hetzner tweaks
This commit is contained in:
Henrik Bakken
+13
-1
@@ -31,6 +31,7 @@ runcmd:
|
||||
- systemctl enable fail2ban
|
||||
- ufw allow 7097
|
||||
- ufw allow 51820/udp
|
||||
- ufw allow in on hjarl
|
||||
- ufw enable
|
||||
- sed -i -e '/^\(#\|\)PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config
|
||||
- sed -i -e '/^\(#\|\)PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
|
||||
@@ -40,5 +41,16 @@ runcmd:
|
||||
- echo "HISTFILE=~/.histfile\nHISTSIZE=100000\nSAVEHIST=100000\nbindkey -v\n\n# compinstall\nzstyle ':completion:*' menu select\nzstyle :compinstall filename '/home/hjalmarlucius/.zshrc'\nautoload -Uz compinit\ncompinit\n\n# oh-my-zsh\nexport ZSH='$HOME/.oh-my-zsh'\nZSH_THEME='robbyrussell'\nplugins=(git)\nsource $ZSH/oh-my-zsh.sh" > /home/hjalmarlucius/.zshrc
|
||||
# required for flannel
|
||||
- sudo sh -c 'echo "br_netfilter" > /etc/modules-load.d/br_netfilter.conf'
|
||||
# allow sshfs
|
||||
- sudo sed -i -e 's/#user_allow_other/user_allow_other/' /etc/fuse.conf
|
||||
- mkdir /home/hjalmarlucius/state
|
||||
- mkdir -p /home/hjalmarlucius/.local/bin
|
||||
- reboot
|
||||
|
||||
# k8s install instruction
|
||||
# sshfs -p 7097 mothership.hjarl.com:/home/hjalmarlucius/src/hjarl/state ~/state -o allow_root
|
||||
# cd state
|
||||
# add peers to /etc/hosts
|
||||
# sudo python3 k8s.py install_reqs arm64 False
|
||||
# sudo python3 k8s.py make_controller . helsinki-1 False arm64
|
||||
# sudo python3 k8s.py make_controlplane . helsinki-1 arm64
|
||||
# sudo python3 k8s.py make_worker . helsinki-1 arm64
|
||||
|
||||
Reference in New Issue
Block a user