From 12b9002638410b2bfc302e7a56b7684b4fa13367 Mon Sep 17 00:00:00 2001 From: "calvin.house" Date: Fri, 27 Feb 2026 04:59:56 +0000 Subject: [PATCH] initial commit --- bash/kvm-deploy/kvm-cloud-init.sh | 431 ++++++++++++++++++++ bash/kvm-deploy/user-data/alma-node.yml | 44 ++ bash/kvm-deploy/user-data/docker-leader.yml | 53 +++ bash/kvm-deploy/user-data/docker-worker.yml | 52 +++ bash/kvm-deploy/user-data/k3s-install.yml | 54 +++ bash/kvm-deploy/user-data/postgres.yml | 48 +++ 6 files changed, 682 insertions(+) create mode 100644 bash/kvm-deploy/kvm-cloud-init.sh create mode 100644 bash/kvm-deploy/user-data/alma-node.yml create mode 100644 bash/kvm-deploy/user-data/docker-leader.yml create mode 100644 bash/kvm-deploy/user-data/docker-worker.yml create mode 100644 bash/kvm-deploy/user-data/k3s-install.yml create mode 100644 bash/kvm-deploy/user-data/postgres.yml diff --git a/bash/kvm-deploy/kvm-cloud-init.sh b/bash/kvm-deploy/kvm-cloud-init.sh new file mode 100644 index 0000000..18744fd --- /dev/null +++ b/bash/kvm-deploy/kvm-cloud-init.sh @@ -0,0 +1,431 @@ +#!/bin/bash +#set -vx + +hosts=("1.1.1.1" "2.2.2.2" "3.3.3.3") + +get_host_info() { +echo "Refreshing host info..." +for h in "${hosts[@]}"; do + virsh -c qemu+ssh://root@${h}/system pool-refresh --pool kvm_guests > /dev/null + virsh -c qemu+ssh://root@${h}/system pool-refresh --pool nvme_guests > /dev/null + virsh -c qemu+ssh://root@${h}/system pool-refresh --pool ISO > /dev/null + echo "+++++++++++++++++" + echo -e "Host ${h}\n" + echo "+++++++++++++++++" + virsh -c qemu+ssh://root@${h}/system list --all +done +echo "+++++++++++++++++" +echo "Disk Volumes" +echo "+++++++++++++++++" +virsh -c qemu+ssh://root@${hosts[0]}/system vol-list --pool kvm_guests --details +echo "+++++++++++++++++" +echo "nVME Volumes" +echo "+++++++++++++++++" +virsh -c qemu+ssh://root@${hosts[0]}/system vol-list --pool nvme_guests --details +echo "+++++++++++++++++" +echo "ISO Volumes" +echo "+++++++++++++++++" +virsh -c qemu+ssh://root@${hosts[0]}/system vol-list --pool ISO --details +$0 +} + +mass_startup(){ +read -p "Which host?" KVM_HOST +guests=($(virsh -c qemu+ssh://root@${h}/system list --inactive | '/shut off/{print $2}')) + +for g in "${guests[@]}" +do + virsh -c qemu+ssh://root@${h}/system start ${g} +done +} + +migrate_domain(){ +echo "Migration Types + 1). Single Domain + 2). Offline Domain + 3). Mass Domain Migration + " +read -p "Select Migration Type: " MIG +if [ $MIG == 1 ]; then + read -p "Select source host. " SRC_URI + virsh -c qemu+ssh://root@${SRC_URI}/system list | '/running/{print $2}' + read -p "Select destination host. " DEST_URI + read -p "Select domain. " DOM + virsh -c qemu+ssh://root@${SRC_URI}/system migrate \ + --domain $DOM \ + --live \ + --p2p \ + --tunnelled \ + --desturi qemu+ssh://root@${DEST_URI}/system \ + --persistent \ + --undefinesource \ + --verbose + rerun +elif [ $MIG == 2 ]; then + read -p "Select source host. " SRC_URI + read -p "Select destination host. " DEST_URI + domain=($(virsh -c qemu+ssh://root@${SRC_URI}/system list --inactive | '/shut off/{print $2}')) + for dom in "${domain[@]}"; do + read -p "Select destination host. " DEST_URI + virsh -c qemu+ssh://root@${SRC_URI}/system migrate \ + --domain $DOM \ + --live \ + --p2p \ + --tunnelled \ + --desturi qemu+ssh://root@${DEST_URI}/system \ + --persistent \ + --undefinesource \ + --verbose + rerun + done +elif [ $MIG == 3]; then + read -p "Select source host. " SRC_URI + read -p "Select destination host. " DEST_URI + domain=($(virsh -c qemu+ssh://root@${SRC_URI}/system list | '/running/{print $2}')) + for dom in "${domain[@]}"; do + read -p "Select destination host. " DEST_URI + virsh -c qemu+ssh://root@${SRC_URI}/system migrate \ + --domain $DOM \ + --live \ + --p2p \ + --tunnelled \ + --desturi qemu+ssh://root@${DEST_URI}/system \ + --persistent \ + --undefinesource \ + --verbose + done +else + echo "Invalid type..." + $0 +fi +$0 +} + +backup_guest () { +read -p "Enter the desired host: " KVM_HOST +# declare/initialize global array +guests=($(virsh -c qemu+ssh://root@${KVM_HOST}/system list | awk '/running/{print $2}')) + +# global variables +SNAP_DEST=/mnt/snap/ +CPY_DEST=/mnt/backup/ + +for n in "${guests[@]}" +do + # initialize block storage array list and sets array variable + blks=($(virsh -c qemu+ssh://root@${KVM_HOST}/system domblklist --domain ${n} | awk '/vda/{print $2}')) + BLK_CALL=$(echo ${blks[0]}) + # create external snapshot + virsh -c qemu+ssh://root@${KVM_HOST}/system snapshot-create-as --domain ${n} --name ${n} --diskspec vda,file=${SNAP_DEST}${n}.qcow2 \ + --disk-only --atomic --no-metadata --quiesce | logger -t guest_snap + # syncs with backup destination + rsync -azq ${BLK_CALL} ${CPY_DEST}${n} | logger -t guest_sync + # active blockcommit + virsh -c qemu+ssh://root@${KVM_HOST}/system blockcommit --domain ${n} vda --active --pivot --verbose | logger -t guest_pivot + rm -rf ${SNAP_DEST}${n}.qcow2 +done +$0 +} + +test_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +read -p "Enter OS 1). AlmaLinux 10 2). Debian 13 " OS_CHO +if [ $OS_CHO == 1 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool kvm_guests --name ${GUEST} --format qcow2 --capacity 500G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + echo "local-hostname: ${GUEST}" > ./meta-data + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 2 \ + --memory 2048 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/kvm_guests/$GUEST \ + --cloud-init user-data=./user-data/cloud-init-configs/alma-node.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +elif [ $OS_CHO == 2 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool kvm_guests --name ${GUEST} --format qcow2 --capacity 500G --backing-vol /mnt/iso/debian-13-genericcloud-amd64-20250806-2196.qcow2 --backing-vol-format qcow2 + echo "local-hostname: ${GUEST}" > ./meta-data + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 2 \ + --memory 2048 \ + --os-variant debian13 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/kvm_guests/$GUEST \ + --cloud-init user-data=./user-data/debian-node.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole + +fi +$0 +} + +pg_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool kvm_guests --name ${GUEST} --format qcow2 --capacity 500G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 +echo "local-hostname: ${GUEST}" > ./meta-data +virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 4 \ + --memory 4096 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/kvm_guests/$GUEST \ + --cloud-init user-data=./user-data/postgres.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +$0 +} + +zed_lake_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool kvm_guests --name ${GUEST} --format qcow2 --capacity 500G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 +echo "local-hostname: ${GUEST}" > ./meta-data +virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 4 \ + --memory 4096 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/kvm_guests/$GUEST \ + --cloud-init user-data=./user-data/zed-lake.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +$0 +} + +int_docker_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +read -p "1). Leader or 2). Worker: " NODE_TYPE +if [ $NODE_TYPE == 1 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool nvme_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + echo "local-hostname: ${GUEST}" > ./meta-data + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 4 \ + --memory 4096 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/nvme_guests/$GUEST \ + --cloud-init user-data=./user-data/docker-leader.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +elif [ $NODE_TYPE == 2 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool nvme_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + echo "local-hostname: ${GUEST}" > ./meta-data + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 8 \ + --memory 8192 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/nvme_guests/$GUEST \ + --cloud-init user-data=./user-data/docker-worker.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +else + echo "Invalid type..."; $0 +fi +$0 +} + +host_docker_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +read -p "1). Leader or 2). Worker: " NODE_TYPE +if [ $NODE_TYPE == 1 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool nvme_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + echo "local-hostname: ${GUEST}" > ./meta-data + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 4 \ + --memory 4096 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_hosting \ + --disk /mnt/nvme_guests/$GUEST \ + --cloud-init user-data=./user-data//docker-leader.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +elif [ $NODE_TYPE == 2 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool nvme_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + echo "local-hostname: ${GUEST}" > ./meta-data + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 8 \ + --memory 8192 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_hosting \ + --disk /mnt/nvme_guests/$GUEST \ + --cloud-init user-data=./user-data/docker-worker.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +else + echo "Invalid type..."; $0 +fi +$0 +} + +elastic_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +read -p "Elastic Node or Fleet Server (1=Node or 2=Fleet): " E_TYPE +echo "local-hostname: ${GUEST}" > ./meta-data +if [ $E_TYPE == 1 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool kvm_guests --name ${GUEST} --format qcow2 --capacity ${VOL_SIZE}G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 4 \ + --memory 8192 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_elastic \ + --disk /mnt/kvm_guests/$GUEST \ + --cloud-init user-data=./user-data//elastic-stack.yaml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +elif [ $E_TYPE == 2 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool kvm_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 2 \ + --memory 2048 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_elastic \ + --disk /mnt/kvm_guests/$GUEST \ + --cloud-init user-data=./user-data//elastic-fleet.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +else + echo "Invalid option..."; $0 +fi +$0 +} + +kube_node(){ +read -p "Enter the desired host: " KVM_HOST +read -p "Enter the name of guest: " GUEST +read -p "Dev or Prod (1=Prod or 2=Dev): " KUBE_E +echo "local-hostname: ${GUEST}" > ./meta-data +if [ ${KUBE_E} == 1 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool nvme_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 2 \ + --memory 4096 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_hosting \ + --disk /mnt/nvme_guests/$GUEST \ + --cloud-init user-data=./user-data//k3s-install.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +elif [ ${KUBE_E} == 2 ]; then + virsh -c qemu+ssh://root@${KVM_HOST}/system vol-create-as --pool nvme_guests --name ${GUEST} --format qcow2 --capacity 100G --backing-vol /mnt/iso/AlmaLinux-10-GenericCloud-latest.x86_64_v2.qcow2 --backing-vol-format qcow2 + virt-install \ + --connect qemu+ssh://root@${KVM_HOST}/system \ + --name $GUEST \ + --vcpus 4 \ + --memory 4096 \ + --os-variant almalinux9 \ + --boot uefi \ + --network bridge=_servers \ + --disk /mnt/nvme_guests/$GUEST \ + --cloud-init user-data=./user-data//k3s-install.yml,meta-data=./meta-data \ + --import \ + --autostart \ + --noautoconsole +else + echo "Invalid option..."; $0 +fi +$0 +} + +echo "Available options: +1). Create Basic Node +2). Create Internal Docker Node +3). Create Hosting Docker Node +4). Create Elastic Node +5). Create k3s node +6). Create kubeadm node +7). Postgresql node +8). Zed Lake node +a). Get info on a host +b). Domain migration +00). Exit +" +read -p "Select an option: " OPT + +case "$OPT" in + + 1) test_node + ;; + + 2) int_docker_node + ;; + + 3) host_docker_node + ;; + + 4) elastic_node + ;; + + 5) kube_node + ;; + + 6) kubeadm_node + ;; + + 7) pg_node + ;; + + 8) zed_lake_node + ;; + + a|A) get_host_info + ;; + + b|B) migrate_domain + ;; + + 00|0) echo "Exiting..."; exit 0 + ;; + + *) echo "Invalid option."; sleep 1; $0 + ;; +esac diff --git a/bash/kvm-deploy/user-data/alma-node.yml b/bash/kvm-deploy/user-data/alma-node.yml new file mode 100644 index 0000000..35c4969 --- /dev/null +++ b/bash/kvm-deploy/user-data/alma-node.yml @@ -0,0 +1,44 @@ +#cloud-config +users: + - name: your-user + lock_passwd: false + passwd: + groups: wheel + ssh_authorized_keys: + - + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD: ALL'] +write_files: + - path: /etc/ssh/sshd_config + content: | + Protocol 2 + HostKey /etc/ssh/ssh_host_rsa_key + HostKey /etc/ssh/ssh_host_dsa_key + HostKey /etc/ssh/ssh_host_ecdsa_key + HostKey /etc/ssh/ssh_host_ed25519_key + SyslogFacility AUTH + LogLevel INFO + LoginGraceTime 120 + PasswordAuthentication no + PermitRootLogin no + StrictModes yes + PubkeyAuthentication yes + IgnoreRhosts yes + HostbasedAuthentication no + PermitEmptyPasswords no + ChallengeResponseAuthentication no + PrintLastLog yes + TCPKeepAlive yes + AcceptEnv LANG LC_* + UsePAM yes +prefer_fqdn_over_hostname: true +package_update: true +package_upgrade: true +packages: + - plocate + - unzip + - tar + - policycoreutils-python-utils + - rsync + - nfs-utils + - vim diff --git a/bash/kvm-deploy/user-data/docker-leader.yml b/bash/kvm-deploy/user-data/docker-leader.yml new file mode 100644 index 0000000..e4ad05e --- /dev/null +++ b/bash/kvm-deploy/user-data/docker-leader.yml @@ -0,0 +1,53 @@ +#cloud-config +users: + - name: your-user + lock_passwd: false + passwd: + ssh_authorized_keys: + - + shell: /bin/bash + groups: wheel + sudo: ['ALL=(ALL) NOPASSWD: ALL'] +write_files: + - path: /etc/ssh/sshd_config + content: | + Protocol 2 + HostKey /etc/ssh/ssh_host_rsa_key + HostKey /etc/ssh/ssh_host_dsa_key + HostKey /etc/ssh/ssh_host_ecdsa_key + HostKey /etc/ssh/ssh_host_ed25519_key + SyslogFacility AUTH + LogLevel INFO + LoginGraceTime 120 + PasswordAuthentication no + PermitRootLogin no + StrictModes yes + PubkeyAuthentication yes + IgnoreRhosts yes + HostbasedAuthentication no + PermitEmptyPasswords no + ChallengeResponseAuthentication no + PrintLastLog yes + TCPKeepAlive yes + AcceptEnv LANG LC_* + Subsystem sftp /usr/lib/openssh/sftp-server + UsePAM yes +packages: + - firewalld + - vim + - nfs-utils + - bind-utils + - qemu-guest-agent +runcmd: + - firewall-cmd --permanent --add-port 2376/tcp + - firewall-cmd --permanent --add-port 2377/tcp + - firewall-cmd --permanent --add-port 7946/tcp + - firewall-cmd --permanent --add-port 4789/udp + - firewall-cmd --permanent --add-port 7946/udp + - firewall-cmd --permanent --remove-service cockpit + - firewall-cmd --reload + - dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + - dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + - systemctl enable --now docker + - gpasswd -a your-user docker + - dnf upgrade -y && reboot diff --git a/bash/kvm-deploy/user-data/docker-worker.yml b/bash/kvm-deploy/user-data/docker-worker.yml new file mode 100644 index 0000000..24ec156 --- /dev/null +++ b/bash/kvm-deploy/user-data/docker-worker.yml @@ -0,0 +1,52 @@ +#cloud-config +users: + - name: your-user + lock_passwd: false + passwd: + ssh_authorized_keys: + - + shell: /bin/bash + groups: wheel + sudo: ['ALL=(ALL) NOPASSWD: ALL'] +write_files: + - path: /etc/ssh/sshd_config + content: | + Protocol 2 + HostKey /etc/ssh/ssh_host_rsa_key + HostKey /etc/ssh/ssh_host_dsa_key + HostKey /etc/ssh/ssh_host_ecdsa_key + HostKey /etc/ssh/ssh_host_ed25519_key + SyslogFacility AUTH + LogLevel INFO + LoginGraceTime 120 + PasswordAuthentication no + PermitRootLogin no + StrictModes yes + PubkeyAuthentication yes + IgnoreRhosts yes + HostbasedAuthentication no + PermitEmptyPasswords no + ChallengeResponseAuthentication no + PrintLastLog yes + TCPKeepAlive yes + AcceptEnv LANG LC_* + Subsystem sftp /usr/lib/openssh/sftp-server + UsePAM yes +packages: + - firewalld + - vim + - nfs-utils + - bind-utils + - qemu-guest-agent +runcmd: + - firewall-cmd --permanent --add-port 2377/tcp + - firewall-cmd --permanent --add-port 7946/tcp + - firewall-cmd --permanent --add-port 4789/udp + - firewall-cmd --permanent --add-port 7946/udp + - firewall-cmd --permanent --remove-service cockpit + - firewall-cmd --reload + - dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + - dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + - systemctl enable --now docker + - gpasswd -a your-user docker + - dnf upgrade -y && reboot diff --git a/bash/kvm-deploy/user-data/k3s-install.yml b/bash/kvm-deploy/user-data/k3s-install.yml new file mode 100644 index 0000000..e536167 --- /dev/null +++ b/bash/kvm-deploy/user-data/k3s-install.yml @@ -0,0 +1,54 @@ +#cloud-config +users: + - name: your-user + lock_passwd: false + passwd: + groups: wheel + ssh_authorized_keys: + - + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD: ALL'] +write_files: + - path: /etc/ssh/sshd_config + content: | + Protocol 2 + HostKey /etc/ssh/ssh_host_rsa_key + HostKey /etc/ssh/ssh_host_dsa_key + HostKey /etc/ssh/ssh_host_ecdsa_key + HostKey /etc/ssh/ssh_host_ed25519_key + SyslogFacility AUTH + LogLevel INFO + LoginGraceTime 60 + PasswordAuthentication no + PermitRootLogin no + StrictModes yes + PubkeyAuthentication yes + IgnoreRhosts yes + HostbasedAuthentication no + PermitEmptyPasswords no + ChallengeResponseAuthentication no + PrintLastLog yes + TCPKeepAlive yes + AcceptEnv LANG LC_* + UsePAM yes + - path: /etc/sysctl.d/01-k3s.conf + content: | + net.ipv4.ip_forward = 1 + net.bridge.bridge-nf-call-iptables = 1 + vm.swappiness = 0 + vm.overcommit_memory = 1 + +timezone: Etc/UTC +packages: + - curl + - vim + - bind-utils + - nfs-utils +runcmd: + - echo "overlay" > /etc/modules-load.d/k3s.conf + - echo "br_netfilter" >> /etc/modules-load.d/k3s.conf + - modprobe overlay + - modprobe br_netfilter + - sed -i 's/=enforcing/=permissive/' /etc/selinux/config + - dnf upgrade -y + - reboot diff --git a/bash/kvm-deploy/user-data/postgres.yml b/bash/kvm-deploy/user-data/postgres.yml new file mode 100644 index 0000000..2c97d61 --- /dev/null +++ b/bash/kvm-deploy/user-data/postgres.yml @@ -0,0 +1,48 @@ +#cloud-config +users: + - name: your-user + lock_passwd: false + passwd: + ssh_authorized_keys: + - + shell: /bin/bash + groups: wheel + sudo: ['ALL=(ALL) NOPASSWD: ALL'] +write_files: + - path: /etc/ssh/sshd_config + content: | + Protocol 2 + HostKey /etc/ssh/ssh_host_rsa_key + HostKey /etc/ssh/ssh_host_dsa_key + HostKey /etc/ssh/ssh_host_ecdsa_key + HostKey /etc/ssh/ssh_host_ed25519_key + SyslogFacility AUTH + LogLevel INFO + LoginGraceTime 120 + PasswordAuthentication no + PermitRootLogin no + StrictModes yes + PubkeyAuthentication yes + IgnoreRhosts yes + HostbasedAuthentication no + PermitEmptyPasswords no + ChallengeResponseAuthentication no + PrintLastLog yes + TCPKeepAlive yes + AcceptEnv LANG LC_* + UsePAM yes +prefer_fqdn_over_hostname: true +packages: + - firewalld + - vim + - plocate + - unzip + - tar + - policycoreutils-python-utils + - rsync + - nfs-utils + - bind-utils +runcmd: + - dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-10-x86_64/pgdg-redhat-repo-latest.noarch.rpm + - dnf -qy module disable postgresql + - dnf install -y postgresql17-server