#cloud-config users: - name: zed lock_passwd: false passwd: your-hashed-passwd # openssl passwd -6 can create a hashed password ssh_authorized_keys: - your-ssh-PUBLIC-KEY shell: /bin/bash groups: wheel sudo: ['ALL=(ALL) NOPASSWD: ALL'] # optional, make sure to secure access to the instance/VM write_files: - path: /etc/ssh/sshd_config content: | Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key SyslogFacility AUTH LogLevel INFO LoginGraceTime 120 PasswordAuthentication no PermitRootLogin no StrictModes yes PubkeyAuthentication yes IgnoreRhosts yes HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no PrintLastLog yes TCPKeepAlive yes AcceptEnv LANG LC_* UsePAM yes - path: /usr/lib/systemd/system/zed-lake.service content: | [Unit] Description=Zed Lake Service After=network.target [Service] ExecStart=/opt/Zui/resources/app.asar.unpacked/zdeps/zed serve -l :9867 -lake /home/zed/.config/Zui/lake -log.level=info -log.filemode=rotate -log.path=/home/zed/.config/Zui/logs/zlake.log Restart=always User=zed [Install] WantedBy=multi-user.target package_update: true package_upgrade: true packages: - vim - firewalld runcmd: - systemctl enable --now firewalld - firewall-cmd --permanent --add-port 9867/tcp - firewall-cmd --reload - dnf install -y https://github.com/brimdata/zui/releases/download/v1.18.0/Zui-1.18.0.x86_64.rpm - mkdir -p /home/zed/.config/Zui/lake /home/zed/.config/Zui/plugins/brimcap/storage/root /home/zed/.config/Zui/logs - chown zed:zed -R /home/zed/.config - find /opt/Zui/resources/app.asar.unpacked/zdeps/suricata -exec chmod go+w {} \; - /opt/Zui/resources/app.asar.unpacked/zdeps/suricata/suricataupdater - systemctl daemon-reload - systemctl enable --now zed-lake.service package_reboot_if_required: true