| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 |
- #cloud-config
- preserve_hostname: false
- hostname: ${hostname}
- salt-master: ${salt_master}
- fqdn: ${fqdn}
- # Write files happens early
- write_files:
- - content: |
- proxy=http://${proxy}:80
- path: /etc/yum.conf
- append: true
- - content: |
- proxy_host: ${proxy}
- proxy_port: 80
- path: /etc/salt/minion.d/proxy.conf
- - content: |
- [global]
- proxy=${proxy}
- path: /etc/pip.conf
- - content: |
- export HTTPS_PROXY=http://${proxy}:80
- export HTTP_PROXY=http://${proxy}:80
- export NO_PROXY=localhost,127.0.0.1,169.254.169.254,pvt.xdrtest.accenturefederalcyber.com,pvt.xdr.accenturefederalcyber.com,reposerver.msoc.defpoint.local,jenkins.msoc.defpoint.local,pod1search-splunk-sh.msoc.defpoint.local,s3.amazonaws.com,ssm.${ aws_region }.amazonaws.com,ec2messages.${ aws_region }.amazonaws.com,ec2.${ aws_region }.amazonaws.com,ssmmessages.${ aws_region }.amazonaws.com,iratemoses.mdr.defpoint.com,jira.mdr.defpoint.com,reposerver.pvt.xdr.accenturefederalcyber.com,jenkins.pvt.xdr.accenturefederalcyber.com,pod1search-splunk-sh.pvt.xdr.accenturefederalcyber.com,reposerver.pvt.xdrtest.accenturefederalcyber.com,jenkins.pvt.xdrtest.accenturefederalcyber.com,pod1search-splunk-sh.pvt.xdrtest.accenturefederalcyber.com,iratemoses.xdr.accenturefederalcyber.com,jira.xdr.accenturefederalcyber.com,iratemoses.xdrtest.accenturefederalcyber.com,jira.xdrtest.accenturefederalcyber.com
- export https_proxy=$HTTPS_PROXY
- export http_proxy=$HTTP_PROXY
- export no_proxy=$NO_PROXY
- path: /etc/profile.d/proxy.sh
- - content: |
- ${fqdn}
- path: /etc/salt/minion_id
- - content: |
- master: ${salt_master}
- path: /etc/salt/minion
- - content: |
- grains:
- environment: ${ environment }
- aws_partition: ${ aws_partition }
- aws_partition_alias: ${ aws_partition_alias }
- aws_region: ${ aws_region }
- path: /etc/salt/minion.d/cloud_init_grains.conf
- #yum_repos:
- # epel-release:
- # baseurl: http://download.fedoraproject.org/pub/epel/7/$basearch
- # enabled: false
- # failovermethod: priority
- # gpgcheck: true
- # gpgkey: http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
- # name: Extra Packages for Enterprise Linux 7 - Release
- packages:
- - vim
- package_update: true # Always patch
- growpart:
- mode: auto
- devices: [ '/', '/var', '/var/log', '/var/log/audit', '/var/tmp', '/tmp', '/home' ]
- ignore_growroot_disabled: false
- runcmd:
- # For repo only
- - yum-config-manager --disable msoc
- - yum-config-manager --disable epel-local
- - yum install -y httpd createrepo
- # Standard stuff
- - /bin/systemctl restart salt-minion
- - /bin/systemctl enable salt-minion
- - /bin/systemctl start amazon-ssm-agent
- - /bin/systemctl enable amazon-ssm-agent
- - /usr/sbin/aide --update --verbose=0
- - /bin/cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
- # Either final message or power state, but probably not both
- final_message: "The system is up after $UPTIME seconds"
- #power_state:
- # delay: "+30"
- # mode: reboot
- # message: "System configured after $UPTIME seconds"
- # timeout: 300
- # condition: true
|
