You've already forked script-collection
53 lines
1.6 KiB
YAML
53 lines
1.6 KiB
YAML
#cloud-config
|
|
users:
|
|
- name: your-user
|
|
lock_passwd: false
|
|
passwd:
|
|
ssh_authorized_keys:
|
|
-
|
|
shell: /bin/bash
|
|
groups: wheel
|
|
sudo: ['ALL=(ALL) NOPASSWD: ALL']
|
|
write_files:
|
|
- path: /etc/ssh/sshd_config
|
|
content: |
|
|
Protocol 2
|
|
HostKey /etc/ssh/ssh_host_rsa_key
|
|
HostKey /etc/ssh/ssh_host_dsa_key
|
|
HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
SyslogFacility AUTH
|
|
LogLevel INFO
|
|
LoginGraceTime 120
|
|
PasswordAuthentication no
|
|
PermitRootLogin no
|
|
StrictModes yes
|
|
PubkeyAuthentication yes
|
|
IgnoreRhosts yes
|
|
HostbasedAuthentication no
|
|
PermitEmptyPasswords no
|
|
ChallengeResponseAuthentication no
|
|
PrintLastLog yes
|
|
TCPKeepAlive yes
|
|
AcceptEnv LANG LC_*
|
|
Subsystem sftp /usr/lib/openssh/sftp-server
|
|
UsePAM yes
|
|
packages:
|
|
- firewalld
|
|
- vim
|
|
- nfs-utils
|
|
- bind-utils
|
|
- qemu-guest-agent
|
|
runcmd:
|
|
- firewall-cmd --permanent --add-port 2377/tcp
|
|
- firewall-cmd --permanent --add-port 7946/tcp
|
|
- firewall-cmd --permanent --add-port 4789/udp
|
|
- firewall-cmd --permanent --add-port 7946/udp
|
|
- firewall-cmd --permanent --remove-service cockpit
|
|
- firewall-cmd --reload
|
|
- dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
|
|
- dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
|
|
- systemctl enable --now docker
|
|
- gpasswd -a your-user docker
|
|
- dnf upgrade -y && reboot
|