-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathcloud.cfg
108 lines (95 loc) · 4.24 KB
/
cloud.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# The top level settings are used as module
# and system configuration.
# Update the contents of /etc/hosts. This will use the name you
# specified when creating the VM in proxmox
manage_etc_hosts: true
# A set of users which may be applied and/or used by various modules
# when a 'default' entry is found it will reference the 'default_user'
# from the distro configuration specified below
users:
- default
# If this is set, 'root' will not be able to ssh in and they
# will get a message to login instead as the above $user (debian)
disable_root: true
# Change default root password from the preseed file to a random one
chpasswd:
list: |
root:RANDOM
# Update apt database on first boot (run 'apt-get update')
apt_update: true
# Upgrade the instance on first boot
apt_upgrade: true
# Reboot after package install/update if necessary
apt_reboot_if_required: true
# Install useful packages
packages:
- vim
# Write out new SSH daemon configuration. Standard debian 11 configuration
# apart from forbidding root login and disabling password authentication
write_files:
- path: /etc/ssh/sshd_config
content: |
PermitRootLogin no
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# The modules that run in the 'init' stage
cloud_init_modules:
- seed_random
- write-files
- set_hostname
- update_hostname
- update_etc_hosts
- ca-certs
- users-groups
- ssh
# The modules that run in the 'config' stage
cloud_config_modules:
- set-passwords
- ntp
- timezone
- disable-ec2-metadata
# The modules that run in the 'final' stage
cloud_final_modules:
- package-update-upgrade-install
- scripts-vendor
- scripts-per-once
- scripts-per-boot
- scripts-per-instance
- scripts-user
- ssh-authkey-fingerprints
- final-message
# System and/or distro specific settings
# (not accessible to handlers/transforms)
system_info:
# This will affect which distro class gets used
distro: debian
# Default user name + that default users groups (if added/used)
default_user:
name: debian
lock_passwd: True
gecos: Debian
groups: [adm, audio, cdrom, dialout, dip, floppy, netdev, plugdev, sudo, video]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
# Don't forget to add your public key here
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDd9zeqsZ1uC6kw3W4OFZH7i/ZMRD4Q3S8+i1+vhihlM9fIWRKUb7eVDYRBJPJBeKAiUaN78PWWwmBAgW8aFw/8aQfcKw1s+11F6WzGlwZ6bH6tyARC/2QVwLPORdUJmStuSLkvRTKFqIMbkO2sCEGl/58XNp+4yfIY23jx02eU8ZK2C608SXtE0FuIkXaXwTCaZl8AgAJKntzhlZ1ijGMWyMjMv8yZ/d0+kxROs6eo0QPz9EoJ0GDHPMTxkzkzK6/TQwRy9CF2TZr5xpRSKIZcRHIrk2eWGCBYoVgW4A3q/ZVRbUq5eWFEAHpMxmEv7nD9XxyXMwnt1R9t0EgWKjNLA73khCl/KC9tdN8aAkkfedM21Xa/PL1zjo0LX1sdI5tmTC42mqgP1ta+G5mJcf08CNTezoLHsdHaEm4sYuN0V7WKMUdcZ27ygz+mYvGJyKHPIkdF+JlUkh1G0uVPFAY0hSc/Sam6fVZpIsW4cKEp5QB59TF9cSPxlSgDRpnKLVXfZOo5WriTANeZPXi23fMEIXPuz7pN6rNAJMFcYng5IV8fb4yCvz2+5C9LzxVzePynHLJD89nd/njSVqEx1TBCvf/Kzh/DxJBJiuTHiS3xtKtSbDTBWrd0CPPLbPZ7V7n410In7usYUBISVoIpZsPjOQj/1tJ5YkPdILly5S3Qhw==
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAYgZh37Z6+4AQE1wElD+D8xiUjevI/1ZfwqbWFFknUb08/688qNI0PZme4yfKhD/DO5Bstk/l6J/Kqrh/R6v4mbAxvYcbUoAE0+zqK4j6xspdKSe0yN4GOAqWoMCgX3vhwnEUYqtLTPzhuDscnubLEpGsZxYeFJpFYMFwGFvBD/Ehoe2CndotCe238hodiKSOfMX+ZV8Itb2zJdfRGyqyiIgzZaP3DvaLSvx52NTju4EmHr6IOatkPMrk3gvERsHKAOevJyr/ng4ONzZM18x8x41a0vePatUURsc8J2Jp1Gu+X6r3BqnrNpPeuzW02EVZKjy/+C2cPUwO3x6edsGio9uEg7Sm3qa/wQ9FS55USt07LUt2SHvcfNPBF15aa2tAQMSAJmWFlVyQAHx2A6i1rk0eIEWJdBuL3yGjMT4y9Ilync04CYEdtqwW8Vd0zU6vmyXeW05yibtOz+V/AKCBpqvMdAuarDgXJhNCsOkQ7whgngV00e62J9rL0Y+Hdiv8R2yH4IOdc6t2sMi3uuu3qfaFTO16MLaoULCK1FpvGanxA/jE1qP73aCm4VnQ9UKeBswBYpUWEe7b+RpH26uOr/LE2M3PIaMsVtN2qMzyUt0I5wgpholbVKgPNmq1GBTRiPZkN5DcPLBq0lntUQxPgCtLDu/u/b+ti89cJEigvQ==
# Other config here will be given to the distro class and/or path classes
paths:
cloud_dir: /var/lib/cloud/
templates_dir: /etc/cloud/templates/
upstart_dir: /etc/init/
package_mirrors:
- arches: [default]
failsafe:
primary: http://deb.debian.org/debian
security: http://security.debian.org/
ssh_svcname: ssh