Initial commit

pi4.bu

@@ -0,0 +1,143 @@
+variant: fcos
+version: 1.6.0
+ignition:
+  config:
+    merge:
+      - local: users/arr.ign
+      - local: users/gitea.ign
+      - local: users/homeassistant.ign
+      - local: users/jdownloader.ign
+      - local: users/kiwix.ign
+      - local: users/komga.ign
+      - local: users/navidrome.ign
+      - local: users/nextcloud.ign
+      - local: users/nginx.ign
+      - local: users/pairdrop.ign
+      - local: users/paperless.ign
+      - local: users/pihole.ign
+      - local: users/qbittorrent.ign
+      - local: users/synapse.ign
+      - local: users/tga.ign
+      - local: users/wallabag.ign
+passwd:
+  users:
+    - name: tga
+      ssh_authorized_keys:
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPU3HVxgnW01J1p7fzs3urKETfkhH++liutmaqe4xe20 tga@fedora
+      groups:
+        - sudo
+        - wheel
+    - name: zero
+storage:
+  disks:
+    - device: /dev/disk/by-id/ata-WDC_WD120EFBX-68B0EN0_5QKYB19B
+      wipe_table: false
+      partitions:
+      - number: 1
+        start_mib: 0
+        wipe_partition_entry: false
+        should_exist: true
+        resize: false
+    - device : /dev/disk/by-id/ata-WDC_WD120EFGX-68CPHN0_WD-B00K2ELD
+      wipe_table: false
+      partitions:
+      - number: 1
+        start_mib: 0
+        wipe_partition_entry: false
+        should_exist: true
+        resize: false
+  filesystems:
+    - device: /dev/disk/by-label/nas
+      format: btrfs
+      path: /var/mnt/nas
+      wipe_filesystem: false
+      label: nas
+      uuid: ddc68e10-2b26-4267-ad9c-8ee7753497d9
+      mount_options:
+        - defaults
+        - noatime
+        - nofail
+      with_mount_unit: true
+  files:
+    - path: /opt/bin/enable-all-quadlets.sh
+      contents:
+        local: init/enable-all-quadlets.sh
+      mode: 0755
+    - path: /opt/bin/configure-firewalld.sh
+      contents:
+        local: init/configure-firewalld.sh
+      mode: 0755
+    - path: /opt/bin/add-secrets.sh
+      contents:
+        local: files/add-secrets.sh
+      mode: 0755
+    - path: /etc/containers/systemd/samba.container
+      contents:
+        local: quadlets/samba/samba.container
+    - path: /root/.secrets
+      mode: 0600
+      contents:
+        local: /home/root/.secrets
+    - path: /root/scripts/move-downloads-nextcloud.sh
+      mode: 0755
+      contents:
+        local: /home/root/move-downloads-nextcloud.sh
+    - path: /root/scripts/copy-music.sh
+      mode: 0755
+      contents:
+        local: /home/root/copy-music.sh
+    - path: /etc/ssh/sshd_config.d/99-custom
+      mode: 0644
+      contents:
+        local: files/sshd_config
+    - path: /etc/smartmontools/smartd.conf
+      mode: 0644
+      overwrite: true
+      contents:
+        local: files/smartd.conf
+    - path: /etc/sudoers.d/99-poweroff
+      mode: 0644
+      contents:
+        local: files/poweroff
+    - path: /root/jail.local
+      mode: 0644
+      contents:
+        local: files/jail.local
+systemd:
+  units:
+    - name: fstrim.timer
+      enabled: true
+      mask: false
+    - name: docker.service
+      enabled: false
+      mask: true
+    - name: enable-all-quadlets.service
+      enabled: false
+      contents_local: init/enable-all-quadlets.service
+      mask: false
+    - name: configure-firewalld.service
+      enabled: false
+      contents_local: init/configure-firewalld.service
+      mask: false
+    - name: move-downloads-nextcloud.timer
+      enabled: false
+      contents_local: files/move-downloads-nextcloud.timer
+      mask: false
+    - name: move-downloads-nextcloud.service
+      enabled: false
+      contents_local: files/move-downloads-nextcloud.service
+      mask: false
+    - name: copy-music.timer
+      enabled: false
+      contents_local: files/copy-music.timer
+      mask: false
+    - name: copy-music.service
+      enabled: false
+      contents_local: files/copy-music.service
+      mask: false
+    - name: install-additional-packages.service
+      enabled: true
+      contents_local: files/install-additional-packages.service
+      mask: false
+boot_device:
+  layout: aarch64