#cloud-config hostname: raspi01 # ================================================================== # Add users to the system # ================================================================== users: - name: james gecos: James Blair primary_group: james groups: users, admin ssh_authorized_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsYhu2xE5cxq+sA7bNyHjZUk9IHKXHsd58ZCFLfCHbK5nnWLgJwxFnF1NzBylyOJviJ2v54VYQoXvsWLTbehlyH/kqJS8icmo0iu2mUFcp09n/3NcGw2BJefwMbK+mofxBBR78RRNI8DG3yk7Apa19BrLpFWaL/VljGidgR61WhPH7FbXjTh5NuQR494LG3yBRn16yIPNN+xZhf0TW7uoVCiSr77kFELgrTqjpPyoYiYLZZdKqJZ7PDgOEcLq5oDEZfYME8sGRPyufGByH7tnK9fgFaZ9wW747wTNN2naUIhCNzJLxKgr8fMMRBXuqeUjk+5/EzxGFXjxE+4a+dhD51OO5mSN1ctG/061HIQjJwZ2Zk6CACypBEv6nLVREaMqKQtcEPPooZ2SK4SdiMtwC8XLCZ6wRQDVskMentI1uy3bbCwV9AG0auiLA3sfbyKI8093p5NLsLEiR+BScu4/tLx7kzPetl89QOKzTI60GXzBaSnBXhAtQTijZZFrOGbQ1NQ1deWb6pT8foOPOs3P2F0a4Y/nY/xlomBuNqTI48Vi8MZJjhTvAe8BF+Y7C8HlSaCZeH1DrnymkbLhpXvVH7Tuir/DLOyhrwnXqNuxpMyWsfy5UrTfe67GP2+jzriFxteTMbvZjmgbF2UDMYs5U59NaYPdAYxjwdzH5nHoIWw== james@james-desktop sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash # ================================================================== # ================================================================== # Add packages to the system # ================================================================== package_upgrade: true packages: - nano - curl - htop - git - smartmontools - fail2ban - knockd - glusterfs-server - sed - rsync # ================================================================== # ================================================================== # Localisation # ================================================================== user-data: timezone: Pacific/Auckland locale: en_NZ # ================================================================== # ================================================================== # Harden ssh and set bash prompt # ================================================================== runcmd: - sed -i -e '/^#Port/s/^.*$/Port 2142/' /etc/ssh/sshd_config - sed -i -e '/^#PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config - sed -i -e '$aAllowUsers james' /etc/ssh/sshd_config - restart ssh - echo "PS1='\[\033[02;31m\]\u@\H:\[\033[01;34m\]\w\$\[\033[00m\] '" >> /home/james/.bashrc # ==================================================================