troyfontaine · January 25, 2016 02:13
diff --git a/cloud-config.yml b/cloud-config.yml
 Content-Type: multipart/mixed; boundary="===============0035287898381899620=="
 MIME-Version: 1.0
 
 --===============0035287898381899620==
 Content-Type: text/cloud-config; charset="us-ascii"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment; filename="cloud-config.txt"
 #cloud-config

 #groups:
 #  - mygroup

 users: 
  - name: myid
    gecos: "My Name"
    shell: /bin/bash
    ssh-import-id: [mylaunchpad.netid]
    sudo: 
      - "ALL=(ALL) NOPASSWD:ALL"

 apt_update: true
 apt_upgrade: true
 hostname: MYSERVER
 fqdn: MYSERVER.mydomain.net
 manage_etc_hosts: true
 packages: 
  - unattended-upgrades
  - apticron
  - ntp
  - landscape-common
  - vim
  - rsync
  - ssmtp

 runcmd:
  - "locale-gen en_CA.UTF-8"

 # final_message written to log when cloud-init processes are finished
 final_message: "System boot (via cloud-init) is COMPLETE, after $UPTIME seconds. Finished at $TIMESTAMP"

 --===============0035287898381899620==
 Content-Type: text/x-shellscript; charset="us-ascii"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment; filename="user-script.txt"

 #!/bin/bash

 # Set variables for replacement
 ROOTEMAIL="[email protected]"
 UPDATEEMAIL="[email protected]"
 MAILHUB="mail.myisp.com"
 FQDN=$(hostname --fqdn)

 # install additional items here if you have problems with cloud-config
 # apt-get install

 # Set up outgoing email for SSMTP
 echo -e "# Set email address to send root alerts to\nroot=$ROOTEMAIL\n\n# Set mail server to use to send emails\nmailhub=$MAILHUB\n\n# The full hostname\nhostname=$FQDN" > /etc/ssmtp/ssmtp.conf

 # Set up Apticron and automatic security updates
 echo -e 'APT::Periodic::Update-Package-Lists "1";\nAPT::Periodic::Unattended-Upgrade "1";' >> /etc/apt/apt.conf.d/20auto-upgrades
 sed -i 's/\/\/Unattended-Upgrade\:\:Mail \"root\";/Unattended-Upgrade\:\:Mail \"$UPDATEEMAIL\";/g' /etc/apt/apt.conf.d/50unattended-upgrades
 sed -i 's/\/\/Unattended-Upgrade\:\:MailOnlyOnError \"true\";/Unattended-Upgrade::MailOnlyOnError \"true\";/g' /etc/apt/apt.conf.d/50unattended-upgrades
 sed -i "s/# CUSTOM_FROM=\"\"/CUSTOM_FROM=\"$FQDN\"/g" /etc/apticron/apticron.conf

 # Create new sudoers.d file
 #echo "%mygroup ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/mydomain

 # Secure SSHD
 sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
 sed -i '$a \\n# Disable Password Authentication\nPasswordAuthentication no' /etc/ssh/sshd_config
 sed -i "s/ServerKeyBits 1024/ServerKeyBits 2048/g" /etc/ssh/sshd_config
 sed -i "s/LoginGraceTime 120/LoginGraceTime 60/g" /etc/ssh/sshd_config
 sed -i "s/HostKey /etc/ssh/ssh_host_dsa_key/#HostKey /etc/ssh/ssh_host_dsa_key/g" /etc/ssh/sshd_config
 sed -i "s/HostKey /etc/ssh/ssh_host_ecdsa_key/#HostKey /etc/ssh/ssh_host_ecdsa_key/g" /etc/ssh/sshd_config
 sed -i "s/HostKey /etc/ssh/ssh_host_ed25519_key/#HostKey /etc/ssh/ssh_host_ed25519_key/g" /etc/ssh/sshd_config
 service ssh restart

 --===============0035287898381899620==--
	Content-Type: multipart/mixed; boundary="===============0035287898381899620=="
	MIME-Version: 1.0

	--===============0035287898381899620==
	Content-Type: text/cloud-config; charset="us-ascii"
	MIME-Version: 1.0
	Content-Transfer-Encoding: 7bit
	Content-Disposition: attachment; filename="cloud-config.txt"
	#cloud-config

	#groups:
	# - mygroup

	users:
	- name: myid
	gecos: "My Name"
	shell: /bin/bash
	ssh-import-id: [mylaunchpad.netid]
	sudo:
	- "ALL=(ALL) NOPASSWD:ALL"

	apt_update: true
	apt_upgrade: true
	hostname: MYSERVER
	fqdn: MYSERVER.mydomain.net
	manage_etc_hosts: true
	packages:
	- unattended-upgrades
	- apticron
	- ntp
	- landscape-common
	- vim
	- rsync
	- ssmtp

	runcmd:
	- "locale-gen en_CA.UTF-8"

	# final_message written to log when cloud-init processes are finished
	final_message: "System boot (via cloud-init) is COMPLETE, after $UPTIME seconds. Finished at $TIMESTAMP"

	--===============0035287898381899620==
	Content-Type: text/x-shellscript; charset="us-ascii"
	MIME-Version: 1.0
	Content-Transfer-Encoding: 7bit
	Content-Disposition: attachment; filename="user-script.txt"

	#!/bin/bash

	# Set variables for replacement
	ROOTEMAIL="[email protected]"
	UPDATEEMAIL="[email protected]"
	MAILHUB="mail.myisp.com"
	FQDN=$(hostname --fqdn)

	# install additional items here if you have problems with cloud-config
	# apt-get install

	# Set up outgoing email for SSMTP
	echo -e "# Set email address to send root alerts to\nroot=$ROOTEMAIL\n\n# Set mail server to use to send emails\nmailhub=$MAILHUB\n\n# The full hostname\nhostname=$FQDN" > /etc/ssmtp/ssmtp.conf

	# Set up Apticron and automatic security updates
	echo -e 'APT::Periodic::Update-Package-Lists "1";\nAPT::Periodic::Unattended-Upgrade "1";' >> /etc/apt/apt.conf.d/20auto-upgrades
	sed -i 's/\/\/Unattended-Upgrade\:\:Mail \"root\";/Unattended-Upgrade\:\:Mail \"$UPDATEEMAIL\";/g' /etc/apt/apt.conf.d/50unattended-upgrades
	sed -i 's/\/\/Unattended-Upgrade\:\:MailOnlyOnError \"true\";/Unattended-Upgrade::MailOnlyOnError \"true\";/g' /etc/apt/apt.conf.d/50unattended-upgrades
	sed -i "s/# CUSTOM_FROM=\"\"/CUSTOM_FROM=\"$FQDN\"/g" /etc/apticron/apticron.conf

	# Create new sudoers.d file
	#echo "%mygroup ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/mydomain

	# Secure SSHD
	sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
	sed -i '$a \\n# Disable Password Authentication\nPasswordAuthentication no' /etc/ssh/sshd_config
	sed -i "s/ServerKeyBits 1024/ServerKeyBits 2048/g" /etc/ssh/sshd_config
	sed -i "s/LoginGraceTime 120/LoginGraceTime 60/g" /etc/ssh/sshd_config
	sed -i "s/HostKey /etc/ssh/ssh_host_dsa_key/#HostKey /etc/ssh/ssh_host_dsa_key/g" /etc/ssh/sshd_config
	sed -i "s/HostKey /etc/ssh/ssh_host_ecdsa_key/#HostKey /etc/ssh/ssh_host_ecdsa_key/g" /etc/ssh/sshd_config
	sed -i "s/HostKey /etc/ssh/ssh_host_ed25519_key/#HostKey /etc/ssh/ssh_host_ed25519_key/g" /etc/ssh/sshd_config
	service ssh restart

	--===============0035287898381899620==--