--- # early system configuration anti_phishing_code: "direktil<3" modules: /modules.sqfs auths: - name: novit sshKey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkpbU6sf4t0f6XAv9DuW3XH5iLM0AI5rc8PT2jwea1N password: bXlzZWVk:HMSxrg1cYphaPuUYUbtbl/htep/tVYYIQAuvkNMVpw0 # mypass networks: - name: loopback interfaces: [ { var: iface, n: 1, regexps: [ "^lo$" ] } ] script: | ip a add 127.0.0.1/8 dev lo ip a add ::1/128 dev lo ip li set lo up - name: main interfaces: - var: iface n: 1 regexps: - eth.* - veth.* - eno.* - enp.* script: | ip li set $iface up udhcpc -i $iface -b -t1 -T1 -A5 || ip a add 2001:41d0:306:168f::1337:2eed/64 dev $iface pre_lvm_crypt: - dev: /dev/vda name: sys0 - dev: /dev/vdb name: sys1 lvm: - vg: storage pvs: n: 2 regexps: - /dev/mapper/sys[01] # to match full disks #- /dev/nvme[0-9]+n[0-9]+ #- /dev/vd[a-z]+ #- /dev/sd[a-z]+ #- /dev/hd[a-z]+ # to match partitions: #- /dev/nvme[0-9]+n[0-9]+p[0-9]+ #- /dev/vd[a-z]+[0-9]+ #- /dev/sd[a-z]+[0-9]+ #- /dev/hd[a-z]+[0-9]+ defaults: fs: ext4 raid: mirrors: 1 lvs: - name: bootstrap size: 2g - name: varlog extents: 10%FREE # size: 10g - name: podman extents: 10%FREE # size: 10g - name: dls extents: 100%FREE # size: 10g #crypt: #- dev: /dev/storage/bootstrap #- dev: /dev/storage/dls bootstrap: #dev: /dev/mapper/bootstrap dev: /dev/storage/bootstrap # TODO seed: https://direktil.novit.io/bootstraps/dls-crypt seed: http://192.168.10.254:7606/hosts/m1/bootstrap.tar # TODO seed_sign_key: "..." # TODO load_and_close: true