Cloud Config, not getting my test email. Is it case sensitive? Can I tell if fail2ban & ufw are loading the way I assumed they were?

I’m not crazy about leaving user accounts, (even just the name of it, and the public keys exposed in a public file for the life of the server… but I kept looking at the User Data to see what else I could automate. I thought I was installing an uncomplicated firewall and fail2ban along with sendmail (which someone suggested would be pre-installed anyways). But I’m not getting my test email. Is it case sensitive? Can I tell if the fail2ban and ufw are loading the way I assumed they were? (without inadvertently installing them when I try to check) Then I leave myself a quarter hour to finish setting up the basics before shutting down for a snapshot.

package_upgrade: true
  - ufw allow ssh
  - ufw allow 25 
  - ufw enable
  - apt-get install sendmail
  - service sendmail restart
  - time echo testmail | sendmail
  - apt-get install fail2ban -y
  - service fail2ban restart
  timeout: 120
  delay: "+14"
  message: Gooble Snot, Please save your work.
  mode: poweroff

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

In order to see if ufw worked as expected, you could run the command sudo iptables -L As it is simply a frontend for iptables you’ll see the firewall rules it implemented by running that command. For fail2ban, run sudo service fail2ban status It will fail if it isn’t installed and show say if it is running or not if it is.

You’ll also want to check the contents of the file /var/log/cloud-init-output.log It should have the output of the commands issued by runcmd Using a cloud-config file like yours, fail2ban and ufw were both installed and started correctly. Sendmail was not. You can find the error in that log file:

The following extra packages will be installed:
  m4 make procmail sendmail-base sendmail-bin sendmail-cf sensible-mda
Suggested packages:
  make-doc sendmail-doc rmail logcheck sasl2-bin
Recommended packages:
  default-mta mail-transport-agent fetchmail
The following NEW packages will be installed:
  m4 make procmail sendmail sendmail-base sendmail-bin sendmail-cf
0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded.
Need to get 1158 kB of archives.
After this operation, 5035 kB of additional disk space will be used.
Do you want to continue? [Y/n] Abort.
sendmail: unrecognized service
/var/lib/cloud/instance/scripts/runcmd: 7: /var/lib/cloud/instance/scripts/runcmd: sendmail: not found
echo: write error: Broken pipe
Command exited with non-zero status 1

The package doesn’t seem to get installed as Apt is waiting for input. Try adding a -y like with the fail2ban innstallation.