Add Belle's Butane config
This commit is contained in:
parent
4fe677c0d5
commit
4ecfea6cfb
1 changed files with 122 additions and 0 deletions
122
Belle.bu
Normal file
122
Belle.bu
Normal file
|
@ -0,0 +1,122 @@
|
|||
# Fedora CoreOS Butane config for Belle
|
||||
# This will:
|
||||
# 1. Set up "core" user with ssh pubkeys
|
||||
# 2. Disable Password login over ssh
|
||||
# 3. Set up rootless access for serial converters and set symlinks
|
||||
# 4. Set up zram with default configuration
|
||||
# 5. Set manual LAN IP on eno1 to 192.168.10.41/24, gateway and DNS to 192.168.10.254, there is no firewall on CoreOS
|
||||
# 6. Set kargs rhgb quiet pcie_aspm=off audit=0 intel_iommu=on
|
||||
# TODO: Enable linger for user "core": `loginctl enable-linger`
|
||||
# TODO: enable podman socket for user "core"
|
||||
|
||||
variant: fcos
|
||||
version: 1.5.0
|
||||
passwd:
|
||||
users:
|
||||
- name: core
|
||||
ssh_authorized_keys:
|
||||
- ssh-ed25519 ...
|
||||
|
||||
kernel_arguments:
|
||||
should_exist:
|
||||
- "rhgb"
|
||||
- "quiet"
|
||||
- "pcie_aspm=off"
|
||||
- "audit=0"
|
||||
- "intel_iommu=on"
|
||||
|
||||
storage:
|
||||
links:
|
||||
- path: /etc/localtime
|
||||
target: ../usr/share/zoneinfo/Asia/Bangkok
|
||||
files:
|
||||
- path: /etc/NetworkManager/system-connections/eno1.nmconnection
|
||||
mode: 0600
|
||||
contents:
|
||||
inline: |
|
||||
[connection]
|
||||
id=
|
||||
uuid=
|
||||
type=ethernet
|
||||
interface-name=
|
||||
timestamp=
|
||||
|
||||
[ethernet]
|
||||
|
||||
[ipv4]
|
||||
address1=192.168.10.41/24,192.168.10.254
|
||||
dns=192.168.10.254;
|
||||
method=manual
|
||||
|
||||
[ipv6]
|
||||
addr-gen-mode=eui64
|
||||
method=auto
|
||||
|
||||
[proxy]
|
||||
- path: /etc/hostname
|
||||
mode: 0644
|
||||
contents:
|
||||
inline: belle
|
||||
- path: /etc/udev/rules.d/51-smartmeter.rules
|
||||
mode: 0644
|
||||
contents:
|
||||
inline: SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", MODE="0777", SYMLINK+="ttyUSB_FT232"
|
||||
- path: /etc/udev/rules.d/50-arduino.rules
|
||||
mode: 0644
|
||||
contents:
|
||||
inline: SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", MODE="0777", SYMLINK+="ttyUSB_CH340"
|
||||
- path: /etc/systemd/zram-generator.conf
|
||||
mode: 0644
|
||||
contents:
|
||||
inline: |
|
||||
# This config file enables a /dev/zram0 device with the default settings
|
||||
[zram0]
|
||||
- path: /etc/sysctl.d/50-unpriv-port.conf
|
||||
mode: 0644
|
||||
contents:
|
||||
inline: |
|
||||
net.ipv4.ip_unprivileged_port_start=80
|
||||
- path: /etc/ssh/sshd_config.d/60-disable-password-login.conf
|
||||
mode: 0644
|
||||
contents:
|
||||
inline: |
|
||||
ChallengeResponseAuthentication no
|
||||
PasswordAuthentication no
|
||||
PermitRootLogin no
|
||||
|
||||
systemd:
|
||||
units:
|
||||
# Install TTT Starter Pack (htop, git, lm_sensors, smartmontools)
|
||||
- name: rpm-ostree-install-ttt-starterpack.service
|
||||
enabled: true
|
||||
contents: |
|
||||
[Unit]
|
||||
Description=Install TTT Starter Pack
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
Before=zincati.service
|
||||
ConditionPathExists=!/var/lib/%N.stamp
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
ExecStart=/usr/bin/rpm-ostree install htop git lm_sensors smartmontools
|
||||
ExecStart=/usr/bin/touch /var/lib/%N.stamp
|
||||
ExecStart=/usr/bin/systemctl --no-block reboot
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- name: run-media-core-Data1.mount
|
||||
enabled: true
|
||||
contents: |
|
||||
[Unit]
|
||||
Description=Mount Data1
|
||||
|
||||
[Mount]
|
||||
What=UUID=
|
||||
Where=/run/media/core/Data1
|
||||
Type=ext4
|
||||
Options=defaults
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target default.target
|
Loading…
Reference in a new issue