From 42d9f150d9990f165ffe128a0123988633768843 Mon Sep 17 00:00:00 2001 From: Jeff Date: Sun, 4 Jun 2023 18:43:03 -0400 Subject: [PATCH] Change normal and add remote --- remote.ign | 1 + remote.yaml | 6 +++++ server-0.bu | 16 +++++++++--- server-0.ign | 2 +- server-0.yaml | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 91 insertions(+), 4 deletions(-) create mode 100644 remote.ign create mode 100644 remote.yaml create mode 100644 server-0.yaml diff --git a/remote.ign b/remote.ign new file mode 100644 index 0000000..4badda0 --- /dev/null +++ b/remote.ign @@ -0,0 +1 @@ +{"ignition":{"config":{"replace":{"source":"https://git.jeffa.io/jeff/home_server/raw/branch/main/server-0.ign"}},"version":"3.3.0"}} diff --git a/remote.yaml b/remote.yaml new file mode 100644 index 0000000..7e0c612 --- /dev/null +++ b/remote.yaml @@ -0,0 +1,6 @@ +variant: fcos +version: 1.4.0 +ignition: + config: + replace: + source: https://git.jeffa.io/jeff/home_server/raw/branch/main/server-0.ign diff --git a/server-0.bu b/server-0.bu index 6b3452c..a3b715c 100644 --- a/server-0.bu +++ b/server-0.bu @@ -38,7 +38,7 @@ systemd: WantedBy=multi-user.targetstorage: storage: disks: - - device: /dev/nvme0n1 + - device: /dev/disk/by-id/nvme-WD_Blue_SN570_500GB_22400V806157 wipe_table: true partitions: - number: 1 @@ -56,8 +56,18 @@ storage: format: swap wipe_filesystem: true with_mount_unit: true - luks: + - path: /storage-0 + device: /dev/disk/by-partlabel/storage-0 + format: btrfs + wipe_filesystem: false + label: storage-0 + with_mount_unit: true + luks: - name: static-key - device: /dev/nvme0n1 + device: /dev/disk/by-partlabel/storage-0 + key_file: + inline: grub.pbkdf2.sha512.10000.8398C220CCB0807EEE0C5C007F475AFD4247506DC186F3F09ACD0D6F8AB9955B4DCB3E4FAC91900E7C507791394D80887C786CF81519F5D44FBB10C901524BEE.3B935E208D0DBEDCDB4634555D1540A3D903A5463197D847B65A54264964739E746CC86FD1A2C809BEA42DE2F68F45445F7FD93B021B3B127FD5CB3EDC30975E + - name: static-key + device: /dev/disk/by-partlabel/storage-0 key_file: inline: grub.pbkdf2.sha512.10000.8398C220CCB0807EEE0C5C007F475AFD4247506DC186F3F09ACD0D6F8AB9955B4DCB3E4FAC91900E7C507791394D80887C786CF81519F5D44FBB10C901524BEE.3B935E208D0DBEDCDB4634555D1540A3D903A5463197D847B65A54264964739E746CC86FD1A2C809BEA42DE2F68F45445F7FD93B021B3B127FD5CB3EDC30975E \ No newline at end of file diff --git a/server-0.ign b/server-0.ign index 2806511..f40c4ff 100644 --- a/server-0.ign +++ b/server-0.ign @@ -1 +1 @@ -{"ignition":{"version":"3.3.0"},"passwd":{"users":[{"name":"core","passwordHash":"$y$j9T$kNtG1zoLVEs5WhA3pE5Eh1$sKckG1SOcZ/p5Vw/4bqSgttLOW5z6WonOtoW6E91mt3","sshAuthorizedKeys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDR7q2FfdizNkvel66N/jHcwlEA8R5JEOneKXshMWqkX jeff@station-1"]}]},"storage":{"disks":[{"device":"/dev/nvme0n1","partitions":[{"label":"var","number":1},{"label":"swap","number":2}],"wipeTable":true}],"filesystems":[{"device":"/dev/disk/by-partlabel/var","format":"btrfs","label":"var","path":"/var","wipeFilesystem":true},{"device":"/dev/disk/by-partlabel/swap","format":"swap","wipeFilesystem":true}],"luks":[{"device":"/dev/nvme0n1","keyFile":{"compression":"","source":"data:,grub.pbkdf2.sha512.10000.8398C220CCB0807EEE0C5C007F475AFD4247506DC186F3F09ACD0D6F8AB9955B4DCB3E4FAC91900E7C507791394D80887C786CF81519F5D44FBB10C901524BEE.3B935E208D0DBEDCDB4634555D1540A3D903A5463197D847B65A54264964739E746CC86FD1A2C809BEA42DE2F68F45445F7FD93B021B3B127FD5CB3EDC30975E"},"name":"static-key"}]},"systemd":{"units":[{"contents":"# Generated by Butane\n[Unit]\nRequires=systemd-fsck@dev-disk-by\\x2dpartlabel-var.service\nAfter=systemd-fsck@dev-disk-by\\x2dpartlabel-var.service\n\n[Mount]\nWhere=/var\nWhat=/dev/disk/by-partlabel/var\nType=btrfs\n\n[Install]\nRequiredBy=local-fs.target","enabled":true,"name":"var.mount"},{"contents":"# Generated by Butane\n[Swap]\nWhat=/dev/disk/by-partlabel/swap\n\n[Install]\nRequiredBy=swap.target","enabled":true,"name":"dev-disk-by\\x2dpartlabel-swap.swap"},{"contents":"[Unit]\nDescription=AdGuardHome\nAfter=network-online.target\nWants=network-online.target\n\n[Service]\nTimeoutStartSec=0\nExecStartPre=-/bin/podman kill adguardhome\nExecStartPre=-/bin/podman rm adguardhome\nExecStartPre=/bin/podman pull adguard/adguardhome\nExecStart=docker run \\\n --name adguardhome \\\n --restart unless-stopped \\\n -v /my/own/workdir:/opt/adguardhome/work \\\n -v /my/own/confdir:/opt/adguardhome/conf \\\n -p 53:53/tcp -p 53:53/udp \\\n -p 67:67/udp -p 68:68/udp \\\n -p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp \\\n -p 853:853/tcp \\\n -p 784:784/udp -p 853:853/udp -p 8853:8853/udp \\\n -p 5443:5443/tcp -p 5443:5443/udp \\\n -d adguard/adguardhome\n\n[Install]\nWantedBy=multi-user.targetstorage:\n","enabled":true,"name":"adguardhome.service"}]}} +{"ignition":{"version":"3.3.0"},"passwd":{"users":[{"name":"core","passwordHash":"$y$j9T$kNtG1zoLVEs5WhA3pE5Eh1$sKckG1SOcZ/p5Vw/4bqSgttLOW5z6WonOtoW6E91mt3","sshAuthorizedKeys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDR7q2FfdizNkvel66N/jHcwlEA8R5JEOneKXshMWqkX jeff@station-1"]}]},"storage":{"disks":[{"device":"/dev/disk/by-id/nvme-WD_Blue_SN570_500GB_22400V806157","partitions":[{"label":"var","number":1},{"label":"swap","number":2}],"wipeTable":true}],"filesystems":[{"device":"/dev/disk/by-partlabel/var","format":"btrfs","label":"var","path":"/var","wipeFilesystem":true},{"device":"/dev/disk/by-partlabel/swap","format":"swap","path":"/swap","wipeFilesystem":true},{"device":"/dev/disk/by-partlabel/storage-0","format":"btrfs","label":"storage-0","path":"/storage-0","wipeFilesystem":false}],"luks":[{"device":"/dev/disk/by-partlabel/storage-0","keyFile":{"compression":"","source":"data:,grub.pbkdf2.sha512.10000.8398C220CCB0807EEE0C5C007F475AFD4247506DC186F3F09ACD0D6F8AB9955B4DCB3E4FAC91900E7C507791394D80887C786CF81519F5D44FBB10C901524BEE.3B935E208D0DBEDCDB4634555D1540A3D903A5463197D847B65A54264964739E746CC86FD1A2C809BEA42DE2F68F45445F7FD93B021B3B127FD5CB3EDC30975E"},"name":"static-key"}]},"systemd":{"units":[{"contents":"# Generated by Butane\n[Unit]\nRequires=systemd-fsck@dev-disk-by\\x2dpartlabel-var.service\nAfter=systemd-fsck@dev-disk-by\\x2dpartlabel-var.service\n\n[Mount]\nWhere=/var\nWhat=/dev/disk/by-partlabel/var\nType=btrfs\n\n[Install]\nRequiredBy=local-fs.target","enabled":true,"name":"var.mount"},{"contents":"# Generated by Butane\n[Swap]\nWhat=/dev/disk/by-partlabel/swap\n\n[Install]\nRequiredBy=swap.target","enabled":true,"name":"dev-disk-by\\x2dpartlabel-swap.swap"},{"contents":"# Generated by Butane\n[Unit]\nRequires=systemd-fsck@dev-disk-by\\x2dpartlabel-storage\\x2d0.service\nAfter=systemd-fsck@dev-disk-by\\x2dpartlabel-storage\\x2d0.service\n\n[Mount]\nWhere=/storage-0\nWhat=/dev/disk/by-partlabel/storage-0\nType=btrfs\n\n[Install]\nRequiredBy=local-fs.target","enabled":true,"name":"storage\\x2d0.mount"},{"contents":"[Unit]\nDescription=AdGuardHome\nAfter=network-online.target\nWants=network-online.target\n\n[Service]\nTimeoutStartSec=0\nExecStartPre=-/bin/podman kill adguardhome\nExecStartPre=-/bin/podman rm adguardhome\nExecStartPre=/bin/podman pull adguard/adguardhome\nExecStart=podman run \\\n --name adguardhome \\\n --restart unless-stopped \\\n -v /my/own/workdir:/opt/adguardhome/work \\\n -v /my/own/confdir:/opt/adguardhome/conf \\\n -p 53:53/tcp -p 53:53/udp \\\n -p 67:67/udp -p 68:68/udp \\\n -p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp \\\n -p 853:853/tcp \\\n -p 784:784/udp -p 853:853/udp -p 8853:8853/udp \\\n -p 5443:5443/tcp -p 5443:5443/udp \\\n -d adguard/adguardhome\n\n[Install]\nWantedBy=multi-user.targetstorage:\n","enabled":true,"name":"adguardhome.service"}]}} diff --git a/server-0.yaml b/server-0.yaml new file mode 100644 index 0000000..4fbdeb1 --- /dev/null +++ b/server-0.yaml @@ -0,0 +1,70 @@ +variant: fcos +version: 1.4.0 +passwd: + users: + - name: core + ssh_authorized_keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDR7q2FfdizNkvel66N/jHcwlEA8R5JEOneKXshMWqkX jeff@station-1 + password_hash: $y$j9T$kNtG1zoLVEs5WhA3pE5Eh1$sKckG1SOcZ/p5Vw/4bqSgttLOW5z6WonOtoW6E91mt3 +systemd: + units: + - name: adguardhome.service + enabled: true + contents: | + [Unit] + Description=AdGuardHome + After=network-online.target + Wants=network-online.target + + [Service] + TimeoutStartSec=0 + ExecStartPre=-/bin/podman kill adguardhome + ExecStartPre=-/bin/podman rm adguardhome + ExecStartPre=/bin/podman pull adguard/adguardhome + ExecStart=podman run \ + --name adguardhome \ + --restart unless-stopped \ + -v /my/own/workdir:/opt/adguardhome/work \ + -v /my/own/confdir:/opt/adguardhome/conf \ + -p 53:53/tcp -p 53:53/udp \ + -p 67:67/udp -p 68:68/udp \ + -p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp \ + -p 853:853/tcp \ + -p 784:784/udp -p 853:853/udp -p 8853:8853/udp \ + -p 5443:5443/tcp -p 5443:5443/udp \ + -d adguard/adguardhome + + [Install] + WantedBy=multi-user.targetstorage: +storage: + disks: + - device: /dev/disk/by-id/nvme-WD_Blue_SN570_500GB_22400V806157 + wipe_table: true + partitions: + - number: 1 + label: var + - number: 2 + label: swap + filesystems: + - path: /var + device: /dev/disk/by-partlabel/var + format: btrfs + wipe_filesystem: true + label: var + with_mount_unit: true + - path: /swap + device: /dev/disk/by-partlabel/swap + format: swap + wipe_filesystem: true + with_mount_unit: true + - path: /storage-0 + device: /dev/disk/by-partlabel/storage-0 + format: btrfs + wipe_filesystem: false + label: storage-0 + with_mount_unit: true + luks: + - name: static-key + device: /dev/disk/by-partlabel/storage-0 + key_file: + inline: grub.pbkdf2.sha512.10000.8398C220CCB0807EEE0C5C007F475AFD4247506DC186F3F09ACD0D6F8AB9955B4DCB3E4FAC91900E7C507791394D80887C786CF81519F5D44FBB10C901524BEE.3B935E208D0DBEDCDB4634555D1540A3D903A5463197D847B65A54264964739E746CC86FD1A2C809BEA42DE2F68F45445F7FD93B021B3B127FD5CB3EDC30975E