Last active
December 26, 2023 20:09
-
-
Save jdowning/5921369 to your computer and use it in GitHub Desktop.
Script to clean up Ubuntu EC2 instance before packaging as an AMI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script cleans up your EC2 instance before baking a new AMI. | |
| # Run the following command in a root shell: | |
| # | |
| # bash <(curl -s https://gist.github.com/justindowning/5921369/raw/ami-clean.sh) | |
| function print_green { | |
| echo -e "\e[32m${1}\e[0m" | |
| } | |
| print_green 'Clean Apt' | |
| apt-get -y autoremove | |
| aptitude clean | |
| aptitude autoclean | |
| print_green 'Remove SSH keys' | |
| [ -f /home/ubuntu/.ssh/authorized_keys ] && rm /home/ubuntu/.ssh/authorized_keys | |
| print_green 'Cleanup log files' | |
| find /var/log -type f | while read f; do echo -ne '' > $f; done | |
| print_green 'Cleanup bash history' | |
| unset HISTFILE | |
| [ -f /root/.bash_history ] && rm /root/.bash_history | |
| [ -f /home/ubuntu/.bash_history ] && rm /home/ubuntu/.bash_history | |
| print_green 'AMI cleanup complete!' |
Any suggestion how can we execute this script automatically on Ec2 instance once the provisioning is done? Also, is it okay to clean the cloud-init cache from within the user-data script?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Also maybe delete generated rsa keys (Debian)
shred -u /etc/ssh/*_key /etc/ssh/*_key.pub