tweaked userdata

This commit is contained in:
Karim Naufal 2022-03-02 22:19:58 +01:00
parent 7f1cefe1e6
commit c5c8004928
3 changed files with 35 additions and 44 deletions

View File

@ -75,16 +75,4 @@ data "template_cloudinit_config" "config" {
} }
) )
} }
# Initialization script (runs at every reboot)
part {
content_type = "text/cloud-boothook"
filename = "boothook.sh"
content = templatefile(
"${path.module}/templates/boothook.sh.tpl",
{
hostname = var.name
}
)
}
} }

View File

@ -1,5 +0,0 @@
#!/bin/sh
#cloud-boothook
# Fix hostname after reboot
hostnamectl hostname "${hostname}"

View File

@ -1,32 +1,38 @@
#cloud-config #cloud-config
write_files: write_files:
# Configure private network
- content: |
BOOTPROTO='dhcp'
STARTMODE='auto'
path: /etc/sysconfig/network/ifcfg-eth1
# Configure private network # Disable ssh password authentication
- content: | - content: |
BOOTPROTO='dhcp' PasswordAuthentication no
STARTMODE='auto' X11Forwarding no
path: /etc/sysconfig/network/ifcfg-eth1 MaxAuthTries 2
AllowTcpForwarding no
AllowAgentForwarding no
AuthorizedKeysFile .ssh/authorized_keys
path: /etc/ssh/sshd_config.d/kube-hetzner.conf
# Disable ssh password authentication # Setting the right reboot mode
- content: | - content: |
PasswordAuthentication no REBOOT_METHOD=rebootmgr
X11Forwarding no path: /etc/transactional-update.conf
MaxAuthTries 2
AllowTcpForwarding no
AllowAgentForwarding no
AuthorizedKeysFile .ssh/authorized_keys
path: /etc/ssh/sshd_config.d/kube-hetzner.conf
# Setting the right reboot mode # Add ssh authorized keys
- content: | ssh_authorized_keys:
REBOOT_METHOD=rebootmgr %{ for key in sshAuthorizedKeys ~}
path: /etc/transactional-update.conf - ${key}
%{ endfor ~}
# Add ssh authorized keys # Making sure the hostname is set correctly
ssh_authorized_keys: manage_etc_hosts: "localhost"
%{ for key in sshAuthorizedKeys ~} preserve_hostname: true
- ${key} prefer_fqdn_over_hostname: false
%{ endfor ~} hostname: ${hostname}
runcmd: runcmd:
# Activate the private network # Activate the private network
@ -35,9 +41,11 @@ runcmd:
# Activate ssh configuration # Activate ssh configuration
- systemctl reload sshd - systemctl reload sshd
# Fix hostname (during first boot)
- hostnamectl hostname ${hostname}
# Finishing automatic reboot via Kured setup # Finishing automatic reboot via Kured setup
- rebootmgrctl set-strategy off - rebootmgrctl set-strategy off
# Reduce the default number of snapshots from 2-10 number limit, to 4
# And from 4-10 number limit important, to 2
- snapper -c root set-config "NUMBER_LIMIT=4"
- snapper -c root set-config "NUMBER_LIMIT_IMPORTANT=2"