# Here we define a common set of default settings for most variants.
# A variant includes these by symlinking this file into its `defaults.d` directory.
# It can override these settings in any file listed after that in the directory.

# The structures, fields, and types here need to match those of the API model,
# as defined in src/VARIANT/mod.rs.

[settings]
motd = "Welcome to Bottlerocket!"

[metadata.settings.motd]
affected-services = ["motd"]

[services.motd]
configuration-files = ["motd"]
restart-commands = []

[configuration-files.motd]
path = "/etc/motd"
template-path = "/usr/share/templates/motd"

# Container runtime.

[services.containerd]
configuration-files = ["containerd-config-toml", "proxy-env"]
restart-commands = ["/bin/systemctl try-restart containerd.service"]

[configuration-files.containerd-config-toml]
path = "/etc/containerd/config.toml"
template-path = "/usr/share/templates/containerd-config-toml_basic"

# Container runtime settings.

[metadata.settings.container-runtime]
affected-services = ["containerd"]

# Host-container runtime

[services.host-containerd]
configuration-files = ["proxy-env"]
restart-commands = ["/bin/systemctl try-restart host-containerd.service"]

# Updates.

[settings.updates]
version-lock = "latest"
ignore-waves = false

[services.updog]
configuration-files = ["updog-toml"]
restart-commands = []

[configuration-files.updog-toml]
path = "/etc/updog.toml"
template-path = "/usr/share/templates/updog-toml"

[metadata.settings.updates]
affected-services = ["updog"]
seed.setting-generator = "bork seed"

# HostContainers

[services.host-containers]
configuration-files = ["host-ctr-toml"]
restart-commands = ["/usr/bin/host-containers"]

[configuration-files.host-ctr-toml]
path = "/etc/host-containers/host-ctr.toml"
template-path = "/usr/share/templates/host-ctr-toml"

[metadata.settings.host-containers]
affected-services = ["host-containers"]

# Network

[configuration-files.proxy-env]
path = "/etc/network/proxy.env"
template-path = "/usr/share/templates/proxy-env"

[metadata.settings.network]
affected-services = ["containerd", "host-containerd", "host-containers"]

[metadata.settings.network.hostname]
affected-services = ["hostname", "hosts"]
setting-generator = "netdog generate-hostname"

[services.hostname]
configuration-files = ["hostname"]
restart-commands = ["/bin/systemctl try-restart set-hostname.service"]

[configuration-files.hostname]
path = "/etc/network/hostname.env"
template-path = "/usr/share/templates/hostname-env"

[metadata.settings.network.hosts]
affected-services = ["hosts"]

[services.hosts]
configuration-files = ["hosts"]
restart-commands = []

[configuration-files.hosts]
path = "/etc/hosts"
template-path = "/usr/share/templates/hosts"

# NTP

[settings.ntp]
time-servers = ["169.254.169.123", "2.amazon.pool.ntp.org"]

[services.ntp]
configuration-files = ["chrony-conf"]
restart-commands = ["/bin/systemctl try-reload-or-restart chronyd.service"]

[configuration-files.chrony-conf]
path = "/etc/chrony.conf"
template-path = "/usr/share/templates/chrony-conf"

[metadata.settings.ntp]
affected-services = ["ntp"]

# Kernel

[services.sysctl]
configuration-files = []
restart-commands = ["/usr/bin/corndog sysctl"]

[metadata.settings.kernel.sysctl]
affected-services = ["sysctl"]

[services.kernel-modules]
configuration-files = ["modprobe-conf"]
restart-commands = []

[configuration-files.modprobe-conf]
path = "/etc/modprobe.d/modprobe.conf"
template-path = "/usr/share/templates/modprobe-conf"

[metadata.settings.kernel.modules]
affected-services = ["kernel-modules"]

[services.lockdown]
configuration-files = []
restart-commands = ["/usr/bin/corndog lockdown"]

[metadata.settings.kernel.lockdown]
affected-services = ["lockdown"]

# Bootstrap Containers

[services.bootstrap-containers]
configuration-files = ["host-ctr-toml"]
restart-commands = ["/usr/bin/bootstrap-containers create-containers"]

[metadata.settings.bootstrap-containers]
affected-services = ["bootstrap-containers"]

# Certdog

[services.pki]
configuration-files = []
restart-commands = ["/usr/bin/certdog"]

# DNS
[metadata.settings.dns]
affected-services = ["dns"]

[services.dns]
configuration-files = ["netdog-toml"]
restart-commands = ["netdog write-resolv-conf"]

[configuration-files.netdog-toml]
path = "/etc/netdog.toml"
template-path = "/usr/share/templates/netdog-toml"