tweaked userdata and tfvars.example
This commit is contained in:
parent
ddcaf0fb66
commit
117daeb9c3
@ -1,18 +1,15 @@
|
|||||||
#cloud-config
|
#cloud-config
|
||||||
|
|
||||||
# Resize /var, not /, as that's the last partition in MicroOS image.
|
|
||||||
growpart:
|
|
||||||
devices: ["/var"]
|
|
||||||
|
|
||||||
write_files:
|
write_files:
|
||||||
# Configure private network
|
|
||||||
- content: |
|
# Configure the private network interface
|
||||||
|
- content: |
|
||||||
BOOTPROTO='dhcp'
|
BOOTPROTO='dhcp'
|
||||||
STARTMODE='auto'
|
STARTMODE='auto'
|
||||||
path: /etc/sysconfig/network/ifcfg-eth1
|
path: /etc/sysconfig/network/ifcfg-eth1
|
||||||
|
|
||||||
# Disable ssh password authentication
|
# Disable ssh password authentication
|
||||||
- content: |
|
- content: |
|
||||||
PasswordAuthentication no
|
PasswordAuthentication no
|
||||||
X11Forwarding no
|
X11Forwarding no
|
||||||
MaxAuthTries 2
|
MaxAuthTries 2
|
||||||
@ -21,37 +18,46 @@ write_files:
|
|||||||
AuthorizedKeysFile .ssh/authorized_keys
|
AuthorizedKeysFile .ssh/authorized_keys
|
||||||
path: /etc/ssh/sshd_config.d/kube-hetzner.conf
|
path: /etc/ssh/sshd_config.d/kube-hetzner.conf
|
||||||
|
|
||||||
# Setting the right reboot mode
|
# Setting the right reboot mode
|
||||||
- content: |
|
- content: |
|
||||||
REBOOT_METHOD=rebootmgr
|
REBOOT_METHOD=rebootmgr
|
||||||
path: /etc/transactional-update.conf
|
path: /etc/transactional-update.conf
|
||||||
|
|
||||||
# Add ssh authorized keys
|
# Add ssh authorized keys
|
||||||
ssh_authorized_keys:
|
ssh_authorized_keys:
|
||||||
%{ for key in sshAuthorizedKeys ~}
|
%{ for key in sshAuthorizedKeys ~}
|
||||||
- ${key}
|
- ${key}
|
||||||
%{ endfor ~}
|
%{ endfor ~}
|
||||||
|
|
||||||
|
# Resize /var, not /, as that's the last partition in MicroOS image.
|
||||||
|
growpart:
|
||||||
|
devices: ["/var"]
|
||||||
|
|
||||||
# Make sure the hostname is set correctly
|
# Make sure the hostname is set correctly
|
||||||
manage_etc_hosts: "localhost"
|
|
||||||
preserve_hostname: true
|
|
||||||
prefer_fqdn_over_hostname: false
|
|
||||||
hostname: ${hostname}
|
hostname: ${hostname}
|
||||||
|
preserve_hostname: true
|
||||||
|
manage_etc_hosts: "localhost"
|
||||||
|
|
||||||
runcmd:
|
runcmd:
|
||||||
# As above, make sure the hostname is not reset
|
|
||||||
- sed -i 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g' /etc/sysconfig/network/config
|
|
||||||
|
|
||||||
# Activate the private network
|
# As above, make sure the hostname is not reset
|
||||||
- systemctl reload network
|
- [ sed, -i, 's#preserve_hostname: false#preserve_hostname: true#g', /etc/cloud/cloud.cfg]
|
||||||
|
- [ sed, -i, 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g', /etc/sysconfig/network/config]
|
||||||
|
- [ sed, -i, 's#DHCLIENT_SET_HOSTNAME="yes"#DHCLIENT_SET_HOSTNAME="no"#g', /etc/sysconfig/network/dhcp]
|
||||||
|
|
||||||
# Activate ssh configuration
|
# We set Google DNS servers
|
||||||
- systemctl reload sshd
|
- [ sed, -i, 's#NETCONFIG_DNS_STATIC_SERVERS=""#NETCONFIG_DNS_STATIC_SERVERS="8.8.8.8 8.8.4.4"#g', /etc/sysconfig/network/config]
|
||||||
|
|
||||||
# Finishing automatic reboot via Kured setup
|
# Activate the private network
|
||||||
- rebootmgrctl set-strategy off
|
- systemctl reload network
|
||||||
|
|
||||||
# Reduce the default number of snapshots from 2-10 number limit, to 4
|
# Activate ssh configuration
|
||||||
# And from 4-10 number limit important, to 2
|
- systemctl reload sshd
|
||||||
- snapper -c root set-config "NUMBER_LIMIT=4"
|
|
||||||
- snapper -c root set-config "NUMBER_LIMIT_IMPORTANT=2"
|
# Finishing automatic reboot via Kured setup
|
||||||
|
- rebootmgrctl set-strategy off
|
||||||
|
|
||||||
|
# Reduce the default number of snapshots from 2-10 number limit, to 4
|
||||||
|
# And from 4-10 number limit important, to 2
|
||||||
|
- snapper -c root set-config "NUMBER_LIMIT=4"
|
||||||
|
- snapper -c root set-config "NUMBER_LIMIT_IMPORTANT=2"
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
# Only the first values starting with a * are obligatory, the rest can remain with their default values, but Values or you want
|
# Only the first values starting with a * are obligatory, the rest can remain with their default values, or you
|
||||||
# could adapt them to your needs.
|
# could adapt them to your needs.
|
||||||
#
|
#
|
||||||
# Note that some values, notably "location" and "public_key" have no effect after the initial cluster has been setup.
|
# Note that some values, notably "location" and "public_key" have no effect after the initial cluster has been setup.
|
||||||
|
Loading…
Reference in New Issue
Block a user