# This is my modified hook.yaml
kernel:
  # Image produced from running
  #     sed -i 's,# CONFIG_IGC is not set,CONFIG_IGC=m,g' ./kernel/config-*
  #     make -C kernel  -j 16 devbuild_5.10.x
  image: quay.io/tinkerbell/hook-kernel:5.10.11-db87ac36ad015726dc268e7c77b5670dc8297685-dirty
  cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
  - linuxkit/init:v0.8
  - linuxkit/runc:v0.8
  - linuxkit/containerd:v0.8
  - linuxkit/ca-certificates:v0.8
onboot:
  - name: sysctl
    image: linuxkit/sysctl:v0.8
  - name: sysfs
    image: linuxkit/sysfs:v0.8
  - name: dhcpcd
    image: linuxkit/dhcpcd:v0.8
    # Give dhcpcd access to host resolv.conf and ability to write lockfile
    # TODO: individually test each bind and `net:host` and `pid: host` to see what all is required
    # I just tried a bunch of things I thought might help, but not sure which one is required
    binds:
     - /etc/resolv.conf:/etc/resolv.conf
     - /run:/run
    net: host 
    pid: host
    command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
  - name: getty
    image: linuxkit/getty:v0.8
    env:
     - INSECURE=true
    # Debug to let you run `nsenter -a -t1` for host debugging
    capabilities:
     - all
  - name: rngd
    image: linuxkit/rngd:v0.8
  - name: dhcpcd
    image: linuxkit/dhcpcd:v0.8
    command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
    net: host
    pid: host
    binds:
     - /etc/resolv.conf:/etc/resolv.conf
     - /run:/run
     - /var/lib/dhcpcd:/var/lib/dhcpcd
  - name: ntpd
    image: linuxkit/openntpd:v0.8
    binds:
    - /var/run:/var/run
  - name: docker
    image: quay.io/tinkerbell/hook-docker:0.0
    capabilities:
     - all
    net: host
    pid: host
    mounts:
     - type: cgroup
       options: ["rw","nosuid","noexec","nodev","relatime"]
    binds:
     - /etc/resolv.conf:/etc/resolv.conf
     - /lib/modules:/lib/modules
     - /etc/docker/daemon.json:/etc/docker/daemon.json
     - /var/run/docker:/var/run
     - /var/run/worker:/worker
     - /dev/console:/dev/console
     - /dev:/dev
     - /var/run/images:/var/lib/docker
    runtime:
      mkdir:
        - /var/run/images
        - /var/run/docker
        - /var/run/worker
  - name: bootkit
    image: quay.io/tinkerbell/hook-bootkit:0.0
    capabilities:
     - all
    net: host
    mounts:
     - type: cgroup
       options: ["rw","nosuid","noexec","nodev","relatime"]
    binds:
     - /var/run/docker:/var/run
    runtime:
      mkdir:
        - /var/run/docker
  - name: sshd
    image: linuxkit/sshd:v0.8
    net: host
    runtime:
      mkdir:
        - /var/empty
    binds:
    - /root/.ssh:/root/.ssh
    - /etc/resolv.conf:/etc/resolv.conf
    - /run:/run
    - /tmp:/tmp
    - /usr/bin/ctr:/usr/bin/ctr
    - /usr/bin/runc:/usr/bin/runc
    - /containers:/containers
    - /var/empty:/var/empty
    - /var/log:/var/log
    - /var/lib/containerd:/var/lib/containerd
    - /dev:/dev
    - /sys:/sys
files:
  - path: etc/docker/daemon.json
    contents: '{"debug": true}'
  - path: /root/.ssh/authorized_keys
    source: ~/.ssh/authorized_keys
    mode: "0600"
    uid: 0
    gid: 0
    optional: true
trust:
  org:
    - linuxkit
    - library