kekskurse
parent
6124eea0c4
commit
46d6077ef4
2 changed files with 59 additions and 0 deletions
terraform
33
terraform/cloud-init/hetzner-cloud.yml
Normal file
33
terraform/cloud-init/hetzner-cloud.yml
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
#cloud-config
|
||||
users:
|
||||
- name: soeren
|
||||
groups: users, admin
|
||||
sudo: ALL=(ALL) NOPASSWD:ALL
|
||||
shell: /bin/bash
|
||||
ssh_import_id:
|
||||
- gh:kekskurse
|
||||
- name: cloud
|
||||
groups: users, admin
|
||||
sudo: ALL=(ALL) NOPASSWD:ALL
|
||||
shell: /bin/bash
|
||||
ssh_import_id:
|
||||
- gh:kekskurse
|
||||
packages:
|
||||
- ufw
|
||||
package_update: true
|
||||
package_upgrade: true
|
||||
runcmd:
|
||||
- ufw allow 22522
|
||||
- ufw enable
|
||||
- sed -i -e '/^\(#\|\)PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)KbdInteractiveAuthentication/s/^.*$/KbdInteractiveAuthentication no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)ChallengeResponseAuthentication/s/^.*$/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)MaxAuthTries/s/^.*$/MaxAuthTries 5/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)AllowTcpForwarding/s/^.*$/AllowTcpForwarding no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)X11Forwarding/s/^.*$/X11Forwarding no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)AllowAgentForwarding/s/^.*$/AllowAgentForwarding no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)AuthorizedKeysFile/s/^.*$/AuthorizedKeysFile .ssh\/authorized_keys/' /etc/ssh/sshd_config
|
||||
- sed -i 's/^#Port 22/Port 22522/' /etc/ssh/sshd_config
|
||||
- reboot
|
||||
|
||||
26
terraform/docker-server.tf
Normal file
26
terraform/docker-server.tf
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
variable "cloud_init_file" {
|
||||
type = string
|
||||
description = "Der Inhalt der Cloud-Init-Datei"
|
||||
default = ""
|
||||
}
|
||||
|
||||
locals {
|
||||
cloud_init_content = file("cloud-init/hetzner-cloud.yml")
|
||||
}
|
||||
|
||||
resource "hcloud_server" "server-4-docker-keks-cloud" {
|
||||
name = "4.docker.keks.cloud-test"
|
||||
image = "debian-12"
|
||||
server_type = "cx22"
|
||||
location = "fsn1"
|
||||
public_net {
|
||||
ipv4_enabled = true
|
||||
ipv6_enabled = true
|
||||
}
|
||||
keep_disk = true
|
||||
labels {
|
||||
server_type = "docker"
|
||||
}
|
||||
backups = false
|
||||
user_data = local.cloud_init_content
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue