titanz/Fedora-CoreOS-Ignition
1
0
Fork 0
mirror of https://github.com/TommyTran732/Fedora-CoreOS-Ignition.git synced 2025-06-06 17:34:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Daily updates

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2025-06-02 05:57:57 -07:00
parent cc7b76262e
commit a9871c9452
No known key found for this signature in database
GPG Key ID: 555C902A34EC968F
4 changed files with 7 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
x86.ign → x86-metropolis-nexus.ign
View File

File diff suppressed because one or more lines are too long

27
x86.yml → x86-metropolis-nexus.yml
View File

@ -47,30 +47,9 @@ systemd:
ExecStart=/usr/sbin/setsebool -P virt_use_nfs off ExecStart=/usr/sbin/setsebool -P virt_use_nfs off
ExecStart=/usr/sbin/setsebool -P virt_use_samba off ExecStart=/usr/sbin/setsebool -P virt_use_samba off
ExecStart=/usr/bin/rpm-ostree override remove containerd docker-cli dnsmasq google-compute-engine-guest-configs-udev iptables-legacy iptables-legacy-libs moby-engine runc ExecStart=/usr/bin/rpm-ostree override remove containerd docker-cli dnsmasq google-compute-engine-guest-configs-udev iptables-legacy iptables-legacy-libs moby-engine runc
ExecStart=/usr/bin/rpm-ostree install docker-ce docker-compose-plugin firewalld hardened_malloc qemu-guest-agent tuned ExecStart=/usr/bin/rpm-ostree install docker-ce docker-compose-plugin hardened_malloc qemu-guest-agent tuned
ExecStart=/usr/bin/sed -i 's/\s+nullok//g' /etc/pam.d/system-auth ExecStart=/usr/bin/sed -i 's/\s+nullok//g' /etc/pam.d/system-auth
ExecStart=/usr/bin/touch /var/lib/%N.stamp
ExecStart=/usr/bin/systemctl --no-block reboot
[Install]
WantedBy=multi-user.target
- name: postinst2.service
enabled: true
contents: |
[Unit]
Description=Initial System Setup Part 2
# We run this after the packages have been overlayed
After=network-online.target
ConditionPathExists=!/var/lib/%N.stamp
ConditionPathExists=/var/lib/postinst.stamp
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/echo 'libhardened_malloc.so' > /etc/ld.so.preload ExecStart=/usr/bin/echo 'libhardened_malloc.so' > /etc/ld.so.preload
ExecStart=/usr/bin/systemctl enable --now firewalld
ExecStart=/usr/bin/firewall-cmd --lockdown-on
ExecStart=/usr/bin/firewall-cmd --permanent --remove-service=mds
ExecStart=/usr/bin/touch /var/lib/%N.stamp ExecStart=/usr/bin/touch /var/lib/%N.stamp
ExecStart=/usr/bin/systemctl --no-block reboot ExecStart=/usr/bin/systemctl --no-block reboot
@ -149,10 +128,10 @@ systemd:
enabled: false enabled: false
contents: | contents: |
[Unit] [Unit]
Description=Run docker-compose-updater for /srv/%I once a week, 15 mintues after OS updates Description=Run docker-compose-updater for /srv/%I daily, 15 mintues after OS updates
[Timer] [Timer]
OnCalendar=Fri 2:15 OnCalendar=daily 3:15
Persistent=true Persistent=true
[Install] [Install]

2
x86-unbound.ign
View File

File diff suppressed because one or more lines are too long

4
x86-unbound.yml
View File

@ -151,10 +151,10 @@ systemd:
enabled: false enabled: false
contents: | contents: |
[Unit] [Unit]
Description=Run docker-compose-updater for /srv/%I once a week, 15 mintues after OS updates Description=Run docker-compose-updater for /srv/%I daily, 15 mintues after OS updates
[Timer] [Timer]
OnCalendar=Fri 2:15 OnCalendar=daily 3:15
Persistent=true Persistent=true
[Install] [Install]