143 lines
2.4 KiB
YAML
143 lines
2.4 KiB
YAML
# Debian Minimal Variant Definition
|
|
# Minimal system equivalent to Fedora CoreOS
|
|
|
|
variant:
|
|
name: "debian-minimal"
|
|
description: "Debian Atomic Minimal System"
|
|
base: "debian-13"
|
|
architecture: "amd64"
|
|
desktop: "none"
|
|
target: "minimal"
|
|
|
|
# Base system packages (always included)
|
|
base_packages:
|
|
- "systemd"
|
|
- "systemd-sysv"
|
|
- "dbus"
|
|
- "dbus-user-session"
|
|
- "policykit-1"
|
|
- "polkitd"
|
|
- "sudo"
|
|
- "passwd"
|
|
- "bash"
|
|
- "coreutils"
|
|
- "util-linux"
|
|
- "procps"
|
|
- "sysvinit-utils"
|
|
|
|
# Essential utilities
|
|
essential_utils:
|
|
- "less"
|
|
- "vim-tiny"
|
|
- "wget"
|
|
- "curl"
|
|
- "ca-certificates"
|
|
- "gnupg"
|
|
- "apt"
|
|
- "apt-utils"
|
|
- "dpkg"
|
|
- "debian-archive-keyring"
|
|
|
|
# Networking tools
|
|
networking:
|
|
- "iproute2"
|
|
- "net-tools"
|
|
- "network-manager"
|
|
- "resolvconf"
|
|
- "dnsutils"
|
|
- "openssh-client"
|
|
- "openssh-server"
|
|
- "iptables"
|
|
- "ufw"
|
|
- "fail2ban"
|
|
|
|
# System administration
|
|
system_admin:
|
|
- "htop"
|
|
- "iotop"
|
|
- "ncdu"
|
|
- "rsync"
|
|
- "tar"
|
|
- "gzip"
|
|
- "bzip2"
|
|
- "xz-utils"
|
|
- "unzip"
|
|
- "zip"
|
|
|
|
# Security tools
|
|
security:
|
|
- "apparmor"
|
|
- "apparmor-utils"
|
|
- "auditd"
|
|
- "audispd-plugins"
|
|
- "rkhunter"
|
|
- "chkrootkit"
|
|
- "tripwire"
|
|
- "aide"
|
|
- "clamav"
|
|
- "clamav-daemon"
|
|
|
|
# Monitoring and logging
|
|
monitoring:
|
|
- "logrotate"
|
|
- "cron"
|
|
- "anacron"
|
|
- "at"
|
|
- "syslog-ng"
|
|
- "logwatch"
|
|
- "collectd"
|
|
- "prometheus-node-exporter"
|
|
- "grafana-agent"
|
|
- "telegraf"
|
|
|
|
# Development tools (minimal)
|
|
development_minimal:
|
|
- "build-essential"
|
|
- "git"
|
|
- "python3"
|
|
- "python3-pip"
|
|
- "python3-venv"
|
|
|
|
# Excluded packages (not needed for minimal)
|
|
excluded_packages:
|
|
- "packagekit"
|
|
- "update-manager"
|
|
- "unattended-upgrades"
|
|
- "apt-listchanges"
|
|
- "debian-faq"
|
|
- "debian-reference"
|
|
- "debian-handbook"
|
|
- "popularity-contest"
|
|
- "reportbug"
|
|
- "apt-listbugs"
|
|
- "gnome-*"
|
|
- "kde-*"
|
|
- "xfce4-*"
|
|
- "mate-*"
|
|
- "lxde-*"
|
|
|
|
# Repository configuration
|
|
repositories:
|
|
- name: "debian"
|
|
url: "http://deb.debian.org/debian"
|
|
components: ["main", "contrib", "non-free"]
|
|
suite: "trixie"
|
|
|
|
- name: "debian-security"
|
|
url: "http://deb.debian.org/debian-security"
|
|
components: ["main", "contrib", "non-free"]
|
|
suite: "trixie-security"
|
|
|
|
# System configuration
|
|
system_config:
|
|
hostname: "debian-minimal"
|
|
timezone: "UTC"
|
|
locale: "en_US.UTF-8"
|
|
keyboard: "us"
|
|
|
|
# OSTree configuration
|
|
ostree:
|
|
ref: "debian/13/x86_64/minimal"
|
|
url: "https://ostree.debian.org"
|
|
gpg_verify: true
|
|
mode: "bare"
|