Start playing with metadata
This commit is contained in:
parent
6caf8c53b9
commit
8717fc24fd
6 changed files with 101 additions and 55 deletions
|
|
@ -21,6 +21,16 @@ onboot:
|
|||
- name: sysctl
|
||||
image: linuxkit/sysctl:a88a50c104d538b58da5e1441f6f0b4b738f76a6
|
||||
|
||||
# Metadata
|
||||
- name: metadata-mount
|
||||
image: linuxkit/mount:f671cb94a8999a65e33b3fe79f3def58e3d58b07
|
||||
command: ["/usr/bin/mountie", "-device", "/dev/sda1", "/boot" ]
|
||||
- name: metadata
|
||||
image: linuxkit/metadata:501144d47215671e77b9cac44748a04f21236195
|
||||
command: ["/usr/bin/metadata", "-v", "file=/fickit-metadata"]
|
||||
binds:
|
||||
- /boot/fickit-metadata:/fickit-metadata:ro
|
||||
|
||||
# Filesystem
|
||||
- name: swap
|
||||
image: linuxkit/swap:d17a7f1c26ff768c26b3c206ccf3aa72349568df
|
||||
|
|
@ -28,6 +38,8 @@ onboot:
|
|||
- name: dm-crypt
|
||||
image: linuxkit/dm-crypt:526d32351c8246431be8e1a168cb514ff3c365af
|
||||
command: ["/usr/bin/crypto", "-l", "crypt_fic", "/dev/sda3"]
|
||||
binds:
|
||||
- /run/config/dm-crypt:/etc/dm-crypt
|
||||
- name: mount
|
||||
image: linuxkit/mount:f671cb94a8999a65e33b3fe79f3def58e3d58b07
|
||||
command: ["/usr/bin/mountie", "-device", "/dev/mapper/crypt_fic", "/var/lib/fic" ]
|
||||
|
|
@ -152,7 +164,7 @@ services:
|
|||
- /etc/hosts:/etc/hosts:ro
|
||||
- /etc/resolv.conf:/etc/resolv.conf:ro
|
||||
- /etc/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf:ro
|
||||
- /etc/nginx/ssl/:/etc/nginx/ssl/:ro
|
||||
- /run/config/tls_config/:/etc/nginx/ssl/:ro
|
||||
- /etc/nginx/fic-auth.conf:/etc/nginx/fic-auth.conf:ro
|
||||
- /etc/nginx/fic-get-team.conf:/etc/nginx/fic-get-team.conf:ro
|
||||
- /www/htdocs-frontend:/srv/htdocs-frontend:ro
|
||||
|
|
@ -213,7 +225,7 @@ services:
|
|||
binds:
|
||||
- /etc/hosts:/etc/hosts:ro
|
||||
- /var/lib/fic/ssh:/etc/ssh:ro
|
||||
- /root/.ssh/id_synchro.pub:/root/.ssh/authorized_keys:ro
|
||||
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys:ro
|
||||
- /var/lib/fic/files:/srv/FILES
|
||||
- /var/lib/fic/pki:/srv/PKI
|
||||
- /var/lib/fic/settingsdist:/srv/SETTINGSDIST
|
||||
|
|
@ -310,25 +322,9 @@ files:
|
|||
source: configs/sysctl-frontend.conf
|
||||
mode: "0444"
|
||||
|
||||
- path: etc/nginx/ssl/dhparams-4096.pem
|
||||
source: configs/dhparams-4096.pem
|
||||
mode: "0444"
|
||||
- path: etc/nginx/ssl/fullchain.pem
|
||||
source: configs/fic.srs.epita.fr/fullchain.pem
|
||||
mode: "0444"
|
||||
- path: etc/nginx/ssl/privkey.pem
|
||||
source: configs/fic.srs.epita.fr/privkey.pem
|
||||
mode: "0440"
|
||||
|
||||
- path: etc/hosts
|
||||
source: configs/hosts
|
||||
mode: "0644"
|
||||
- path: root/.ssh/authorized_keys
|
||||
source: configs/authorized_keys
|
||||
mode: "0400"
|
||||
- path: root/.ssh/id_synchro.pub
|
||||
source: configs/id_ed25519.pub
|
||||
mode: "0400"
|
||||
|
||||
- path: etc/dhcp/dhcpd.conf
|
||||
source: configs/dhcpd.conf
|
||||
|
|
@ -473,10 +469,6 @@ files:
|
|||
COMMIT
|
||||
mode: "0440"
|
||||
|
||||
- path: etc/dm-crypt/key
|
||||
source: configs/dm-crypt.key
|
||||
mode: "0440"
|
||||
|
||||
trust:
|
||||
org:
|
||||
- linuxkit
|
||||
|
|
|
|||
Reference in a new issue