teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull Requests 4 Releases Activity

tuto3 done

Browse Source
This commit is contained in:
nemunaire 2019-03-29 12:48:57 +01:00 committed by Pierre-Olivier Mercier
parent 82f542e480
commit 87b72cd8b2
2 changed files with 183 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Makefile
View File

@ -48,3 +48,16 @@ tuto2-srs.iso: tuto2.iso pkg/debian-tuto2/isolinux.cfg
tuto2-srs.iso.gz: tuto2-srs.iso tuto2-srs.iso.gz: tuto2-srs.iso
gzip -9 < $< > $@ gzip -9 < $< > $@
tuto3-kernel: tuto3.yml
linuxkit build $<
tuto3-initrd.img: tuto3.yml
linuxkit build $<
tuto3-cmdline: tuto3.yml
linuxkit build $<
tuto3.iso: tuto3.yml
linuxkit build -format iso-bios $<
tuto3.iso.gz: tuto3.iso
gzip -9 < $< > $@

238
tuto3.yml
View File

@ -1,23 +1,36 @@
kernel: kernel:
image: linuxkit/kernel:4.14.27 image: linuxkit/kernel:4.9.165
# cmdline: "console=ttyS0 adlin.token=AlFnv.8pLQ"
cmdline: "console=tty0" cmdline: "console=tty0"
init: init:
- linuxkit/init:b212cfeb4bb6330e0a7547d8010fe2e8489b677a - linuxkit/init:629fdad56e62ae72bf8becf0c8a668241480d3ff
- linuxkit/runc:7c39a68490a12cde830e1922f171c451fb08e731 - linuxkit/runc:606971451ea29b4238029804ca638f9f85caf5af
- linuxkit/containerd:37e397ebfc6bd5d8e18695b121166ffd0cbfd9f0 - linuxkit/containerd:39ac21278cfcc10dbcc32ad7f5abbe820852c5bd
- linuxkit/ca-certificates:v0.2 - linuxkit/ca-certificates:906c46a26fd2df271bf64c0259bf2267f7593213
- linuxkit/getty:v0.2 - linuxkit/getty:01993189b8c583dc91cbbc7d4be131832c0fc205
onboot: onboot:
- name: format
image: linuxkit/format:ada5fd97592c33399140f5f93f517c02f55edb14
command: ["/usr/bin/format", "/dev/sda"]
- name: mount
image: linuxkit/mount:019bc551972cf2d136b443d70b4bf94c54d0d1fe
command: ["/usr/bin/mountie", "/dev/sda1", "/var/lib/adlin"]
- name: sysctl - name: sysctl
image: linuxkit/sysctl:v0.2 image: linuxkit/sysctl:713e535f2d4e4c74aba50cc7f73e3826b2dd3857
binds: binds:
- /etc/sysctl.d/:/etc/sysctl.d/:ro - /etc/sysctl.d/:/etc/sysctl.d/:ro
- name: rngd1
image: linuxkit/rngd:dc49cff2c835b196610a3f2efb585bb276658bce
command: ["/sbin/rngd", "-1"]
# Network: external # Network: external
- name: dhcpcd - name: dhcpcd
image: linuxkit/dhcpcd:v0.2 image: linuxkit/dhcpcd:85738d3d2f152a7879e17a61444f7714b858c2ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
net: new net: new
runtime: runtime:
@ -26,9 +39,20 @@ onboot:
bindNS: bindNS:
net: /run/netns/router net: /run/netns/router
- name: wg
image: nemunaire/wg:9d34420193aee27109e118f27e30e4a197c5f69e
net: /run/netns/router
binds:
- /etc/mresolv.conf:/etc/resolv.conf
- /var/lib/adlin/wireguard:/etc/wireguard
command: ["/bin/ash", "-c", "/usr/bin/ask.sh"]
runtime:
mkdir:
- /var/lib/adlin/wireguard
# Network: workstations # Network: workstations
- name: net-wks-setup - name: net-wks-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip a add 192.168.6.254/24 dev ethwks; ip link set ethwks up;" ] command: ["/bin/sh", "-c", "ip a add 192.168.6.254/24 dev ethwks; ip link set ethwks up;" ]
net: /run/netns/router net: /run/netns/router
runtime: runtime:
@ -37,9 +61,9 @@ onboot:
add: veth add: veth
peer: veth-wks peer: veth-wks
# Network: servers # # Network: servers
- name: net-srv-setup - name: net-srv-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip a add 172.23.42.1/24 dev ethsrv; ip link set ethsrv up;" ] command: ["/bin/sh", "-c", "ip a add 172.23.42.1/24 dev ethsrv; ip link set ethsrv up;" ]
net: /run/netns/router net: /run/netns/router
runtime: runtime:
@ -48,7 +72,7 @@ onboot:
add: veth add: veth
peer: veth-srv peer: veth-srv
- name: net-srvns-setup - name: net-srvns-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip a add 172.23.42.2/24 dev vethin-ns; ip link set vethin-ns up; ip route add default via 172.23.42.1;" ] command: ["/bin/sh", "-c", "ip a add 172.23.42.2/24 dev vethin-ns; ip link set vethin-ns up; ip route add default via 172.23.42.1;" ]
net: new net: new
runtime: runtime:
@ -58,19 +82,19 @@ onboot:
peer: veth-ns peer: veth-ns
bindNS: bindNS:
net: /run/netns/ns net: /run/netns/ns
# - name: net-srvmail-setup - name: net-srvnsauth-setup
# image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
# command: ["/bin/sh", "-c", "ip a add 172.23.42.3/24 dev vethin-mail; ip link set vethin-mail up; ip route add default via 172.23.42.1;" ] command: ["/bin/sh", "-c", "ip a add 172.23.42.3/24 dev vethin-nsauth; ip link set vethin-nsauth up; ip route add default via 172.23.42.1;" ]
# net: new net: new
# runtime: runtime:
# interfaces: interfaces:
# - name: vethin-mail - name: vethin-nsauth
# add: veth add: veth
# peer: veth-mail peer: veth-nsauth
# bindNS: bindNS:
# net: /run/netns/mail net: /run/netns/ns-auth
- name: net-srvdb-setup - name: net-srvdb-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip a add 172.23.42.4/24 dev vethin-db; ip link set vethin-db up; ip route add default via 172.23.42.1;" ] command: ["/bin/sh", "-c", "ip a add 172.23.42.4/24 dev vethin-db; ip link set vethin-db up; ip route add default via 172.23.42.1;" ]
net: new net: new
runtime: runtime:
@ -81,7 +105,7 @@ onboot:
bindNS: bindNS:
net: /run/netns/db net: /run/netns/db
- name: net-srvchat-setup - name: net-srvchat-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip a add 172.23.42.5/24 dev vethin-chat; ip link set vethin-chat up; ip route add default via 172.23.42.1;" ] command: ["/bin/sh", "-c", "ip a add 172.23.42.5/24 dev vethin-chat; ip link set vethin-chat up; ip route add default via 172.23.42.1;" ]
net: new net: new
runtime: runtime:
@ -92,7 +116,7 @@ onboot:
bindNS: bindNS:
net: /run/netns/chat net: /run/netns/chat
- name: net-srvttrss-setup - name: net-srvttrss-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip a add 172.23.42.6/24 dev vethin-ttrss; ip link set vethin-ttrss up; ip route add default via 172.23.42.1;" ] command: ["/bin/sh", "-c", "ip a add 172.23.42.6/24 dev vethin-ttrss; ip link set vethin-ttrss up; ip route add default via 172.23.42.1;" ]
net: new net: new
runtime: runtime:
@ -102,58 +126,71 @@ onboot:
peer: veth-ttrss peer: veth-ttrss
bindNS: bindNS:
net: /run/netns/ttrss net: /run/netns/ttrss
# - name: net-srvmail-setup
# image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
# command: ["/bin/sh", "-c", "ip a add 172.23.42.7/24 dev vethin-mail; ip link set vethin-mail up; ip route add default via 172.23.42.1;" ]
# net: new
# runtime:
# interfaces:
# - name: vethin-mail
# add: veth
# peer: veth-mail
# bindNS:
# net: /run/netns/mail
# Network: bridges # Network: bridges
- name: bridges-setup - name: bridges-setup
image: linuxkit/ip:v0.2 image: linuxkit/ip:4787413a729748bcf7560c73e0b46d38b8a8df2b
command: ["/bin/sh", "-c", "ip link set veth-srv master brsrv; ip link set veth-ns master brsrv; ip link set veth-mail master brsrv; ip link set veth-db master brsrv; ip link set veth-chat master brsrv; ip link set veth-ttrss master brsrv; ip link set veth-srv up; ip link set veth-ns up; ip link set veth-mail up; ip link set veth-db up; ip link set veth-chat up; ip link set veth-ttrss up; ip link set brsrv up; ip link set veth-wks master brwks; ip link set veth-wks1 master brwks; ip link set veth-wks2 master brwks; ip link set veth-wks up; ip link set veth-wks1 up; ip link set veth-wks2 up; ip link set brwks up;" ] command: ["/bin/sh", "-c", "ip link set veth-srv master brsrv; ip link set veth-ns master brsrv; ip link set veth-nsauth master brsrv; ip link set veth-db master brsrv; ip link set veth-chat master brsrv; ip link set veth-ttrss master brsrv; ip link set veth-srv up; ip link set veth-ns up; ip link set veth-nsauth up; ip link set veth-db up; ip link set veth-chat up; ip link set veth-ttrss up; ip link set brsrv up; ip link set veth-wks master brwks; ip link set veth-wks1 master brwks; ip link set veth-wks2 master brwks; ip link set veth-wks up; ip link set veth-wks1 up; ip link set veth-wks2 up; ip link set brwks up;" ]
runtime: runtime:
interfaces: interfaces:
- name: brsrv - name: brsrv
add: bridge add: bridge
- name: brwks - name: brwks
add: bridge add: bridge
- name: veth-wks1
add: veth
peer: ethwks1
- name: veth-wks2
add: veth
peer: ethwks2
services: services:
- name: dhcpcd-wks1 - name: dhcpcd-wks1
image: linuxkit/dhcpcd:v0.2 image: linuxkit/dhcpcd:85738d3d2f152a7879e17a61444f7714b858c2ee
net: new net: new
runtime: runtime:
interfaces: interfaces:
- name: eth1 - name: eth1
- name: ethwks1 - name: ethwks1
add: veth
peer: veth-wks1
bindNS: bindNS:
net: /run/netns/wks1 net: /run/netns/wks1
- name: dhcpcd-wks2 - name: dhcpcd-wks2
image: linuxkit/dhcpcd:v0.2 image: linuxkit/dhcpcd:85738d3d2f152a7879e17a61444f7714b858c2ee
net: new net: new
runtime: runtime:
interfaces: interfaces:
- name: ethwks2 - name: ethwks2
add: veth
peer: veth-wks2
bindNS: bindNS:
net: /run/netns/wks2 net: /run/netns/wks2
- name: sshd-wks1 - name: sshd-wks1
image: linuxkit/sshd:v0.2 image: linuxkit/sshd:6e4740bee64bf44e9913a1db4a38b5c3a5fb6ab1
net: /run/netns/wks1 net: /run/netns/wks1
binds: binds:
- /etc/dpasswd:/etc/passwd - /etc/dpasswd:/etc/passwd
- /etc/dshadow:/etc/shadow - /etc/dshadow:/etc/shadow
- name: sshd-wks2 - name: sshd-wks2
image: linuxkit/sshd:v0.2 image: linuxkit/sshd:6e4740bee64bf44e9913a1db4a38b5c3a5fb6ab1
net: /run/netns/wks2 net: /run/netns/wks2
binds: binds:
- /etc/dpasswd:/etc/passwd - /etc/dpasswd:/etc/passwd
- /etc/dshadow:/etc/shadow - /etc/dshadow:/etc/shadow
- name: router - name: mainrouter
image: nemunaire/adlin-tuto3:0fa628c796ff914e9a0f160c27a79a30092868e3-dirty image: nemunaire/adlin-tuto3:0a3be87ab71564521401498b84280b5d6d1d5649
net: /run/netns/router net: /run/netns/router
command: ["/bin/sh", "-c", "mkdir -p /run/sshd && exec /usr/sbin/sshd -D"] command: ["/bin/sh", "-c", "mkdir -p /run/sshd && exec /usr/sbin/sshd -D"]
capabilities: capabilities:
@ -162,13 +199,39 @@ services:
- /etc/dresolv.conf:/etc/resolv.conf - /etc/dresolv.conf:/etc/resolv.conf
- /etc/dpasswd:/etc/passwd - /etc/dpasswd:/etc/passwd
- /etc/dshadow:/etc/shadow - /etc/dshadow:/etc/shadow
- name: ns - name: matrix
image: nemunaire/tinydeb:1f217c10a67219a46133578b0c316ba80d943b59
net: /run/netns/chat
command: ["/bin/sh", "-c", "mkdir -p /run/sshd && exec /usr/sbin/sshd -D"]
capabilities:
- all
binds:
- /etc/dresolv.conf:/etc/resolv.conf
- /etc/dpasswd:/etc/passwd
- /etc/dshadow:/etc/shadow
- name: ns-resolv
image: nemunaire/unbound:528445043685979b1b479c6c44d68de36bc872ad image: nemunaire/unbound:528445043685979b1b479c6c44d68de36bc872ad
net: /run/netns/ns net: /run/netns/ns
capabilities: capabilities:
- all - all
binds: binds:
- /etc/unbound:/etc/unbound:ro - /etc/unbound:/etc/unbound:ro
- name: ns-auth
image: nemunaire/nsd:1ae159aeaef958859cb2591f8af3a63faa7d4aa5
net: /run/netns/ns-auth
capabilities:
- all
binds:
- /var/lib/adlin/nsd:/etc/nsd:rw
- /var/lib/adlin/nsd-db:/var/db/nsd:rw
- /etc/nsd:/etc/nsd.sample:ro
- /etc/network:/etc/network:ro
- /etc/dpasswd:/etc/passwd
- /etc/dshadow:/etc/shadow
runtime:
mkdir:
- /var/lib/adlin/nsd
- /var/lib/adlin/nsd-db
- name: db - name: db
image: postgres:alpine image: postgres:alpine
net: /run/netns/db net: /run/netns/db
@ -179,22 +242,22 @@ services:
- LANG=en_US.utf8 - LANG=en_US.utf8
- PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/" - PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/"
- PGDATA=/var/lib/postgresql/data - PGDATA=/var/lib/postgresql/data
- POSTGRES_PASSWORD=adlin2019 - POSTGRES_PASSWORD=adlin2020
binds: binds:
- /initdb/init-ttrss.sh:/docker-entrypoint-initdb.d/init-ttrss.sh:ro - /initdb/init-ttrss.sh:/docker-entrypoint-initdb.d/init-ttrss.sh:ro
- /initdb/init-mattermost.sh:/docker-entrypoint-initdb.d/init-mattermost.sh:ro - /initdb/init-matrix.sh:/docker-entrypoint-initdb.d/init-matrix.sh:ro
- name: chat # - name: chat
image: nemunaire/mattermost:ecb81e668c64d07b4453f9b465a6998fc6ceb067-dirty # image: nemunaire/mattermost:ecb81e668c64d07b4453f9b465a6998fc6ceb067-dirty
net: /run/netns/chat # net: /run/netns/chat
capabilities: # capabilities:
- all # - all
command: ["/entrypoint.sh", "/mattermost/bin/platform"] # command: ["/entrypoint.sh", "/mattermost/bin/platform"]
env: # env:
- MM_USERNAME=mattermost # - MM_USERNAME=mattermost
- MM_DBNAME=mattermost # - MM_DBNAME=mattermost
- MM_PASSWORD=adlin2019 # - MM_PASSWORD=adlin2020
binds: # binds:
- /etc/hosts:/etc/hosts:ro # - /etc/hosts:/etc/hosts:ro
- name: ttrss - name: ttrss
image: nemunaire/ttrss:89149d186daf3ebf752a764807dee3180f46b93d-dirty image: nemunaire/ttrss:89149d186daf3ebf752a764807dee3180f46b93d-dirty
net: /run/netns/ttrss net: /run/netns/ttrss
@ -208,7 +271,7 @@ services:
- TTRSS_DB_PORT=5432 - TTRSS_DB_PORT=5432
- TTRSS_DB_NAME=ttrss - TTRSS_DB_NAME=ttrss
- TTRSS_DB_USER=ttrss - TTRSS_DB_USER=ttrss
- TTRSS_DB_PASS=adlin2019 - TTRSS_DB_PASS=adlin2020
- TTRSS_SELF_URL_PATH=http://localhost/ - TTRSS_SELF_URL_PATH=http://localhost/
binds: binds:
- /etc/hosts:/etc/hosts:ro - /etc/hosts:/etc/hosts:ro
@ -226,20 +289,20 @@ files:
#!/bin/sh #!/bin/sh
set -e set -e
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
CREATE USER ttrss WITH PASSWORD 'adlin2019'; CREATE USER ttrss WITH PASSWORD 'adlin2020';
CREATE DATABASE ttrss; CREATE DATABASE ttrss;
GRANT ALL PRIVILEGES ON DATABASE ttrss TO ttrss; GRANT ALL PRIVILEGES ON DATABASE ttrss TO ttrss;
EOSQL EOSQL
mode: "0555" mode: "0555"
- path: /initdb/init-mattermost.sh - path: /initdb/init-matrix.sh
contents: | contents: |
#!/bin/sh #!/bin/sh
set -e set -e
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
CREATE USER mattermost WITH PASSWORD 'adlin2019'; CREATE USER matrix WITH PASSWORD 'adlin2020';
CREATE DATABASE mattermost; CREATE DATABASE matrix;
GRANT ALL PRIVILEGES ON DATABASE mattermost TO mattermost; GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
EOSQL EOSQL
mode: "0555" mode: "0555"
@ -251,15 +314,36 @@ files:
exit 0 exit 0
mode: "0555" mode: "0555"
- path: /etc/init.d/999-getty.sh # - path: /etc/init.d/999-getty.sh
# contents: |
# #!/bin/sh
# while true
# do
# /usr/bin/setsid /usr/bin/nsenter -t $(echo $(ps a | grep sshd | head -1) | cut -d ' ' -f 1) -m -u -n -p -- /sbin/agetty -l /sbin/login 38400 tty1 linux
# sleep 1
# done &
# mode: "0555"
- path: etc/network/interfaces
contents: | contents: |
#!/bin/sh
while true mode: "0440"
do
/usr/bin/setsid /usr/bin/nsenter -t $(echo $(ps a | grep sshd | head -1) | cut -d ' ' -f 1) -m -u -i -n -p -- /sbin/agetty -l /sbin/login 38400 tty1 linux - path: etc/nsd/nsd.conf
sleep 1 contents: |
done & remote-control:
mode: "0555" control-enable: yes
zone:
name: login-x.srs.p0m.fr
zonefile: /etc/nsd/login-x.srs.p0m.fr.zone
mode: "0440"
- path: etc/nsd/login-x.srs.p0m.fr.zone
contents: |
login-x.srs.p0m.fr. 900 SOA ns.login-x.srs.p0m.fr. root.login-x.srs.p0m.fr. 2019032900 172800 3600 2419200 86400
login-x.srs.p0m.fr. 900 NS ns.login-x.srs.p0m.fr.
ns.login-x.srs.p0m.fr. 900 AAAA 2a01:e0a:2b:2250::b
mode: "0440"
- path: etc/unbound/unbound.conf - path: etc/unbound/unbound.conf
contents: | contents: |
@ -279,9 +363,9 @@ files:
domain-insecure: "." domain-insecure: "."
val-permissive-mode: yes val-permissive-mode: yes
trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key" trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key"
local-zone: "adlin.nemunai.re" typetransparent local-zone: "adlin.p0m.fr" typetransparent
local-data: "news.adlin.nemunai.re A 172.23.42.1" local-data: "news.adlin.p0m.fr A 172.23.42.1"
local-data: "im.adlin.nemunai.re A 172.23.42.1" local-data: "matrix.adlin.p0m.fr A 172.23.42.1"
remote-control: remote-control:
control-enable: no control-enable: no
forward-zone: forward-zone:
@ -316,12 +400,13 @@ files:
systemd-network:x:104:106:systemd Network Management,,,:/run/systemd/netif:/bin/false systemd-network:x:104:106:systemd Network Management,,,:/run/systemd/netif:/bin/false
systemd-resolve:x:105:107:systemd Resolver,,,:/run/systemd/resolve:/bin/false systemd-resolve:x:105:107:systemd Resolver,,,:/run/systemd/resolve:/bin/false
systemd-bus-proxy:x:106:108:systemd Bus Proxy,,,:/run/systemd:/bin/false systemd-bus-proxy:x:106:108:systemd Bus Proxy,,,:/run/systemd:/bin/false
nsd:x:107:109::/run/nsd:/usr/sbin/nologin
mode: "0644" mode: "0644"
- path: etc/dshadow - path: etc/dshadow
contents: | contents: |
root:$6$fCh6fLfB$wTiBuIJB2/QLl37VlJ16MsqGmfSDct8ALRpY8kemFC2T4N4eZgdlTnEqTuYn5i4FMc5GoDBx1nfENHQqm0Zgm.:17594:0:99999:7::: root:$6$B0qzwsEh$vfWGpIFUrKGrkT0PVtGhhomBwc.60IBIxjMLyG8mz.NJLFRryjqLK9sA/mzxNSaQViiHsYYrsgmcWVHblfdHg1:17968:0:99999:7:::
daemon:*:17575:0:99999:7::: daemon:*:17575:0:99999:7:::
bin:*:17575:0:99999:7::: bin:*:17575:0:99999:7:::
sys:*:17575:0:99999:7::: sys:*:17575:0:99999:7:::
@ -346,6 +431,7 @@ files:
systemd-network:*:17594:0:99999:7::: systemd-network:*:17594:0:99999:7:::
systemd-resolve:*:17594:0:99999:7::: systemd-resolve:*:17594:0:99999:7:::
systemd-bus-proxy:*:17594:0:99999:7::: systemd-bus-proxy:*:17594:0:99999:7:::
nsd:*:17594:0:99999:7:::
mode: "0640" mode: "0640"
- path: etc/dresolv.conf - path: etc/dresolv.conf
@ -353,6 +439,16 @@ files:
nameserver 172.23.42.2 nameserver 172.23.42.2
mode: "0644" mode: "0644"
- path: var/lib/adlin
directory: true
mode: "0755"
- path: etc/mresolv.conf
contents: |
nameserver 9.9.9.9
nameserver 1.1.1.1
mode: "0644"
trust: trust:
org: org:
- linuxkit - linuxkit