tag/v2.6.0/test-initrd/config.yaml

---
# early system configuration
anti_phishing_code: "direktil<3"

modules: /modules.sqfs

vpns:
  wgprov: |-
    [Interface]
    PrivateKey = GGM/MwPYrN9HZHsWrEv0RtX/aHXcXzkrZnZWiMgNrEg=
    ListenPort = 54321
    Address = 10.9.8.7/24

    [Peer] # admin1
    PresharedKey = oH1OhMWGPg+Qvq3w5mmp6paIi/1bMKl48r0Su2P1F3g=
    PublicKey = /j/uawB3nM+36fOxWgI/kK412TvHlYU3T8qxr38hpAs=
    AllowedIPs = 10.9.8.1/24

auths:
  - name:     novit
    sshKey:   ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkpbU6sf4t0f6XAv9DuW3XH5iLM0AI5rc8PT2jwea1N
    password: bXlzZWVk:HMSxrg1cYphaPuUYUbtbl/htep/tVYYIQAuvkNMVpw0 # mypass

signer_public_key: 'MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAd5sR4NqLtjSt8ESNlYWvuufYj7v+aYGDlgxQThcKbzDPVe639IfH94hHE0l9TAfyU94qtN/GpFyKJ68F/u2pu70A/umT1m24ELFDqXlQXqhTsH91r+nYUZ7due3EqSrvru/yjchNNRkpoCCu3QkDF25KnrYfWWHqj9ZIRlBTCJE9SwM='


ssh:
  listen: "[::]:22"
  user_ca: /user_ca.pub

networks:
- name: loopback
  interfaces: [ { var: iface, n: 1, udev: !eq [INTERFACE, lo] } ]
  script: |
    ip a add 127.0.0.1/8 dev lo
    ip a add ::1/128 dev lo
    ip li set lo up
- name: main
  interfaces:
  - var: iface
    n: 1
    udev: !has ID_NET_NAME_MAC
  script: |
    ip li set $iface up
    ip a add 192.168.12.42/24 dev $iface
    ip a add fd12:6e76:7474::1337:2eed/64 dev $iface
    ip route add default via 192.168.12.254
    ip route add default via fd12:6e76:7474::1 dev $iface

pre_lvm_crypt:
- name: sys-${name}
  udev: !glob [ DEVNAME, /dev/vd* ]

lvm:
- vg: storage
  pvs:
    n: 2
    regexps:
    - ^/dev/mapper/sys-
    # to match full disks
    #- /dev/nvme[0-9]+n[0-9]+
    #- /dev/vd[a-z]+
    #- /dev/sd[a-z]+
    #- /dev/hd[a-z]+
    # to match partitions:
    #- /dev/nvme[0-9]+n[0-9]+p[0-9]+
    #- /dev/vd[a-z]+[0-9]+
    #- /dev/sd[a-z]+[0-9]+
    #- /dev/hd[a-z]+[0-9]+

  defaults:
    fs: ext4
    raid:
      mirrors: 1

  lvs:
  - name: bootstrap
    size: 2g

  - name: varlog
    size: 256m
  - name: kubelet
    size: 256m
  - name: containerd
    size: 1g
  - name: etcd
    size: 256m

  - name: podman
    extents: 10%FREE
    # size: 10g

  - name: dls
    extents: 100%FREE
    # size: 10g

#crypt:
#- dev: /dev/storage/bootstrap
#- dev: /dev/storage/dls

bootstrap:
  dev: /dev/storage/bootstrap
  seed: http://192.168.12.254:7606/public/download-set/host/m1/bootstrap.tar?set=IDOXJLLOTHDU2UQPP7CQEBEWC4ZVHTH34BSNPBY6JUGPUVHD2MCKX46LIBOVPG46EXUNPUTYACUEVIQFC2HTIWJCMUXANM36TVKQSRAJAQRE2GDEOC4RWAAAQA3DSZJVGEZDKNT4NA5G2MJ2MJXW65DTORZGC4BOORQXEAAAAAAH4BI7JU
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								---
 								# early system configuration
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								anti_phishing_code: "direktil<3"
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
 								modules: /modules.sqfs
-												migrate to rust

											
										
										
											2024-04-29 12:54:25 +02:00
+								vpns:
 								  wgprov: |-
 								    [Interface]
 								    PrivateKey = GGM/MwPYrN9HZHsWrEv0RtX/aHXcXzkrZnZWiMgNrEg=
 								    ListenPort = 54321
 								    Address = 10.9.8.7/24
 								    [Peer] # admin1
 								    PresharedKey = oH1OhMWGPg+Qvq3w5mmp6paIi/1bMKl48r0Su2P1F3g=
 								    PublicKey = /j/uawB3nM+36fOxWgI/kK412TvHlYU3T8qxr38hpAs=
 								    AllowedIPs = 10.9.8.1/24
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								auths:
 								  - name:     novit
 								    sshKey:   ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkpbU6sf4t0f6XAv9DuW3XH5iLM0AI5rc8PT2jwea1N
 								    password: bXlzZWVk:HMSxrg1cYphaPuUYUbtbl/htep/tVYYIQAuvkNMVpw0 # mypass
-												umount modules before switch_root

											
										
										
											2026-04-18 20:07:32 +02:00
+								signer_public_key: 'MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAd5sR4NqLtjSt8ESNlYWvuufYj7v+aYGDlgxQThcKbzDPVe639IfH94hHE0l9TAfyU94qtN/GpFyKJ68F/u2pu70A/umT1m24ELFDqXlQXqhTsH91r+nYUZ7due3EqSrvru/yjchNNRkpoCCu3QkDF25KnrYfWWHqj9ZIRlBTCJE9SwM='
-												bootstrap: verify signatures

											
										
										
											2025-07-06 15:43:42 +02:00
-												migrate to rust

											
										
										
											2024-04-29 12:54:25 +02:00
+								ssh:
 								  listen: "[::]:22"
 								  user_ca: /user_ca.pub
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								networks:
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								- name: loopback
-												allow device matching by udev properties

											
										
										
											2025-11-10 19:15:22 +01:00
+								  interfaces: [ { var: iface, n: 1, udev: !eq [INTERFACE, lo] } ]
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								  script: |
 								    ip a add 127.0.0.1/8 dev lo
 								    ip a add ::1/128 dev lo
 								    ip li set lo up
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								- name: main
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								  interfaces:
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								  - var: iface
 								    n: 1
-												allow device matching by udev properties

											
										
										
											2025-11-10 19:15:22 +01:00
+								    udev: !has ID_NET_NAME_MAC
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								  script: |
 								    ip li set $iface up
-												umount modules before switch_root

											
										
										
											2026-04-18 20:07:32 +02:00
+								    ip a add 192.168.12.42/24 dev $iface
 								    ip a add fd12:6e76:7474::1337:2eed/64 dev $iface
 								    ip route add default via 192.168.12.254
 								    ip route add default via fd12:6e76:7474::1 dev $iface
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
-												feature: pre_lvm_crypt

											
										
										
											2023-12-17 13:48:18 +01:00
+								pre_lvm_crypt:
-												allow device matching by udev properties

											
										
										
											2025-11-10 19:15:22 +01:00
+								- name: sys-${name}
 								  udev: !glob [ DEVNAME, /dev/vd* ]
-												feature: pre_lvm_crypt

											
										
										
											2023-12-17 13:48:18 +01:00
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								lvm:
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								- vg: storage
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								  pvs:
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								    n: 2
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								    regexps:
-												allow device matching by udev properties

											
										
										
											2025-11-10 19:15:22 +01:00
+								    - ^/dev/mapper/sys-
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								    # to match full disks
-												feature: pre_lvm_crypt

											
										
										
											2023-12-17 13:48:18 +01:00
+								    #- /dev/nvme[0-9]+n[0-9]+
 								    #- /dev/vd[a-z]+
 								    #- /dev/sd[a-z]+
 								    #- /dev/hd[a-z]+
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								    # to match partitions:
 								    #- /dev/nvme[0-9]+n[0-9]+p[0-9]+
 								    #- /dev/vd[a-z]+[0-9]+
 								    #- /dev/sd[a-z]+[0-9]+
 								    #- /dev/hd[a-z]+[0-9]+
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
 								  defaults:
 								    fs: ext4
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								    raid:
 								      mirrors: 1
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
 								  lvs:
 								  - name: bootstrap
 								    size: 2g
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								  - name: varlog
-												umount modules before switch_root

											
										
										
											2026-04-18 20:07:32 +02:00
+								    size: 256m
 								  - name: kubelet
 								    size: 256m
 								  - name: containerd
 								    size: 1g
 								  - name: etcd
 								    size: 256m
-												move to clean crypt handling

											
										
										
											2023-02-02 00:28:36 +01:00
 								  - name: podman
 								    extents: 10%FREE
 								    # size: 10g
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00
+								  - name: dls
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
+								    extents: 100%FREE
-												move to clean crypt handling

											
										
										
											2023-02-02 00:28:36 +01:00
+								    # size: 10g
-												feature: pre_lvm_crypt

											
										
										
											2023-12-17 13:48:18 +01:00
+								#crypt:
 								#- dev: /dev/storage/bootstrap
 								#- dev: /dev/storage/dls
-												boot v2 progress: disks, ssh, success...

											
										
										
											2022-03-08 11:45:56 +01:00
 								bootstrap:
-												feature: pre_lvm_crypt

											
										
										
											2023-12-17 13:48:18 +01:00
+								  dev: /dev/storage/bootstrap
-												umount modules before switch_root

											
										
										
											2026-04-18 20:07:32 +02:00
+								  seed: http://192.168.12.254:7606/public/download-set/host/m1/bootstrap.tar?set=IDOXJLLOTHDU2UQPP7CQEBEWC4ZVHTH34BSNPBY6JUGPUVHD2MCKX46LIBOVPG46EXUNPUTYACUEVIQFC2HTIWJCMUXANM36TVKQSRAJAQRE2GDEOC4RWAAAQA3DSZJVGEZDKNT4NA5G2MJ2MJXW65DTORZGC4BOORQXEAAAAAAH4BI7JU
-												prepare boot v2

											
										
										
											2022-02-04 19:59:42 +01:00