rap/cloud.cfg at main · iaean/rap · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
#cloud-config

instance-id: iid-rapi

network:
  version: 2
  ethernets:
    eth0:
      # Note: For static IP set to false and uncomment...
      dhcp4: true
      # addresses:
      #   - 192.168.47.11/24
      # gateway4: 192.168.47.1
      # nameservers:
      #   addresses: [8.8.4.4, 8.8.8.8]

# Note: Provide your default public SSH key(s)
ssh_authorized_keys:
  - ssh-rsa AAA..sUQ== openpgp:0x240815B8

chpasswd:
  expire: false
  list:
    # Note: Provide your root password (RANDOM, plain, mkpasswd -m SHA-512)
    - root:$6$LO..1FXH/

# Note: Set your preferred hostname, timezone and locale...
hostname: pi
fqdn: pi
timezone: Europe/Berlin
locale: en_US.UTF8

system_info:
  default_user:
    name: pi
    lock_passwd: true
    gecos: Raspberry PI User
    groups: [adm, docker, systemd-journal]
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
    shell: /bin/bash

# Important: You are not able to login without SSH key anymore
ssh_pwauth: false
disable_root: true
no_ssh_fingerprints: true

users:
  - default
  - name: rap
    lock_passwd: true
    gecos: RIPE Atlas Probe User
    shell: /bin/bash

ntp:
  enabled: true

yum_repos:
  epel:
    baseurl: https://download.fedoraproject.org/pub/epel/7/$basearch
    name: Extra Packages for Enterprise Linux 7 - $basearch
    enabled: true
    gpgcheck: 1
    gpgkey: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
    mirrorlist: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
    failovermethod: priority
    priority: 99
  docker-ce-stable:
    baseurl: https://download.docker.com/linux/centos/$releasever/$basearch/stable
    name: Docker CE Stable - $basearch
    enabled: true
    gpgcheck: 1
    gpgkey: https://download.docker.com/linux/centos/gpg
  ookla:
    baseurl: https://ookla.bintray.com/rhel
    name: Ookla speedtest RHEL
    enabled: true
    gpgcheck: 0
    repo_gpgcheck: 0

package_upgrade: true
packages:
  - docker-ce
  - docker-ce-cli
  - containerd.io
  - bind-utils
  - traceroute
  - nmap-ncat
  - socat
  - tcpdump
  - openssl
  - joe
  - speedtest
  - https://github.com/iaean/rap/releases/download/init/atlasswprobe-5020-1.el7.aarch64.rpm

# every boot
bootcmd:
  - ethtool -s eth0 autoneg on
# first boot
runcmd:
  - ethtool -s eth0 autoneg on
  # Note: Maybe you wanna set your keyboard layout for console
  - localectl set-keymap de
  - sed -ie 's/^ -nobackups/-nobackups/' /etc/joe/joerc
  - systemctl stop kdump
  - systemctl disable kdump
  - systemctl enable docker
  - systemctl start docker
  - yum -y clean all

# https://yaml-multiline.info/
write_files:
  - content: |
      $include  /etc/inputrc

      # for tcsh history searching
      "\ep": history-search-backward
      "\en": history-search-forward
    path: /etc/skel/.inputrc
    permissions: '0644'
  - content: |
      alias   l='ls -lh'
      alias   ll='ls -alh'
      alias   t='l -t'
      alias   m='less'
      alias   trace='traceroute'
      alias   h='history'
      alias   cp='cp -i'
      alias   mv='mv -i'
      alias   rm='rm -i'
      alias   dir='ls -l'
      alias   ..='cd ..'
      alias   cls='clear'
    path: /etc/skel/.bash_aliases
    permissions: '0644'
  - content: |
      # .bashrc

      # Source global definitions
      if [ -f /etc/bashrc ]; then
        . /etc/bashrc
      fi

      HISTCONTROL=ignoreboth
      shopt -s histappend
      HISTSIZE=8192
      HISTFILESIZE=16384

      if [ -f ~/.bash_aliases ]; then
        . ~/.bash_aliases
      fi

      PS1="\[\e[1;33m\]\u\[\e[0m\]@\[\e[1m\]\h\[\e[0m\] [\[\e[1;32m\]\w\[\e[0m\]] >>"
    path: /etc/skel/.bashrc
    permissions: '0644'
  - content: |
      # /boot/overlays/README for further reading
      dtoverlay=disable-wifi
      dtoverlay=disable-bt
    path: /boot/config.txt
    permissions: '0755'
  - content: |
      RXTXRPT=yes
    path: /var/atlas-probe/state/config.txt
    owner: atlas:atlas
    permissions: '0644'
  - content: |
      {"userland-proxy": false}
    path: /etc/docker/daemon.json
    permissions: '0644'

final_message: |
  -----
  The system is finally up, after $UPTIME seconds, from $DATASOURCE, by cloud-init $VERSION
  -----