tweaked userdata
This commit is contained in:
Karim Naufal
parent
7f1cefe1e6
commit
c5c8004928
@ -75,16 +75,4 @@ data "template_cloudinit_config" "config" {
|
|||||||
}
|
}
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
# Initialization script (runs at every reboot)
|
|
||||||
part {
|
|
||||||
content_type = "text/cloud-boothook"
|
|
||||||
filename = "boothook.sh"
|
|
||||||
content = templatefile(
|
|
||||||
"${path.module}/templates/boothook.sh.tpl",
|
|
||||||
{
|
|
||||||
hostname = var.name
|
|
||||||
}
|
|
||||||
)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
#cloud-boothook
|
|
||||||
|
|
||||||
# Fix hostname after reboot
|
|
||||||
hostnamectl hostname "${hostname}"
|
|
||||||
@ -1,32 +1,38 @@
|
|||||||
#cloud-config
|
#cloud-config
|
||||||
|
|
||||||
write_files:
|
write_files:
|
||||||
|
# Configure private network
|
||||||
|
- content: |
|
||||||
|
BOOTPROTO='dhcp'
|
||||||
|
STARTMODE='auto'
|
||||||
|
path: /etc/sysconfig/network/ifcfg-eth1
|
||||||
|
|
||||||
# Configure private network
|
# Disable ssh password authentication
|
||||||
- content: |
|
- content: |
|
||||||
BOOTPROTO='dhcp'
|
PasswordAuthentication no
|
||||||
STARTMODE='auto'
|
X11Forwarding no
|
||||||
path: /etc/sysconfig/network/ifcfg-eth1
|
MaxAuthTries 2
|
||||||
|
AllowTcpForwarding no
|
||||||
|
AllowAgentForwarding no
|
||||||
|
AuthorizedKeysFile .ssh/authorized_keys
|
||||||
|
path: /etc/ssh/sshd_config.d/kube-hetzner.conf
|
||||||
|
|
||||||
# Disable ssh password authentication
|
# Setting the right reboot mode
|
||||||
- content: |
|
- content: |
|
||||||
PasswordAuthentication no
|
REBOOT_METHOD=rebootmgr
|
||||||
X11Forwarding no
|
path: /etc/transactional-update.conf
|
||||||
MaxAuthTries 2
|
|
||||||
AllowTcpForwarding no
|
|
||||||
AllowAgentForwarding no
|
|
||||||
AuthorizedKeysFile .ssh/authorized_keys
|
|
||||||
path: /etc/ssh/sshd_config.d/kube-hetzner.conf
|
|
||||||
|
|
||||||
# Setting the right reboot mode
|
# Add ssh authorized keys
|
||||||
- content: |
|
ssh_authorized_keys:
|
||||||
REBOOT_METHOD=rebootmgr
|
%{ for key in sshAuthorizedKeys ~}
|
||||||
path: /etc/transactional-update.conf
|
- ${key}
|
||||||
|
%{ endfor ~}
|
||||||
|
|
||||||
# Add ssh authorized keys
|
# Making sure the hostname is set correctly
|
||||||
ssh_authorized_keys:
|
manage_etc_hosts: "localhost"
|
||||||
%{ for key in sshAuthorizedKeys ~}
|
preserve_hostname: true
|
||||||
- ${key}
|
prefer_fqdn_over_hostname: false
|
||||||
%{ endfor ~}
|
hostname: ${hostname}
|
||||||
|
|
||||||
runcmd:
|
runcmd:
|
||||||
# Activate the private network
|
# Activate the private network
|
||||||
@ -35,9 +41,11 @@ runcmd:
|
|||||||
# Activate ssh configuration
|
# Activate ssh configuration
|
||||||
- systemctl reload sshd
|
- systemctl reload sshd
|
||||||
|
|
||||||
# Fix hostname (during first boot)
|
|
||||||
- hostnamectl hostname ${hostname}
|
|
||||||
|
|
||||||
# Finishing automatic reboot via Kured setup
|
# Finishing automatic reboot via Kured setup
|
||||||
- rebootmgrctl set-strategy off
|
- rebootmgrctl set-strategy off
|
||||||
|
|
||||||
|
# Reduce the default number of snapshots from 2-10 number limit, to 4
|
||||||
|
# And from 4-10 number limit important, to 2
|
||||||
|
- snapper -c root set-config "NUMBER_LIMIT=4"
|
||||||
|
- snapper -c root set-config "NUMBER_LIMIT_IMPORTANT=2"
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user