From 4b0ac30354fb3fc0c34994304fea32b0d7fb76c8 Mon Sep 17 00:00:00 2001
From: Alex Palaistras <alex@deuill.org>
Date: Tue, 24 Aug 2021 19:15:52 +0100
Subject: [PATCH] Introduce host configuration for `lhr01srv`

---
 host/lhr01srv/lhr01srv.env.gpg | Bin 0 -> 2585 bytes
 host/lhr01srv/spec.bu          |  98 +++++++++++++++++++++++++++++++++
 2 files changed, 98 insertions(+)
 create mode 100644 host/lhr01srv/lhr01srv.env.gpg
 create mode 100644 host/lhr01srv/spec.bu

diff --git a/host/lhr01srv/lhr01srv.env.gpg b/host/lhr01srv/lhr01srv.env.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..55ad80e57d061b4fc389d2ce756a84c7423065c9
GIT binary patch
literal 2585
zcmV+!3g-2N0t^E@y8KTiHb4#m5C20LzbRb{#x10m^2UtqJz$gXHLeyswe9}UFkj|g
z06~MjRmo|N8^xSyl(tG6%$G(>rH?akZ<RZ3dWlT%XTb;I4uJm2UgI&419%sYCai~9
zh1RTs%}~0O*pZ5@5%#8lqwd58j@w=SEBgdUr@vi^uafYew4Gh@bFxzcWp@m7D7a);
zktlN?T0zb)SEB$jbrPM;4&_N1AuV?G1uPu$jI9{$pIkf+qGPmslrC#JYiFBJC-k>i
zBjiK<c&-FhM6c6!w{@}cUy{;y45RcB!5-`#raCe#T`iX(Kjh{UUv~{8oBkt9nMhaa
z6k%<`Qy2A^0s7y)4<VKyk7APBpeSreO<DW8EEqPud=X$ko1wWvIwt^I8rT1q@Z1}v
zY-v$|TfUp_$V@ha__j27U3=nAF0ymV(?wBmI|AC*&FZphCHKM^t^|m*mL7Qm6!`~D
z?m-_iLgmLeRq8l!BEYce24d}rXT73XaHUwXDo4#Ybru|^fDj16?MWL)4{Q?Kui)=C
z62M`DXk5*Ib{#KSzsnT#1+|&jATL?Ln|eZ<k<3Xs6yojA@lZ5*`o;hNPnCJz_TXxv
z^%>~jdLCRy{`d3ka!3%9ljAd9tAAw*OoyTnbx7>K!Saz{(>lH%)23-FP<x(y_y40!
z5rpms%jwdH(s{M5!Vc2w0dLx4;E3HZ8;aJ<{^p4R<y;r8A5#NZx8#UDp$eq6;#ILK
z6Y~XD-W~J1dy7GeaG5D9V3g6Zh!7bWOImP5P{P>`0EoC=UXb|sFSi_`9+Tj#H&Qzo
zg0iA@{OFTJIR}Hw=p?597!BPvs6V#qJ;)XT=d{2UV@6<&)>`m{%RI<i`Fs1T&kNLE
ztJFuDn@okUc#9?idr~C0bw)D(XB5L@`Po8qAK`hs7K#`cBNFlQ5zs9$c2Mc54xf8S
zOXh^ocqEX^12TpAsXXObWhQVfw39~hs~{iwkfKb{siD8@-Vc3;EGd*i&DC`Ots6!>
z*~Hufp0^4CS^j9edlkVW>re`Dlyc}7@dQ3Z(Og3zU6MQ(2b^*L;20Dl#$XZU%o}vN
zrGCv6IkC2=sVaMo*HYhDtT`V!)vh7uQb}IQv2nz+z&k5|cEye+SVOhB&-&uMAFJN5
z-m~)b^;AeRm76`57Hc9;)D1L=&MGjJzTKj-*OsPuNKb_o;$NNFY$eV?ZCUo;G|C>x
z$^M7^doww#yteYg{iRn+yrb=L>*X54PsW4S4w|wM%g^#luVt=F+m26O0}gFu*dT5@
z&&TMRz-h*~#PI$nOHK$Ae>Hf1cb00aqH;d=Du93uZa~Zq1d}Jt!!ZTKl>Aej7_2H8
z#m@3GCETB%!kjaWoPnEHyA};VV?m#0r*9w_7P2)&RxQc9J99P?NLwPNop$@)#G>o}
zIPL`tIbOHw{=2IaG#{&)i|iF$8^f9kk(CrU2|<@<lMJSQ%EaQii`*&byyla{oX~?p
z@e1?iqT`uX0H_VvU!P|ryU|Ehx)a6ZMnBd4e_?(GE~QR5**f^h<?mwe5>=vv$Pv|}
zj*SJI{F-z!;D)Xs3jD>6W)Tu~U==%aq0hIsFi$~UtJ{;LG1zs=GMtaY2ML&);Zuzi
z((hz#;oEs(H+z+s>}uB|wdY1>f3gDRx!agYwFVn+Nea_@Bm5kh+)OJa6bViM#pp8N
za*xLOjN7ZZLPbxYsO)EzcH4GL?kGx-@oz(5%g7xdVXAftWmW@tPy8G5ouUpNEzeoK
zCy9@cghiJpDcYvqqM)S>s*dLKN#GMLqS8+hGd^c%$a|MyR_rM1o&w?d1|UW7F#K7K
z&5md^MofjE;#a)Cyw)$0w80Gvw@l0T;Not)w)!xE-201RMr#CWwgmFvB9dC|m=S?S
zBQ*nm_kQxexwKY9xD(8cu=K^zswZ$T&PkztHN^|f=MJL$)4WF8e%C7(+s@fFuF_sn
z({Crvqylv9j*9OePhj8AW#oPPkWNSB7sl|hT&YTotSh-xvTlxad?uQQm3#G{zxV|#
z%Mw7)d-(dL8jX|e8WoQ$BXGdr(mq4#=P92>kFRo4b)U;st52__8*&4$FMCTOq<$20
z&(&At=8@oMm>b2jmuN3|>cM&(*6zumo7|UU{W3I`rBvIv?&jgEXm$Nq-LVY|)Kp(7
zz;eoW!m?bB2oZih`keTCICwBlm&B$gT@Lhj(hc;lGve9mz-lapCs`_|3isMVQa$oo
z4NM@uF9*)g?Ox<}8iq$pMUR4g%@0>%Zne1)kd=cwuL46DYp_QN4%XGajVmY2(6M2T
zE%$qhxx$h%3Ij=0y_!T0747=yA<|(JuM+&PgM9%<k+E9>yEt~&Y5^fAFSfgPs>^Fz
zw{Y%h07RcYD_W?6F>3ToOYI$G*@cGYjHZl<a3-$God-y9ecQFBk(gnXsulz)fE4y`
zgJw=s(xvZu4az<7Ze_Sd<W4WX{e<pb4u+F$PwatWG6T-EXfDc5v>NAAeClB^#4M~5
zSuK2!oBju&c`U~ShiVybwZCCV>GCi}<oh1-Dky*?@XYz#q6)CyhygF0Z+N5fd*!P1
zM0$EHOjJ#Nu}%ym_Co3RR3fW3ME?eSQO7=~#f%`0NYL%(Z=bnnF8Se&!IekCE>ot8
zXyNeHg`VTwmTEiKeoCWLwxaU<rXY{>cIIbbV<BD!pDn=M3`A{O;Js@>rB?j~XVEFb
zCGII{u6(>ObNB@jOvy6&rPbjm0SBL?d#UAM@=|;{iH}u5<5@Ox8Otwe;0_x0|CJ&F
z(zB^qQuT`;fB4KmW?hGg@G^ysciDP+@gOA9TmX3%3-whcRK;_OEvV+1%WIzkxLz#=
z|BD}RhEW(@Ma*&NCW9@kiSts)N2@4i3AEw`5vEM-V)n1vqjJ-f?1?)%Ud!Jd2F~M=
zL+xjS?JM$!$u#s!Q{|7OY8}MY_OVemnjvRZxK2MPsA2U^EIQx=URgoDVix%!rH#49
zI0BSN5Jy6se0**0yY%v0@mpiw7g^JglX`1tp~^J8uV*S%?;0AZ_;NDtEQ1bRjt>HU
zvZ6-M3X4t?j_ND@hLkM?boE0YBcZp?nrlUT`FP#OcGQZaJ+9fw`*drFQIqmEpZOnu
z40Q)>82;NIOW=_~yXaVA8j$v2;)PSWB+zL@r=>w9esbmHWh}92REPSkf?mU8Q(iMw
zd?3Q^h9^(&^~itqSynega!i86v+z#Mo#=3Q*#CN$Eut38Y)EduH#qW^eygtQ<8J*p
zgzWOqre?B=K7P_9!wNEBN3LTs8u)@hXiT8Y98>#N4KJjB5^E-h^AiYq9lS}xY^=Sw
vb(6<;z)_k-h~nmhFW_F%l0j$|2F|-(+L;ooljRZc?~&A32cVijdb87ve%=k=

literal 0
HcmV?d00001

diff --git a/host/lhr01srv/spec.bu b/host/lhr01srv/spec.bu
new file mode 100644
index 0000000..74a6f2c
--- /dev/null
+++ b/host/lhr01srv/spec.bu
@@ -0,0 +1,98 @@
+variant: fcos
+version: 1.3.0
+ignition:
+  config:
+    merge:
+      - local: common/logging.ign
+      - local: common/container.ign
+      - local: service/redis/spec.ign
+      - local: service/mariadb/spec.ign
+      - local: service/nginx/spec.ign
+      - local: service/letsencrypt/spec.ign
+      - local: service/git/spec.ign
+      - local: service/dovecot/spec.ign
+      - local: service/postfix/spec.ign
+      - local: service/rspamd/spec.ign
+      - local: service/prosody/spec.ign
+      - local: service/biboumi/spec.ign
+      - local: service/discord-ircd/spec.ign
+      - local: service/spectrum/spec.ign
+      - local: service/radicale/spec.ign
+      - local: private/spec.ign
+
+passwd:
+  users:
+    - name: core
+      ssh_authorized_keys:
+        - ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD46O1S/DSegplXd2Py5loFW2ZYahNvmUYGaFesR8Bo+A+vdmNur7eJ2Ke18j86E2VrVCnzze7EL3dqG1WmseektgClfyeDau+wSvvL8DPNc8JZFdoSd//Kk/OGmJcFfZjag0EXYqYuO/sgHE6yystnwB5ya5PaChNCDr7nG6j5qBJtYw==
+        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDkzmZlPFoz3pN5S0J4z+OIuEx/vyXySfm1Y+KJzPt5kS7CGQ5SvJG8LItssmT5WRsflfEvGtlqKFPwpx3HXeiGpBonAmRnwPIZjmi0oP1SoiB2HIyiErL1pxq5Eodno9AVTEjDjau6/W3SpXlxEzunqDG0VnihTzFYa/p7K/8MiwNk6vaiLcdNjK0wsaFo4yWaN7kqyk2EGspdT0hzqENwQy/x/hdsQxZxAScatgVz5OXW626eoHd9PtmYppwj/WLa5nORoi63UCdlwhFKgJ55eTxeRMCiq9HHwlAvCe4IZ+dRbypg0gO2TNvHvvue2uVvT8BwMEujW62nx4Qen5kI9JvxiZt5aifKLCwyOgBsb/DIUP+ZcN51vwAmp/bCLW6IQqXMGH3BxIpml+bW/qxtmjAoh1+osWngsgtpZkhqRf+hTTJ5Om4QII4jDZxkBv0pysUl1W/krOr2a2DjfHGPyc11GqEPGb0FaFv3Q1SWuh3HTnr5YsA1Ig58UJQWhTm3bJKlH/Unl1+vwAU25Ger0j/JFsjJHVZF5Lkmu5hr84EhZ5S51FhEzRBVjhKBcZpKGRauCmO+SENFXnuTDPauiA3myEgTrVYSVTCbX9/RSz6pvVTkrBz/L1r6G7F8E+4DOL5/niXr+koBWsSiF3C8PNICT8gLsCD/d0mQo2nSsw==
+
+storage:
+  disks:
+    - device: /dev/disk/by-path/pci-0000:00:1f.2-ata-1
+      wipe_table: true
+      partitions:
+        - label: data-1
+
+    - device: /dev/disk/by-path/pci-0000:00:1f.2-ata-2
+      wipe_table: true
+      partitions:
+        - label: data-2
+
+  raid:
+    - name: data
+      level: raid1
+      devices:
+        - /dev/disk/by-partlabel/data-1
+        - /dev/disk/by-partlabel/data-2
+
+  filesystems:
+    - device: /dev/md/data
+      path: /var
+      format: ext4
+      with_mount_unit: true
+
+  files:
+    - path: /etc/hostname
+      mode: 0644
+      contents:
+        inline: lhr01srv
+
+    - path: /etc/coreos-home-server/host.env
+      mode: 0600
+      contents:
+        local: lhr01srv.env.gpg
+
+    - path: /etc/NetworkManager/system-connections/eno1.nmconnection
+      mode: 0600
+      contents:
+        inline: |
+          [connection]
+          id=eno1
+          type=ethernet
+          interface-name=eno1
+
+          [ipv4]
+          address1=192.168.2.2/24,192.168.2.1
+          dhcp-hostname=lhr01srv
+          dns=1.1.1.1;1.0.0.1;8.8.8.8;
+          dns-search=
+          may-fail=false
+          method=manual
+
+    - path: /etc/zincati/config.d/51-rollout-wariness.toml
+      contents:
+        inline: |
+          [identity]
+          rollout_wariness = 0.8
+
+    - path: /etc/zincati/config.d/55-update-strategy.toml
+      contents:
+        inline: |
+          [updates]
+          strategy = "periodic"
+
+          [[updates.periodic.window]]
+          days = ["Sat", "Sun"]
+          start_time = "22:30"
+          length_minutes = 60