From 549369d0a1fb644cea14196d42d23103119464c2 Mon Sep 17 00:00:00 2001 From: Molly Lau Date: Mon, 25 Sep 2023 19:22:54 +0900 Subject: [PATCH] Create ipv4_static_ipv6_static_interfaces.cfg --- .../ipv4_static_ipv6_static_interfaces.cfg | 68 +++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 Linux_reinstall/RedHat/CloudInit/ipv4_static_ipv6_static_interfaces.cfg diff --git a/Linux_reinstall/RedHat/CloudInit/ipv4_static_ipv6_static_interfaces.cfg b/Linux_reinstall/RedHat/CloudInit/ipv4_static_ipv6_static_interfaces.cfg new file mode 100644 index 0000000..c11f60f --- /dev/null +++ b/Linux_reinstall/RedHat/CloudInit/ipv4_static_ipv6_static_interfaces.cfg @@ -0,0 +1,68 @@ +#cloud-config +# CLOUD_IMG: This file was created/modified by the Cloud Image build process +# https://cloudinit.readthedocs.io/en/22.1_a/ +datasource_list: [ NoCloud, None ] + +# configure localization +locale: en_US.UTF-8 + +# configure timezone +timezone: TimeZone + +# configure root user +users: + - name: root + lock_passwd: false + shell: /bin/bash + +chpasswd: + expire: false + list: | + root:tmpWORD + users: + - name: root + password: tmpWORD + type: text + +# Despite cloud-init 22.1-9 supports version 2 of network configurations but the "renderers:" doesn't support "network-manager". +# https://cloudinit.readthedocs.io/en/22.1_a/topics/network-config.html#network-output-policy +system_info: + network: + renderers: ['sysconfig'] + +# The gateway of network for cloud-init 22.1-9 must be "gateway4"(for IPv4) or "gateway6"(for IPv6). +network: + version: 2 + ethernets: + networkAdapter: + dhcp4: false + dhcp6: false + addresses: [IPv4/ipPrefix,ip6Addr/ip6Mask] + gateway4: GATE + gateway6: ip6Gate + nameservers: + addresses: [ipDNS1, ip6DNS1, ipDNS2, ip6DNS2] + +# later commands +runcmd: + - sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config + - sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config + - sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config + - systemctl enable sshd + - ssh-keygen -A + - systemctl restart sshd + - sed -i '6i \ \ ' /etc/firewalld/zones/public.xml + - sed -i '7i \ \ ' /etc/firewalld/zones/public.xml + - systemctl enable firewalld + - firewall-cmd --reload + - systemctl stop kdump + - systemctl disable kdump + - hostnamectl set-hostname HostName + - yum install dnf epel-release -y + - dnf install curl dnsutils fail2ban file lrzsz net-tools vim wget -y + - sed -i '/^\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf + - sed -ri 's/^backend = auto/backend = systemd/g' /etc/fail2ban/jail.conf + - systemctl enable fail2ban + - systemctl restart fail2ban + - rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg + - touch /etc/cloud/cloud-init.disabled