nicolas
/
red-hat-kiosk
mirror of https://github.com/nmasse-itix/red-hat-kiosk.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
114 Commits
4 Branches
0 Tags
195 KiB
 
 
 
 
 
Branch: 20240530
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '20240530'
${ noResults }
red-hat-kiosk/ansible/templates/kiosk.toml.j2

150 lines
4.6 KiB
Raw Permalink Blame History

name = "kiosk"
description = "Example Kiosk"
version = "0.0.8"
modules = []
groups = []
[[packages]]
name = "kiosk-config"
version = "*"
[[packages]]
name = "cockpit"
[[packages]]
name = "microshift"
# Because we embed microshift images in the ostree, we have to pin
# the microshift version number here.
version = "4.14.27-202405231223.p0.g45fddd1.assembly.4.14.27.el9"
[[packages]]
name = "microshift-manifests"
version = "*"
[[packages]]
name = "ca-certificates-custom"
version = "*"
[[packages]]
name = "cockpit-system"
[customizations]
hostname = "kiosk.local"
[customizations.services]
enabled = ["chronyd", "cockpit.socket", "sshd", "microshift", "rpm-ostreed", "rpm-ostreed-automatic.timer"]
[customizations.timezone]
timezone = "Europe/Paris"
ntpservers = ["0.fr.pool.ntp.org", "1.fr.pool.ntp.org"]
[customizations.locale]
languages = ["fr_FR.UTF-8"]
keyboard = "fr"
#22 ssh / 9090 cockpit / 6443 microshift
[customizations.firewall]
ports = ["22:tcp", "30000:tcp", "9090:tcp", "6443:tcp"]
##
## Automatic updates
##
## This file is used by the rpm-ostreed service that is triggered by the
## rpm-ostreed-automatic systemd timer:
##
## [Timer]
## OnBootSec=1h # 1 hour after boot
## OnUnitInactiveSec=1d # 1 day after last check
##
## But you can trigger a check manually with:
##
## sudo rpm-ostree upgrade --trigger-automatic-update-policy
##
[[customizations.files]]
path = "/etc/rpm-ostreed.conf"
data = """[Daemon]
AutomaticUpdatePolicy=apply
"""
[[customizations.user]]
name = "admin"
description = "admin"
password = '{{ blueprint_admin_password_hash }}'
key = "{{ blueprint_admin_ssh_public_key }}"
home = "/home/admin/"
shell = "/usr/bin/bash"
groups = ["users", "wheel"]
[[customizations.user]]
name = "kiosk"
description = "kiosk"
password = '{{ blueprint_kiosk_password_hash }}'
home = "/home/kiosk/"
shell = "/bin/bash"
##
## Container image embedding (for offline use)
##
# Images used by our custom manifests
[[containers]]
source = "docker.io/library/haproxy:latest"
[[containers]]
source = "quay.io/nmasse_itix/kiosk-app:latest"
##
## The following lines are generated using:
##
# sudo dnf install -y microshift-release-info
# RELEASE_FILE=/usr/share/microshift/release/release-$(uname -m).json
# jq -r '.images | .[] | ("[[containers]]\nsource = \"" + . + "\"\n")' "${RELEASE_FILE}" >> $PWD/kiosk.toml.j2
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:00e364011c67e7498c7ba0ee769c97b24e43b0b3863ec39860ea05fb7c15c279"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b0c6e2b7672e5d959a506baa803e18e6c0d73fdfe7534ae28c61f69583e5e5ec"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f699172cd627b0babbc67878fd78883648a1f8bd9c82441e875b67a9c8f5b71a"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:41cf2f6ddbe07a2356bada1196f1f09804bc2ff8b5b588117190ef4e8028f8b2"
[[containers]]
source = "registry.access.redhat.com/ubi8/openssl@sha256:9e743d947be073808f7f1750a791a3dbd81e694e37161e8c6c6057c2c342d671"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:33745f0814b401a1dfd89ba9bdf374e52521f175d0578cab4900afbd70eff3cb"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:0f6ec1e4ec9138491cd9c6b49038c49eabc1e9116a25e5be6ddc709a36339383"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:01c9e7fffa1e6c0cc6b1ded0f8c381ac00a6f34699f1281ac477657717806fe6"
[[containers]]
source = "registry.redhat.io/lvms4/topolvm-rhel9@sha256:d0c039eba8157965b0a7971ad4e01576d2c1e31b09fe938554163b324cc4dc73"
[[containers]]
source = "registry.redhat.io/openshift4/ose-csi-node-driver-registrar@sha256:caa0bbab808d8cbed476e8fa3e296ceb90f8d7d253e36588fa77e639ea389d55"
[[containers]]
source = "registry.redhat.io/openshift4/ose-csi-livenessprobe@sha256:829a8e4d34404abbd22fddb6ebfa0f74daa55f2697fb147da77b83fc8b473d8c"
[[containers]]
source = "registry.redhat.io/openshift4/ose-csi-external-resizer@sha256:7ee0257998b7f804fcde9c095b4dc240c510eb316d7223e8485f701b5c9f2fbf"
[[containers]]
source = "registry.redhat.io/openshift4/ose-csi-external-provisioner@sha256:b453a5c76ba4e975a978e31a51531b1d6233723b0d944622caf7844dedf9ad5a"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:1ac24a4cc03b5c7fa8c6be5f4de9c9fdc946ddb302f0c028264bcfeea097fbf9"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9b20f6fdc6a4c62300eabbf967ed798ca6a3f5d43a067df4774ec76c5b038656"
[[containers]]
source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:43b98f22d7383fbd10fcbf271c1a55f5ce90a7e89b5ffe390458cc772ce5a4a9"