Signed-off-by: Tommy <email@example.com>
Ignition configurations for Fedora CoreOS
- These are the configs I personally use on my systems. You MUST edit the files before you use them. At the very least, you should add your SSH keys or password hash.
- Only ED25519 SSH keys are accepted with the SSHD hardening configuration. If you do not use ED25519 keys, you will need to adjust the
- If you create a passwordless user that requires administrative privileges, ensure that it is part of the
sudogroup (CoreOS allows this group to use sudo without a password) as the configs will disable empty password system authentication.
- These configurations are made with a VPS in mind. You should adapt it for a bare metal deployment if that is what you are using (adding additional kernel parameters, configuring drive encryption, configuring storage, etc). You should also change the tuned profile from
- In most of these configs, the timezone is set to
America/Phoenixand the automatic reboot time is set at 12 AM on Sunday. You need to be mindful of timezones with Daylight Savings per Zincati documentation.
- The docker-compose-updater.service in
/etc/systemd/systemcan be enabled to have automatic updates for your containers created by Docker Compose. Please make sure that the