#cloud-config # Tell cloud-init to log the output to a log file output: {all: '| tee -a /var/log/cloud-init-output.log'} # /var/www/aws/aws-lam2-Ubuntu-CloudInit.txt - Initialize lam2.duckdns.org # # This version uses only Public GitHub repos for the configuration and content. # It does not check in to lam2.duckdns.org because that requires a token # that is not available in public repos. The Public & Domain Name can be used # to access the server and the Private IP can be used from within the VPC. # # The lam2 instance was designed to be a SSH SOCKS5 Proxy server on port 443 # Port 443 is normally used for HTTPS so is likely to be available even when # other ports are blocked. # The CloudInit directives are a fork of the lam1 directives with a new # host name that takes over the lam2 DDNS sites instead of the lam1 sites. # The lam1 http sites are all installed so this instance can check in as # lam1 and support all but the https site. # The ssl module of apache2 is not loaded so that the sshd can listen on # port 443, Let's Encrypt certificates are not installed and the default # info and status modules are invoked instead of the modified version that # serve authenticated users on the secure site. # The /var/www/lam (ssl site) directory is not installed # The databeses for the secure site are not installed. # # https://aws.lam1.us/a/Amazon_Web_Services_(AWS) bootcmd: - echo - echo 'AWS LAM Report HOST information' - uname -a - echo - echo 'AWS LAM Report Release version' - head /etc/*release - echo - echo 'AWS LAM List Installed Packages information' - dpkg -l - echo - echo 'AWS LAM cloud-config YAML bootcmd complete' - date # Set hostname hostname: lam2 # Set timezone timezone: US/Alaska # Upgrade apt database on first boot package_update: true # Upgrade the instance on first boot package_upgrade: true # Install additional packages on first boot packages: - nfs-common - awscli - mailutils - swish++ - libio-captureoutput-perl - libcgi-pm-perl - libdbi-perl - libdbd-mysql-perl - php - php-gd - texlive - php-xml* - lynx - apache2-doc - libapache2-mod-perl2 - libbsd-resource-perl - libapache2-reload-perl - apache2-suexec-custom - mariadb-client - mariadb-server - php-mysql - libapache2-mod-php - x11-apps - whois - libgtk2.0-0 - mlocate - php-mbstring runcmd: - echo - echo 'AWS LAM Allow any to read /var/log/cloud-init-output.log' - chmod a+r /var/log/cloud-init-output.log - echo - echo 'AWS LAM Report AWS EC2 metadata for this instance' - ec2metadata | grep -v '^user-data' - echo - echo 'AWS LAM Report AWS EC2 user-data for this instance (CloudInit directives)' # Allow for either gzip compressed user-data or plain text user-data - (curl -s http://169.254.169.254/latest/user-data | gunzip) || curl -s http://169.254.169.254/latest/user-data - echo - echo 'AWS LAM Set git user name, email for system' - git config --system user.name "LAMurakami" - git config --system user.email GitHub@LAMurakami.com - git config --system core.editor vi - git config --system branch.autosetuprebase always - git config --system init.defaultBranch master - echo - echo 'AWS LAM Install etckeeper to track configuration changes' - apt-get install etckeeper - echo - echo 'AWS LAM Adding a swapfile' - dd if=/dev/zero of=/swapfile bs=32M count=8 - chmod 600 /swapfile - mkswap /swapfile - swapon /swapfile - echo "/swapfile swap swap defaults 0 0" >> /etc/fstab - echo - echo 'AWS LAM Set hostname and localhost alias in /etc/hosts' - sed -i '1s/localhost/lam2.lam1.us lam2 localhost/' /etc/hosts - echo - echo 'AWS LAM Install leafpad compiled for Ubuntu Server 20.04' - wget -q -P /tmp https://lamurakami.github.io/Install/leafpad-Ubuntu-20-04.tgz - tar -xzf /tmp/leafpad-Ubuntu-20-04.tgz --directory /usr/local - rm /tmp/leafpad-Ubuntu-20-04.tgz - file /usr/local/bin/leafpad - echo - echo 'AWS LAM Installing GNU which v2.21 compiled for Ubuntu Server 20.04' - wget -q -P /tmp https://lamurakami.github.io/Install/which-Ubuntu-20-04.tgz - tar -xzf /tmp/which-Ubuntu-20-04.tgz --directory /usr/local - rm /tmp/which-Ubuntu-20-04.tgz - file /usr/local/bin/which - echo - echo 'AWS LAM Installing GNU tnef 1.4.18 compiled for Ubuntu Server 20.04' - wget -q -P /tmp https://lamurakami.github.io/Install/tnef-Ubuntu-20-04.tgz - tar -xzf /tmp/tnef-Ubuntu-20-04.tgz --directory /usr/local - file /usr/local/bin/tnef - echo - echo 'AWS LAM Listen for ssh connections on alternate port 55520 and add ssh Banner' - git clone https://github.com/LAMurakami/ubuntu-etc /tmp/ubuntu-etc - sh -c "cd /tmp/ubuntu-etc ; git checkout lam2" - cp /tmp/ubuntu-etc/ssh/sshd_config /etc/ssh - cp /tmp/ubuntu-etc/ssh/Banner.txt /etc/ssh - systemctl restart sshd - echo - echo 'AWS LAM Check US Alaska local time for this system' - ls -lF --time-style=long-iso /etc/localtime - echo - echo 'AWS LAM ***** http sites *****' - echo - echo 'AWS LAM Updating apache2 configuration for lam2' - a2enmod info - a2enmod status - a2enmod authz_groupfile.load - a2enmod rewrite - a2enmod cgi - git clone https://github.com/LAMurakami/no-ssl /var/www/no-ssl - rm /etc/apache2/apache2.conf - rm /etc/apache2/mods-available/alias.conf - rm /etc/apache2/mods-available/autoindex.conf - rm /etc/apache2/mods-available/dir.conf - /var/www/no-ssl/Implement_no-ssl_conf.bash - echo - echo 'AWS LAM Configuring perl to include LAM perl modules' - mkdir /usr/local/lib/site_perl - ln -s /var/www/no-ssl/site_perl-LAM /usr/local/lib/site_perl/LAM - echo - echo 'AWS LAM Update from default to LAM AWS lam2 web configuration' - sed -i "s|aws|lam2|" /var/www/no-ssl/apache2.conf - mkdir /var/www/Multicount - chown www-data:www-data /var/www/Multicount - echo - echo 'AWS LAM ***** Additional sites *****' - echo - echo 'AWS LAM Installing arsc.lam1.us web site' - git clone https://github.com/LAMurakami/arsc /var/www/arsc - ln -s /var/www/arsc/arsc_apache2.conf /etc/apache2/sites-available/060_arsc.conf - a2ensite 060_arsc - echo - echo 'AWS LAM Installing aws.lam1.us web site' - git clone https://github.com/LAMurakami/aws /var/www/aws - ln -s /var/www/aws/aws_apache2.conf /etc/apache2/sites-available/080_aws.conf - a2ensite 080_aws - /var/www/aws/cloud-init.pl - echo - echo 'AWS LAM ***** Final Initialization Steps *****' - echo - echo 'AWS LAM Set ubuntu as owner of /var/www/{no-ssl,arsc,aws}' - chown -R ubuntu:www-data /var/www/no-ssl /var/www/arsc /var/www/aws - echo - systemctl restart apache2 - echo - echo 'AWS LAM Changes from lam2-Ubuntu-CloudInit etckeeper commit' - etckeeper commit -m 'AWS LAM Changes from lam1-Ubuntu-CloudInit' - echo - echo 'AWS LAM Install dovecot-imapd after /etc/hosts has been configured' - apt-get install --yes dovecot-imapd - echo - echo 'AWS LAM Add root alias so default AWS ubuntu user gets root mail' - cp /tmp/ubuntu-etc/aliases /etc/aliases - cp /tmp/ubuntu-etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/10-master.conf - newaliases - rm -rf /tmp/ubuntu-etc - echo - sh -c "cd /etc ; git commit -a -m 'Changes from lam2-Ubuntu-CloudInit'" - echo - echo 'AWS LAM Install man2html after apache has been configured' - apt-get install -y man2html - echo - echo 'AWS LAM ***** Run cron daily plocate jobs *****' - ln -s /var/www/no-ssl/local_scripts/plocate-mnt-efs.sh /etc/cron.daily/plocate-mnt-efs.sh - /etc/cron.daily/plocate-mnt-efs.sh - chmod a+r /mnt/efs/plocate.db - updatedb - echo - echo 'AWS LAM Final Cloud-init etckeeper commit' - etckeeper commit -m 'AWS LAM Final Cloud-init etckeeper commit' - echo - echo 'AWS LAM List Installed Packages information' - dpkg -l - echo - echo 'AWS LAM cloud-config YAML runcmd complete' - date