Arc Linux Cloud Spawn

cloud_spawn.sh

#!/bin/bash


echo "Please enter hostname:"
read HOSTNAME

echo "Please enter port for SSHd to listen on:"
read SSHPORT

# Upgrade software
pacman -Sy pacman --noconfirm
pacman-db-upgrade
pacman -Syu --noconfirm

# Set hostname
sed -i "s/# HOSTNAME=\"myhost\"/HOSTNAME=\"$HOSTNAME\"/" /etc/rc.conf
hostname $HOSTNAME
sed -i "s/127.0.0.1 localhost/127.0.0.1 localhost\n127.0.0.1 $HOSTNAME/" /etc/hosts

# Set locales
sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
sed -i 's/#en_US ISO-8859-1/en_US ISO-8859-1/' /etc/locale.gen
locale-gen

# Enable SSH via IPv6
sed -i 's/#AddressFamily any/AddressFamily any/' /etc/ssh/sshd_config
# Listen on high random port
sed -i 's/#Port 22/Port $SSHPORT/' /etc/ssh/sshd_config

/etc/rc.d/sshd restart

# Set up iptables
pacman -S iptables --noconfirm
cat > /etc/iptables/iptables.rules << EOF
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -p tcp --dport $SSHPORT -j ACCEPT
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -j LOG 
-A INPUT -j REJECT --reject-with icmp-port-unreachable 
COMMIT
EOF
/etc/rc.d/iptables restart

# Set up ip6tables
cat > /etc/iptables/ip6tables.rules << EOF
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p ipv6-icmp -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -p tcp --dport $SSHPORT -j ACCEPT
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -j LOG 
-A INPUT -j REJECT --reject-with icmp6-port-unreachable 
COMMIT
EOF
/etc/rc.d/ip6tables restart

# Update rc.conf daemons that start on boot
sed -i 's/DAEMONS=(syslog-ng network netfs crond sshd ntpd)/DAEMONS=(syslog-ng network netfs crond sshd ntpd iptables ip6tables)/' /etc/rc.conf