--- variant: fcos version: 1.5.0 passwd: users: - name: core should_exist: false - name: alegall password_hash: $y$j9T$61LMkIUWS6N.UQv3U4pxM1$Eodnc23AtXOvQMqm/qgqv7blGot4/8.OUsgIZazV9ND groups: - sudo ssh_authorized_keys: - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrbcIwTQkJPlURJTePjQXAE4Q1lCjPp2JW/Y/oxXzp alegall@mufasa - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/JatXrf/HkF8HAnL5JmC05DHmUcgB7/eptDeD7kAP5 alegall@zazu - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFI2/UosyrHbR3NVB8JDWbhNnmTLMS6EuCRG52hP50Vh alegall@smartphone - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINwBIdvpiFgEzP2B+h3KIFmmxh1l7MVetGy2cThmpxcP alegall@sightcall - name: borgwarehouse uid: 1001 storage: directories: - path: /srv/borgwarehouse overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse - path: /srv/borgwarehouse/config overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse - path: /srv/borgwarehouse/ssh overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse - path: /srv/borgwarehouse/etc_ssh overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse - path: /srv/borgwarehouse/repos overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse - path: /srv/borgwarehouse/logs overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse - path: /srv/borgwarehouse/tmp overwrite: true mode: 0750 user: name: borgwarehouse group: name: borgwarehouse files: - path: /etc/hostname mode: 0644 contents: inline: borgwarehouse-pumbaa.gaia.ykn.local - path: /etc/vconsole.conf mode: 0644 contents: inline: KEYMAP=fr - path: /etc/NetworkManager/system-connections/ens3.nmconnection mode: 0600 contents: inline: | [connection] id=ens3 type=ethernet interface-name=ens3 [ipv4] address1=192.168.1.10/24,192.168.1.254 dhcp-hostname=borgwarehouse-pumbaa.gaia.ykn.local dns=193.110.81.9; dns-search=gaia.ykn.local ignore-auto-dns=true may-fail=false method=manual [ipv6] addr-gen-mode=default dns=2a0f:fc80::9; ignore-auto-dns=true method=dhcp - path: /etc/containers/systemd/borgwarehouse.container contents: inline: | [Unit] Description=borgwarehouse podman container Wants=network-online.target After=network-online.target [Container] ContainerName=borgwarehouse Image=docker.io/borgwarehouse/borgwarehouse:latest # Host port mappings Environment=WEB_SERVER_PORT=3000 Environment=SSH_SERVER_PORT=22895 # Hostname and URL Environment=FQDN=borgwarehouse.ykn.fr Environment=NEXTAUTH_URL=https://borgwarehouse.ykn.fr # Secrects Environment=NEXTAUTH_SECRET=J2TyeJz9eujrW8FU Environment=CRONJOB_KEY=sG3dn11JzyE7k9Kj # UID:GID must match the user and group ID of the host folders and must be > 1000 # If you want to use a different user than 1001:1001, you must rebuild the image yourself. Environment=UID=1001 Environment=GID=1001 # Config and data folders (volume mounts) # The host folders must be owned by the user with UID and GID specified above Environment=CONFIG_PATH=./config Environment=SSH_PATH=./ssh Environment=SSH_HOST=./ssh_host Environment=BORG_REPOSITORY_PATH=./repos Environment=TMP_PATH=./tmp Environment=LOGS_PATH=./logs # LAN feature Environment=FQDN_LAN=192.168.1.10 Environment=SSH_SERVER_PORT_LAN=22895 Volume=/srv/borgwarehouse/config:/home/borgwarehouse/app/config Volume=/srv/borgwarehouse/ssh:/home/borgwarehouse/.ssh Volume=/srv/borgwarehouse/etc_ssh:/etc/ssh Volume=/srv/borgwarehouse/repos:/home/borgwarehouse/repos Volume=/srv/borgwarehouse/logs:/home/borgwarehouse/logs Volume=/srv/borgwarehouse/tmp:/home/borgwarehouse/tmp SecurityLabelDisable=true PublishPort=3000:3000 PublishPort=22895:22 [Install] WantedBy=multi-user.target default.target