Sapian
/
backup-gitops
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
backup-gitops/c1/deploy/data-openvpn.yaml

91 lines
4.6 KiB
Raw Permalink Blame History

#cloud-config
mounts:
- [ "UUID=5f9fff6f-d3e3-49fe-a54e-e1242c511864", "/media/ephemeral/openvpn-config/", "ext4", "noatime,nofail", "0", "2"]
package_update: true
package_upgrade: true
package_reboot_if_required: true
packages:
- curl
- htop
- bash-completion
- vim
- rsync
- python-pexpect
- python-software-properties
- software-properties-common
- openvpn
- freeipa-client
- openvpn
- openvpn-auth-ldap
- easy-rsa
- haveged
- python-pip
- fail2ban
apt_sources:
- source: "deb http://build.openvpn.net/debian/openvpn/stable xenial main"
key: |
----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBE45PsIBCAC2K2LRZPQIUmJlCDKcncfR6vok2wowDpGpHZffvEEoUj/DoocR
LLpPHR5RB1zMWIs2IjF8vOtXMCBguDgtEvQTh6p6DM3D1fTnYp3pPlQyyzAuC81v
CQo44h09R4Nh2e38oMRVztmAnacC4g5aiSEamrZ4PbWdAdPc4uZdCPOGmUDJw8+q
aAYvL/8pM7YqEu05FqE+aNcG02K+mDhA2bqRLLKoLEFpeMSO6vV8BrE7Vw1Rs1PM
VLDJt9HdXmC6vP+WWqDuj7/qfRb2wwlSIp5+aFyRHOUNyFKnWZYIObeV3+Y6oG6h
gmBtU1673mHDqVy26TwfjpJeudMKHVCrKXVXABEBAAG0QVNhbXVsaSBTZXBww6Ru
ZW4gKE9wZW5WUE4gVGVjaG5vbG9naWVzLCBJbmMpIDxzYW11bGlAb3BlbnZwbi5u
ZXQ+iQFVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBDDr9Oc8
zmPu4STdJ45tqLThWMVpBQJZeJ2tBQkQ4vlrAAoJEI5tqLThWMVpPDUH/RdLsdG/
4kmal/rfbso3YVxZXGp2fHKrptvCVrUWluYs6H/XBV4x6aMe8Q6K7Qa7BSLA9jZ8
v+UN/4aA+urBcs6Ted/XbP3mKU47tOotW24nA1LRjd4gUSEXCaEOBbCSyw3uw6Vz
U1wr1gEmkC7kvBziL+Pcbt5tKTRhUfgbcjYNNdp/nAwn3Pm3OFRaBt/qDU2aYAOH
+k191x/ovDRO/UiU2CVvrdfv/VMZfo/rwxe8IiirxQ4k5DR2Vyu0DMNzlNTqRk8l
rUH0FBdl0rOiefH0m6ubKstpYCaOUYsh/FaW53O6qqrTlZqPtAav1cRog8zb8mhT
sFFAarhnZcQ/DG+5AQ0ETjk+wgEIAOg+Bjk8Wnb7fbbwBDDUalLsIEgFUhsrSLD5
VVYB8tOq7djshckp/3LwfkSsmUzEtXMXxIbDUON1vbCQXZlQDe7E7uY5KFNWyi4+
UJwLMrs+oqfeduUzDxQ+voq/6NGl+2olqd6vT/c/uPb/RPZpOdgoEkqFEOTMRVz0
DZwAyzyYEWBrwDECNbEtqefMLPIaUGUzZvUc80I+MYL6AzRe/utIWcBnZ2nydZ0S
vWKRJ0lOs69e6KoFVeE5QXzmTXkjzSbR9eN3ADm2j0EjLnpt/zR4hF8s4l4HLdRd
Sn47tAdvahsNfgWmOfiQD8btnu8DiMiJMd8IpVsZX/zCJbSUChcAEQEAAYkBPAQY
AQIAJgIbDBYhBDDr9Oc8zmPu4STdJ45tqLThWMVpBQJZeJ2DBQkQ4vlBAAoJEI5t
qLThWMVpCCIH+QFqEY+Xk5gJc10lbJUZEhJIknS/3GEd+3WBHgBtBaQCeK7+bFQP
ZagTN4SJLiwYcQDV04mZTpFOJV1k9AYaz7ENEjHe51mGhPM9sm5Ix7KwMNo0lHJ+
ryZ0zyie28IbGz+rYa7OdkhE2EmcQkezYNWC03G8yR9yGk3QZ3CtPPO/xYP2tBGc
OocqWUkVuR7KpitT9QnOZ4af26b83Vr/+qJ1FdSfW6/VAbyboVWya4oEnKSUusBm
0WCQzaLH15EpzgcdB/x8KVOTS1dAA5GNyRyhbRfP6yBXgBruCkPa4/np78/72jjW
vbAvOhOEMnfzWmf3VZq+q6hhIJf6Sp+dcoU=
=P3ax
-----END PGP PUBLIC KEY BLOCK-----
users:
- name: sapian
- passwd: $6$eCW4Ypue$XkpcNkvem1O3KD9eyM7V9jp/p5T0BdWv9vYcgqeV3MD2qXEbHdTWyNa1zB42cwsmsRyNSNAhFxZAaQyBsSnic/
chpasswd:
list: |
root:sap64adm
sapian:sap64adm
expire: False
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyumXwdCn27ELM56o1aHOUwybRcX3Rk76ny3TOMzjiCjapntTaPtcPZ9/84g5tjZmDlUNitRZF0XV76xJ2JJ0PU4Mx7nka6nnvmywFTAIx/PFLQtj4iQH/7osOEy6lKaYKJT9bFEhZ0llb6JtF+kPTZ7NV7EKvXx/U6pXVM8h7KShx1H/8GJroR8Uc5IdWApSwslG19DOjMZMyhe+PfWQw+SG1MC32OcuH43fuUdNRIDL6tTaFkGH2upX9ALO75CQ/8NDRoSCne0MnDHKFipi86AU0Dr2GmCC4rRx6L9J4tAejViKIjVsLy/aHnHknVgipu1ajCfhTpRjqh3/fWUEow== sebastian.rojo@sapian.com.co
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeAesfotBI9sbnKBsaycSJ2y0ln7OSGxtdEvN+BISLJPWbjLRqrv69ftlUotW5NABxqXn9mYT3RT031C/pdr/OAqyGnMkkb5/pzmOrKdW3vT7hcAAQQtzrA2LdxJdBUKMIE51XafQbQGKwZtKl9kxcX3QQkyvwDGyYhvi3RYcy5FfUFbifyQojB8o0gLro7pEfR660GE5rUvjUdqSc0V3vPTb7hsUI0x8AvCCOpZ6VVI9uKWxGlncO5B6Vjjefq9FKXxied0Dj5psyjZ9A6WfhFhoyU0NLbYfeQpVog7jV63fiUxXNnp7fcOudHnbScaol4H61EUldnf+d8QgP985/ oscar.garcia@sapian.com.co
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAoXMJ6MSm2pW8IDMoJBNj56FymgGYOFBvKOibSK/GOU4WPQheK8jurq047bR4/2TocIZKK58mtpXthNxiOkK/bQtSc0bDfHl5RCnfHSrMkKaWIP6Io6GDtcrW3l6MXL0QWqt7hV+4RC+WRTruEhqm4rvgydTUkelKeiyJnULZzoXkK2hkaYtFYPzdT7UDKy6qnlfHTwkIo+RmXuRBQvWU72we8AJSPFcVO8E7CFL/opSWuRQZcRsVh8EAx5GPtxPT+oM8y4c2Ka/h8MOg7jKP3kbb6DmzZxXAhqwyLLuDZuX+fUpxqOnwFDVVN0RMdagfHZvj1IvR/hd36GUGXapr andres.restrepo@sapian.com.co
runcmd:
- curl -fsSL https://get.docker.com/ | sh
- curl -fsSL https://get.docker.com/gpg | sudo apt-key add -
- [ systemctl, daemon-reload ]
- [ systemctl, enable, docker.service ]
- [ systemctl, start, --no-block, docker.service ]
- [ systemctl, daemon-reload ]
- rsync -avz /media/ephemeral/openvpn-config/openvpn/ /etc/openvpn/
- cp /media/ephemeral/openvpn-config/fail2ban/filter.d/openvpn.conf /etc/fail2ban/filter.d/openvpn.conf
- cp /media/ephemeral/openvpn-config/fail2ban/jail.local /etc/fail2ban/jail.local
final_message:
- "The system is finally up, after $UPTIME seconds"
- "run freeipa-client"
Reference in new issue View Git Blame Copy Permalink