modules:
  - from-file: common/common.yml
  - from-file: common/updates.yml
  - from-file: common/bluebuild-logo.yml
  - from-file: common/jp-chezmoi.yml
  - type: dnf
    repos:
      cleanup: true
      files:
        - kubectl.repo
        - opentofu.repo
        - https://rpm.releases.hashicorp.com/fedora/hashicorp.repo
        - fury.repo
    install:
      packages:
        - kubectl
        - helm
        - helix
        - tofu
        - terraform-ls
        - nu
        - carapace-bin
        - iscsi-initiator-utils
        - nfs-utils
        - cryptsetup
        - device-mapper
  - type: script
    snippets:
      - curl -sfL https://get.rke2.io | sh
      # - cp -f /usr/share/rke2/rke2-cis-sysctl.conf /etc/sysctl.d/60-rke2-cis.conf
  - type: files
    files:
      - source: rke-common
        destination: /
  - type: systemd
    system:
      enabled:
        - create_rke_user.service
        - sshd.service
      disabled:
        - firewalld.service # https://docs.rke2.io/known_issues#firewalld-conflicts-with-default-networking