-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathuser-data.yaml.tmpl
More file actions
123 lines (103 loc) · 4.25 KB
/
user-data.yaml.tmpl
File metadata and controls
123 lines (103 loc) · 4.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#cloud-config
users:
- default
- name: jeffbyrnes
sudo:
- ALL=(ALL) NOPASSWD:ALL
groups: sudo
shell: /bin/bash
ssh_authorized_keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO5mP8t/YHN79Yx+D8OoeE5lYi1gicP6J7L37wVn9KZk thejeffbyrnes@gmail.com
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFypNz7UGy8mFwtLNBW0sGSUZ45DPXutP8C2FI4r+Anh thejeffbyrnes@gmail.com
groups:
- docker
system_info:
default_user:
groups:
- docker
locale: en_US.UTF-8
apt:
sources:
docker.list:
source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
package_update: true
package_upgrade: true
packages:
- git
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
- fzf
- fd-find
swap:
filename: /swapfile
size: 2147483648
write_files:
- path: /etc/sysctl.d/30-discourse-swap.conf
content: vm.swappiness = 10
- scp ./etc/nginx/sites-available/* somervilleyimby:/etc/nginx/sites-available/
runcmd:
- sh -c echo 'Installing DO Agent...'
- curl -sSL https://repos.insights.digitalocean.com/install.sh | bash
- sh -c echo 'Disabling root login...'
- sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config
- sh -c echo 'Disabling password auth...'
- sed -i -e '/^PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
- sh -c echo 'Restarting sshd...'
- systemctl restart ssh
- sh -c echo 'Enabling swap...'
- sysctl -w vm.swappiness=10
- sh -c echo 'Installing go...'
- wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz
- tar -C /usr/local -xvf go1.24.4.linux-amd64.tar.gz
- ln -s /usr/local/go/bin/go /usr/local/bin/go
- ln -s /usr/local/go/bin/gofmt /usr/local/bin/gofmt
- sh -c echo 'Installing ccat...'
- go install github.com/owenthereal/ccat@latest
- sh -c echo 'Installing exa...'
- mkdir -p /etc/apt/keyrings
- wget -qO- https://raw.githubusercontent.com/eza-community/eza/main/deb.asc | gpg --dearmor -o /etc/apt/keyrings/gierens.gpg
- echo "deb [signed-by=/etc/apt/keyrings/gierens.gpg] http://deb.gierens.de stable main" | tee /etc/apt/sources.list.d/gierens.list
- chmod 644 /etc/apt/keyrings/gierens.gpg /etc/apt/sources.list.d/gierens.list
- apt update
- apt install -y eza
- sh -c echo 'Installing starship...'
- curl -sS https://starship.rs/install.sh | sh -s -- --force
- sh -c echo 'Installing NGINX...'
- apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
- curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
- echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] <http://nginx.org/packages/ubuntu> `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list
- echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx
- apt update && apt install nginx
- sh -c echo 'Installing Certbot...'
- snap install --classic certbot
- sh -c echo 'Configuring NGINX...'
- rm /etc/nginx/sites-enabled/default
- ln -s /etc/nginx/sites-available/00-discourse /etc/nginx/sites-enabled/00-discourse
- ln -s /etc/nginx/sites-available/01-wordpress /etc/nginx/sites-enabled/01-wordpress
- systemctl reload nginx
- sh -c echo 'Setting up Discourse...'
- git clone https://github.com/discourse/discourse_docker.git /var/discourse
- mv /root/app.yml /var/discourse/containers/app.yml
- chmod o-rwx /var/discourse/containers/app.yml
- cd /var/discourse && ./launcher bootstrap app
- cd /var/discourse && ./launcher start app
- sh -c echo 'At this point, Discourse is ready to be restored!'
- sh -c echo 'See https://meta.discourse.org/t/restore-a-backup-from-command-line/108034 for details'
- sh -c echo 'Starting Datadog Agent...'
- >
DD_API_KEY=${dd_api_key} \
DD_SITE="datadoghq.com" \
DD_APM_INSTRUMENTATION_ENABLED=host \
DD_REMOTE_UPDATES=true \
DD_ENV=prod \
DD_APM_INSTRUMENTATION_LIBRARIES=java:1,python:3,js:5,php:1,dotnet:3 \
bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"