What is nspawn.org?
nspawn.org is a hub for various images. Basically we take full advantage of mkosi to generate images of several Linux distributions like
Ah okay. So it’s like Docker-Hub!
Yes and no. We offer container images for
systemd-nspawn, but we offer full bootable
GPT-UEFI images as well.
Is this service secure?
Of course we can’t guarantee 100% security, but we do our best, to keep the images as secure as possible. All images are generated by
mkosi and the original source of the distribution (
yum/dnf). Furthermore we generate
SHA256 checksums for all our images and sign these checksums with our master key. The cool part is, you don’t need to bother about this, because
systemd-machined takes care about verifying the checksum and signature for you.
Do I need systemd for nspawn.org
Ok, cool. How does nspawn.org work?
You have two options. The easy way via our wrapper
nspawn or the manually way via the
If you want to use the wrapper
nspawn you can find it here: https://github.com/nspawn/nspawn
If you want to do it manually, here is a short tutorial:
First you need to set up your
/etc/systemd/import-pubring.gpg keyring file. You can do this via the following command:
$ sudo gpg --no-default-keyring --keyring=/etc/systemd/import-pubring.gpg --fingerprint
Second you need to import our master key. The master key has the following key id:
You can either download it manually and import it into your keyring or you search it directly via GPG:
$ sudo gpg --no-default-keyring --keyring=/etc/systemd/import-pubring.gpg --search 575DE88794A45D84456D8897A232A512E7D0BA83
Don’t forget to trust our master key, after importing it! If everything is set up, you can go and download your first image. You can find a full list of all images here: https://nspawn.org/storage/list.txt
machinectl pull-tar or
machinectl pull-raw to download the right image (depending on the image type):
$ sudo machinectl pull-<tar|raw> https://nspawn.org/storage/<distribution>/<release>/<type>/image.<type>.xz
$ sudo machinectl pull-tar https://nspawn.org/storage/fedora/29/tar/image.tar.xz
Now you can operate on the imported image as usually via
machinectl start <image name>,
machinectl login <image-name>,
machinectl shell <image-name>, etc.
We recommend the use of our
nspawn wrapper script.