Bora is your macOS with the Ubuntu Yaru theme. It is a modern, hardened, and declarative operating system configuration runtime engineered to deliver the precise balance of performance, visual polish, and security that makes macOS feel effortless, rendered through the warm and familiar Ubuntu Yaru design language. Every system component from the kernel parameters to the desktop shell extensions is declared in configuration files, making the entire stack reproducible and auditable. The kernel is tuned for desktop interactivity rather than server throughput. The memory manager prioritizes foreground applications over background cache. The system launches dozens of applications simultaneously without perceptible degradation. This is the standard, and every engineering decision is measured against it.
At its core, Bora is a configuration runtime applied to an existing Fedora atomic installation. The system does not generate ISO images and instead adapts its behavior to the desktop environment it discovers at runtime. Three platforms are supported: Fedora Silverblue with the GNOME desktop and Yaru theme delivering the full macOS experience, Fedora Kinoite with KDE Plasma providing a minimal curated desktop free of unnecessary applications, and Fedora Cosmic Atomic with the Rust based COSMIC desktop providing security hardening and resource tuning. Security hardening is baked into the system by default on all variants, incorporating firewalld, auditd, fail2ban, AIDE file integrity monitoring, sysctl kernel hardening, and OOM daemon configuration.
Bora is applied to an existing Fedora atomic installation. Install the variant of your choice from the official Fedora website, apply any pending updates, reboot, and then run the Bora CLI as root. The system detects the variant automatically and executes the appropriate pipeline steps, applying security hardening, installing Yaru themes and Ubuntu fonts on Silverblue, stripping unnecessary KDE applications on Kinoite, or configuring containers and Flatpak on all variants.
The CLI bora utility executes configurations in a strict, sequential order that varies by detected variant. On Silverblue, the pipeline runs packages, security, extensions, assets, desktop, flatpak, and containers steps. On Kinoite, the pipeline consists of packages, security, kde, assets, flatpak, and containers, automatically skipping GNOME specific extension installation and dconf settings. On Cosmic Atomic, the pipeline runs packages, security, assets, flatpak, and containers, skipping both GNOME and KDE specific steps. All system configurations are declared in YAML files within the configuration directory under the source tree. The custom Python loader reads these definitions dynamically, interpolating arguments and executing them using Python subprocess libraries.
The primary bora script provides a unified interface for system administration. The CLI can configure the entire system or target a specific execution step using the step parameter. The tool also provides a dry-run flag to print planned commands without applying changes, and a check flag to verify system compliance against the declarative definitions. To revert the system to a clean baseline, developers can run the reset script. This recovery utility resets desktop properties to default settings, uninstalls all custom packages via rpm-ostree, removes custom fonts, deletes local wallpapers, and refreshes the font cache.
The Bora configuration applies comprehensive kernel and daemon tuning for desktop responsiveness. Security properties are enforced at the system level including stateful firewall rules, public-key-only SSH login with root access completely blocked, kernel hardening through sysctl parameters, and strict file permissions.
The system is tuned aggressively for desktop responsiveness under load, matching the behavior of modern desktop operating systems. Kernel parameters minimize swap activity by setting swappiness to ten, reclaim page cache aggressively when memory pressure rises, and disable NUMA balancing and scheduling autogroups that degrade interactive desktop performance. The Multi-Gen LRU page reclaim algorithm is activated at boot through the kernel command line, providing consistently low page cache latency under memory pressure. A compressed swap device is created in RAM using the zram-generator systemd unit, reducing the need for slow disk-backed swapping when memory is exhausted. The systemd-oomd daemon monitors cgroup memory pressure and terminates offending processes at fifty percent pressure or eighty percent swap usage over ten seconds, while earlyoom provides a system-wide safety net that reacts when free memory drops below five percent or free swap below ten percent. Process limits are raised to support up to half a million threads and two million open file descriptors, with a memory lock ceiling of eight gigabytes for real-time and audio workloads. This combination of kernel tuning, proactive OOM management, and generous process limits allows the desktop to remain responsive even when dozens of applications are running concurrently.
The configuration files are licensed under the MIT license, and the project is fully supported on the official GitHub page at https://github.com/kairosci/bora.