You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
50 lines
1.3 KiB
50 lines
1.3 KiB
variant: fcos
|
|
version: 1.4.0
|
|
storage:
|
|
disks:
|
|
- device: /dev/vdb
|
|
wipe_table: false
|
|
partitions:
|
|
# Specify the partition number so that FCOS do not try to create a new
|
|
# partition at each VM redeployment.
|
|
- number: 1
|
|
size_mib: 0
|
|
start_mib: 0
|
|
label: var
|
|
filesystems:
|
|
- path: /var
|
|
device: /dev/disk/by-partlabel/var
|
|
format: xfs
|
|
with_mount_unit: true
|
|
directories:
|
|
- path: /var/lib/private/sshd
|
|
mode: 0700
|
|
files:
|
|
- path: /etc/resolv.conf
|
|
overwrite: true
|
|
contents:
|
|
inline: "" # will be updated by NetworkManager
|
|
- path: /etc/NetworkManager/conf.d/itix.conf
|
|
contents:
|
|
inline: |
|
|
[main]
|
|
# test
|
|
rc-manager=file
|
|
systemd:
|
|
units:
|
|
- name: systemd-resolved.service
|
|
enabled: false
|
|
mask: true
|
|
- name: sshd-keygen@.service
|
|
dropins:
|
|
- name: backup-restore.conf
|
|
contents: |
|
|
[Service]
|
|
ExecStartPost=/bin/bash -c 'if [ -f /var/lib/private/sshd/ssh_host_%i_key ]; then cp -Z /var/lib/private/sshd/ssh_host_%i_key{,.pub} /etc/ssh/; elif [ -f /etc/ssh/ssh_host_%i_key ]; then cp -a /etc/ssh/ssh_host_%i_key{,.pub} /var/lib/private/sshd/; fi'
|
|
passwd:
|
|
users:
|
|
- name: core
|
|
ssh_authorized_keys:
|
|
- ssh-ed25519 REDACTED user@host
|
|
# mkpasswd --method=yescrypt -s
|
|
password_hash: "$y$REDACTED"
|
|
|