feat: New instance

2024-01-04 17:36:47 +01:00 · 2024-01-04 17:36:47 +01:00 · e98f8054d6
commit e98f8054d6
parent 02534685a1
5 changed files with 180 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,11 @@
 # coreos

-Contient les fichiers d'initialisation de CoreOS.
+Contient les fichiers d'initialisation de CoreOS.
+
+## Butane
+
+To convert yml in ignition file, use this command:
+
+```bash
+$ file=borgwarehouse-pumbaa.gaia.ykn.local; bin/butane-x86_64-unknown-linux-gnu --output $file.ign $file.yml
+```
--- a/bin/butane-x86_64-unknown-linux-gnu
+++ b/bin/butane-x86_64-unknown-linux-gnu
--- a/bin/ignition-validate-x86_64-linux
+++ b/bin/ignition-validate-x86_64-linux
--- a/borgwarehouse-pumbaa.gaia.ykn.local.ign
+++ b/borgwarehouse-pumbaa.gaia.ykn.local.ign
@ -0,0 +1 @@
+{"ignition":{"version":"3.4.0"},"passwd":{"users":[{"name":"core","shouldExist":false},{"groups":["sudo"],"name":"alegall","passwordHash":"$y$j9T$61LMkIUWS6N.UQv3U4pxM1$Eodnc23AtXOvQMqm/qgqv7blGot4/8.OUsgIZazV9ND","sshAuthorizedKeys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrbcIwTQkJPlURJTePjQXAE4Q1lCjPp2JW/Y/oxXzp alegall@mufasa","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/JatXrf/HkF8HAnL5JmC05DHmUcgB7/eptDeD7kAP5 alegall@zazu","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI2/UosyrHbR3NVB8JDWbhNnmTLMS6EuCRG52hP50Vh alegall@smartphone","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINwBIdvpiFgEzP2B+h3KIFmmxh1l7MVetGy2cThmpxcP alegall@sightcall"]},{"name":"borgwarehouse","uid":1001}]},"storage":{"directories":[{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/config","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/ssh","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/etc_ssh","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/repos","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/logs","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/tmp","user":{"name":"borgwarehouse"},"mode":488}],"files":[{"path":"/etc/hostname","contents":{"compression":"","source":"data:,borgwarehouse-pumbaa.gaia.ykn.local"},"mode":420},{"path":"/etc/vconsole.conf","contents":{"compression":"","source":"data:,KEYMAP%3Dfr"},"mode":420},{"path":"/etc/NetworkManager/system-connections/ens3.nmconnection","contents":{"compression":"gzip","source":"data:;base64,H4sIAAAAAAAC/3SPwW7DIAyG7zzLYCHtqiYVT1L14IIJaGAiMJvy9lOaw6RJO9r6/X+f77YQoeVY6CGiM0jtJHhb0SAHrIQsIjFWDxYlQcYjIe5x/To/BDhXsTVt9DQqfbkqrfTwPp7ffufx4yxcsKsMpfGr4Vnq8g0VQ+kN5drzE0AtEEFtn6RSsZCEo2b0dFJaD+qq1XTbN7IhVBvMn2xcqFSU0LnI/Y5rR5Fhkx5iMh5SQ5GRQ3EmA3VIh/7l0JcLkszFoXHooSd+sUcY/OztdZjn6fYP4ajcfxM/AQAA//8KiTIVRwEAAA=="},"mode":384},{"path":"/etc/containers/systemd/borgwarehouse.container","contents":{"compression":"gzip","source":"data:;base64,H4sIAAAAAAAC/3yUUW+jOBDH3/0pLOXlTrqFktXdtZE4KW1oQjcXckC2t6oqZGAI3oKN7KFR9tOf7Ja9pU32JQr+z388/tkzDzvB8ZEsQBeKd8il8HOp9gemoJa9BtrJsmWCFlIg4wIUuWcCtS8AD1I9fZCi4QIcZGoPSOYVgjqjkYebIccj+f53w1oY70hI2LI9+KUsnkA5XLojefw1axiCRkImdCU10k4qpC3rOi72mgTimSspWhDo3wfXWRLEn4M420Zx6n+8uLgYBSTJahQwnV5e/T4kFqwFykRJd/F65Lr9Z7EZ1+8cn4RTqVHUJvg3ne/SVbaL136N2OmZ6550kQlNoFBQoD6dIQlu4iD176bpEe6+XUH/Vd1f3u5GwTdxtLmLrrNPwRdfLz+WwvPuvh2DP5+uPn01O+zCxWwZLmjba0MLi5piDbTXoOwh90r2HQ0XVFZWqA3aSjYlKG0DrDEH+hf1DMYJDSt6lD09MIEUpclEGS15VYECgS+ZsWbCxHsz8/ObNdhECvKeN6Xdipu7N5LS0FTO6Fi7cOEb62hxOSySCb2RouJ7W2HJkH0v+Zdn2fQt0Fb2AvWvZELTt6caTiQPAkqaH/8HcuBYG2I2raGmOyh4xaGkLJfPMCYfbW7DZbadpyvfcQtbz7tX9qpqXb+TVlGSvkiZKW+kX0fxMouDbZSEaRR/GdIo6OT4raR/bwcR224kraNlMmiN3GtDbT3f0AoY9grePe1sPd/43tXU8f64dDzH+2nL2ODXtvlsifuuVs9v+vcFysytZfummV3WdQOz836t65Nmx/A8bwMsMmsFLNyfh1qiJ/d4YX3eaZCeNFrW533Ydidt5vpIAkWvOB7XLIdmwTXLG/BR9UDIts8bruutVGgH2sxOtR9X7XXMplNCHkKhkTXNo53gUF4f/bZvkH8wr/x1SNMSKtY3OMzs/wIAAP//n7sGDh4GAAA="}}]}}
--- a/borgwarehouse-pumbaa.gaia.ykn.local.yml
+++ b/borgwarehouse-pumbaa.gaia.ykn.local.yml
@ -0,0 +1,170 @@
+---
+
+variant: fcos
+version: 1.5.0
+passwd:
+  users:
+    - name: core
+      should_exist: false
+    - name: alegall
+      password_hash: $y$j9T$61LMkIUWS6N.UQv3U4pxM1$Eodnc23AtXOvQMqm/qgqv7blGot4/8.OUsgIZazV9ND
+      groups:
+        - sudo
+      ssh_authorized_keys:
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrbcIwTQkJPlURJTePjQXAE4Q1lCjPp2JW/Y/oxXzp alegall@mufasa
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/JatXrf/HkF8HAnL5JmC05DHmUcgB7/eptDeD7kAP5 alegall@zazu
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI2/UosyrHbR3NVB8JDWbhNnmTLMS6EuCRG52hP50Vh alegall@smartphone
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINwBIdvpiFgEzP2B+h3KIFmmxh1l7MVetGy2cThmpxcP alegall@sightcall
+    - name: borgwarehouse
+      uid: 1001
+
+storage:
+  directories:
+    - path: /srv/borgwarehouse
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+    - path: /srv/borgwarehouse/config
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+    - path: /srv/borgwarehouse/ssh
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+    - path: /srv/borgwarehouse/etc_ssh
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+    - path: /srv/borgwarehouse/repos
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+    - path: /srv/borgwarehouse/logs
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+    - path: /srv/borgwarehouse/tmp
+      overwrite: true
+      mode: 0750
+      user:
+        name: borgwarehouse
+      group:
+        name: borgwarehouse
+
+  files:
+    - path: /etc/hostname
+      mode: 0644
+      contents:
+        inline: borgwarehouse-pumbaa.gaia.ykn.local
+
+    - path: /etc/vconsole.conf
+      mode: 0644
+      contents:
+        inline: KEYMAP=fr
+
+    - path: /etc/NetworkManager/system-connections/ens3.nmconnection
+      mode: 0600
+      contents:
+        inline: |
+          [connection]
+          id=ens3
+          type=ethernet
+          interface-name=ens3
+
+          [ipv4]
+          address1=192.168.1.10/24,192.168.1.254
+          dhcp-hostname=borgwarehouse-pumbaa.gaia.ykn.local
+          dns=193.110.81.9;
+          dns-search=gaia.ykn.local
+          ignore-auto-dns=true
+          may-fail=false
+          method=manual
+
+          [ipv6]
+          addr-gen-mode=default
+          dns=2a0f:fc80::9;
+          ignore-auto-dns=true
+          method=dhcp
+
+    - path: /etc/containers/systemd/borgwarehouse.container
+      contents:
+        inline: |
+          [Unit]
+          Description=borgwarehouse podman container
+          Wants=network-online.target
+          After=network-online.target
+
+          [Container]
+          ContainerName=borgwarehouse
+
+          Image=docker.io/borgwarehouse/borgwarehouse:latest
+
+          # Host port mappings
+          Environment=WEB_SERVER_PORT=3000
+          Environment=SSH_SERVER_PORT=22895
+
+          # Hostname and URL
+          Environment=FQDN=borgwarehouse.ykn.fr
+          Environment=NEXTAUTH_URL=https://borgwarehouse.ykn.fr
+
+          # Secrects
+          Environment=NEXTAUTH_SECRET=J2TyeJz9eujrW8FU
+          Environment=CRONJOB_KEY=sG3dn11JzyE7k9Kj
+
+          # UID:GID must match the user and group ID of the host folders and must be > 1000
+          # If you want to use a different user than 1001:1001, you must rebuild the image yourself.
+          Environment=UID=1001
+          Environment=GID=1001
+
+          # Config and data folders (volume mounts)
+          # The host folders must be owned by the user with UID and GID specified above
+          Environment=CONFIG_PATH=./config
+          Environment=SSH_PATH=./ssh
+          Environment=SSH_HOST=./ssh_host
+          Environment=BORG_REPOSITORY_PATH=./repos
+          Environment=TMP_PATH=./tmp
+          Environment=LOGS_PATH=./logs
+
+          # LAN feature
+          Environment=FQDN_LAN=192.168.1.10
+          Environment=SSH_SERVER_PORT_LAN=22895
+
+          Volume=/srv/borgwarehouse/config:/home/borgwarehouse/app/config
+          Volume=/srv/borgwarehouse/ssh:/home/borgwarehouse/.ssh
+          Volume=/srv/borgwarehouse/etc_ssh:/etc/ssh
+          Volume=/srv/borgwarehouse/repos:/home/borgwarehouse/repos
+          Volume=/srv/borgwarehouse/logs:/home/borgwarehouse/logs
+          Volume=/srv/borgwarehouse/tmp:/home/borgwarehouse/tmp
+
+          SecurityLabelDisable=true
+
+          PublishPort=3000:3000
+          PublishPort=22895:22
+
+          [Install]
+          WantedBy=multi-user.target default.target
				`@ -0,0 +1 @@`
				{"ignition":{"version":"3.4.0"},"passwd":{"users":[{"name":"core","shouldExist":false},{"groups":["sudo"],"name":"alegall","passwordHash":"$y$j9T$61LMkIUWS6N.UQv3U4pxM1$Eodnc23AtXOvQMqm/qgqv7blGot4/8.OUsgIZazV9ND","sshAuthorizedKeys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrbcIwTQkJPlURJTePjQXAE4Q1lCjPp2JW/Y/oxXzp alegall@mufasa","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/JatXrf/HkF8HAnL5JmC05DHmUcgB7/eptDeD7kAP5 alegall@zazu","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI2/UosyrHbR3NVB8JDWbhNnmTLMS6EuCRG52hP50Vh alegall@smartphone","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINwBIdvpiFgEzP2B+h3KIFmmxh1l7MVetGy2cThmpxcP alegall@sightcall"]},{"name":"borgwarehouse","uid":1001}]},"storage":{"directories":[{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/config","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/ssh","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/etc_ssh","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/repos","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/logs","user":{"name":"borgwarehouse"},"mode":488},{"group":{"name":"borgwarehouse"},"overwrite":true,"path":"/srv/borgwarehouse/tmp","user":{"name":"borgwarehouse"},"mode":488}],"files":[{"path":"/etc/hostname","contents":{"compression":"","source":"data:,borgwarehouse-pumbaa.gaia.ykn.local"},"mode":420},{"path":"/etc/vconsole.conf","contents":{"compression":"","source":"data:,KEYMAP%3Dfr"},"mode":420},{"path":"/etc/NetworkManager/system-connections/ens3.nmconnection","contents":{"compression":"gzip","source":"data:;base64,H4sIAAAAAAAC/3SPwW7DIAyG7zzLYCHtqiYVT1L14IIJaGAiMJvy9lOaw6RJO9r6/X+f77YQoeVY6CGiM0jtJHhb0SAHrIQsIjFWDxYlQcYjIe5x/To/BDhXsTVt9DQqfbkqrfTwPp7ffufx4yxcsKsMpfGr4Vnq8g0VQ+kN5drzE0AtEEFtn6RSsZCEo2b0dFJaD+qq1XTbN7IhVBvMn2xcqFSU0LnI/Y5rR5Fhkx5iMh5SQ5GRQ3EmA3VIh/7l0JcLkszFoXHooSd+sUcY/OztdZjn6fYP4ajcfxM/AQAA//8KiTIVRwEAAA=="},"mode":384},{"path":"/etc/containers/systemd/borgwarehouse.container","contents":{"compression":"gzip","source":"data:;base64,H4sIAAAAAAAC/3yUUW+jOBDH3/0pLOXlTrqFktXdtZE4KW1oQjcXckC2t6oqZGAI3oKN7KFR9tOf7Ja9pU32JQr+z388/tkzDzvB8ZEsQBeKd8il8HOp9gemoJa9BtrJsmWCFlIg4wIUuWcCtS8AD1I9fZCi4QIcZGoPSOYVgjqjkYebIccj+f53w1oY70hI2LI9+KUsnkA5XLojefw1axiCRkImdCU10k4qpC3rOi72mgTimSspWhDo3wfXWRLEn4M420Zx6n+8uLgYBSTJahQwnV5e/T4kFqwFykRJd/F65Lr9Z7EZ1+8cn4RTqVHUJvg3ne/SVbaL136N2OmZ6550kQlNoFBQoD6dIQlu4iD176bpEe6+XUH/Vd1f3u5GwTdxtLmLrrNPwRdfLz+WwvPuvh2DP5+uPn01O+zCxWwZLmjba0MLi5piDbTXoOwh90r2HQ0XVFZWqA3aSjYlKG0DrDEH+hf1DMYJDSt6lD09MIEUpclEGS15VYECgS+ZsWbCxHsz8/ObNdhECvKeN6Xdipu7N5LS0FTO6Fi7cOEb62hxOSySCb2RouJ7W2HJkH0v+Zdn2fQt0Fb2AvWvZELTt6caTiQPAkqaH/8HcuBYG2I2raGmOyh4xaGkLJfPMCYfbW7DZbadpyvfcQtbz7tX9qpqXb+TVlGSvkiZKW+kX0fxMouDbZSEaRR/GdIo6OT4raR/bwcR224kraNlMmiN3GtDbT3f0AoY9grePe1sPd/43tXU8f64dDzH+2nL2ODXtvlsifuuVs9v+vcFysytZfummV3WdQOz836t65Nmx/A8bwMsMmsFLNyfh1qiJ/d4YX3eaZCeNFrW533Ydidt5vpIAkWvOB7XLIdmwTXLG/BR9UDIts8bruutVGgH2sxOtR9X7XXMplNCHkKhkTXNo53gUF4f/bZvkH8wr/x1SNMSKtY3OMzs/wIAAP//n7sGDh4GAAA="}}]}}