From 84d422c27549ed5307857c068833b8d29b9423c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= <nicolas.masse@itix.fr>
Date: Wed, 7 Jan 2026 19:57:01 +0000
Subject: [PATCH] WiP

---
 .gitignore               |  1 +
 Makefile.common          |  7 ++++---
 base/fcos.bu             |  8 ++++++++
 base/overlay.bu          | 43 ++++++++++++++++++++++++++++++++++++++++
 local.bu.template        | 41 --------------------------------------
 nextcloud/fcos.bu        | 11 ++++++++++
 nginx/fcos.bu            |  9 +++++++++
 postgresql/fcos.bu       |  9 +++++++++
 qemu-user-static/fcos.bu |  9 +++++++++
 9 files changed, 94 insertions(+), 44 deletions(-)
 create mode 100644 base/fcos.bu
 create mode 100644 base/overlay.bu
 create mode 100644 nextcloud/fcos.bu
 create mode 100644 nginx/fcos.bu
 create mode 100644 postgresql/fcos.bu
 create mode 100644 qemu-user-static/fcos.bu

diff --git a/.gitignore b/.gitignore
index 0612e87..10d2b4b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 *.bu
 *.ign
 !fcos.bu
+!overlay.bu
 */butane.blocklist
diff --git a/Makefile.common b/Makefile.common
index 57a818a..755a8a3 100644
--- a/Makefile.common
+++ b/Makefile.common
@@ -294,8 +294,9 @@ butane-prerequisites:
 
 # Build the Butane specifications (configuration files) suitable for Fedora CoreOS.
 # In order to avoid duplications in the ignition files, a blocklist is updated, containing file paths as they are added to the chroot.
+$(PROJECT_NAME).bu: YQ_FILES := $(shell if [ -f "overlay.bu" ]; then echo "- overlay.bu"; else echo "-"; fi)
 $(PROJECT_NAME).bu: butane-prerequisites install-config
-	$(TOP_LEVEL_DIR)/generate-butane-spec.sh $(TARGET_CHROOT) $(BUTANE_BLOCKLIST) $(SYSTEMD_MAIN_UNIT_NAMES) $(SYSTEMD_TIMER_NAMES) > $(PROJECT_NAME).bu
+	$(TOP_LEVEL_DIR)/generate-butane-spec.sh $(TARGET_CHROOT) $(BUTANE_BLOCKLIST) $(SYSTEMD_MAIN_UNIT_NAMES) $(SYSTEMD_TIMER_NAMES) | yq eval-all '. as $$item ireduce ({}; . *+ $$item)' $(YQ_FILES) > $(PROJECT_NAME).bu  
 	@(cat $(TOP_LEVEL_DIR)/butane.blocklist; echo; for file in $$(find "$$TARGET_CHROOT"); do echo "$${file#$$TARGET_CHROOT}"; done) | sort -u | grep -v -E '^$$' > "$(BUTANE_BLOCKLIST)"
 
 # Build the Butane specifications (example files) suitable for Fedora CoreOS.
@@ -403,7 +404,7 @@ console: pre-requisites
 		virsh console fcos-$(PROJECT_NAME); \
 		# Restore the terminal size after disconnecting from the VM console. \
 		# This avoids issues with the terminal being stuck in an incorrect size because \
-		# of the UEFI / Grub TUI messed with the terminal size during a VM reboot. \
+		# the UEFI / Grub TUI messed with the terminal size during a VM reboot. \
 		eval $$(resize -s $$term_size); \
 		echo -e "Disconnected. Reconnecting in 2 seconds...\nPress Ctrl-C to abort.\n"; \
 	done
@@ -433,7 +434,7 @@ clean-post::
 
 # Remove all persistent data and configuration files
 clean: clean-pre pre-requisites
-	rm -f *.bu *.ign butane.blocklist
+	rm -f $(PROJECT_NAME){,-examples}.bu *.ign butane.blocklist
 	@run() { echo $$*; "$$@"; }; \
 	set -Eeuo pipefail; \
 	if [ "$(I_KNOW_WHAT_I_AM_DOING)" != "yes" ]; then \
diff --git a/base/fcos.bu b/base/fcos.bu
new file mode 100644
index 0000000..e6d2395
--- /dev/null
+++ b/base/fcos.bu
@@ -0,0 +1,8 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+    - local: base.ign
+    - local: base-examples.ign
+    - local: local.ign
diff --git a/base/overlay.bu b/base/overlay.bu
new file mode 100644
index 0000000..e928dd6
--- /dev/null
+++ b/base/overlay.bu
@@ -0,0 +1,43 @@
+variant: fcos
+version: 1.4.0
+storage:
+  disks:
+  - device: /dev/vdb
+    wipe_table: false
+    partitions:
+    # Specify the partition number so that FCOS do not try to create a new
+    # partition at each VM redeployment.
+    - number: 1
+      size_mib: 0
+      start_mib: 0
+      label: var
+  filesystems:
+  - path: /var
+    device: /dev/disk/by-partlabel/var
+    format: xfs
+    with_mount_unit: true
+  directories:
+  - path: /var/lib/private/sshd
+    mode: 0700
+  files:
+  - path: /etc/resolv.conf
+    overwrite: true
+    contents:
+      inline: "" # will be updated by NetworkManager
+  - path: /etc/NetworkManager/conf.d/itix.conf
+    contents:
+      inline: |
+        [main]
+        # test
+        rc-manager=file
+systemd:
+  units:
+  - name: systemd-resolved.service
+    enabled: false
+    mask: true
+  - name: sshd-keygen@.service
+    dropins:
+    - name: backup-restore.conf
+      contents: |
+        [Service]
+        ExecStartPost=/bin/bash -c 'if [ -f /var/lib/private/sshd/ssh_host_%i_key ]; then cp -Z /var/lib/private/sshd/ssh_host_%i_key{,.pub} /etc/ssh/; elif [ -f /etc/ssh/ssh_host_%i_key ]; then cp -a /etc/ssh/ssh_host_%i_key{,.pub} /var/lib/private/sshd/; fi'
diff --git a/local.bu.template b/local.bu.template
index d70277c..6414590 100644
--- a/local.bu.template
+++ b/local.bu.template
@@ -1,46 +1,5 @@
 variant: fcos
 version: 1.4.0
-storage:
-  disks:
-  - device: /dev/vdb
-    wipe_table: false
-    partitions:
-    # Specify the partition number so that FCOS do not try to create a new
-    # partition at each VM redeployment.
-    - number: 1
-      size_mib: 0
-      start_mib: 0
-      label: var
-  filesystems:
-  - path: /var
-    device: /dev/disk/by-partlabel/var
-    format: xfs
-    with_mount_unit: true
-  directories:
-  - path: /var/lib/private/sshd
-    mode: 0700
-  files:
-  - path: /etc/resolv.conf
-    overwrite: true
-    contents:
-      inline: "" # will be updated by NetworkManager
-  - path: /etc/NetworkManager/conf.d/itix.conf
-    contents:
-      inline: |
-        [main]
-        # test
-        rc-manager=file
-systemd:
-  units:
-  - name: systemd-resolved.service
-    enabled: false
-    mask: true
-  - name: sshd-keygen@.service
-    dropins:
-    - name: backup-restore.conf
-      contents: |
-        [Service]
-        ExecStartPost=/bin/bash -c 'if [ -f /var/lib/private/sshd/ssh_host_%i_key ]; then cp -Z /var/lib/private/sshd/ssh_host_%i_key{,.pub} /etc/ssh/; elif [ -f /etc/ssh/ssh_host_%i_key ]; then cp -a /etc/ssh/ssh_host_%i_key{,.pub} /var/lib/private/sshd/; fi'
 passwd:
   users:
   - name: core
diff --git a/nextcloud/fcos.bu b/nextcloud/fcos.bu
new file mode 100644
index 0000000..40b9fe3
--- /dev/null
+++ b/nextcloud/fcos.bu
@@ -0,0 +1,11 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+    - local: base.ign
+    - local: nextcloud.ign
+    - local: nextcloud-examples.ign
+    - local: postgresql.ign
+    - local: postgresql-examples.ign
+    - local: local.ign
diff --git a/nginx/fcos.bu b/nginx/fcos.bu
new file mode 100644
index 0000000..3a7fc83
--- /dev/null
+++ b/nginx/fcos.bu
@@ -0,0 +1,9 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+    - local: base.ign
+    - local: nginx.ign
+    - local: nginx-examples.ign
+    - local: local.ign
diff --git a/postgresql/fcos.bu b/postgresql/fcos.bu
new file mode 100644
index 0000000..fd4a364
--- /dev/null
+++ b/postgresql/fcos.bu
@@ -0,0 +1,9 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+    - local: base.ign
+    - local: postgresql.ign
+    - local: postgresql-examples.ign
+    - local: local.ign
diff --git a/qemu-user-static/fcos.bu b/qemu-user-static/fcos.bu
new file mode 100644
index 0000000..d9e4ae0
--- /dev/null
+++ b/qemu-user-static/fcos.bu
@@ -0,0 +1,9 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+    - local: base.ign
+    - local: qemu-user-static.ign
+    - local: qemu-user-static-examples.ign
+    - local: local.ign