tawasuyu/brahman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a29152feb85e67dc2ee001c158c62f20dd41380
brahman/seeds/arje-prod.card.json
T
sergio be4de986be feat(seed): arje-prod levanta red + sshd, así se puede entrar por SSH 
Sin systemd ni NetworkManager, arje-zero quedaba sin red y sin sshd:
útil como bare init, inútil para sacar logs de una VPS sin pegado en
la consola web. Dos Cards nuevas en el seed prod:

- `net-up`: corre `/usr/sbin/arje-net-up` (script nuevo en scripts/),
  que pone up todas las interfaces y arranca `dhclient -d` en
  foreground sobre la primera no-loopback. Fallback a dhcpcd o
  busybox-udhcpc si dhclient no está. Crea de paso /run/sshd y
  /var/empty/sshd para que sshd no tenga que pelearlos. Restart
  supervisión.

- `sshd`: corre `/usr/sbin/sshd -D -e` (foreground + log a stderr).
  Usa las host keys que Fedora ya tenía. Restart supervisión.

El install script copia arje-net-up.sh a /usr/sbin/arje-net-up.

Prerequisito en el host (no automatizable desde acá): si la VPS no
tiene un cliente DHCP (Fedora Cloud trae sólo NetworkManager por
defecto), el script duerme con el link up y no obtiene IPv4. En ese
caso instalar antes del próximo boot: `dnf install dhcp-client`.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-23 01:56:31 +00:00

329 lines
17 KiB
JSON
Raw Blame History

{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0M0",
"lineage": null,
"label": "arje.seed.prod",
"provides": ["Spawn", "Journal"],
"requires": [],
"permissions": {
"networking": "loopback",
"filesystem": "read-write",
"ipc": { "allow": ["wit-v1"] },
"processes": true
},
"soma": {
"namespaces": {
"mount": false, "pid": false, "net": false,
"uts": false, "ipc": false, "user": false, "cgroup": false
},
"rlimits": { "mem_bytes": null, "nproc": null, "nofile": null },
"cgroup": { "path": "ente.slice/zero", "cpu_weight": null, "io_weight": null },
"cpu_affinity": null
},
"payload": "Virtual",
"supervision": "OneShot",
"lifecycle": "daemon",
"priority": "critical",
"flow": { "input": [], "output": [] },
"genesis": [
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0M1",
"lineage": null,
"label": "tmpfiles-boot",
"provides": [],
"requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-tmpfiles-compat", "argv": ["--boot"], "envp": [] } },
"supervision": "OneShot",
"lifecycle": "oneshot",
"priority": "critical",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0M2",
"lineage": null,
"label": "binfmt-boot",
"provides": [],
"requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-binfmt-compat", "argv": [], "envp": [] } },
"supervision": "OneShot",
"lifecycle": "oneshot",
"priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0H0",
"lineage": null,
"label": "compat-hostnamed",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-hostnamed-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0T0",
"lineage": null,
"label": "compat-timedated",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-timedated-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0X0",
"lineage": null,
"label": "compat-localed",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-localed-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0J0",
"lineage": null,
"label": "compat-journald",
"provides": ["Journal"], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-journald-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0R0",
"lineage": null,
"label": "compat-resolved",
"provides": [], "requires": [],
"permissions": { "networking": "outbound", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-resolved-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0P0",
"lineage": null,
"label": "compat-polkit",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-polkit-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0Q0",
"lineage": null,
"label": "policy-provider",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-only", "ipc": { "allow": ["wit-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-policy-provider", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0M0",
"lineage": null,
"label": "compat-machined",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-machined-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0S0",
"lineage": null,
"label": "compat-systemd1",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-systemd1-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0N0",
"lineage": null,
"label": "compat-notify",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-notify-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0Y0",
"lineage": null,
"label": "compat-logind",
"provides": ["LegacyLogind"], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-logind-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0Z0",
"lineage": null,
"label": "compat-timer",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-timer-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 1000, "max": 60000 } },
"lifecycle": "daemon", "priority": "low",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0E0",
"lineage": null,
"label": "echo-smoke",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-only", "ipc": { "allow": ["wit-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/test","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-echo", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 200, "max": 30000 } },
"lifecycle": "daemon", "priority": "low",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0N0",
"lineage": null,
"label": "net-up",
"provides": [], "requires": [],
"permissions": { "networking": "full", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/net","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/arje-net-up", "argv": [], "envp": [["PATH", "/usr/sbin:/usr/bin:/sbin:/bin"]] } },
"supervision": { "Restart": { "initial": 500, "max": 30000 } },
"lifecycle": "daemon", "priority": "critical",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0S0",
"lineage": null,
"label": "sshd",
"provides": [], "requires": [],
"permissions": { "networking": "full", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/sshd","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/sshd", "argv": ["-D", "-e"], "envp": [["PATH", "/usr/sbin:/usr/bin:/sbin:/bin"]] } },
"supervision": { "Restart": { "initial": 1000, "max": 60000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZQ0M0M0M0M0M0M0M0G0",
"lineage": null,
"label": "getty-tty1",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/getty","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": {
"Native": {
"exec": "/bin/sh",
"argv": ["-i"],
"envp": [["PATH", "/usr/sbin:/usr/bin:/sbin:/bin"], ["TERM", "linux"], ["PS1", "arje# "]]
}
},
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
}
]
}
Reference in New Issue View Git Blame Copy Permalink