149 lines
3.0 KiB
YAML
149 lines
3.0 KiB
YAML
#cloud-config
|
|
# vim: ft=yaml
|
|
|
|
bootcmd:
|
|
- cat /etc/resolv.conf
|
|
- uname -r
|
|
- timedatectl set-ntp 1
|
|
- timedatectl set-timezone Europe/Bratislava
|
|
- systemctl disable --now dnf-makecache.timer
|
|
- systemctl stop systemd-resolved
|
|
- echo "nameserver 8.8.8.8" > /etc/resolv.conf
|
|
- dnf config-manager --set-disabled fedora-cisco-openh264
|
|
- dnf config-manager --set-enabled updates updates-testing
|
|
- sed -i "s/ext4 * defaults *1 1/ext4 noatime 0 0/" /etc/fstab
|
|
- sleep 10
|
|
|
|
runcmd:
|
|
- cat /etc/resolv.conf
|
|
- uname -r
|
|
- dnf upgrade --refresh -y
|
|
- dnf distro-sync -y
|
|
- ldconfig
|
|
- touch /.plsgo
|
|
|
|
write_files:
|
|
- content: |
|
|
[main]
|
|
gpg_check=1
|
|
installonly_limit=2
|
|
clean_requirements_on_remove=True
|
|
fastestmirror=True
|
|
max_parallel_downloads=7
|
|
path: /etc/dnf/dnf.conf
|
|
owner: root:root
|
|
permissions: '0644'
|
|
|
|
- content: |
|
|
/usr/local/lib
|
|
path: /etc/ld.so.conf.d/local.conf
|
|
owner: root:root
|
|
permissions: '0644'
|
|
|
|
ssh_pwauth: true
|
|
chpasswd:
|
|
list: |
|
|
root:1234
|
|
expire: false
|
|
|
|
users:
|
|
- name: root
|
|
ssh_authorized_keys:
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtG6NCgdLHX4ztpfvYNRaslKWZcl6KdTc1DehVH4kAL
|
|
- name: ansible
|
|
ssh_authorized_keys:
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtG6NCgdLHX4ztpfvYNRaslKWZcl6KdTc1DehVH4kAL
|
|
# the tf-ansible key
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ9JEzfMs+O6I5JYRQ+gHWClvCqaNTdop8ncDeSj+RWs
|
|
sudo: ['ALL=(ALL) NOPASSWD:ALL']
|
|
shell: /bin/bash
|
|
groups: wheel
|
|
|
|
ssh_publish_hostkeys:
|
|
enabled: false
|
|
ssh:
|
|
emit_keys_to_console: false
|
|
|
|
# hostname is set based on main.tf variables
|
|
preserve_hostname: false
|
|
fqdn: ${hostname}.${domainname}
|
|
hostname: ${hostname}
|
|
|
|
|
|
# reboot after fqdn is set to update the info in libvirt's dnsmasq
|
|
power_state:
|
|
delay: "+1"
|
|
mode: reboot
|
|
condition: true
|
|
timeout: 300 # seconds
|
|
|
|
packages:
|
|
- vim
|
|
- gcc
|
|
- lld
|
|
- golang
|
|
- htop
|
|
- kernel-devel
|
|
- kernel-headers
|
|
- nmap
|
|
# use python3 instead of python39 or similar; python3 is certain to point to
|
|
# the latest python version available in the repositories (apart from
|
|
# python3-devel perhaps)
|
|
- python3 # for ansible
|
|
- "@security-lab"
|
|
- sudo
|
|
- tcpdump
|
|
- tcpflow
|
|
- tcptrack
|
|
# fastnetmon/nDPI build requirements
|
|
- git
|
|
- make
|
|
- cmake
|
|
- automake
|
|
- gcc
|
|
- gcc-c++
|
|
- libgcc
|
|
- libstdc++-devel
|
|
- libstdc++-static
|
|
- glibc-devel
|
|
- binutils
|
|
- flex
|
|
- bison
|
|
- openmpi-devel
|
|
- which
|
|
- file
|
|
- grpc-cli
|
|
- grpc-cpp
|
|
- grpc-devel
|
|
- grpc-plugins
|
|
- protobuf-c-devel
|
|
- protobuf-c-compiler
|
|
- protobuf-compiler
|
|
- cppunit
|
|
- log4cpp-devel
|
|
- json-c-devel
|
|
- capnproto-devel
|
|
- capnproto-libs
|
|
- libpcap-devel
|
|
- hiredis-devel
|
|
- mongo-c-driver-devel
|
|
- mongo-c-driver-libs
|
|
- boost-devel
|
|
- boost-atomic
|
|
- boost-chrono
|
|
- boost-date-time
|
|
- boost-system
|
|
- boost-program-options
|
|
- boost-regex
|
|
- boost-thread
|
|
- libtool
|
|
- autoconf
|
|
- pkgconf
|
|
- ncurses-c++-libs
|
|
- ncurses-devel
|
|
- ncurses-libs
|
|
- ncurses-static
|
|
|
|
package_upgrade: false
|
|
package_reboot_if_required: true
|