ostree_deployment: enable/disable services also using presets

Extend the `OSTreeDeployment` pipeline implementation to enable /
disable services also using systemd presets in case Ignition is being
used.

The pipeline already enables / disables services using the Systemd
stage, which calls `systemctl`, but on some systems (since Fedora 37),
Systemd will reset all enabled / disabled services based on system
presets on first boot. This is not a problem for our images in general,
since they contain fake machine-id, which makes systemd think that the
system is not booting for the first time. This is however not the case
when Ignition is being used, since it signals to systemd to treat the
first boot as an actual first boot.

Enabling systemd services using `systemctl` is still kept in the
pipeline, since the end result will be the same even if services are
enabled / disabled multiple times via different means.

Related to:
osbuild/osbuild-composer#3634
https://fedoraproject.org/wiki/Changes/Preset_All_Systemd_Units_on_First_Boot

Signed-off-by: Tomáš Hozza <thozza@redhat.com>

pkg/manifest/ostree_deployment.go

@@ -247,6 +247,18 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline {
 				"systemd.condition-first-boot=true",
 			},
 		}))
+
+		// We enable / disable services below using the systemd stage, but its effect
+		// may be overridden by systemd which may reset enabled / disabled services on
+		// firstboot (which happend on F37+). This behavior, if available, is triggered
+		// only when Ignition is used. To prevent this and to not have a special cases
+		// in the code based on distro version, we enable / disable services also by
+		// creating a preset file.
+		if len(p.EnabledServices) != 0 || len(p.DisabledServices) != 0 {
+			presetsStage := osbuild.GenServicesPresetStage(p.EnabledServices, p.DisabledServices)
+			presetsStage.MountOSTree(p.osName, commit.Ref, 0)
+			pipeline.AddStage(presetsStage)
+		}
 	}
 
 	// if no root password is set, lock the root account