====== Standard cloud-init script ======
^ Documentation ^|
^Name:| Standard cloud-init script |
^Description:|This should be the cloud-init.yaml scrip used as base of every depoy|
^Modification date :|22/10/2018|
^Owner:|dodger@ciberterminal.net|
^Notify changes to:| dodger@ciberterminal.net & warlock86@gmail.com |
^Tags:| cloud-init, salt|
====== PRE-Requirements ======
ALL THE REST OF CLOUD-INIT.YAML script pasted in any other document can be obsolete, always use this as the base script.
====== Information ======
* This is a basic cloud-init yaml, it makes a **STATIC** network configuration, which is the hardest setup possible, cloud-init will **always** try to use DHCP.
* It will add a user named ''bofher'' with a cyphered password, you must change it, of course.
====== cloud-init.yaml ======
#cloud-config
package_upgrade: true
preserve_hostname: false
fqdn: THEHOSTNAME.ciberterminal.net
hostname: THEHOSTNAME
manage_resolv_conf: false
network:
config: disabled
bootcmd:
- echo DEVICE=eth0 > /etc/sysconfig/network-scripts/ifcfg-eth0
- echo TYPE=Ethernet >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo ONBOOT=yes >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo BOOTPROTO=none >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo IPADDR=THEIPADDRESS >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo PREFIX=THENETMASK >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo GATEWAY=THEGATEWAY >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo DNS1=THEDNS01 >> /etc/sysconfig/network-scripts/ifcfg-eth0
- echo DNS2=THEDNS01 >> /etc/sysconfig/network-scripts/ifcfg-eth0
- ifdown eth0
- ifup eth0
users:
- name: bofher
sudo: ['ALL=(ALL) NOPASSWD:ALL']
ssh-authorized-keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMyKlWiO3YkoIc2ZfuLi+nEojn3mLcGOETB54c1Ih3jC/v8uWoC+rGYDDXU3dEbI1mVVWEpbrxeHPPBrQnv6ZySuqpqScpAPfb4/0OciR2hRfBCoLCzuKBMC7QlXYfzlBOPn5BzR/1XKLrshOHDVPxV/AmqVqpz86xVWYJYK7aMgHTEabWINCANXTDvWgm2UGTuhSh/1/wGcI+DL141cUeDB9LUSikWRuoepmSYC/ZascRAV2g7g3oqGCTM8xgSmP11YWMuzkGNGN1HiFdh3fP0xQVOeEehswlWOwZ3/ztpl2o0Kx2jomHuadCEJ2HhhDblipE2VOV9+1ruTkvuuRX dodger@ciberterminal.net
lock-passwd: false
passwd: $6$RvKfWhor$ve1U0Ni.cwS4wy/kvcp9jcp2sETsp/BSmQZJdWNHFSTAUQ89uFMBNzMIWMCl7C5/Q8x4O/iMCzw7tujrrvS4E0
packages:
- bash-completion
- vim
- tmux
- strace
- lsof
- mlocate
- git
- subversion
- nmap
- tcpdump
- jq
- nc
- telnet
- man
- yum-utils
- unzip
- pigz
- pbzip2
- ntpdate
- rlwrap
- expectk
- psmisc
- lvm2
- htop
- elinks
- wget
- dmidecode
- python-setuptools
- git
- sl
- cyrus-sasl-devel
- cyrus-sasl-gs2
- cyrus-sasl-gssapi
- cyrus-sasl-ldap
- cyrus-sasl-ntlm
- cyrus-sasl-plain
- cyrus-sasl-scram
- cyrus-sasl-sql
- cyrus-sasl-sql
- krb5-workstation
- samba-common-tools
- sssd-ad
- salt-minion
- yum-plugin-versionlock
runcmd:
- [ yum, -y, groupinstall, "Development tools" ]
- [ systemctl, stop, firewalld ]
- [ systemctl, disable, firewalld ]
- [ systemctl, enable, salt-minion ]
- [ sed, -i, "s/SELINUX=enforcing/SELINUX=disabled/g", /etc/selinux/config ]
- [ sed, -i, "s/SELINUX=permissive/SELINUX=disabled/g", /etc/selinux/config ]
- [ wall, "CLOUD-INIT finished, restarting to finish install" ]
- [ shutdown, -r, -t, 10 ]
# DO-NOT-DELETE THAT COMMENTS
# see clonewars.sh script
====== Parameters to change ======
* ''THEHOSTNAME''
* ''THEIPADDRESS''
* ''THENETMASK''
* ''THEGATEWAY''
* ''THEDNS01''
* ''THEDNS02''
====== oneliner of the dead ======
''CLONEWARS.SH''