diff options
Diffstat (limited to 'doc/examples/cloud-config.txt')
| -rw-r--r-- | doc/examples/cloud-config.txt | 752 |
1 files changed, 0 insertions, 752 deletions
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt deleted file mode 100644 index 3cc9c055..00000000 --- a/doc/examples/cloud-config.txt +++ /dev/null @@ -1,752 +0,0 @@ -#cloud-config -# Update apt database on first boot -# (ie run apt-get update) -# -# Default: true -# Aliases: apt_update -package_update: false - -# Upgrade the instance on first boot -# (ie run apt-get upgrade) -# -# Default: false -# Aliases: apt_upgrade -package_upgrade: true - -# Reboot after package install/update if necessary -# Default: false -# Aliases: apt_reboot_if_required -package_reboot_if_required: true - -# Add apt repositories -# -# Default: auto select based on cloud metadata -# in ec2, the default is <region>.archive.ubuntu.com -# apt_mirror: -# use the provided mirror -# apt_mirror_search: -# search the list for the first mirror. -# this is currently very limited, only verifying that -# the mirror is dns resolvable or an IP address -# -# if neither apt_mirror nor apt_mirror search is set (the default) -# then use the mirror provided by the DataSource found. -# In EC2, that means using <region>.ec2.archive.ubuntu.com -# -# if no mirror is provided by the DataSource, and 'apt_mirror_search_dns' is -# true, then search for dns names '<distro>-mirror' in each of -# - fqdn of this host per cloud metadata -# - localdomain -# - no domain (which would search domains listed in /etc/resolv.conf) -# If there is a dns entry for <distro>-mirror, then it is assumed that there -# is a distro mirror at http://<distro>-mirror.<domain>/<distro> -# -# That gives the cloud provider the opportunity to set mirrors of a distro -# up and expose them only by creating dns entries. -# -# if none of that is found, then the default distro mirror is used -apt_mirror: http://us.archive.ubuntu.com/ubuntu/ -apt_mirror_search: - - http://local-mirror.mydomain - - http://archive.ubuntu.com - -apt_mirror_search_dns: False - -# apt_proxy (configure Acquire::HTTP::Proxy) -# 'apt_http_proxy' is an alias for 'apt_proxy'. -# Also, available are 'apt_ftp_proxy' and 'apt_https_proxy'. -# These affect Acquire::FTP::Proxy and Acquire::HTTPS::Proxy respectively -apt_proxy: http://my.apt.proxy:3128 - -# apt_pipelining (configure Acquire::http::Pipeline-Depth) -# Default: disables HTTP pipelining. Certain web servers, such -# as S3 do not pipeline properly (LP: #948461). -# Valid options: -# False/default: Disables pipelining for APT -# None/Unchanged: Use OS default -# Number: Set pipelining to some number (not recommended) -apt_pipelining: False - -# Preserve existing /etc/apt/sources.list -# Default: overwrite sources_list with mirror. If this is true -# then apt_mirror above will have no effect -apt_preserve_sources_list: true - -# Provide a custom template for rendering sources.list -# Default: a default template for Ubuntu/Debain will be used as packaged in -# Ubuntu: /etc/cloud/templates/sources.list.ubuntu.tmpl -# Debian: /etc/cloud/templates/sources.list.debian.tmpl -# Others: n/a -# This will follow the normal mirror/codename replacement rules before -# being written to disk. -apt_custom_sources_list: | - ## template:jinja - ## Note, this file is written by cloud-init on first boot of an instance - ## modifications made here will not survive a re-bundle. - ## if you wish to make changes you can: - ## a.) add 'apt_preserve_sources_list: true' to /etc/cloud/cloud.cfg - ## or do the same in user-data - ## b.) add sources in /etc/apt/sources.list.d - ## c.) make changes to template file /etc/cloud/templates/sources.list.tmpl - deb {{mirror}} {{codename}} main restricted - deb-src {{mirror}} {{codename}} main restricted - - # could drop some of the usually used entries - - # could refer to other mirrors - deb http://ddebs.ubuntu.com {{codename}} main restricted universe multiverse - deb http://ddebs.ubuntu.com {{codename}}-updates main restricted universe multiverse - deb http://ddebs.ubuntu.com {{codename}}-proposed main restricted universe multiverse - - # or even more uncommon examples like local or NFS mounted repos, - # eventually whatever is compatible with sources.list syntax - deb file:/home/apt/debian unstable main contrib non-free - -# 'source' entries in apt-sources that match this python regex -# expression will be passed to add-apt-repository -add_apt_repo_match: '^[\w-]+:\w' - -# 'apt_sources' is a dictionary -# The key is the filename and will be prepended by /etc/apt/sources.list.d/ if -# it doesn't start with a '/'. -# There are certain cases - where no content is written into a source.list file -# where the filename will be ignored - yet it can still be used as index for -# merging. -# The value it maps to is a dictionary with the following optional entries: -# source: a sources.list entry (some variable replacements apply) -# keyid: providing a key to import via shortid or fingerprint -# key: providing a raw PGP key -# keyserver: keyserver to fetch keys from, default is keyserver.ubuntu.com -# filename: for compatibility with the older format (now the key to this -# dictionary is the filename). If specified this overwrites the -# filename given as key. - -# the new "filename: {specification-dictionary}, filename2: ..." format allows -# better merging between multiple input files than a list like: -# cloud-config1 -# sources: -# s1: {'key': 'key1', 'source': 'source1'} -# cloud-config2 -# sources: -# s2: {'key': 'key2'} -# s1: {filename: 'foo'} -# this would be merged to -#sources: -# s1: -# filename: foo -# key: key1 -# source: source1 -# s2: -# key: key2 -# Be aware that this style of merging is not the default (for backward -# compatibility reasons). You should specify the following merge_how to get -# this more complete and modern merging behaviour: -# merge_how: "list()+dict()+str()" -# This would then also be equivalent to the config merging used in curtin -# (https://launchpad.net/curtin). - -# for more details see below in the various examples - -apt_sources: - byobu-ppa.list: - source: "deb http://ppa.launchpad.net/byobu/ppa/ubuntu karmic main" - keyid: F430BBA5 # GPG key ID published on a key server - # adding a source.list line, importing a gpg key for a given key id and - # storing it in the file /etc/apt/sources.list.d/byobu-ppa.list - - # PPA shortcut: - # * Setup correct apt sources.list line - # * Import the signing key from LP - # - # See https://help.launchpad.net/Packaging/PPA for more information - # this requires 'add-apt-repository' - # due to that the filename key is ignored in this case - ignored1: - source: "ppa:smoser/ppa" # Quote the string - - # Custom apt repository: - # * all that is required is 'source' - # * Creates a file in /etc/apt/sources.list.d/ for the sources list entry - # * [optional] Import the apt signing key from the keyserver - # * Defaults: - # + keyserver: keyserver.ubuntu.com - # - # See sources.list man page for more information about the format - my-repo.list: - source: deb http://archive.ubuntu.com/ubuntu karmic-backports main universe multiverse restricted - - # sources can use $MIRROR and $RELEASE and they will be replaced - # with the local mirror for this cloud, and the running release - # the entry below would be possibly turned into: - # source: deb http://us-east-1.ec2.archive.ubuntu.com/ubuntu natty multiverse - my-repo.list: - source: deb $MIRROR $RELEASE multiverse - - # this would have the same end effect as 'ppa:byobu/ppa' - my-repo.list: - source: "deb http://ppa.launchpad.net/byobu/ppa/ubuntu karmic main" - keyid: F430BBA5 # GPG key ID published on a key server - filename: byobu-ppa.list - - # this would only import the key without adding a ppa or other source spec - # since this doesn't generate a source.list file the filename key is ignored - ignored2: - keyid: F430BBA5 # GPG key ID published on a key server - - # In general keyid's can also be specified via their long fingerprints - # since this doesn't generate a source.list file the filename key is ignored - ignored3: - keyid: B59D 5F15 97A5 04B7 E230 6DCA 0620 BBCF 0368 3F77 - - # Custom apt repository: - # * The apt signing key can also be specified - # by providing a pgp public key block - # * Providing the PGP key here is the most robust method for - # specifying a key, as it removes dependency on a remote key server - my-repo.list: - source: deb http://ppa.launchpad.net/alestic/ppa/ubuntu karmic main - key: | # The value needs to start with -----BEGIN PGP PUBLIC KEY BLOCK----- - -----BEGIN PGP PUBLIC KEY BLOCK----- - Version: SKS 1.0.10 - - mI0ESpA3UQEEALdZKVIMq0j6qWAXAyxSlF63SvPVIgxHPb9Nk0DZUixn+akqytxG4zKCONz6 - qLjoBBfHnynyVLfT4ihg9an1PqxRnTO+JKQxl8NgKGz6Pon569GtAOdWNKw15XKinJTDLjnj - 9y96ljJqRcpV9t/WsIcdJPcKFR5voHTEoABE2aEXABEBAAG0GUxhdW5jaHBhZCBQUEEgZm9y - IEFsZXN0aWOItgQTAQIAIAUCSpA3UQIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEA7H - 5Qi+CcVxWZ8D/1MyYvfj3FJPZUm2Yo1zZsQ657vHI9+pPouqflWOayRR9jbiyUFIn0VdQBrP - t0FwvnOFArUovUWoKAEdqR8hPy3M3APUZjl5K4cMZR/xaMQeQRZ5CHpS4DBKURKAHC0ltS5o - uBJKQOZm5iltJp15cgyIkBkGe8Mx18VFyVglAZey - =Y2oI - -----END PGP PUBLIC KEY BLOCK----- - - # Custom gpg key: - # * As with keyid, a key may also be specified without a related source. - # * all other facts mentioned above still apply - # since this doesn't generate a source.list file the filename key is ignored - ignored4: - key: | # The value needs to start with -----BEGIN PGP PUBLIC KEY BLOCK----- - -----BEGIN PGP PUBLIC KEY BLOCK----- - Version: SKS 1.0.10 - - mI0ESpA3UQEEALdZKVIMq0j6qWAXAyxSlF63SvPVIgxHPb9Nk0DZUixn+akqytxG4zKCONz6 - qLjoBBfHnynyVLfT4ihg9an1PqxRnTO+JKQxl8NgKGz6Pon569GtAOdWNKw15XKinJTDLjnj - 9y96ljJqRcpV9t/WsIcdJPcKFR5voHTEoABE2aEXABEBAAG0GUxhdW5jaHBhZCBQUEEgZm9y - IEFsZXN0aWOItgQTAQIAIAUCSpA3UQIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEA7H - 5Qi+CcVxWZ8D/1MyYvfj3FJPZUm2Yo1zZsQ657vHI9+pPouqflWOayRR9jbiyUFIn0VdQBrP - t0FwvnOFArUovUWoKAEdqR8hPy3M3APUZjl5K4cMZR/xaMQeQRZ5CHpS4DBKURKAHC0ltS5o - uBJKQOZm5iltJp15cgyIkBkGe8Mx18VFyVglAZey - =Y2oI - -----END PGP PUBLIC KEY BLOCK----- - - -## apt config via system_info: -# under the 'system_info', you can further customize cloud-init's interaction -# with apt. -# system_info: -# apt_get_command: [command, argument, argument] -# apt_get_upgrade_subcommand: dist-upgrade -# -# apt_get_command: -# To specify a different 'apt-get' command, set 'apt_get_command'. -# This must be a list, and the subcommand (update, upgrade) is appended to it. -# default is: -# ['apt-get', '--option=Dpkg::Options::=--force-confold', -# '--option=Dpkg::options::=--force-unsafe-io', '--assume-yes', '--quiet'] -# -# apt_get_upgrade_subcommand: -# Specify a different subcommand for 'upgrade. The default is 'dist-upgrade'. -# This is the subcommand that is invoked if package_upgrade is set to true above. -# -# apt_get_wrapper: -# command: eatmydata -# enabled: [True, False, "auto"] -# - -# Install additional packages on first boot -# -# Default: none -# -# if packages are specified, this apt_update will be set to true -# -packages: - - pwgen - - pastebinit - -# set up mount points -# 'mounts' contains a list of lists -# the inner list are entries for an /etc/fstab line -# ie : [ fs_spec, fs_file, fs_vfstype, fs_mntops, fs-freq, fs_passno ] -# -# default: -# mounts: -# - [ ephemeral0, /mnt ] -# - [ swap, none, swap, sw, 0, 0 ] -# -# in order to remove a previously listed mount (ie, one from defaults) -# list only the fs_spec. For example, to override the default, of -# mounting swap: -# - [ swap ] -# or -# - [ swap, null ] -# -# - if a device does not exist at the time, an entry will still be -# written to /etc/fstab. -# - '/dev' can be ommitted for device names that begin with: xvd, sd, hd, vd -# - if an entry does not have all 6 fields, they will be filled in -# with values from 'mount_default_fields' below. -# -# Note, that you should set 'nobootwait' (see man fstab) for volumes that may -# not be attached at instance boot (or reboot) -# -mounts: - - [ ephemeral0, /mnt, auto, "defaults,noexec" ] - - [ sdc, /opt/data ] - - [ xvdh, /opt/data, "auto", "defaults,nobootwait", "0", "0" ] - - [ dd, /dev/zero ] - -# mount_default_fields -# These values are used to fill in any entries in 'mounts' that are not -# complete. This must be an array, and must have 7 fields. -mount_default_fields: [ None, None, "auto", "defaults,nobootwait", "0", "2" ] - -# add each entry to ~/.ssh/authorized_keys for the configured user or the -# first user defined in the user definition directive. -ssh_authorized_keys: - - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEA3FSyQwBI6Z+nCSjUUk8EEAnnkhXlukKoUPND/RRClWz2s5TCzIkd3Ou5+Cyz71X0XmazM3l5WgeErvtIwQMyT1KjNoMhoJMrJnWqQPOt5Q8zWd9qG7PBl9+eiH5qV7NZ mykey@host - - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3I7VUf2l5gSn5uavROsc5HRDpZdQueUq5ozemNSj8T7enqKHOEaFoU2VoPgGEWC9RyzSQVeyD6s7APMcE82EtmW4skVEgEGSbDc1pvxzxtchBj78hJP6Cf5TCMFSXw+Fz5rF1dR23QDbN1mkHs7adr8GW4kSWqU7Q7NDwfIrJJtO7Hi42GyXtvEONHbiRPOe8stqUly7MvUoN+5kfjBM8Qqpfl2+FNhTYWpMfYdPUnE7u536WqzFmsaqJctz3gBxH9Ex7dFtrxR4qiqEr9Qtlu3xGn7Bw07/+i1D+ey3ONkZLN+LQ714cgj8fRS4Hj29SCmXp5Kt5/82cD/VN3NtHw== smoser@brickies - -# Send pre-generated ssh private keys to the server -# If these are present, they will be written to /etc/ssh and -# new random keys will not be generated -# in addition to 'rsa' and 'dsa' as shown below, 'ecdsa' is also supported -ssh_keys: - rsa_private: | - -----BEGIN RSA PRIVATE KEY----- - MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+00R7VVu2iV9Qcon2LZS/x - 1cydPZ4pQpfjEha6WxZ6o8ci/Ea/w0n+0HGPwaxlEG2Z9inNtj3pgFrYcRztfECb - 1j6HCibZbAzYtwIBIwJgO8h72WjcmvcpZ8OvHSvTwAguO2TkR6mPgHsgSaKy6GJo - PUJnaZRWuba/HX0KGyhz19nPzLpzG5f0fYahlMJAyc13FV7K6kMBPXTRR6FxgHEg - L0MPC7cdqAwOVNcPY6A7AjEA1bNaIjOzFN2sfZX0j7OMhQuc4zP7r80zaGc5oy6W - p58hRAncFKEvnEq2CeL3vtuZAjEAwNBHpbNsBYTRPCHM7rZuG/iBtwp8Rxhc9I5w - ixvzMgi+HpGLWzUIBS+P/XhekIjPAjA285rVmEP+DR255Ls65QbgYhJmTzIXQ2T9 - luLvcmFBC6l35Uc4gTgg4ALsmXLn71MCMGMpSWspEvuGInayTCL+vEjmNBT+FAdO - W7D4zCpI43jRS9U06JVOeSc9CDk2lwiA3wIwCTB/6uc8Cq85D9YqpM10FuHjKpnP - REPPOyrAspdeOAV+6VKRavstea7+2DZmSUgE - -----END RSA PRIVATE KEY----- - - rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7XdewmZ3h8eIXJD7TRHtVW7aJX1ByifYtlL/HVzJ09nilCl+MSFrpbFnqjxyL8Rr/DSf7QcY/BrGUQbZn2Kc22PemAWthxHO18QJvWPocKJtlsDNi3 smoser@localhost - - dsa_private: | - -----BEGIN DSA PRIVATE KEY----- - MIIBuwIBAAKBgQDP2HLu7pTExL89USyM0264RCyWX/CMLmukxX0Jdbm29ax8FBJT - pLrO8TIXVY5rPAJm1dTHnpuyJhOvU9G7M8tPUABtzSJh4GVSHlwaCfycwcpLv9TX - DgWIpSj+6EiHCyaRlB1/CBp9RiaB+10QcFbm+lapuET+/Au6vSDp9IRtlQIVAIMR - 8KucvUYbOEI+yv+5LW9u3z/BAoGBAI0q6JP+JvJmwZFaeCMMVxXUbqiSko/P1lsa - LNNBHZ5/8MOUIm8rB2FC6ziidfueJpqTMqeQmSAlEBCwnwreUnGfRrKoJpyPNENY - d15MG6N5J+z81sEcHFeprryZ+D3Ge9VjPq3Tf3NhKKwCDQ0240aPezbnjPeFm4mH - bYxxcZ9GAoGAXmLIFSQgiAPu459rCKxT46tHJtM0QfnNiEnQLbFluefZ/yiI4DI3 - 8UzTCOXLhUA7ybmZha+D/csj15Y9/BNFuO7unzVhikCQV9DTeXX46pG4s1o23JKC - /QaYWNMZ7kTRv+wWow9MhGiVdML4ZN4XnifuO5krqAybngIy66PMEoQCFEIsKKWv - 99iziAH0KBMVbxy03Trz - -----END DSA PRIVATE KEY----- - - dsa_public: ssh-dss AAAAB3NzaC1kc3MAAACBAM/Ycu7ulMTEvz1RLIzTbrhELJZf8Iwua6TFfQl1ubb1rHwUElOkus7xMhdVjms8AmbV1Meem7ImE69T0bszy09QAG3NImHgZVIeXBoJ/JzByku/1NcOBYilKP7oSIcLJpGUHX8IGn1GJoH7XRBwVub6Vqm4RP78C7q9IOn0hG2VAAAAFQCDEfCrnL1GGzhCPsr/uS1vbt8/wQAAAIEAjSrok/4m8mbBkVp4IwxXFdRuqJKSj8/WWxos00Ednn/ww5QibysHYULrOKJ1+54mmpMyp5CZICUQELCfCt5ScZ9GsqgmnI80Q1h3Xkwbo3kn7PzWwRwcV6muvJn4PcZ71WM+rdN/c2EorAINDTbjRo97NueM94WbiYdtjHFxn0YAAACAXmLIFSQgiAPu459rCKxT46tHJtM0QfnNiEnQLbFluefZ/yiI4DI38UzTCOXLhUA7ybmZha+D/csj15Y9/BNFuO7unzVhikCQV9DTeXX46pG4s1o23JKC/QaYWNMZ7kTRv+wWow9MhGiVdML4ZN4XnifuO5krqAybngIy66PMEoQ= smoser@localhost - - -# remove access to the ec2 metadata service early in boot via null route -# the null route can be removed (by root) with: -# route del -host 169.254.169.254 reject -# default: false (service available) -disable_ec2_metadata: true - -# run commands -# default: none -# runcmd contains a list of either lists or a string -# each item will be executed in order at rc.local like level with -# output to the console -# - if the item is a list, the items will be properly executed as if -# passed to execve(3) (with the first arg as the command). -# - if the item is a string, it will be simply written to the file and -# will be interpreted by 'sh' -# -# Note, that the list has to be proper yaml, so you have to escape -# any characters yaml would eat (':' can be problematic) -runcmd: - - [ ls, -l, / ] - - [ sh, -xc, "echo $(date) ': hello world!'" ] - - [ sh, -c, echo "=========hello world'=========" ] - - ls -l /root - - [ wget, "http://slashdot.org", -O, /tmp/index.html ] - - -# boot commands -# default: none -# this is very similar to runcmd above, but commands run very early -# in the boot process, only slightly after a 'boothook' would run. -# bootcmd should really only be used for things that could not be -# done later in the boot process. bootcmd is very much like -# boothook, but possibly with more friendly. -# * bootcmd will run on every boot -# * the INSTANCE_ID variable will be set to the current instance id. -# * you can use 'cloud-init-per' command to help only run once -bootcmd: - - echo 192.168.1.130 us.archive.ubuntu.com > /etc/hosts - - [ cloud-init-per, once, mymkfs, mkfs, /dev/vdb ] - -# cloud_config_modules: -# default: -# cloud_config_modules: -# - mounts -# - ssh -# - apt-update-upgrade -# - puppet -# - updates-check -# - disable-ec2-metadata -# - runcmd -# -# This is an array of arrays or strings. -# if item is a string, then it is read as a module name -# if the item is an array it is of the form: -# name, frequency, arguments -# where 'frequency' is one of: -# once-per-instance -# always -# a python file in the CloudConfig/ module directory named -# cc_<name>.py -# example: -cloud_config_modules: - - mounts - - ssh-import-id - - ssh - - grub-dpkg - - [ apt-update-upgrade, always ] - - puppet - - updates-check - - disable-ec2-metadata - - runcmd - - byobu - -# unverified_modules: [] -# if a config module declares a set of distros as supported then it will be -# skipped if running on a different distro. to override this sanity check, -# provide a list of modules that should be run anyway in 'unverified_modules'. -# The default is an empty list (ie, trust modules). -# -# Example: -# unverified_modules: ['apt-update-upgrade'] -# default: [] - -# ssh_import_id: [ user1, user2 ] -# ssh_import_id will feed the list in that variable to -# ssh-import-id, so that public keys stored in launchpad -# can easily be imported into the configured user -# This can be a single string ('smoser') or a list ([smoser, kirkland]) -ssh_import_id: [smoser] - -# Provide debconf answers / debian preseed values -# -# See debconf-set-selections man page. -# -# Default: none -# -debconf_selections: | # Need to perserve newlines - # Force debconf priority to critical. - debconf debconf/priority select critical - - # Override default frontend to readline, but allow user to select. - debconf debconf/frontend select readline - debconf debconf/frontend seen false - -# manage byobu defaults -# byobu_by_default: -# 'user' or 'enable-user': set byobu 'launch-by-default' for the default user -# 'system' or 'enable-system' or 'enable': -# enable 'launch-by-default' for all users, do not modify default user -# 'disable': disable both default user and system -# 'disable-system': disable system -# 'disable-user': disable for default user -# not-set: no changes made -byobu_by_default: system - -# disable ssh access as root. -# if you want to be able to ssh in to the system as the root user -# rather than as the 'ubuntu' user, then you must set this to false -# default: true -disable_root: false - -# disable_root_opts: the value of this variable will prefix the -# respective key in /root/.ssh/authorized_keys if disable_root is true -# see 'man authorized_keys' for more information on what you can do here -# -# The string '$USER' will be replaced with the username of the default user -# -# disable_root_opts: no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"root\".';echo;sleep 10" - - -# set the locale to a given locale -# default: en_US.UTF-8 -locale: en_US.UTF-8 -# render template default-locale.tmpl to locale_configfile -locale_configfile: /etc/default/locale - -# add entries to rsyslog configuration -# The first occurance of a given filename will truncate. -# subsequent entries will append. -# if value is a scalar, its content is assumed to be 'content', and the -# default filename is used. -# if filename is not provided, it will default to 'rsylog_filename' -# if filename does not start with a '/', it will be put in 'rsyslog_dir' -# rsyslog_dir default: /etc/rsyslog.d -# rsyslog_filename default: 20-cloud-config.conf -rsyslog: - - ':syslogtag, isequal, "[CLOUDINIT]" /var/log/cloud-foo.log' - - content: "*.* @@192.0.2.1:10514" - - filename: 01-examplecom.conf - content: "*.* @@syslogd.example.com" - -# resize_rootfs should the / filesytem be resized on first boot -# this allows you to launch an instance with a larger disk / partition -# and have the instance automatically grow / to accomoddate it -# set to 'False' to disable -# by default, the resizefs is done early in boot, and blocks -# if resize_rootfs is set to 'noblock', then it will be run in parallel -resize_rootfs: True - -## hostname and /etc/hosts management -# cloud-init can handle updating some entries in /etc/hosts, -# and can set your hostname for you. -# -# if you do nothing you'll end up with: -# * /etc/hostname (and `hostname`) managed via: 'preserve_hostame: false' -# if you do not change /etc/hostname, it will be updated with the cloud -# provided hostname on each boot. If you make a change, then manual -# maintenance takes over, and cloud-init will not modify it. -# -# * /etc/hosts managed via: 'manage_etc_hosts: false' -# cloud-init will not manage /etc/hosts at all. It is in full manual -# maintenance mode. -# -# You can change the above behavior with the following config variables: -# Remember that these can be set in cloud-config via user-data, -# /etc/cloud/cloud.cfg or any file in /etc/cloud/cloud.cfg.d/ -# -# == Hostname management (via /etc/hostname) == -# * preserve_hostname: -# default: False -# If this option is set to True, then /etc/hostname will never updated -# The default behavior is to update it if it has not been modified by -# the user. -# -# * hostname: -# this option will be used wherever the 'hostname' is needed -# simply substitute it in the description above. -# ** If you wish to set your hostname, set it here ** -# default: 'hostname' as returned by the metadata service -# on EC2, the hostname portion of 'local-hostname' is used -# which is something like 'ip-10-244-170-199' -# -# * fqdn: -# this option will be used wherever 'fqdn' is needed. -# simply substitue it in the description above. -# default: fqdn as returned by the metadata service. on EC2 'hostname' -# is used, so this is like: ip-10-244-170-199.ec2.internal -# -# == /etc/hosts management == -# -# The cloud-config variable that covers management of /etc/hosts is -# 'manage_etc_hosts' -# -# By default, its value is 'false' (boolean False) -# -# * manage_etc_hosts: -# default: false -# -# false: -# cloud-init will not modify /etc/hosts at all. -# * Whatever is present at instance boot time will be present after boot. -# * User changes will not be overwritten -# -# true or 'template': -# on every boot, /etc/hosts will be re-written from -# /etc/cloud/templates/hosts.tmpl. -# The strings '$hostname' and '$fqdn' are replaced in the template -# with the appropriate values. -# To make modifications persistant across a reboot, you must make -# modificatoins to /etc/cloud/templates/hosts.tmpl -# -# localhost: -# This option ensures that an entry is present for fqdn as described in -# section 5.1.2 of the debian manual -# http://www.debian.org/doc/manuals/debian-reference/ch05.en.html -# -# cloud-init will generally own the 127.0.1.1 entry, and will update -# it to the hostname and fqdn on every boot. All other entries will -# be left as is. 'ping `hostname`' will ping 127.0.1.1 -# -# If you want a fqdn entry with aliases other than 'hostname' to resolve -# to a localhost interface, you'll need to use something other than -# 127.0.1.1. For example: -# 127.0.1.2 myhost.fqdn.example.com myhost whatup.example.com - -# final_message -# default: cloud-init boot finished at $TIMESTAMP. Up $UPTIME seconds -# this message is written by cloud-final when the system is finished -# its first boot. -# This message is rendered as if it were a template. If you -# want jinja, you have to start the line with '## template:jinja\n' -final_message: "The system is finally up, after $UPTIME seconds" - -# configure where output will go -# 'output' entry is a dict with 'init', 'config', 'final' or 'all' -# entries. Each one defines where -# cloud-init, cloud-config, cloud-config-final or all output will go -# each entry in the dict can be a string, list or dict. -# if it is a string, it refers to stdout and stderr -# if it is a list, entry 0 is stdout, entry 1 is stderr -# if it is a dict, it is expected to have 'output' and 'error' fields -# default is to write to console only -# the special entry "&1" for an error means "same location as stdout" -# (Note, that '&1' has meaning in yaml, so it must be quoted) -output: - init: "> /var/log/my-cloud-init.log" - config: [ ">> /tmp/foo.out", "> /tmp/foo.err" ] - final: - output: "| tee /tmp/final.stdout | tee /tmp/bar.stdout" - error: "&1" - - -# phone_home: if this dictionary is present, then the phone_home -# cloud-config module will post specified data back to the given -# url -# default: none -# phone_home: -# url: http://my.foo.bar/$INSTANCE/ -# post: all -# tries: 10 -# -phone_home: - url: http://my.example.com/$INSTANCE_ID/ - post: [ pub_key_dsa, pub_key_rsa, pub_key_ecdsa, instance_id ] - -# timezone: set the timezone for this instance -# the value of 'timezone' must exist in /usr/share/zoneinfo -timezone: US/Eastern - -# def_log_file and syslog_fix_perms work together -# if -# - logging is set to go to a log file 'L' both with and without syslog -# - and 'L' does not exist -# - and syslog is configured to write to 'L' -# then 'L' will be initially created with root:root ownership (during -# cloud-init), and then at cloud-config time (when syslog is available) -# the syslog daemon will be unable to write to the file. -# -# to remedy this situation, 'def_log_file' can be set to a filename -# and syslog_fix_perms to a string containing "<user>:<group>" -# if syslog_fix_perms is a list, it will iterate through and use the -# first pair that does not raise error. -# -# the default values are '/var/log/cloud-init.log' and 'syslog:adm' -# the value of 'def_log_file' should match what is configured in logging -# if either is empty, then no change of ownership will be done -def_log_file: /var/log/my-logging-file.log -syslog_fix_perms: syslog:root - -# you can set passwords for a user or multiple users -# this is off by default. -# to set the default user's password, use the 'password' option. -# if set, to 'R' or 'RANDOM', then a random password will be -# generated and written to stdout (the console) -# password: passw0rd -# -# also note, that this will expire the password, forcing a change -# on first login. If you do not want to expire, see 'chpasswd' below. -# -# By default in the UEC images password authentication is disabled -# Thus, simply setting 'password' as above will only allow you to login -# via the console. -# -# in order to enable password login via ssh you must set -# 'ssh_pwauth'. -# If it is set, to 'True' or 'False', then sshd_config will be updated -# to ensure the desired function. If not set, or set to '' or 'unchanged' -# then sshd_config will not be updated. -# ssh_pwauth: True -# -# there is also an option to set multiple users passwords, using 'chpasswd' -# That looks like the following, with 'expire' set to 'True' by default. -# to not expire users passwords, set 'expire' to 'False': -# chpasswd: -# list: | -# user1:password1 -# user2:RANDOM -# expire: True -# ssh_pwauth: [ True, False, "" or "unchanged" ] -# -# So, a simple working example to allow login via ssh, and not expire -# for the default user would look like: -password: passw0rd -chpasswd: { expire: False } -ssh_pwauth: True - -# manual cache clean. -# By default, the link from /var/lib/cloud/instance to -# the specific instance in /var/lib/cloud/instances/ is removed on every -# boot. The cloud-init code then searches for a DataSource on every boot -# if your DataSource will not be present on every boot, then you can set -# this option to 'True', and maintain (remove) that link before the image -# will be booted as a new instance. -# default is False -manual_cache_clean: False - -# When cloud-init is finished running including having run -# cloud_init_modules, then it will run this command. The default -# is to emit an upstart signal as shown below. If the value is a -# list, it will be passed to Popen. If it is a string, it will be -# invoked through 'sh -c'. -# -# default value: -# cc_ready_cmd: [ initctl, emit, cloud-config, CLOUD_CFG=/var/lib/instance//cloud-config.txt ] -# example: -# cc_ready_cmd: [ sh, -c, 'echo HI MOM > /tmp/file' ] - -## configure interaction with ssh server -# ssh_svcname: ssh -# set the name of the option to 'service restart' -# in order to restart the ssh daemon. For fedora, use 'sshd' -# default: ssh -# ssh_deletekeys: True -# boolean indicating if existing ssh keys should be deleted on a -# per-instance basis. On a public image, this should absolutely be set -# to 'True' -# ssh_genkeytypes: ['rsa', 'dsa', 'ecdsa'] -# a list of the ssh key types that should be generated -# These are passed to 'ssh-keygen -t' - -## configuration of ssh keys output to console -# ssh_fp_console_blacklist: [] -# ssh_key_console_blacklist: [ssh-dss] -# A list of key types (first token of a /etc/ssh/ssh_key_*.pub file) -# that should be skipped when outputting key fingerprints and keys -# to the console respectively. - -## poweroff or reboot system after finished -# default: none -# -# power_state can be used to make the system shutdown, reboot or -# halt after boot is finished. This same thing can be acheived by -# user-data scripts or by runcmd by simply invoking 'shutdown'. -# -# Doing it this way ensures that cloud-init is entirely finished with -# modules that would be executed, and avoids any error/log messages -# that may go to the console as a result of system services like -# syslog being taken down while cloud-init is running. -# -# delay: form accepted by shutdown. default is 'now'. other format -# accepted is +m (m in minutes) -# mode: required. must be one of 'poweroff', 'halt', 'reboot' -# message: provided as the message argument to 'shutdown'. default is none. -power_state: - delay: 30 - mode: poweroff - message: Bye Bye |