--- variant: fcos version: 1.6.0 passwd: users: - name: root ssh_authorized_keys: [] - name: core groups: - docker ssh_authorized_keys_local: - core_ssh_keys.pub systemd: units: - name: docker-image-prune.service enabled: false contents: | [Unit] Description=Remove unused images from Docker Wants=docker.socket After=docker.socket After=docker.service [Service] Type=oneshot ExecStart=docker image prune --force --all --filter 'reference!="catthehacker/ubuntu"' ExecStart=docker builder prune --force RemainAfterExit=no [Install] WantedBy=multi-user.target - name: docker-image-prune.timer enabled: true contents: | [Unit] Description=Start docker-image-prune every day [Timer] OnBootSec=30min OnUnitActiveSec=1d [Install] WantedBy=timers.target storage: files: - path: /etc/hostname mode: 0644 overwrite: true contents: local: hostname - path: /etc/ssh/sshd_config.d/99-custom.conf mode: 0644 user: name: root group: name: root contents: inline: | UseDNS no PermitRootLogin no AllowUsers core@* AuthenticationMethods publickey HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ed25519_key HostKey /etc/ssh/ssh_host_ecdsa_key - path: /etc/ssh/ssh_host_rsa_key mode: 0600 overwrite: true user: name: root group: name: root contents: local: host_keys/ssh_rsa - path: /etc/ssh/ssh_host_rsa_key.pub mode: 0644 overwrite: true user: name: root group: name: root contents: local: host_keys/ssh_rsa.pub - path: /etc/ssh/ssh_host_ed25519_key mode: 0600 overwrite: true user: name: root group: name: root contents: local: host_keys/ssh_ed25519 - path: /etc/ssh/ssh_host_ed25519_key.pub mode: 0644 overwrite: true user: name: root group: name: root contents: local: host_keys/ssh_ed25519.pub - path: /etc/ssh/ssh_host_ecdsa_key mode: 0600 overwrite: true user: name: root group: name: root contents: local: host_keys/ssh_ecdsa - path: /etc/ssh/ssh_host_ecdsa_key.pub mode: 0644 overwrite: true user: name: root group: name: root contents: local: host_keys/ssh_ecdsa.pub