2023-07-30 06:18:25 +08:00
#cloud-config
2023-06-08 04:50:33 +08:00
# CLOUD_IMG: This file was created/modified by the Cloud Image build process
2023-07-30 05:25:33 +08:00
# configure cloud-init for NoCloud
datasource_list: [ NoCloud, None ]
2023-06-08 04:50:33 +08:00
# configure repository
system_info:
package_mirrors:
- arches: [i386, amd64]
failsafe:
primary: http://targetLinuxMirror/ubuntu
security: http://security.ubuntu.com/ubuntu
2023-06-29 12:53:05 +08:00
- arches: [arm64, armel, armhf]
2023-06-08 04:50:33 +08:00
failsafe:
primary: http://targetLinuxMirror/ubuntu-ports
security: http://targetLinuxMirror/ubuntu-ports
# configure hostname
hostname: HostName
2023-06-14 03:47:30 +08:00
# configure localization
locale: en_US.UTF-8
2023-06-14 04:42:16 +08:00
# configure timezone
timezone: TimeZone
2023-06-08 04:50:33 +08:00
# configure root user
users:
- name: root
lock_passwd: false
shell: /bin/bash
chpasswd:
expire: false
list: |
root:tmpWORD
users:
- name: root
password: tmpWORD
type: text
# configure network
2023-08-19 14:22:12 +08:00
# Adding "on-link: true" for each routes is recommended for the "routes(gateway)" menu in network config file of netplan otherwise netplan will calculate whether the gateway is in range of IP/prefix, if not, the network can't work normally.
# Despite adding "on-link: true" is only necessary for the situation of irregular IPv4 configs(public IPv4 address with the a private IPv4 gateway or gateway is also a public address but from A class is different from the former),
# this setting won't affect the normal IPv4 configurations.
# So in order to considering the most general availability of the various complex environments of the networkings, we should add "on-link" in all items which need to be configurated manually cloud-init files.
# Reference: https://netplan.readthedocs.io/en/latest/netplan-yaml/#default-routes
2023-06-08 04:50:33 +08:00
network:
2023-06-08 11:08:14 +08:00
version: 2
ethernets:
2023-08-23 17:25:10 +08:00
networkAdapter:
2023-06-08 11:08:14 +08:00
dhcp4: false
2023-06-08 11:46:18 +08:00
addresses: [IPv4/ipPrefix]
2023-06-08 19:06:39 +08:00
routes:
- to: default
via: GATE
2023-08-19 14:22:12 +08:00
on-link: true
2023-06-08 11:08:14 +08:00
nameservers:
addresses: [ipDNS1, ipDNS2]
2023-06-08 04:50:33 +08:00
# later commands
runcmd:
- sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config
- sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
- sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
- update-rc.d ssh enable
- /etc/init.d/ssh restart
2023-06-17 07:28:42 +08:00
- sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
2023-06-18 13:38:46 +08:00
- sed -i "s/#\$nrconf{kernelhints} = -1;/\$nrconf{kernelhints} = -1;/g" /etc/needrestart/needrestart.conf
2023-06-08 04:50:33 +08:00
- apt update
2023-06-15 22:22:56 +08:00
- apt install dnsutils fail2ban file lrzsz net-tools traceroute unzip vim wget xz-utils -y
2023-06-17 01:33:55 +08:00
- sed -ri 's/set compatible/set nocompatible/g' /etc/vim/vimrc.tiny
- sed -ri '/set nocompatible/a\set backspace = 2' /etc/vim/vimrc.tiny
2023-06-08 17:21:10 +08:00
- mv /etc/netplan/50-cloud-init.yaml /etc/netplan/20-netcfg.yaml
- netplan apply
2023-07-06 09:24:15 +08:00
- sed -i '/\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf
- sed -ri 's/backend.*/backend = systemd/g' /etc/fail2ban/jail.conf
- update-rc.d fail2ban enable
- /etc/init.d/fail2ban restart
2023-06-14 04:29:41 +08:00
- rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg
2023-06-08 19:54:13 +08:00
- touch /etc/cloud/cloud-init.disabled
