132 lines
3.9 KiB
YAML
132 lines
3.9 KiB
YAML
|
---
|
||
|
|
||
|
variant: fcos
|
||
|
version: 1.5.0
|
||
|
passwd:
|
||
|
users:
|
||
|
- name: core
|
||
|
should_exist: false
|
||
|
- name: alegall
|
||
|
password_hash: $y$j9T$61LMkIUWS6N.UQv3U4pxM1$Eodnc23AtXOvQMqm/qgqv7blGot4/8.OUsgIZazV9ND
|
||
|
groups:
|
||
|
- sudo
|
||
|
ssh_authorized_keys:
|
||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrbcIwTQkJPlURJTePjQXAE4Q1lCjPp2JW/Y/oxXzp alegall@mufasa
|
||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/JatXrf/HkF8HAnL5JmC05DHmUcgB7/eptDeD7kAP5 alegall@zazu
|
||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI2/UosyrHbR3NVB8JDWbhNnmTLMS6EuCRG52hP50Vh alegall@smartphone
|
||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINwBIdvpiFgEzP2B+h3KIFmmxh1l7MVetGy2cThmpxcP alegall@sightcall
|
||
|
- name: borgwarehouse
|
||
|
uid: 1001
|
||
|
|
||
|
storage:
|
||
|
directories:
|
||
|
- path: /srv/borgwarehouse
|
||
|
overwrite: true
|
||
|
|
||
|
- path: /srv/borgwarehouse/config
|
||
|
overwrite: true
|
||
|
|
||
|
- path: /srv/borgwarehouse/ssh
|
||
|
overwrite: true
|
||
|
|
||
|
- path: /srv/borgwarehouse/etc_ssh
|
||
|
overwrite: true
|
||
|
|
||
|
- path: /srv/borgwarehouse/repos
|
||
|
overwrite: true
|
||
|
|
||
|
- path: /srv/borgwarehouse/logs
|
||
|
overwrite: true
|
||
|
|
||
|
- path: /home/builder/.config
|
||
|
overwrite: true
|
||
|
|
||
|
files:
|
||
|
- path: /etc/hostname
|
||
|
mode: 0644
|
||
|
contents:
|
||
|
inline: borgwarehouse-pumbaa.gaia.ykn.local
|
||
|
|
||
|
- path: /etc/vconsole.conf
|
||
|
mode: 0644
|
||
|
contents:
|
||
|
inline: KEYMAP=fr
|
||
|
|
||
|
- path: /etc/NetworkManager/system-connections/ens3.nmconnection
|
||
|
mode: 0600
|
||
|
contents:
|
||
|
inline: |
|
||
|
[connection]
|
||
|
id=ens3
|
||
|
type=ethernet
|
||
|
interface-name=ens3
|
||
|
|
||
|
[ipv4]
|
||
|
address1=192.168.1.10/24,192.168.1.254
|
||
|
dhcp-hostname=borgwarehouse-pumbaa.gaia.ykn.local
|
||
|
dns=193.110.81.9;
|
||
|
dns-search=gaia.ykn.local
|
||
|
ignore-auto-dns=true
|
||
|
may-fail=false
|
||
|
method=manual
|
||
|
|
||
|
[ipv6]
|
||
|
addr-gen-mode=default
|
||
|
dns=2a0f:fc80::9;
|
||
|
ignore-auto-dns=true
|
||
|
method=dhcp
|
||
|
|
||
|
- path: /etc/containers/systemd/borgwarehouse.container
|
||
|
contents:
|
||
|
inline: |
|
||
|
[Unit]
|
||
|
Description=borgwarehouse podman container
|
||
|
Wants=network-online.target
|
||
|
After=network-online.target
|
||
|
|
||
|
[Container]
|
||
|
ContainerName=borgwarehouse
|
||
|
|
||
|
Image=docker.io/borgwarehouse/borgwarehouse:latest
|
||
|
|
||
|
# Host port mappings
|
||
|
Environment=WEB_SERVER_PORT=3000
|
||
|
Environment=SSH_SERVER_PORT=2589
|
||
|
|
||
|
# Hostname and URL
|
||
|
Environment=FQDN=borgwarehouse.ykn.fr
|
||
|
Environment=NEXTAUTH_URL=https://borgwarehouse.ykn.fr
|
||
|
|
||
|
# Secrects
|
||
|
Environment=NEXTAUTH_SECRET=J2TyeJz9eujrW8FU
|
||
|
Environment=CRONJOB_KEY=sG3dn11JzyE7k9Kj
|
||
|
|
||
|
# UID:GID must match the user and group ID of the host folders and must be > 1000
|
||
|
# If you want to use a different user than 1001:1001, you must rebuild the image yourself.
|
||
|
Environment=UID=1001
|
||
|
Environment=GID=1001
|
||
|
|
||
|
# Config and data folders (volume mounts)
|
||
|
# The host folders must be owned by the user with UID and GID specified above
|
||
|
Environment=CONFIG_PATH=./config
|
||
|
Environment=SSH_PATH=./ssh
|
||
|
Environment=SSH_HOST=./ssh_host
|
||
|
Environment=BORG_REPOSITORY_PATH=./repos
|
||
|
Environment=TMP_PATH=./tmp
|
||
|
Environment=LOGS_PATH=./logs
|
||
|
|
||
|
# LAN feature
|
||
|
Environment=FQDN_LAN=192.168.1.10
|
||
|
Environment=SSH_SERVER_PORT_LAN=22589
|
||
|
|
||
|
Volume=/srv/borgwarehouse/config:/home/borgwarehouse/app/config
|
||
|
Volume=/srv/borgwarehouse/ssh:/home/borgwarehouse/.ssh
|
||
|
Volume=/srv/borgwarehouse/etc_ssh:/etc/ssh
|
||
|
Volume=/srv/borgwarehouse/repos:/home/borgwarehouse/repos
|
||
|
Volume=/srv/borgwarehouse/logs:/home/borgwarehouse/logs
|
||
|
|
||
|
SecurityLabelDisable=true
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target default.target
|