Resulting Image Configuration

Installed packages and services

• apt-transport-https
• ca-certificates
• ntp
• iptables-persistent
• dnsmasq
• dopy
• python-digitalocean
• supervisor
• unzip
• dopy (fork that supports getting droplets by tag)

Created user, “droplet-user”

• member of sudo users
• specified key added to authorized keys

Other System Configurations

• Configure supervsiord to start on boot
• Add iptables rules to only allow SSH, established, and loopback connections
• Configure dnsmasq for contional forwarding for a private domain (see Private DNS Zone on Github README for details)
• Disable remote root login
• Add the API token to /etc/do/api_token.yml