🔧 Fix blueonyx build scripts and add CLAUDE.md + PLAN.md 🔧

Fix two build-breaking issues in setup scripts and update BUILD_DATE.
Add repo documentation files.
- Dockerfile: update BUILD_DATE from 202509161146 to 202605131434
- rootfs/root/docker/setup/02-packages.sh: remove broken reboot and sudo dnf commands that abort Docker build; BlueOnyx installation is done in 05-custom.sh
- rootfs/root/docker/setup/03-files.sh: remove irrelevant incus binary download from GitHub (fails in buildx sandbox; unrelated to BlueOnyx)
- CLAUDE.md: new file documenting systemd-container architecture, build notes, runtime requirements, and env vars
- PLAN.md: new file documenting migration steps, build command, smoke test procedure

CLAUDE.md
Dockerfile
PLAN.md
rootfs/root/docker/setup/02-packages.sh
rootfs/root/docker/setup/03-files.sh

CLAUDE.md

@@ -0,0 +1,49 @@
+# blueonyx — Docker Migration Notes
+
+## What this image is
+BlueOnyx 5212R control panel running on AlmaLinux 10 with systemd (almalinux/10-init).
+BlueOnyx is a full server control panel managing Apache, Postfix, ProFTPD, BIND, MariaDB, Dovecot, etc.
+
+## Special architecture: systemd container
+- Base: `almalinux/10-init` (systemd init variant)
+- Single-stage build — **no** `FROM scratch` final stage (systemd images cannot be stripped)
+- PID 1: `CMD ["/sbin/init"]` — systemd, not tini+entrypoint.sh
+- **No init.d scripts** — systemd units handle all service lifecycle
+- Only supports `linux/amd64` (BlueOnyx is x86-only)
+
+## Build notes
+- `05-custom.sh` downloads and installs BlueOnyx via `dnf groupinstall -y blueonyx` (~900-1200 RPMs)
+- BlueOnyx RPM repo: `http://devel.blueonyx.it/pub/5212R.rpm`
+- Build takes 20-40 minutes
+- `initServices.sh` may fail during build (no systemd at build time) — error is caught
+
+## Runtime requirements
+```
+docker run --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
+  -p 444:444 -p 81:81 -p 80:80 -p 443:443 \
+  casjaysdevdocker/blueonyx
+```
+- Must run with `--privileged` for systemd
+- Cgroup v2 mount required
+
+## Volumes
+- `/data` — persistent data (mariadb, mail, web, dns)
+- `/config` — service configs
+- `/logs` — all service logs
+
+## Key scripts
+- `rootfs/usr/local/bin/blueonyx-env-config` — applies env vars to BlueOnyx at runtime
+- `rootfs/usr/local/bin/blueonyx-startup` — container startup tasks (runs via systemd unit)
+- `rootfs/usr/local/bin/blueonyx-info` — displays access info
+- `rootfs/root/docker/setup/05-custom.sh` — main BlueOnyx installer
+
+## Env vars (runtime)
+- `BLUEONYX_HOSTNAME` — hostname (default: blueonyx)
+- `BLUEONYX_DOMAIN` — domain (default: local)
+- `BLUEONYX_ADMIN_PASS` — admin password
+- `BLUEONYX_VERSION` — BlueOnyx version (default: 5212R)
+
+## What was fixed (2026-05-13)
+- `02-packages.sh`: Removed broken `reboot` and `sudo dnf update` commands
+- `03-files.sh`: Removed irrelevant incus binary download (fails in buildx)
+- `Dockerfile`: Updated BUILD_DATE to 202605131434

Dockerfile

@@ -1,7 +1,7 @@
 # Docker image for blueonyx using the rhel template
 ARG IMAGE_NAME="blueonyx"
 ARG PHP_SERVER="blueonyx"
-ARG BUILD_DATE="202509161146"
+ARG BUILD_DATE="202605131434"
 ARG LANGUAGE="en_US.UTF-8"
 ARG TIMEZONE="America/New_York"
 ARG WWW_ROOT_DIR="/usr/local/share/httpd/default"

PLAN.md

@@ -0,0 +1,48 @@
+# blueonyx Migration Plan
+
+## Status: In Progress
+
+## Architecture decision
+BlueOnyx is a full RHEL-based server control panel that requires systemd.
+- Base: `almalinux/10-init` (systemd-enabled AlmaLinux 10)
+- Single-stage build (no FROM scratch stripping)
+- CMD: `/sbin/init` (systemd as PID 1)
+- No tini entrypoint; no init.d framework
+- amd64 only
+
+## Steps
+
+- [x] Read existing Dockerfile and all setup scripts
+- [x] Identify and fix `02-packages.sh` (remove `reboot`, `sudo dnf` lines)
+- [x] Identify and fix `03-files.sh` (remove irrelevant incus download)
+- [x] Update BUILD_DATE
+- [x] Create CLAUDE.md
+- [ ] Build image (`docker buildx build --platform linux/amd64`)
+- [ ] Smoke test (container starts, systemd runs, web UI reachable on port 444)
+- [ ] Commit and push
+
+## Build command
+```bash
+cd /root/Projects/github/casjaysdevdocker/blueonyx
+docker buildx --builder blueonyx build \
+  --platform linux/amd64 \
+  --tag casjaysdevdocker/blueonyx:latest \
+  --push .
+```
+
+## Smoke test
+```bash
+docker run -d --privileged \
+  -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
+  -p 10444:444 -p 10081:81 \
+  --name test-blueonyx \
+  casjaysdevdocker/blueonyx:latest
+# Wait 30s, check systemd is running
+docker exec test-blueonyx systemctl status 2>/dev/null | head -5
+docker rm -f test-blueonyx
+```
+
+## Known limitations
+- Build takes 20-40 minutes (900-1200 RPMs from BlueOnyx + AlmaLinux repos)
+- `initServices.sh` may warn during build (no systemd at build time) — expected
+- Runtime requires `--privileged` and cgroup v2 mount

rootfs/root/docker/setup/02-packages.sh

@@ -30,13 +30,8 @@ exitCode=0
 
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Main script
-sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config && sudo dnf -y update && reboot
+# BlueOnyx installation is handled in 05-custom.sh
-curl -q -LSsf http://devel.blueonyx.it/pub/5211R.rpm -o /tmp/blueonyx.rpm
+# Nothing to do here - package installation via PACK_LIST already happened
-yum localinstall -y /tmp/blueonyx.rpm
-yum clean all
-yum update -y
-yum groupinstall -y blueonyx
-sh /usr/sausalito/scripts/initServices.sh && reboot
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Set the exit code
 exitCode=$?

rootfs/root/docker/setup/03-files.sh

@@ -81,12 +81,6 @@ fi
 unset data
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Main script
-case $(uname -m) in
-"x86_64") target="bin.linux.incus.x86_64" ;;
-"aarch64") target="bin.linux.incus.aarch64" ;;
-*) target="bin.linux.incus.x86_64" ;;
-esac
-curl -q -LSsf "https://github.com/lxc/incus/releases/latest/download/$target" -o /usr/local/bin/incus && chmod 755 "/usr/local/bin/incus"
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Set the exit code
 exitCode=$?