#cloud-config # vim: ft=yaml bootcmd: - cat /etc/resolv.conf - uname -r - timedatectl set-ntp 1 - timedatectl set-timezone Europe/Bratislava - systemctl disable --now dnf-makecache.timer - systemctl stop systemd-resolved - echo "nameserver 8.8.8.8" > /etc/resolv.conf - dnf config-manager --set-disabled fedora-cisco-openh264 - dnf config-manager --set-enabled updates updates-testing - sed -i "s/ext4 * defaults *1 1/ext4 noatime 0 0/" /etc/fstab - sleep 10 runcmd: - cat /etc/resolv.conf - uname -r - timedatectl set-timezone Europe/Bratislava - dnf upgrade --refresh -y - dnf distro-sync -y - ldconfig - touch /.plsgo write_files: - content: | [main] gpg_check=1 installonly_limit=2 clean_requirements_on_remove=True fastestmirror=True max_parallel_downloads=7 path: /etc/dnf/dnf.conf owner: root:root permissions: '0644' - content: | /usr/local/lib path: /etc/ld.so.conf.d/local.conf owner: root:root permissions: '0644' ssh_pwauth: true chpasswd: list: | root:1234 expire: false users: - name: root ssh_authorized_keys: - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtG6NCgdLHX4ztpfvYNRaslKWZcl6KdTc1DehVH4kAL - name: ansible ssh_authorized_keys: - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtG6NCgdLHX4ztpfvYNRaslKWZcl6KdTc1DehVH4kAL # the tf-ansible key - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ9JEzfMs+O6I5JYRQ+gHWClvCqaNTdop8ncDeSj+RWs sudo: ['ALL=(ALL) NOPASSWD:ALL'] shell: /bin/bash groups: wheel ssh_publish_hostkeys: enabled: false ssh: emit_keys_to_console: false # hostname is set based on main.tf variables preserve_hostname: false fqdn: ${hostname}.${domainname} hostname: ${hostname} # reboot after fqdn is set to update the info in libvirt's dnsmasq power_state: delay: "+1" mode: reboot condition: true timeout: 300 # seconds packages: - vim - golang - htop - kernel-devel - kernel-headers - nmap # use python3 instead of python39 or similar; python3 is certain to point to # the latest python version available in the repositories (apart from # python3-devel perhaps) - python3 # for ansible - "@security-lab" - sudo - tcpdump - tcpflow - tcptrack # fastnetmon/nDPI build requirements - git - make - cmake - automake - gcc - gcc-c++ - libgcc - libstdc++-devel - libstdc++-static - glibc-devel - binutils - flex - bison - openmpi-devel - which - file - grpc-cli - grpc-cpp - grpc-devel - grpc-plugins - protobuf-c-devel - protobuf-c-compiler - protobuf-compiler - cppunit - log4cpp-devel - json-c-devel - capnproto-devel - capnproto-libs - libpcap-devel - hiredis-devel - mongo-c-driver-devel - mongo-c-driver-libs - boost-devel - boost-atomic - boost-chrono - boost-date-time - boost-system - boost-program-options - boost-regex - boost-thread - libtool - autoconf - pkgconf - ncurses-c++-libs - ncurses-devel - ncurses-libs - ncurses-static package_upgrade: false package_reboot_if_required: true