Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Multi-format Cloud Config File
Content-Type: multipart/mixed; boundary="===============0035287898381899620=="
MIME-Version: 1.0
Content-Type: text/cloud-config; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="cloud-config.txt"
# - mygroup
- name: myid
gecos: "My Name"
shell: /bin/bash
ssh-import-id: [mylaunchpad.netid]
apt_update: true
apt_upgrade: true
hostname: MYSERVER
manage_etc_hosts: true
- unattended-upgrades
- apticron
- ntp
- landscape-common
- vim
- rsync
- ssmtp
- "locale-gen en_CA.UTF-8"
# final_message written to log when cloud-init processes are finished
final_message: "System boot (via cloud-init) is COMPLETE, after $UPTIME seconds. Finished at $TIMESTAMP"
Content-Type: text/x-shellscript; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="user-script.txt"
# Set variables for replacement
FQDN=$(hostname --fqdn)
# install additional items here if you have problems with cloud-config
# apt-get install
# Set up outgoing email for SSMTP
echo -e "# Set email address to send root alerts to\nroot=$ROOTEMAIL\n\n# Set mail server to use to send emails\nmailhub=$MAILHUB\n\n# The full hostname\nhostname=$FQDN" > /etc/ssmtp/ssmtp.conf
# Set up Apticron and automatic security updates
echo -e 'APT::Periodic::Update-Package-Lists "1";\nAPT::Periodic::Unattended-Upgrade "1";' >> /etc/apt/apt.conf.d/20auto-upgrades
sed -i 's/\/\/Unattended-Upgrade\:\:Mail \"root\";/Unattended-Upgrade\:\:Mail \"$UPDATEEMAIL\";/g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's/\/\/Unattended-Upgrade\:\:MailOnlyOnError \"true\";/Unattended-Upgrade::MailOnlyOnError \"true\";/g' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i "s/# CUSTOM_FROM=\"\"/CUSTOM_FROM=\"$FQDN\"/g" /etc/apticron/apticron.conf
# Create new sudoers.d file
#echo "%mygroup ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/mydomain
# Secure SSHD
sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
sed -i '$a \\n# Disable Password Authentication\nPasswordAuthentication no' /etc/ssh/sshd_config
sed -i "s/ServerKeyBits 1024/ServerKeyBits 2048/g" /etc/ssh/sshd_config
sed -i "s/LoginGraceTime 120/LoginGraceTime 60/g" /etc/ssh/sshd_config
sed -i "s/HostKey /etc/ssh/ssh_host_dsa_key/#HostKey /etc/ssh/ssh_host_dsa_key/g" /etc/ssh/sshd_config
sed -i "s/HostKey /etc/ssh/ssh_host_ecdsa_key/#HostKey /etc/ssh/ssh_host_ecdsa_key/g" /etc/ssh/sshd_config
sed -i "s/HostKey /etc/ssh/ssh_host_ed25519_key/#HostKey /etc/ssh/ssh_host_ed25519_key/g" /etc/ssh/sshd_config
service ssh restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.