Download latest live iso from https://www.fedoraproject.org/coreos/download

Creating a butane file for automatic deployment because the installer of CoreOS is non-interactive. In this example I add a user core with a password hash (console access) and SSH-keys for authortized logins. I add a root CA certificate, set my router as NTP source for chrony install 3 additional packages: docker-compose,vim,qemu-guest-agent and make docker service enabled.

fcos.ign

variant: fcos
version: 1.6.0
passwd:
  users:
    - name: core
      password_hash: <PASSWORD_HASH>
      ssh_authorized_keys:
        - ssh-rsa ...
storage:
  files:
    - path: /etc/chrony.conf
      mode: 0644
      overwrite: true
      contents:
        inline: |
          server <IP-ROUTER> iburst
          sourcedir /run/chrony-dhcp
          driftfile /var/lib/chrony/drift
          makestep 1.0 3
          rtcsync
          ntsdumpdir /var/lib/chrony
          leapseclist /usr/share/zoneinfo/leap-seconds.list
          logdir /var/log/chrony
    - path: /etc/pki/ca-trust/source/anchors/root_ca.crt
      contents:
        inline: |
          -----BEGIN CERTIFICATE-----
          .
          .
          .
          -----END CERTIFICATE-----
    # Set vim as default editor
    # We use `zz-` as prefix to make sure this is processed last in order to
    # override any previously set defaults.
    - path: /etc/profile.d/zz-default-editor.sh
      overwrite: true
      contents:
        inline: |
          export EDITOR=vim
  links:
    - path: /etc/localtime
      target: ../usr/share/zoneinfo/Europe/Amsterdam

systemd:
  units:
    - name: docker.service
      enabled: true
    - name: rpm-ostree-install.service
      enabled: true
      contents: |
        [Unit]
        Description=Layer packages with rpm-ostree
        Wants=network-online.target
        After=network-online.target
        # We run before `zincati.service` to avoid conflicting rpm-ostree
        # transactions.
        Before=zincati.service
        ConditionPathExists=!/var/lib/%N.stamp

        [Service]
        Type=oneshot
        RemainAfterExit=yes
        # `--allow-inactive` ensures that rpm-ostree does not return an error
        # if the package is already installed. This is useful if the package is
        # added to the root image in a future Fedora CoreOS release as it will
        # prevent the service from failing.
        ExecStart=/usr/bin/rpm-ostree install -y --allow-inactive docker-compose vim qemu-guest-agent
        ExecStart=/bin/touch /var/lib/%N.stamp
        ExecStart=/bin/systemctl --no-block reboot

        [Install]
        WantedBy=multi-user.target