leitbogioro/Tools
1
1
Fork 0
mirror of https://github.com/leitbogioro/Tools.git synced 2024-11-16 06:05:33 +08:00
Code Issues Projects Releases Packages Wiki Activity

Create ipv4_static_ipv6_static_interfaces.cfg

Browse source
This commit is contained in:
Molly Lau 2023-09-25 19:22:54 +09:00 committed by GitHub
parent 3b4e11b34c
commit 549369d0a1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 68 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
Linux_reinstall/RedHat/CloudInit/ipv4_static_ipv6_static_interfaces.cfg Normal file
View file

@ -0,0 +1,68 @@
#cloud-config
# CLOUD_IMG: This file was created/modified by the Cloud Image build process
# https://cloudinit.readthedocs.io/en/22.1_a/
datasource_list: [ NoCloud, None ]
# configure localization
locale: en_US.UTF-8
# configure timezone
timezone: TimeZone
# configure root user
users:
- name: root
lock_passwd: false
shell: /bin/bash
chpasswd:
expire: false
list: |
root:tmpWORD
users:
- name: root
password: tmpWORD
type: text
# Despite cloud-init 22.1-9 supports version 2 of network configurations but the "renderers:" doesn't support "network-manager".
# https://cloudinit.readthedocs.io/en/22.1_a/topics/network-config.html#network-output-policy
system_info:
network:
renderers: ['sysconfig']
# The gateway of network for cloud-init 22.1-9 must be "gateway4"(for IPv4) or "gateway6"(for IPv6).
network:
version: 2
ethernets:
networkAdapter:
dhcp4: false
dhcp6: false
addresses: [IPv4/ipPrefix,ip6Addr/ip6Mask]
gateway4: GATE
gateway6: ip6Gate
nameservers:
addresses: [ipDNS1, ip6DNS1, ipDNS2, ip6DNS2]
# later commands
runcmd:
- sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config
- sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
- sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
- systemctl enable sshd
- ssh-keygen -A
- systemctl restart sshd
- sed -i '6i \ \ <port port="sshPORT" protocol="tcp"/>' /etc/firewalld/zones/public.xml
- sed -i '7i \ \ <port port="sshPORT" protocol="udp"/>' /etc/firewalld/zones/public.xml
- systemctl enable firewalld
- firewall-cmd --reload
- systemctl stop kdump
- systemctl disable kdump
- hostnamectl set-hostname HostName
- yum install dnf epel-release -y
- dnf install curl dnsutils fail2ban file lrzsz net-tools vim wget -y
- sed -i '/^\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf
- sed -ri 's/^backend = auto/backend = systemd/g' /etc/fail2ban/jail.conf
- systemctl enable fail2ban
- systemctl restart fail2ban
- rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg
- touch /etc/cloud/cloud-init.disabled