mirrors/bisq
1
0
Fork 0
mirror of https://github.com/bisq-network/bisq.git synced 2024-11-19 18:03:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
96575dcad7
bisq/pricenode/docker/cloudconfig.yml
Christoph Atteneder 9a7b761549
Merge pricenode repository at 85df033
2018-09-14 11:45:35 +02:00

104 lines
2.9 KiB
YAML
Raw Blame History

#cloud-config
coreos:
update:
reboot-strategy: off
units:
- name: iptables-restore.service
enable: true
command: start
- name: create-swap.service
command: start
runtime: true
content: |
[Unit]
Description=Create swap file
Before=swap.service
[Service]
Type=oneshot
Environment="SWAPFILE=/2GiB.swap"
ExecStart=/usr/bin/touch ${SWAPFILE}
ExecStart=/usr/bin/chattr +C ${SWAPFILE}
ExecStart=/usr/bin/fallocate -l 2048m ${SWAPFILE}
ExecStart=/usr/bin/chmod 600 ${SWAPFILE}
ExecStart=/usr/sbin/mkswap ${SWAPFILE}
[Install]
WantedBy=multi-user.target
- name: swap.service
command: start
content: |
[Unit]
Description=Turn on swap
[Service]
Type=oneshot
Environment="SWAPFILE=/2GiB.swap"
RemainAfterExit=true
ExecStartPre=/usr/sbin/losetup -f ${SWAPFILE}
ExecStart=/usr/bin/sh -c "/sbin/swapon $(/usr/sbin/losetup -j ${SWAPFILE} | /usr/bin/cut -d : -f 1)"
ExecStop=/usr/bin/sh -c "/sbin/swapoff $(/usr/sbin/losetup -j ${SWAPFILE} | /usr/bin/cut -d : -f 1)"
ExecStopPost=/usr/bin/sh -c "/usr/sbin/losetup -d $(/usr/sbin/losetup -j ${SWAPFILE} | /usr/bin/cut -d : -f 1)"
[Install]
WantedBy=multi-user.target
- name: restart.service
content: |
[Unit]
Description=Restart docker containers
[Service]
Type=oneshot
ExecStart=/home/core/docker/restartContainers.sh
- name: restart.timer
command: start
content: |
[Unit]
Description=Restarts the app container 2 times a week
[Timer]
OnCalendar=Mon,Thu *-*-* 6:0:0
write_files:
- path: /etc/sysctl.d/swap.conf
permissions: 0644
owner: root
content: |
vm.swappiness=10
vm.vfs_cache_pressure=50
write_files:
- path: /etc/ssh/sshd_config
permissions: 0600
owner: root
content: |
# Use most defaults for sshd configuration.
UsePrivilegeSeparation sandbox
Subsystem sftp internal-sftp
UseDNS no
PermitRootLogin no
AllowUsers core
AuthenticationMethods publickey
write_files:
- path: /var/lib/iptables/rules-save
permissions: 0644
owner: 'root:root'
content: |
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
COMMIT
# the last line of the file needs to be a blank line or a comment
Reference in New Issue View Git Blame Copy Permalink