aws-nwo-lam2-Amazon-Linux-2023-CloudInit-Arm.txt

#cloud-config

# Tell cloud-init to log the output to a log file
output : { all : '| tee -a /var/log/cloud-init-output.log' }

# /var/www/aws/aws-nwo-lam2-Amazon-Linux-2023-CloudInit-Arm.txt
# Initialize lam2.duckdns.org

bootcmd:
 - echo
 - echo 'AWS LAM Report HOST information'
 - uname -a
 - echo
 - echo 'AWS LAM Report Release version'
 - head /etc/*release
 - echo
 - echo 'AWS LAM cloud-config YAML bootcmd complete'
 - date

# Set timezone
timezone: US/Alaska

# Upgrade repo database on first boot
repo_update: true
# Upgrade the instance on first boot
repo_upgrade: all

runcmd:
 - keyName="lam2-AL2023-ARM"
 - echo
 - echo 'AWS LAM Add a swapfile'
 - dd if=/dev/zero of=/swapfile bs=32M count=24
 - chmod 600 /swapfile
 - mkswap /swapfile
 - swapon /swapfile
 - echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
 - free -h
 - cat /proc/swaps
 - echo
 - echo 'AWS LAM Get EFS for REGION'
 - wget --quiet https://lamurakami.github.io/aws-efs/REGION.bash
 - chmod a+x REGION.bash
 - export REGION=$(./REGION.bash)
 - rm REGION.bash
 - EFS=$(curl -s https://lamurakami.github.io/aws-efs/${REGION})
 - echo
 - echo 'AWS LAM setup root to aws ssh config'
 - wget --quiet https://lamurakami.github.io/aws-efs/root-ssh-config
 - mv root-ssh-config /root/.ssh/config
 - wget --quiet https://lamurakami.github.io/aws-efs/root-ssh-known_hosts
 - mv root-ssh-known_hosts /root/.ssh/known_hosts
 - echo
 - echo 'AWS LAM Install LAMipedia packages'
 - dnf -y install httpd httpd-manual mod_ssl whois lynx perl-CGI perl-libwww-perl xauth php-fpm php-mysqli php-json php php-devel php-gd php-mbstring php-intl php-mysqlnd php-xml mariadb105-server gitweb xorg-x11-utils mod_perl gtk3 perl-DBD-MySQL mlocate texlive libxkbfile xorg-x11-xbitmaps
 - echo
 - echo 'AWS LAM Allow any to read /var/log/cloud-init-output.log'
 - chmod a+r /var/log/cloud-init-output.log
 - echo
 - echo 'AWS LAM Check US Alaska local time for this system'
 - ls -lF --time-style=long-iso /etc/localtime
 - echo
 - echo 'AWS LAM Set git user name, email for system'
 - git config --system user.name "LAMurakami"
 - git config --system user.email GitHub@LAMurakami.com
 - git config --system core.editor vi
 - git config --system branch.autosetuprebase always
 - git config --system init.defaultBranch master
 - git config --system --add safe.directory /var/www/lam
 - echo
 - echo 'AWS LAM use colors with systemctl'
 - echo 'export SYSTEMD_COLORS=1' > /etc/profile.d/systemd_colors.sh
 - echo
 - echo 'AWS LAM Set vim as default editor for system'
 - dnf remove -y nano
 - echo
 - echo 'AWS LAM Install aws.lam1.us web site'
 - git clone https://github.com/LAMurakami/aws /var/www/aws
 - sh -c "cd /var/www/aws;git remote set-url origin git@github.com:LAMurakami/aws"
 - sh -c "cd /var/www/aws;git remote add ak20 git@ak20:aws"
 - sh -c "cd /var/www/aws;git checkout -b $keyName"
 - echo
 - echo 'AWS LAM Report AWS EC2 metadata for this instance'
 - /var/www/aws/ec2-user-data.bash
 - echo
 - echo 'AWS LAM Report AWS EC2 user-data for this instance (CloudInit directives)'
 - /var/www/aws/ec2-instance-user-data.bash
 - echo
 - echo 'AWS LAM Cloud Guest motd'
 - ln -s /var/www/aws/etc/update-motd.d/51-cloudguest /etc/update-motd.d
 - echo
 - echo echo 'AWS LAM allow read access to apache2 (httpd) log path'
 - chmod a+rx /var/log/httpd
 - echo
 - echo 'AWS LAM enable aws site'
 - ln -s /var/www/aws/aws_apache2.conf /etc/httpd/conf.d/zzz_000-aws.conf
 - echo
 - echo 'AWS LAM Update main apache2 configuration'
 - cp /var/www/aws/Amazon-Linux-2-httpd.conf /etc/httpd/conf/httpd.conf
 - echo
 - echo 'AWS LAM Install no-ssl web site'
 - /var/www/aws/aws-lam-www-git-clone.bash no-ssl $keyName
 - ln -s /var/www/no-ssl/no-ssl_apache2.conf /etc/httpd/conf.d/zzz_999-no-ssl.conf
 - echo
 - echo 'AWS LAM Install LAM perl modules'
 - mkdir -p /usr/local/share/perl5/5.32
 - ln -s /var/www/no-ssl/site_perl-LAM /usr/local/share/perl5/5.32/LAM
 - echo
 - echo 'AWS LAM create Multicount directory'
 - mkdir /var/www/Multicount
 - echo
 - echo 'AWS LAM Installing z.lam1.us web site'
 - /var/www/aws/aws-lam-www-git-clone.bash z $keyName
 - ln -s /var/www/z/z_apache2.conf /etc/httpd/conf.d/zzz_050_z.conf
 - rm /etc/httpd/conf.d/welcome.conf
 - echo
 - echo 'AWS LAM Enable x11 forwarding over ssh for sudo'
 - ln -s /var/www/no-ssl/xauthority.sh /etc/profile.d
 - echo
 - echo 'AWS LAM ***** Additional sites *****'
 - echo
 - echo 'AWS LAM Installing sites.lam1.us web site'
 - /var/www/aws/aws-lam-www-git-clone.bash sites $keyName
 - ln -s /var/www/sites/sites_apache2.conf /etc/httpd/conf.d/zzz_030_sites.conf
 - echo
 - echo 'AWS LAM Installing arsc.lam1.us web site'
 - /var/www/aws/aws-lam-www-git-clone.bash arsc $keyName
 - ln -s /var/www/arsc/arsc_apache2.conf /etc/httpd/conf.d/zzz_060_arsc.conf
 - echo
 - echo 'AWS LAM Installing cabo.lam1.us web site'
 - /var/www/aws/aws-lam-www-git-clone.bash cabo $keyName
 - ln -s /var/www/cabo/cabo_apache2.conf /etc/httpd/conf.d/zzz_040_cabo.conf
 - echo
 - echo 'AWS LAM Adding olnes www Content'
 - /var/www/aws/aws-lam-www-git-clone.bash olnes $keyName
 - ln -s /var/www/olnes/olnes_apache2.conf /etc/httpd/conf.d/zzz_052_olnes.conf
 - echo
 - echo 'AWS LAM Adding larryforalaska www Content'
 - /var/www/aws/aws-lam-www-git-clone.bash larryforalaska $keyName
 - ln -s /var/www/larryforalaska/larryforalaska_apache2.conf /etc/httpd/conf.d/zzz_070_larryforalaska.conf
 - echo
 - echo 'AWS LAM ***** Use private LAM Alaska resources *****'
 - echo
 - echo 'AWS LAM Adding nfs4 mount to AWS NW-O VPC Elastic File System'
 - mkdir /mnt/efs
 - chown ec2-user:ec2-user /mnt/efs
 - nfsOpt="_netdev,noresvport,nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 0 0"
 - echo "${EFS}:/ /mnt/efs nfs4 ${nfsOpt}" >> /etc/fstab
 - mount -a -t nfs4
 - df -Th -x supermount --exclude-type=tmpfs --exclude-type=devtmpfs
 - echo
 - echo 'AWS LAM Installing Amazon Linux 2 ec2-user bash resources'
 - tar -xzf /mnt/efs/Amazon-Linux-2023/ec2-user.tgz --directory /home/ec2-user
 - echo
 - echo 'AWS LAM Link to .aws resources for root'
 - ln -s /home/ec2-user/.aws /root/.aws
 - echo
 - echo 'AWS LAM Copy ssh key root'
 - cp /home/ec2-user/.ssh/git_ak20_id_rsa /root/.ssh
 - echo
 - echo 'AWS LAM Install man2html'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/man2html-Arm.tgz - | tar -xzf - --directory /usr/local
 - echo
 - echo 'AWS LAM Install xeyes, xclock, xlogo'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/xapps-AL2023-ARM.tgz - | tar -xzf - --directory /usr/local
 - echo
 - echo 'AWS LAM Install geany'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/geany-Arm.tgz - | tar -xzf - --directory /usr/local
 - ldconfig /usr/local/lib
 - echo
 - echo 'AWS LAM Install l3afpad substitute for leafpad'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/l3afpad-arm.tgz - | tar -xzf - --directory /usr/local
 - ln -s /usr/local/bin/l3afpad /usr/bin/leafpad
 - echo
 - echo 'AWS LAM Install glances for ec2-user'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/glances-ec2-user-Arm.tgz - | tar -xzf - --directory /home/ec2-user
 - echo
 - echo 'AWS LAM Link to .aws resources for root'
 - ln -s /home/ec2-user/.aws /root/.aws
 - echo
 - echo 'AWS LAM Install etckeeper and perform intitial commit'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/etckeeper-bin-Arm.tgz - | tar -xzf - --directory /usr
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/etckeeper-etc-Arm.tgz - | tar -xzf - --directory /etc
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/etckeeper-lib-systemd-system-Arm.tgz - | tar -xzf - --directory /lib/systemd/system
 - etckeeper init
 - etckeeper commit -m 'AWS LAM Amazon Linux 2023'
 - systemctl enable etckeeper.timer
 - systemctl start etckeeper.timer
 - echo
 - echo 'AWS LAM Listen for ssh connections on alternate port 55520 and add ssh Banner'
 - aws s3 cp s3://lamurakami/Amazon-Linux-2023/sshd_config /etc/ssh/sshd_config
 - ln -s /var/www/aws/etc/ssh/Banner.txt /etc/ssh
 - systemctl restart sshd
 - echo
 - echo 'AWS LAM ***** Secure site *****'
 - echo
 - echo 'AWS LAM Install Let-s Encrypt certificates for TLS encryption (HTTPS)'
 - aws s3 cp s3://lamurakami/aws-lam1-ubuntu/letsencrypt.tgz - | tar -xzf - --directory /etc
 - echo
 - echo 'AWS LAM Install lam web site'
 # Extract lam from archive that includes MediWiki and git repo
 - aws s3 cp s3://lamurakami/lam.tgz - | tar -xzf - --directory /var/www
 - echo
 - echo 'AWS LAM Use lam2 branch to serve secure site at https://lam2.duckdns.org'
 - sh -c "cd /var/www/lam;git stash"
 - sh -c "cd /var/www/lam;git checkout lam2"
 - sh -c "cd /var/www/lam;git checkout -b $keyName"
 - echo
 - echo 'AWS LAM Create lam murakami staff credentials.'
 - /var/www/lam/Create-lam-murakami-staff.bash AL2023
 - chown lam:staff /mnt/efs
 - echo
 - echo 'AWS LAM Update apache2 ssl configuration'
 - rm /etc/httpd/conf.d/ssl.conf
 - ln -s /var/www/lam/lam_apache2.conf /etc/httpd/conf.d/ssl.conf
 - echo
 - echo 'AWS LAM Update gitweb configuration'
 - sed -i '1 s|Alias /git /var/www/git|Alias /gitweb /var/www/git|' /etc/httpd/conf.d/gitweb.conf
 - cp /var/www/aws/Amazon-Linux-2-gitweb.conf /etc/gitweb.conf
 - echo
 - echo 'AWS LAM Configure /server-status /server-info ReadmeName'
 - ln -s /var/www/lam/lam_info.conf /etc/httpd/conf.d/info.conf
 - ln -s /var/www/lam/lam_status.conf /etc/httpd/conf.d/status.conf
 - sed -i 's/ReadmeName README.html/ReadmeName FOOTER.html/' /etc/httpd/conf.d/autoindex.conf
 - echo
 - echo 'AWS LAM enable and start MariaDB'
 - systemctl enable mariadb
 - systemctl start mariadb
 - echo
 - echo 'AWS LAM Creating {lam|Mediawiki} database and user'
 - mysql --table < /var/www/lam/lam-user.sql
 - echo 'AWS LAM Restore latest lam database backup from AWS S3'
 - aws s3 cp s3://lamurakami/Bk-20-MySQL.lam.sql.gz - | gunzip -c | mysql --user=lam lam
 - echo 'AWS LAM Restore latest LAM Alaska MediaWiki database backup from AWS S3'
 - aws s3 cp s3://lamurakami/Bk-20-MySQL.wikidb.sql.gz - | gunzip -c | mysql --user=lam wikidb
 - echo
 - echo 'AWS LAM ***** Private Additional sites *****'
 - echo
 - echo 'AWS LAM Installing {new|old}.interiordems.com web sites'
 - /var/www/aws/aws-efs-www-git-clone.bash interiordems $keyName
 - ln -s /var/www/interiordems/interiordems_apache2.conf /etc/httpd/conf.d/zzz_020_interiordems.conf
 - /var/www/aws/aws-efs-www-git-clone.bash oldinteriordems $keyName
 - ln -s /var/www/oldinteriordems/oldinteriordems_apache2.conf /etc/httpd/conf.d/zzz_010_oldinteriordems.conf
 - echo
 - echo 'AWS LAM Adding mike@mike.lam1.us user, group and www Content'
 - useradd --shell /bin/bash --create-home --groups users --uid 55501 mike
 - usermod --groups users,mike mike
 - aws s3 cp s3://lamurakami/aws-lam1-ubuntu/mike.tgz - | tar -xzf - --directory /home
 - /var/www/aws/aws-efs-www-git-clone.bash mike $keyName
 - ln -s /var/www/mike/mike_apache2.conf /etc/httpd/conf.d/zzz_081_mike.conf
 - echo
 - echo 'AWS LAM Adding blinkenshell www Content'
 # Extract blinkenshell from archive that includes date time stamps
 - aws s3 cp s3://lamurakami/aws-lam1-ubuntu/blinkenshell.tgz - | tar -xzf - --directory /var/www
 - echo
 - echo 'AWS LAM Tell git ownership of /var/www/blinkenshell/public_html is O.K.'
 - git config --system --add safe.directory /var/www/blinkenshell/public_html
 # Clone the blinkenshell repo and integrate it with blinkenshell archive
 - /var/www/aws/aws-efs-www-git-clone.bash blinkenshell $keyName /tmp/
 - mv /tmp/blinkenshell/.git /var/www/blinkenshell/public_html
 - rm -rf /tmp/blinkenshell # Remove the blinkenshell repo fragment
 - sh -c "cd /var/www/blinkenshell/public_html;git remote set-url origin git@github.com:LAMurakami/blinkenshell"
 - sh -c "cd /var/www/blinkenshell/public_html;git remote add ak20 git@ak20:blinkenshell"
 - sh -c "cd /var/www/blinkenshell/public_html;git stash"
 - sh -c "cd /var/www/blinkenshell/public_html;git checkout master"
 - sh -c "cd /var/www/blinkenshell/public_html;git checkout -b $keyName"
 - ln -s /var/www/blinkenshell/public_html/blinkenshell_apache2.conf /etc/httpd/conf.d/zzz_051_blinkenshell.conf
 - echo
 - echo 'AWS LAM Adding alaskademocrat www Content'
 - /var/www/aws/aws-efs-www-git-clone.bash alaskademocrat $keyName
 - ln -s /var/www/alaskademocrat/alaskademocrat_apache2.conf /etc/httpd/conf.d/zzz_069_alaskademocrat.conf
 - echo
 - echo 'AWS LAM ***** Final Initialization Steps *****'
 - echo
 - echo 'AWS LAM add apache group to ec2-user'
 - sh -c "usermod -a -G apache ec2-user"
 - echo
 - echo 'AWS LAM Create /phpinfo.php page'
 - sh -c "echo '<?php phpinfo(); ?>' > /var/www/lam/html/phpinfo.php"
 - sh -c "cd /var/www/lam;git add html/phpinfo.php"
 - echo
 - echo 'AWS LAM update aws site with current public local name ipv4 ipv6'
 - /var/www/aws/cloud-init.pl
 - /var/www/aws/AWS-LAM-git-commit.bash $keyName aws no-ssl lam
 - echo
 - echo 'AWS LAM Change ownership of /var/www'
 - sh -c "chown -R lam:apache /var/www"
 - chown apache:apache /var/www/Multicount
 - chown lam:staff /mnt/efs
 - echo
 - echo 'AWS LAM systemctl start httpd'
 - systemctl start httpd
 - echo
 - echo 'AWS LAM systemctl enable httpd'
 - systemctl enable httpd
 - echo
 - echo 'AWS LAM Update packages to latest'
 - dnf -y update
 - sh -c 'echo "latest" >> /etc/dnf/vars/releasever'
 - dnf -y upgrade
 - echo
 - echo 'AWS LAM Set lam2.duckdns.org hostname'
 - /var/www/aws/Amazon-Linux-2-set-hostname.bash
 - echo
 - echo 'AWS LAM Set hostname and localhost alias in /etc/hosts'
 - sed -i '1s/localhost/lam2.duckdns.org lam2 localhost/' /etc/hosts
 - echo
 - echo 'AWS LAM Updating lam2.duckdns.org IP address'
 - ln -s /home/ec2-user/.duckdns /root/.duckdns
 - /var/www/aws/Update-DuckDNS.bash lam2
 - echo
 - echo 'AWS LAM List Installed Packages information'
 - dnf repoquery -a --installed
 - echo
 - echo 'AWS LAM ***** Update mlocate database *****'
 - updatedb
 - /var/www/aws/systemd/daily-backup/mlocate-mnt-efs
 - echo
 - echo 'AWS LAM Use Elastic File System mlocate database'
 - ln -s /var/www/no-ssl/mlocate.sh /etc/profile.d/mlocate.sh
 - echo
 - echo 'AWS LAM link which to /usr/local/bin *****'
 - ln -s /bin/which /usr/local/bin/which
 - echo
 - echo 'AWS LAM Final Cloud-init etckeeper commit'
 - etckeeper commit -m 'AWS LAM Final Cloud-init etckeeper commit'
 - echo
 - echo 'AWS LAM cloud-config YAML runcmd complete'
 - date