2023-07-30 07:12:35 +08:00
|
|
|
#cloud-config
|
2023-06-08 13:28:22 +08:00
|
|
|
# CLOUD_IMG: This file was created/modified by the Cloud Image build process
|
|
|
|
|
2023-07-30 07:12:35 +08:00
|
|
|
# configure cloud-init for NoCloud
|
|
|
|
datasource_list: [ NoCloud, None ]
|
|
|
|
|
2023-06-08 13:28:22 +08:00
|
|
|
# configure repository
|
|
|
|
system_info:
|
|
|
|
package_mirrors:
|
|
|
|
- arches: [i386, amd64]
|
|
|
|
failsafe:
|
|
|
|
primary: http://targetLinuxMirror/ubuntu
|
|
|
|
security: http://security.ubuntu.com/ubuntu
|
2023-06-29 12:53:41 +08:00
|
|
|
- arches: [arm64, armel, armhf]
|
2023-06-08 13:28:22 +08:00
|
|
|
failsafe:
|
|
|
|
primary: http://targetLinuxMirror/ubuntu-ports
|
|
|
|
security: http://targetLinuxMirror/ubuntu-ports
|
|
|
|
|
|
|
|
# configure hostname
|
|
|
|
hostname: HostName
|
|
|
|
|
2023-06-14 05:01:12 +08:00
|
|
|
# configure localization
|
|
|
|
locale: en_US.UTF-8
|
|
|
|
|
2023-06-14 05:19:32 +08:00
|
|
|
# configure timezone
|
2023-06-08 13:28:22 +08:00
|
|
|
timezone: TimeZone
|
|
|
|
|
|
|
|
# configure root user
|
|
|
|
users:
|
|
|
|
- name: root
|
|
|
|
lock_passwd: false
|
|
|
|
shell: /bin/bash
|
|
|
|
|
|
|
|
chpasswd:
|
|
|
|
expire: false
|
|
|
|
list: |
|
|
|
|
root:tmpWORD
|
|
|
|
users:
|
|
|
|
- name: root
|
|
|
|
password: tmpWORD
|
|
|
|
type: text
|
|
|
|
|
|
|
|
# configure network
|
|
|
|
network:
|
|
|
|
version: 2
|
|
|
|
ethernets:
|
2023-08-23 17:35:30 +08:00
|
|
|
networkAdapter:
|
2023-06-08 13:28:22 +08:00
|
|
|
dhcp6: false
|
|
|
|
addresses: [ip6Addr/ip6Mask]
|
2023-06-08 19:10:28 +08:00
|
|
|
routes:
|
|
|
|
- to: default
|
|
|
|
via: ip6Gate
|
2023-08-19 14:40:19 +08:00
|
|
|
on-link: true
|
2023-06-08 13:28:22 +08:00
|
|
|
nameservers:
|
|
|
|
addresses: [ip6DNS1, ip6DNS2]
|
|
|
|
|
|
|
|
# later commands
|
|
|
|
runcmd:
|
|
|
|
- sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config
|
|
|
|
- sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
|
|
|
|
- sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
|
|
|
|
- update-rc.d ssh enable
|
2023-08-31 18:20:39 +08:00
|
|
|
- ssh-keygen -A
|
2023-06-08 13:28:22 +08:00
|
|
|
- /etc/init.d/ssh restart
|
2023-06-17 07:29:21 +08:00
|
|
|
- sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
|
2023-06-18 13:39:29 +08:00
|
|
|
- sed -i "s/#\$nrconf{kernelhints} = -1;/\$nrconf{kernelhints} = -1;/g" /etc/needrestart/needrestart.conf
|
2023-06-08 13:28:22 +08:00
|
|
|
- apt update
|
2023-09-17 13:42:37 +08:00
|
|
|
- apt install dnsutils fail2ban file lrzsz net-tools vim wget -y
|
2023-06-17 01:34:36 +08:00
|
|
|
- sed -ri 's/set compatible/set nocompatible/g' /etc/vim/vimrc.tiny
|
|
|
|
- sed -ri '/set nocompatible/a\set backspace=2' /etc/vim/vimrc.tiny
|
2023-06-08 17:31:15 +08:00
|
|
|
- mv /etc/netplan/50-cloud-init.yaml /etc/netplan/20-netcfg.yaml
|
|
|
|
- netplan apply
|
2023-08-28 03:11:54 +08:00
|
|
|
- sed -i '/^\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf
|
|
|
|
- sed -ri 's/^backend = auto/backend = systemd/g' /etc/fail2ban/jail.conf
|
2023-07-06 09:24:46 +08:00
|
|
|
- update-rc.d fail2ban enable
|
|
|
|
- /etc/init.d/fail2ban restart
|
2023-06-14 05:01:12 +08:00
|
|
|
- rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg
|
2023-06-08 20:07:37 +08:00
|
|
|
- touch /etc/cloud/cloud-init.disabled
|