leitbogioro/Tools
1
1
Fork 0
mirror of https://github.com/leitbogioro/Tools.git synced 2024-11-15 13:44:50 +08:00
Code Issues Projects Releases Packages Wiki Activity

Create dhcp_interfaces.cfg

Browse source
This commit is contained in:
Molly Lau 2023-09-25 19:08:15 +09:00 committed by GitHub
parent 428fff2b10
commit b7e476e6b3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 71 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
Linux_reinstall/RedHat/CloudInit/dhcp_interfaces.cfg Normal file
View file

@ -0,0 +1,71 @@
#cloud-config
# CLOUD_IMG: This file was created/modified by the Cloud Image build process
# https://cloudinit.readthedocs.io/en/22.1_a/
datasource_list: [ NoCloud, None ]
# configure localization
locale: en_US.UTF-8
# configure timezone
timezone: TimeZone
# configure root user
users:
- name: root
lock_passwd: false
shell: /bin/bash
chpasswd:
expire: false
list: |
root:tmpWORD
users:
- name: root
password: tmpWORD
type: text
# Despite cloud-init 22.1-9 supports version 2 of network configurations but the "renderers:" doesn't support "network-manager".
# https://cloudinit.readthedocs.io/en/22.1_a/topics/network-config.html#network-output-policy
system_info:
network:
renderers: ['sysconfig']
# The gateway of network for cloud-init 22.1-9 must be "gateway4"(for IPv4) or "gateway6"(for IPv6).
network:
version: 2
ethernets:
networkAdapter:
dhcp4: true
dhcp6: true
# later commands
# Replace ssh port, permit root user login by password, enable sshd service.
# Add new ssh port for firewalld.
# Stop and disable kdump service.
# Set hostname.
# Install dnf, epel repository.
# Install some common components.
# Configure fail2ban.
# Delete cloud-init config file itself and disable it permanently after first execution.
runcmd:
- sed -ri 's/^#?Port.*/Port sshPORT/g' /etc/ssh/sshd_config
- sed -ri 's/^#?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
- sed -ri 's/^#?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
- systemctl enable sshd
- ssh-keygen -A
- systemctl restart sshd
- sed -i '6i \ \ <port port="sshPORT" protocol="tcp"/>' /etc/firewalld/zones/public.xml
- sed -i '7i \ \ <port port="sshPORT" protocol="udp"/>' /etc/firewalld/zones/public.xml
- systemctl enable firewalld
- firewall-cmd --reload
- systemctl stop kdump
- systemctl disable kdump
- hostnamectl set-hostname HostName
- yum install dnf epel-release -y
- dnf install curl dnsutils fail2ban file lrzsz net-tools vim wget -y
- sed -i '/^\[Definition\]/a allowipv6 = auto' /etc/fail2ban/fail2ban.conf
- sed -ri 's/^backend = auto/backend = systemd/g' /etc/fail2ban/jail.conf
- systemctl enable fail2ban
- systemctl restart fail2ban
- rm -rf /etc/cloud/cloud.cfg.d/99-fake_cloud.cfg
- touch /etc/cloud/cloud-init.disabled