old mode 100644
new mode 100755
diff --git a/system_setup/setup_system_full.sh b/system_setup/setup_system_full.sh
index c7223a7..c5dcd63 100755
--- a/system_setup/setup_system_full.sh
+++ b/system_setup/setup_system_full.sh
@@ -21,7 +21,7 @@
 # - Make it check for what to do each time so that it can be called every startup
 # - Make it callable from anakondas kickstart post- script to setup system at first run
 #   (kickstart post-script must be non-interactive, while first start with systemd can have a service bounf to tty for getting user-input too)
-# - Detect System Environement and make User-Logon- Setup Start after first Logon
+# - Detect System Environment and make User-Logon- Setup Start after first Logon
 #   Supported: Cinnamon, KDE
 # - Not needed: Import Firefox-Cert from IPA automatically at first run to system -> Somehow this is not needed any more, firefox will work from scratch!
 
@@ -32,26 +32,28 @@
 
 # TODO write a doc!
 
-#Load Sytem Settings
+#Load Sytem Settings - MUST BE SOURCED, otherwise Variables will not be available
 source $(dirname "$0")/setup_system.inc.sh
 
-# TODO
-# Install System settings to installed system
-# read system settings from that file
-
-##Step 1 - Install at System boot
+# Setup needed boot- service
 firstrun_prepare()
 {
 #Checking Service
+if [[ -z ${FIRSTRUN_SERVICENAME} ]]; then
+  echo "Error in Config, no Servicename found. Please check your Environment for FIRSTRUN_SERVICENAME."
+  env
+  exit 1
+fi
 FIRSTRUN_SERVICESTATUS=$( systemctl is-enabled ${FIRSTRUN_SERVICENAME} )
 echo "Current Service Status of ${FIRSTRUN_SERVICENAME} is ${FIRSTRUN_SERVICESTATUS}"
-if [ ${FIRSTRUN_SERVICESTATUS} != "enabled" ]; then
+if [ "${FIRSTRUN_SERVICESTATUS}." != "enabled." ]; then
     echo "Installing Service at ${FIRSTRUN_SCRIPTPATH}/${FIRSTRUN_SERVICENAME}"
 ( cat <<EOF | sudo tee ${FIRSTRUN_SCRIPTPATH}/${FIRSTRUN_SERVICENAME}
 [Unit]
 Description=First time setup of this PC
 After=NetworkManager-wait-online.service
-Before=sssd.service
+Before=systemd-user-sessions.service nss-user-lookup.target
+Wants=nss-user-lookup.target
 ConditionKernelCommandLine=!inst.nofirstrun
 
 [Service]
@@ -65,7 +67,7 @@ ExecStart=/bin/sh ${SCRIPTPATH}/${SCRIPTNAME} firstrun_run
 #ExecStart=-/sbin/agetty --noclear -n -l "/bin/sh ${SCRIPTPATH}/${SCRIPTNAME} firstrun_run" %I 38400
 # user interaction in tty8
 StandardInput=tty
-TTYPath=/dev/tty8
+TTYPath=/dev/tty2
 TTYReset=yes
 TTYVHangup=yes
 
@@ -88,7 +90,10 @@ firstrun_remove()
 #Do updates
 upgrade_interactive()
 {
-check_root
+if [ "$EUID" -ne 0 ]; then
+  echo "ERROR: Not running as root, cannot continue."
+  return 1
+fi
 dnf upgrade --refresh
 #Check if restart is needed
 dnf needs-restarting
@@ -109,29 +114,36 @@ fi
 }
 
 #Software needed and additional stuff
+# Moved all to syc_client_software.sh to make it more interactive
 install_sw()
 {
-check_root
-dnf install -y mc htop ipa-client thunderbird pykickstart gocryptfs mediawriter
-flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
-
-#Set default Umask 0077
-sudo cp -f /etc/login.defs /etc/login.defs_backup_${CDATEC8}_${CTIMEC6}
-( sed 's/^UMASK.*022$/UMASK\t077/' /etc/login.defs | sudo tee /etc/login.defs ) >/dev/null
+  if [ "$EUID" -ne 0 ]; then
+    echo "ERROR: Not running as root, cannot continue."
+    return 1
+  fi
+  #Set default Umask 0077
+  sudo cp -f /etc/login.defs /etc/login.defs_backup_${CDATEC8}_${CTIMEC6}
+  ( sed 's/^UMASK.*022$/UMASK\t077/' /etc/login.defs | sudo tee /etc/login.defs ) >/dev/null
+  #Append OEMDRV mount to SYSCONFIGPATH in fstab
+  echo "LABEL=OEMDRV ${SYSCONFIGPATH} btrfs noatime,nodiratime,nofail 0 0" >> /etc/fstab
 }
 
 ipa_register_host()
 {
 #Integrate this PC into Domain
-chvt 8
+chvt 2
 #Check if IPA is already Configured
 echo "Checking for existing IPA- Setup."
 if ( grep -q "${FQDN}" /etc/ipa/default.conf ); then
   echo "IPA is already installed, skipping setup."
+  chvt 1
   return 0
 fi
 echo "IPA not jet installed, doing Setup."
-check_root
+if [ "$EUID" -ne 0 ]; then
+  echo "ERROR: Not running as root, cannot continue."
+  return 1
+fi
 #Serialnr of this device
 echo "This PC is called ${FQDN} and will join Domain ${DOMAIN}"
 #Always set determined hostname - see setup_system.conf
@@ -147,22 +159,41 @@ echo -n "Please Enter your Domain- Userid: "
 read IPAUSERID
 echo -n "Please Enter your Domain- Password: "
 read -s IPAPASSWD
-INSTCMD="ipa-client-install -U --mkhomedir --force-join --no-ntp --principal=${IPAUSERID} --domain=${DOMAIN} --server=${SERVERFQDN_IPA} --hostname=${FQDN} -w ${IPAPASSWD}"
-echo ${INSTCMD}
+echo ""
+INSTCMD="ipa-client-install -U --mkhomedir --force-join --no-ntp --principal=${IPAUSERID} --domain=${DOMAIN} --server=${SERVERFQDN_IPA} -w ${IPAPASSWD}"
+echo "${INSTCMD/${IPAPASSWD}/*PASSWD*}"
 ${INSTCMD}
 if [ $? -ne 0 ]; then
     echo "Some Error. Please check what went wrong and redo."
     return 1
 fi
-echo "The PC was integrated into the Domain. You should now be able to Logon with tha User. If not, restart SSSD- Service and check the Logs."
+echo "The PC was integrated into the Domain. You should now be able to Logon with tha User. If not, check the Logs at /var/sssd."
 echo ""
 echo "ADVISE: for the First Logon, you may use Console (Using e.g. CONTROL+ALT+F3) - as maybe you will be prompted for Changing your Password there"
 echo "which may not work on graphical logon. After that works, use CONTROL+ALT+F2 (or F7) to get back to the graphical logon."
 echo ""
 read -n 1 -s -r -p "Press any key to continue."
+chvt 1
 echo ""
 }
 
+prepare_skel()
+{
+if [ "$EUID" -ne 0 ]; then
+  echo "ERROR: Not running as root, cannot continue."
+  return 1
+fi
+#Copy and extrakt Skel-Archive
+#Include: Autostart for Getting WEB-DAV-Token if not there
+#+An empty Firefox Profile - already integrated into domain with one single Startup-Page: Get Token
+# https://nextcloud.obel1x.de/settings/user/security
+#
+#File was created with from Draft-Folder and then transferred to NC
+#tar -I 'zstd -9' -cf system_setup.tar.zst ~/system_setup
+#
+./setup_skel.sh
+}
+
 test_tty()
 {
   #Use TTY3 and show it
@@ -175,23 +206,10 @@ test_tty()
   echo "========== END ========"
 }
 
-prepare_skel()
-{
-check_root
-#Copy and extrakt Skel-Archive
-#Include: Autostart for Getting WEB-DAV-Token if not there
-#+An empty Firefox Profile - already integrated into domain with one single Startup-Page: Get Token
-# https://nextcloud.obel1x.de/settings/user/security
-#
-#File was created with from Draft-Folder and then transferred to NC
-#tar -I 'zstd -9' -cf system_setup.tar.zst ~/system_setup
-#
-./setup_skel.sh
-}
-
 ### MAIN
 case $1 in
   'install')
+    # Executed after base installation (anaconda post script)
     echo "Mode: Install"
     install_sw
     prepare_skel
@@ -204,7 +222,6 @@ case $1 in
     firstrun_remove
   ;;
   'firstrun_run')
-#    test_tty
     ipa_register_host
     echo "========== END FIRSTRUN-SERVICE ========"
   ;;
diff --git a/system_setup/skel.tar.zst b/system_setup/skel.tar.zst
index 19899346d5bbc8f03d13c0809450a036df17b8f3..453e675588902ad5d058f73b81460326e99e47a8 100644
GIT binary patch
literal 1319
zcmV+?1=#v1wJ-eyVAUu98ci4uF5s$)b3h=}3#WK_qe*it-zr~M+(?P<v;Xz+Gdm<F
z8iu_W6*)^kT_eVb5F6Xf0M!8D0NH!%XTMVNaX1rR@@qNashG{HzAuNGqsF*b{Wjo+
zk8Vr8<Wmc2HtQ?@P>U!NH;F(d6G@Vy2hyuLsGLWwNwH&D)7Q1-a^$4kK<*(|3>T}X
zTPqH=##M9tf0KLl4O|@3O5ql-xK%m1q0FjN^1W_-9N+iq_ck1AO_D@Tk~VTRDfYCs
zamf9FNKT5}<D7#?&PALgdL(Jm*|cWVT=i`n&re_1?2-JDA`*&o4<(8uNF<^}lIU>|
zA|Sv#&-37Mj^dni&m%5I4HTKn1Jr6Y-<9Lv*Lv7zU+$Ihr5G;tPK*z7KhEszP16Al
zw!1mq1}hIiZJMw+WHbvAm#aFs+|B6S+>%V+RZnMi2x<%_Bq%Z$2Mt5Sguz%kbav$n
zQ{m98v6s`5EM-Q&^bpjhg-b-k0f`8xQM*`uj9K-r3n#@+$!t;!1HR3%U5rCeYYY<-
z3N#TH%|tOhU?3zG-q`G|jiNK-@74T9ieirB%gMcQ^ZFSx#s{_5EE(fW_zHznZ^qf#
zYYl1+*n0xil1xe7yt5eCJOQW?zyhs7N|8{U6uIb;bZbS8uc|OyDz>xcuA3}lQJ5GK
zC@g4}R*{HLGKVfj+l+RlQ*qCTOuPDFGMCeu53RCThhjMl(G)Zk<m7&kBZj?-obb{r
z%Xtxy>B?<rSk_xLobB4Fn%b$4#^$2}S7U0G%EiQ>S<0g2ayWCLU36&6=?oT>$WbEq
zM36}Y61j+*I0+?k&OH(dHXEZZ<+!S&F{ZF;<g{j#q6iYXXCk@T*^5kE6uE~ok(@M%
zqKCzmobZ8Kr87Rk!sM{<aIru@&611(_kxf7IN!K=l_^(QV1WovySR9Q<jvB(`W@;m
zjqjD;{8~54?4P|M7h8%QYOT_(*{SWf6uuKPR&Kn$Qyb&!D*2Vak*im}`V<Nzf=D9n
zX^_6R%B*qKR!)j5M*^e)65b|t0|OqC59#TwC<j%Um>Mh?4FkkPkztTI)Cw%k`fYVf
zvh^^9Dj+ueVsLy5kdt~gJFoaFIo^_-F=Lz+luak5v5l)%aiFkZE}l?8@}_{~%_BZI
zqvJ6_NH_#Y_(tUk4ipwlfP`CE9Kb7X57_%)$<<PiZ!@Fy%%Ommpg|Q<3=tX`nP6lj
zNizmuf-y8DGqwTIqCb)NbQ0XqHd+1wzQ{Mge$EskIAti*&UW00tU9C&T92Tx;P94Y
zS63${v;UKMfFxtdGpZYfbNT-fA~3i!CzFh3PFap%@gQuSCK(4nZzeB0Eom$;Jd)!z
zktSjlZ=_P3!2pv?c!4*Q4fIE_?wIX|d@MgihJYuanpL2C4M*Ue42W!lnRE*!LT!?N
z41Dxuu$_Zs&99VrLtia+2$KlV1Ov@))gB~m*5Xs9Eyx+!jBQ%X*;q*mcw-PmV_7;+
zrkjU3HXxKy_KPg;iIb+@099{5#Iy~BmYfg=D1*~n#Q=m{WHO))s>Ud8=t_La2u1k{
z+<k`CXv>dZHz*zeHl5b^Gb~3PD*2QR6-UyxI?kJ!%J{TQORqsrb71GKY9)jWyydDW
z%e#YjlJL-^1Uxv|m4-p9H*lfp02m6lK%gYH3u?cm=zxR(KCJAjhxlV+fQVI{QC)xz
d4=}3^BkAS=YBk-I6F?dia_g0Lx?<Jd@-^0pZlM4G

literal 1945
zcmV;K2WI#vwJ-eySY<o_dR{0IF5s+)9w0bS7?vtCCM?~l{&1z};-S}<w*T<T6=?VH
z?LR37Rz|5;k}yNkhz11-0sR070roQ{L1X>v`b6{W=IK&>wh>sCZ_JZ6Svg9&O^#hA
z{CbFX9cPxQS{Z4RUok@d_38?mg)wcgEIX!Lp78}Ym9MIm6nw!=dsh9rk)mRD_<YOZ
z=<0qYrZlS@j&^EswU$Xb2Bb}s1;l~kvm#f&F5A#7E;m<5J5;plm~~VpMn|aL)Tf$@
zvjza;x&b}MfzOE|2R$&tY_?#ZkBt456H2ue%Rq9D^cn{r2VFys11*U^Q}5T36Q~<c
ziXP`ER7fCcG#V2c>K2@Jf!84CoGTDL&YR{}y1?tkoYZDykC=0f8#B%t7~O!*MbGt%
zpo7tS4|@GPPHMDsl5?&>-GZCzGx`HYlmr%TkMLQ>>$!f{@9FYp7B~KGrZLb(@Iens
zFM6CPlGnl+_=>k;FV<L=t6$aLk5IkkS1%pIeH~LY)7n?<(cRsuTe%Ndw7iw0E4un7
zYgYBFv9aU$G`3s0vnyz(wPqZI&p}SVvKN!k%!{7%AdDd7IOiPb+~cC0*@~qU3rFhV
zo&({7q{o4-A%tE63|smAs%E!yTljH3-<UBaQu-P8YMkgf5rmw_d7x|eKnSDvB5B^I
zuFslT6RkNouH#I4&V!MA90Z|j=e<XY9v3<1F4t!1_vd5sE7t3n!ZD52<Pf3ooaN7$
z$|eqo!ve>HR_*5~pJEt8n{W*l>6UEz@oJ}3#6R8ifB|A+5@EnJT-na}X~*_T#M<Vr
zZe6s`mp=PKX_TMiWpfrG5Cjy72+W=8>k+&*!!$?(hKC8IAtGYojIQn%*{QD7ztO^d
zZPg6ZAT*Gem_!~Z4iONEgyC{+#&1a|9`a*&S6iuHYj)djGfaatL?RR*kceQ~bjNU0
znpK^#OM9`NHM6&3k&$Z5-O>!xnnME#2b72i1u_9)Ac2r*=#1IyxXo)XI(B8->70Mn
z?`l6grDE<2OKD_U%U>V6tZWKL&uFR5S!|7I51G9Q;7a{jpX!TSnt*KrOe270ogKH$
zjc1M5Wo6foxmwwiX4b-;Bh9o2rqlz?!lD=IQ-0mbeVNfOjg7zaH^xqD)=xDOs$+h!
zW?IA7an{pw^eg*9FT6@<9D6#YG2{A;zny;7_^s?fkpn&MNm7QqogLS#ebv0$`PG8F
z0T#Nu?d$^sn)#^T^7ggWe9Wl<L;-_@;s61em_V2`(+v2{a`dVz^(zr`U;#ACcFWVw
z0;-*z*-Ka7UY~ZQ{)MH~R<h=6F$`~CwdrAkL1NJh2I^A=>QfDk($Yr*fsl9zu+S2w
zUU-;bkOWxhii!r%)wf1wZ@zxzvuUI(t@Nas*5rNBb1!m^^d1O4lJh_gbd7_Y_t>08
z*HYs+j`Unh64UUtv==l$9vT=#7$BHdsULwksPUCSh-5@WBuJ7ZX$%ns#3+OeaZu6?
z5?~Nn4CY9RfglD63=t4Qh=3471cV3(A;u75h%_>I1IPr88c~P@J({6V>?}bjLJOa<
zis%mz>re(sgr-oEGFb~UzTl5baB?GMBp#8#=HN_b16po?LL3Oq$dB7<2V~~}S;&BL
z4kR$I4!HgSLFU$Xkh@o^b1!LmsMRC`&n3@igga~q>-g2iYOIq^XV0u}JUNqDM9W7`
z9v$U#TyD^HijT(EtLQQp*_@AiQ>E$r`wOBSq5VP~Iu@B<h)2L%4jAfy*??0GVMKL)
zinWCsa9?P^<urk}Kmf-0&xjV&2aHmH18s9Z3?Y#JBm+c*c4$9f)Cm$oYlFiEtPCiM
z(*_Ks17vD|(G<WF&13(<2FO>K0LT3M`C(;Rt_J|RX~0my56;OAxns5erw(wV^_juF
zE=C$WKRu(xWWdN^ZO>Pn5C^0e=CVUhVjKAJl?oK<pFPFTu!h?DEhn?vBkWA*inGpz
z`bXY(didf<x)LSMV7W>8XNVTNoJe>M>_DnkMD{QvDn|<AJ$VO&nDBtV1n@E00Ln8!
zCNuy(Q5X5Sot9?@ic3DMG=Smi76|S$D6+7T{8roRU<Yw+2mx?0fVOKk09FS(it|&Z
zTO16#e*kq-X&%2rp@0pK4FCceV1^;~RPw75Z5s1*-8%g<U@TtA+@BJ}_b<OG+WyD5
z`S$b<0DOS&!-_%WSGv00WdJ&-{~ON7A_p)B$KSx$5lMo-+$YkB@BtUV4>gy#+T(*?
zKP%@3z{mh07>EH_oLTu_u5L8>R;OMBpzHxK4~UMU^mS|Md-`z!b}X#Zms!z`))&gy
z0Bnx|un-Vwv$a2aLn{AC0|W@Pa}Wb`T=*Vm8$e;eM*bGOkiNIMeuCbeIA4<JP#y7-
z7&x#VB{uKSfZ<OCA=E{3f-7$R;i@09?|f_umH;xYba>?lNxK6=Ey4pdAaKYsgqaQ?
zB-()b1^^*VYH|731FiOeegneXXg_|lnF9pp2W$e&q#%IOGY#PT%Va_V0tZeZK^=^c
f;3$ryu*#dtKSB`hpn;+jIQBiwT~vh>wST@dC8DOX

diff --git a/system_setup/sync_client_software.sh b/system_setup/sync_client_software.sh
index e7d9492..5d296b7 100755
--- a/system_setup/sync_client_software.sh
+++ b/system_setup/sync_client_software.sh
@@ -37,6 +37,7 @@ mkdir -p ${TEMPDIR}
 
 #Install or update Nextcloud com.nextcloud.desktopclient.nextcloud
 echo "Update or install Nextcloud client"
+/usr/bin/flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
 /usr/bin/flatpak install -y --or-update --noninteractive flathub com.nextcloud.desktopclient.nextcloud && echo "Done Update/Install of Nextcloud."
 
 #Sync Files