132 lines
2.4 KiB
Plaintext
132 lines
2.4 KiB
Plaintext
---
|
|
variant: fcos
|
|
version: 1.6.0
|
|
|
|
passwd:
|
|
users:
|
|
- name: root
|
|
ssh_authorized_keys: []
|
|
|
|
- name: core
|
|
groups:
|
|
- docker
|
|
ssh_authorized_keys_local:
|
|
- core_ssh_keys.pub
|
|
|
|
systemd:
|
|
units:
|
|
- name: docker-image-prune.service
|
|
enabled: false
|
|
contents: |
|
|
[Unit]
|
|
Description=Remove unused images from Docker
|
|
Wants=docker.socket
|
|
After=docker.socket
|
|
After=docker.service
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=docker image prune --force --all --filter 'reference!="catthehacker/ubuntu"'
|
|
ExecStart=docker builder prune --force
|
|
RemainAfterExit=no
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
|
|
- name: docker-image-prune.timer
|
|
enabled: true
|
|
contents: |
|
|
[Unit]
|
|
Description=Start docker-image-prune every day
|
|
|
|
[Timer]
|
|
OnBootSec=30min
|
|
OnUnitActiveSec=1d
|
|
|
|
[Install]
|
|
WantedBy=timers.target
|
|
|
|
storage:
|
|
files:
|
|
- path: /etc/hostname
|
|
mode: 0644
|
|
overwrite: true
|
|
contents:
|
|
local: hostname
|
|
|
|
- path: /etc/ssh/sshd_config.d/99-custom.conf
|
|
mode: 0644
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
inline: |
|
|
UseDNS no
|
|
PermitRootLogin no
|
|
AllowUsers core@*
|
|
AuthenticationMethods publickey
|
|
HostKey /etc/ssh/ssh_host_rsa_key
|
|
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
|
|
- path: /etc/ssh/ssh_host_rsa_key
|
|
mode: 0600
|
|
overwrite: true
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
local: host_keys/ssh_rsa
|
|
|
|
- path: /etc/ssh/ssh_host_rsa_key.pub
|
|
mode: 0644
|
|
overwrite: true
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
local: host_keys/ssh_rsa.pub
|
|
|
|
- path: /etc/ssh/ssh_host_ed25519_key
|
|
mode: 0600
|
|
overwrite: true
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
local: host_keys/ssh_ed25519
|
|
|
|
- path: /etc/ssh/ssh_host_ed25519_key.pub
|
|
mode: 0644
|
|
overwrite: true
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
local: host_keys/ssh_ed25519.pub
|
|
|
|
- path: /etc/ssh/ssh_host_ecdsa_key
|
|
mode: 0600
|
|
overwrite: true
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
local: host_keys/ssh_ecdsa
|
|
|
|
- path: /etc/ssh/ssh_host_ecdsa_key.pub
|
|
mode: 0644
|
|
overwrite: true
|
|
user:
|
|
name: root
|
|
group:
|
|
name: root
|
|
contents:
|
|
local: host_keys/ssh_ecdsa.pub
|