Resulting Image Configuration
Installed packages and services
- apt-transport-https
- ca-certificates
- ntp
- iptables-persistent
- dnsmasq
- dopy
- python-digitalocean
- supervisor
- unzip
- dopy (fork that supports getting droplets by tag)
Created user, “droplet-user”
- member of sudo users
- specified key added to authorized keys
Other System Configurations
- Configure supervsiord to start on boot
- Add iptables rules to only allow SSH, established, and loopback connections
- Configure dnsmasq for contional forwarding for a private domain (see Private DNS Zone on Github README for details)
- Disable remote root login
- Add the API token to
/etc/do/api_token.yml
0 Comments