Tools/Linux_reinstall/RedHat/CloudInit/ipv6_static_interfaces.cfg

#cloud-config
# CLOUD_IMG: This file was created/modified by the Cloud Image build process
# https://cloudinit.readthedocs.io/en/22.1_a/
datasource_list: [NoCloud]

# configure localization
locale: en_US.UTF-8

# configure timezone
timezone: TimeZone

# configure root user
disable_root: false
ssh_pwauth: true
users:
  - name: root
    lock_passwd: false
    shell: /bin/bash

chpasswd:
  expire: false
  list: |
    root:tmpWORD
  users:
    - name: root
      password: tmpWORD
      type: text

# Despite cloud-init 22.1-9 supports version 2 of network configurations but the "renderers:" doesn't support "network-manager".
# https://cloudinit.readthedocs.io/en/22.1_a/topics/network-config.html#network-output-policy
system_info:
  network:
    renderers: ['sysconfig']

# The gateway of network for cloud-init 22.1-9 must be "gateway4"(for IPv4) or "gateway6"(for IPv6).
network:
  version: 2
  ethernets:
    networkAdapter:
      dhcp6: false
      addresses: [ip6Addr/ip6Mask]
      gateway6: ip6Gate
      nameservers:
        addresses: [ip6DNS1, ip6DNS2]

# later commands
runcmd:
  - sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config
  - sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
  - sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
  - systemctl enable sshd
  - ssh-keygen -A
  - systemctl restart sshd
  - sed -i '6i \ \ <port port="sshPORT" protocol="tcp"/>' /etc/firewalld/zones/public.xml
  - sed -i '7i \ \ <port port="sshPORT" protocol="udp"/>' /etc/firewalld/zones/public.xml
  - systemctl enable firewalld
  - firewall-cmd --reload
  - systemctl stop kdump
  - systemctl disable kdump
  - hostnamectl set-hostname HostName
  - fallocate -l 512M /swapspace
  - chmod 600 /swapspace
  - mkswap /swapspace
  - swapon /swapspace
  - echo '/swapspace none swap sw 0 0' >> /etc/fstab
  - yum install dnf epel-release -y
  - dnf install curl dnsutils fail2ban file lrzsz net-tools vim wget -y
  - sed -i '/^\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf
  - sed -ri 's/^backend = auto/backend = systemd/g' /etc/fail2ban/jail.conf
  - systemctl enable fail2ban
  - systemctl restart fail2ban
  - grub2-mkconfig
  - rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg
  - touch /etc/cloud/cloud-init.disabled
Create ipv6_static_interfaces.cfg 2023-09-25 18:26:18 +08:00			`#cloud-config`
			`# CLOUD_IMG: This file was created/modified by the Cloud Image build process`
			`# https://cloudinit.readthedocs.io/en/22.1_a/`
Update ipv6_static_interfaces.cfg 2023-09-28 19:04:15 +08:00			`datasource_list: [NoCloud]`
Create ipv6_static_interfaces.cfg 2023-09-25 18:26:18 +08:00
			`# configure localization`
			`locale: en_US.UTF-8`

			`# configure timezone`
			`timezone: TimeZone`

			`# configure root user`
Update ipv6_static_interfaces.cfg 2023-09-28 19:04:15 +08:00			`disable_root: false`
			`ssh_pwauth: true`
Create ipv6_static_interfaces.cfg 2023-09-25 18:26:18 +08:00			`users:`
			`- name: root`
			`lock_passwd: false`
			`shell: /bin/bash`

			`chpasswd:`
			`expire: false`
			`list: \|`
			`root:tmpWORD`
			`users:`
			`- name: root`
			`password: tmpWORD`
			`type: text`

			`# Despite cloud-init 22.1-9 supports version 2 of network configurations but the "renderers:" doesn't support "network-manager".`
			`# https://cloudinit.readthedocs.io/en/22.1_a/topics/network-config.html#network-output-policy`
			`system_info:`
			`network:`
			`renderers: ['sysconfig']`

			`# The gateway of network for cloud-init 22.1-9 must be "gateway4"(for IPv4) or "gateway6"(for IPv6).`
			`network:`
			`version: 2`
			`ethernets:`
			`networkAdapter:`
			`dhcp6: false`
			`addresses: [ip6Addr/ip6Mask]`
			`gateway6: ip6Gate`
			`nameservers:`
			`addresses: [ip6DNS1, ip6DNS2]`

			`# later commands`
			`runcmd:`
			`- sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config`
			`- sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config`
			`- sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config`
			`- systemctl enable sshd`
			`- ssh-keygen -A`
			`- systemctl restart sshd`
			`- sed -i '6i \ \ <port port="sshPORT" protocol="tcp"/>' /etc/firewalld/zones/public.xml`
			`- sed -i '7i \ \ <port port="sshPORT" protocol="udp"/>' /etc/firewalld/zones/public.xml`
			`- systemctl enable firewalld`
			`- firewall-cmd --reload`
			`- systemctl stop kdump`
			`- systemctl disable kdump`
			`- hostnamectl set-hostname HostName`
Update ipv6_static_interfaces.cfg 2023-09-26 21:19:30 +08:00			`- fallocate -l 512M /swapspace`
			`- chmod 600 /swapspace`
			`- mkswap /swapspace`
			`- swapon /swapspace`
			`- echo '/swapspace none swap sw 0 0' >> /etc/fstab`
Create ipv6_static_interfaces.cfg 2023-09-25 18:26:18 +08:00			`- yum install dnf epel-release -y`
			`- dnf install curl dnsutils fail2ban file lrzsz net-tools vim wget -y`
			`- sed -i '/^\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf`
			`- sed -ri 's/^backend = auto/backend = systemd/g' /etc/fail2ban/jail.conf`
			`- systemctl enable fail2ban`
			`- systemctl restart fail2ban`
Update ipv6_static_interfaces.cfg 2023-09-26 21:19:30 +08:00			`- grub2-mkconfig`
Create ipv6_static_interfaces.cfg 2023-09-25 18:26:18 +08:00			`- rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg`
			`- touch /etc/cloud/cloud-init.disabled`