cphipps/coreos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c2fea5072fc5209c6d6b2454f73ac5fe18b91797
coreos/f-coreos.bu
cphipps c2fea5072f Update f-coreos.bu 
Added disk layout
2025-05-16 15:04:02 -04:00

81 lines
2.4 KiB
Plaintext
Raw Blame History

variant: fcos
version: 1.6.0
# We don't want any user capable of logging in on a production system, only provide this when debugging/developing
# https://docs.fedoraproject.org/en-US/fedora-coreos/authentication/
# Use this on your local machine (with docker installed) to generate your hashed password: docker run --rm -it ulikoehler/mkpasswd
# # Temporary user to allow troubleshooting some resource/performance issues, this should generally be commented out
# passwd:
# users:
# - name: core
# groups:
# - sudo
# - wheel
# password_hash: ...
# ssh_authorized_keys:
# - ssh-rsa ...
passwd:
users:
- name: admin
groups:
- "sudo"
- "docker"
- "wheel"
ssh_authorized_keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ4G1BFBIcYZroqWvjC7ZlT0rL5cSGg1JQK1BtWCFgff cphipps@basement-pc.home.cahaa.net
storage:
disks:
- # The link to the block device the OS was booted from.
device: /dev/sda
# We do not want to wipe the partition table since this is the primary
# device.
wipe_table: false
partitions:
- number: 4
label: root
# Allocate at least 8 GiB to the rootfs. See NOTE above about this.
size_mib: 0
resize: true
filesystems:
- device: /dev/disk/by-partlabel/root
wipe_filesystem: true
format: btrfs
label: root
files:
# Set the machine hostname
- path: /etc/hostname
mode: 0644
contents:
inline: f-coreos.home.cahaa.net
# Without this, all I/O is directed to the console so console access becomes tough
- path: /etc/sysctl.d/20-silence-audit.conf
mode: 0644
contents:
inline: |
# hide audit messages from interactive console
# by changing log level from DEBUG to WARNING
kernel.printk=4
# Set a "mildly cautious" update strategy (0.5 is middle of the road, 1 is most cautious) that will
# only take place during a defined maintenance window
- path: /etc/zincati/config.d/51-rollout-wariness.toml
mode: 0600
contents:
inline: |
[identity]
rollout_wariness = 0.5
[updates]
strategy="periodic"
[updates.periodic]
time_zone = "America/Chicago"
[[updates.periodic.window]]
start_time = "04:30"
length_minutes = 240
Reference in New Issue View Git Blame Copy Permalink