From 49eaf662e80db483f4a321edb55161e921680a39 Mon Sep 17 00:00:00 2001
From: Ron Rise <ron@siteworxpro.com>
Date: Wed, 4 Jun 2025 22:43:22 -0400
Subject: [PATCH] This Is Why We Don't Push To Production On Fridays

---
 .gitea/workflows/ignition.yml | 35 +++++++++++++++++++++++++++++++++++
 .gitignore                    |  0
 ignition.bu                   | 35 +++++++++++++++++++++++++++++++++++
 3 files changed, 70 insertions(+)
 create mode 100644 .gitea/workflows/ignition.yml
 create mode 100644 .gitignore
 create mode 100644 ignition.bu

diff --git a/.gitea/workflows/ignition.yml b/.gitea/workflows/ignition.yml
new file mode 100644
index 0000000..cd61bf8
--- /dev/null
+++ b/.gitea/workflows/ignition.yml
@@ -0,0 +1,35 @@
+on:
+  push:
+    tags:
+      - "v*"
+
+jobs:
+  Build:
+    name: Build ignition
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: 🛡️ 🔒 Add Siteworx CA Certificates
+        run: |
+          curl -Ls https://siteworxpro.com/hosted/Siteworx+Root+CA.pem -o /usr/local/share/ca-certificates/sw.crt
+          update-ca-certificates
+
+      - name: 📖 🔍 Checkout Repository Code
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 1
+
+      - name: 🏎️ 🏁 Build Ignition
+        run: |
+          docker run --rm \
+            --volumes-from ${{ env.JOB_CONTAINER_NAME }} \
+            --name ${{ gitea.job }}-${{ gitea.run_id }}-postgres \
+            -w ${{ github.workspace }} \
+            --rm --interactive \
+            quay.io/coreos/butane:release --pretty --strict < ignition.bu > ignition.ign
+
+      - name: 📊 📈 Upload Ignition Configuration
+        uses: christopherhx/gitea-upload-artifact@v4
+        with:
+          name: ignition
+          path: ignition.ign
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e69de29
diff --git a/ignition.bu b/ignition.bu
new file mode 100644
index 0000000..9a2bec4
--- /dev/null
+++ b/ignition.bu
@@ -0,0 +1,35 @@
+variant: fcos
+version: 1.6.0
+passwd:
+  users:
+    - name: core
+      ssh_authorized_keys:
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJUIc1V15Cf16Hm4HvhWV4hTUUO5iC+YkzUhE8O8c0Yy cardno:23_538_379
+        - ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBFqTkrlJyOBIPlBeDxtCsH6IFL+C8i8KZToxsmCyd1cdwc9+RXc864hHYP3QA+2MVdi396W62vf+w3BF0P3GyzyTDzw7gr4/iOEFCpW0UCtAnqklfQ72Mli1lxkV8LBxQA== cardno:23_538_379
+      groups:
+        - wheel
+        - sudo
+        - docker
+systemd:
+  units:
+    - name: postinst.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Initial System Setup
+        After=systemd-machine-id-commit.service
+        After=network-online.target
+        Before=zincati.service
+        ConditionPathExists=!/var/lib/%N.stamp
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        ExecStart=/usr/bin/rpm-ostree install -y --allow-inactive qemu-guest-agent
+        ExecStart=/usr/bin/curl --output-dir "/etc/yum.repos.d" --remote-name https://download.docker.com/linux/fedora/docker-ce.repo
+        ExecStart=/usr/bin/rpm-ostree override remove moby-engine containerd runc docker-cli --install docker-ce
+        ExecStart=/bin/touch /var/lib/%N.stamp
+        ExecStart=/bin/systemctl --no-block reboot
+
+        [Install]
+        WantedBy=multi-user.target