Description: http://MNitra.online - Cloud-init script to set up a secure OPCoinX Masternode with minimal fuss.
Submitted by mnitra on July 10, 2018
Expires on July 10, 2019 at 09:28 PM (3 weeks from now)

#cloud-config
output: { all: "| tee -a /tmp/cloud-init-output.log" }

groups:
  - ssh_users
  - docker

users:
  - name: opcxuser
    gecos: opcxuser
    primary-group: opcxuser
    groups: ssh_users, wheel, docker
    shell: /bin/bash

chpasswd:
  list:  |
    opcxuser:R

disable_root: true

package_update:  true
package_upgrade:  true

packages:
  - firewalld
  - epel-release
  - yum-utils
  - device-mapper-persistent-data
  - lvm2
  - python-virtualenv
  - git
  - wget
  - bind-utils

write_files:
  - encoding:  b64
    content: W0RFRkFVTFRdCiMKIyBTU0ggc2VydmVycwojCgpbc3NoZF0KCiMgVG8gdXNlIG1vcmUgYWdncmVzc2l2ZSBzc2hkIGZpbHRlciAoaW5jbHVzaXZlIHNzaGQtZGRvcyBmYWlscmVnZXgpOgojZmlsdGVyID0gc3NoZC1hZ2dyZXNzaXZlCnBvcnQgICAgPSBzc2gKbG9ncGF0aCA9ICUoc3NoZF9sb2cpcwpiYWNrZW5kID0gJShzc2hkX2JhY2tlbmQpcwplbmFibGVkID0gdHJ1ZQoKW3NzaGQtZGRvc10KIyBUaGlzIGphaWwgY29ycmVzcG9uZHMgdG8gdGhlIHN0YW5kYXJkIGNvbmZpZ3VyYXRpb24gaW4gRmFpbDJiYW4uCiMgVGhlIG1haWwtd2hvaXMgYWN0aW9uIHNlbmQgYSBub3RpZmljYXRpb24gZS1tYWlsIHdpdGggYSB3aG9pcyByZXF1ZXN0CiMgaW4gdGhlIGJvZHkuCnBvcnQgICAgPSBzc2gKbG9ncGF0aCA9ICUoc3NoZF9sb2cpcwpiYWNrZW5kID0gJShzc2hkX2JhY2tlbmQpcwplbmFibGVkID0gdHJ1ZQ==
    owner:  root:root
    path:  /etc/fail2ban/jail.local

  - encoding:  b64
    content: IyEvYmluL2Jhc2gKc2V0IC1leHVvIHBpcGVmYWlsCgpQUklWS0VZX1RFU1Q9Il5bQS1aYS16MC05XXs1MX0kIgpJUD0kKGRpZyArc2hvcnQgbXlpcC5vcGVuZG5zLmNvbSBAcmVzb2x2ZXIxLm9wZW5kbnMuY29tKQpEQVRBRElSPSIvb3B0Igpta2RpciAtcCAke0RBVEFESVJ9L3twb3J0YWluZXIvZGF0YSxPUENvaW5YL2RhdGF9ClBBU1NXT1JEPSQoZGF0ZSArJXMgfCBzaGEyNTZzdW0gfCBiYXNlNjQgfCBoZWFkIC1jIDYwKQpTU0hfVVNFUj0kKGF3ayAnQkVHSU57RlM9IjoifSAvXlx3KzpbQS1aYS16MC05XS97cHJpbnQgJDF9JyAvdG1wL2Nsb3VkLWluaXQtb3V0cHV0LmxvZykJClVTRVJfUEFTUz0kKGF3ayAnQkVHSU57RlM9IjoifSAvXlx3KzpbQS1aYS16MC05XS97cHJpbnQgJDJ9JyAvdG1wL2Nsb3VkLWluaXQtb3V0cHV0LmxvZykKCmlmIFsgISAkIyAtZXEgMCBdICYmIFtbICQxID1+ICRQUklWS0VZX1RFU1QgXV07IHRoZW4KWEdTX0NPTkY9IiR7REFUQURJUn0vT1BDb2luWC9kYXRhL09QQ29pblguY29uZiIKY2F0ID4ke1hHU19DT05GfSA8PEVPRgpycGN1c2VyPW9wY3hycGN1c2VyCnJwY3Bhc3N3b3JkPSR7UEFTU1dPUkR9CnJwY3BvcnQ9MTgwNTAKcnBjYWxsb3dpcD06Oi8wCnJwY2JpbmQ9MC4wLjAuMApsaXN0ZW49MQpzZXJ2ZXI9MQpkYWVtb249MAptYXhjb25uZWN0aW9ucz0yNTYKbG9ndGltZXN0YW1wcz0xCnByaW50dG9jb25zb2xlPTEKZXh0ZXJuYWxpcD0kSVA6MTgwNTEKbWFzdGVybm9kZWFkZHI9JElQOjE4MDUxCm1hc3Rlcm5vZGU9MQptYXN0ZXJub2RlcHJpdmtleT0kMQphZGRub2RlPTE4OC42Mi4yMjMuMTY0CmFkZG5vZGU9MTQ4Ljc1LjE4NC4yMDYKYWRkbm9kZT0xNDAuODIuMjEuMTAyCmFkZG5vZGU9MTQ1LjIzOS40Ny44OQphZGRub2RlPTE0OS4yOC4xMDguMTI0CmFkZG5vZGU9MTQ0LjIwMi42Ny4yMDAKYWRkbm9kZT04Mi4zNS4yMjguNTUKYWRkbm9kZT0yMTIuMTE5LjIxOS41MQphZGRub2RlPTE4NS4yMzkuMjM3LjU3CmFkZG5vZGU9MTM0LjI1NS4yMzEuMTk1CmFkZG5vZGU9MjQuMjEuMzYuMTcxCmFkZG5vZGU9MTA3LjE5MS41Mi4yMzUKYWRkbm9kZT02MC4xMjYuMTI3LjEyOAphZGRub2RlPTE4NS4yMjMuMjguMTY1CmFkZG5vZGU9MTYzLjQ0LjEyMC4xOTAKYWRkbm9kZT0xOTguMTk5LjkyLjkKYWRkbm9kZT04MC4yMTEuMTY4LjE0MgphZGRub2RlPTIxNy42MS4xMDguMTYwCmFkZG5vZGU9MTA3LjE3My41MS4xMDUKYWRkbm9kZT00NS43Ny4yMjMuMjM0CkVPRgpmaQoKZG9ja2VyIGNvbnRhaW5lciBydW4gLWQgLXAgOTAwMDo5MDAwIC0tbmFtZSBwb3J0YWluZXIgLS1yZXN0YXJ0IGFsd2F5cyAtLWxhYmVsIHNlcnZpY2U9aGlkZGVuIC12IC92YXIvcnVuL2RvY2tlci5zb2NrOi92YXIvcnVuL2RvY2tlci5zb2NrIC12ICR7REFUQURJUn0vcG9ydGFpbmVyL2RhdGE6L2RhdGEgcG9ydGFpbmVyL3BvcnRhaW5lciAtSCB1bml4Oi8vL3Zhci9ydW4vZG9ja2VyLnNvY2sgLWwgc2VydmljZT1oaWRkZW4KCmRvY2tlciBjb250YWluZXIgcnVuIC1kIC0tbmFtZSBPUENvaW5YZCAtLXJlc3RhcnQgdW5sZXNzLXN0b3BwZWQgLWUgU1NIX1VTRVI9JHtTU0hfVVNFUn0gLWUgVVNFUl9QQVNTPSR7VVNFUl9QQVNTfSAtcCAxODA1MToxODA1MSAtdiAke0RBVEFESVJ9L09QQ29pblgvZGF0YTovcm9vdC8uT1BDb2luWCBtbml0cmEvb3Bjb2lueDpsYXRlc3QK
    owner: root:root
    permissions: '0755'
    path:  /tmp/run.sh

  - encoding: b64
    content: IyAgICAgICAkT3BlbkJTRDogc3NoZF9jb25maWcsdiAxLjEwMCAyMDE2LzA4LzE1IDEyOjMyOjA0IG5hZGR5IEV4cCAkCgojIFRoaXMgaXMgdGhlIHNzaGQgc2VydmVyIHN5c3RlbS13aWRlIGNvbmZpZ3VyYXRpb24gZmlsZS4gIFNlZQojIHNzaGRfY29uZmlnKDUpIGZvciBtb3JlIGluZm9ybWF0aW9uLgoKIyBUaGlzIHNzaGQgd2FzIGNvbXBpbGVkIHdpdGggUEFUSD0vdXNyL2xvY2FsL2JpbjovdXNyL2JpbgoKIyBUaGUgc3RyYXRlZ3kgdXNlZCBmb3Igb3B0aW9ucyBpbiB0aGUgZGVmYXVsdCBzc2hkX2NvbmZpZyBzaGlwcGVkIHdpdGgKIyBPcGVuU1NIIGlzIHRvIHNwZWNpZnkgb3B0aW9ucyB3aXRoIHRoZWlyIGRlZmF1bHQgdmFsdWUgd2hlcmUKIyBwb3NzaWJsZSwgYnV0IGxlYXZlIHRoZW0gY29tbWVudGVkLiAgVW5jb21tZW50ZWQgb3B0aW9ucyBvdmVycmlkZSB0aGUKIyBkZWZhdWx0IHZhbHVlLgoKIyBJZiB5b3Ugd2FudCB0byBjaGFuZ2UgdGhlIHBvcnQgb24gYSBTRUxpbnV4IHN5c3RlbSwgeW91IGhhdmUgdG8gdGVsbAojIFNFTGludXggYWJvdXQgdGhpcyBjaGFuZ2UuCiMgc2VtYW5hZ2UgcG9ydCAtYSAtdCBzc2hfcG9ydF90IC1wIHRjcCAjUE9SVE5VTUJFUgojCiNQb3J0IDIyCiNBZGRyZXNzRmFtaWx5IGFueQojTGlzdGVuQWRkcmVzcyAwLjAuMC4wCiNMaXN0ZW5BZGRyZXNzIDo6CgpIb3N0S2V5IC9ldGMvc3NoL3NzaF9ob3N0X3JzYV9rZXkKI0hvc3RLZXkgL2V0Yy9zc2gvc3NoX2hvc3RfZHNhX2tleQpIb3N0S2V5IC9ldGMvc3NoL3NzaF9ob3N0X2VjZHNhX2tleQpIb3N0S2V5IC9ldGMvc3NoL3NzaF9ob3N0X2VkMjU1MTlfa2V5CgojIENpcGhlcnMgYW5kIGtleWluZwojUmVrZXlMaW1pdCBkZWZhdWx0IG5vbmUKCiMgTG9nZ2luZwojU3lzbG9nRmFjaWxpdHkgQVVUSApTeXNsb2dGYWNpbGl0eSBBVVRIUFJJVgojTG9nTGV2ZWwgSU5GTwoKIyBBdXRoZW50aWNhdGlvbjoKCiNMb2dpbkdyYWNlVGltZSAybQpQZXJtaXRSb290TG9naW4gbm8KI1N0cmljdE1vZGVzIHllcwojTWF4QXV0aFRyaWVzIDYKI01heFNlc3Npb25zIDEwCgojUHVia2V5QXV0aGVudGljYXRpb24geWVzCgojIFRoZSBkZWZhdWx0IGlzIHRvIGNoZWNrIGJvdGggLnNzaC9hdXRob3JpemVkX2tleXMgYW5kIC5zc2gvYXV0aG9yaXplZF9rZXlzMgojIGJ1dCB0aGlzIGlzIG92ZXJyaWRkZW4gc28gaW5zdGFsbGF0aW9ucyB3aWxsIG9ubHkgY2hlY2sgLnNzaC9hdXRob3JpemVkX2tleXMKQXV0aG9yaXplZEtleXNGaWxlICAgICAgLnNzaC9hdXRob3JpemVkX2tleXMKCiNBdXRob3JpemVkUHJpbmNpcGFsc0ZpbGUgbm9uZQoKI0F1dGhvcml6ZWRLZXlzQ29tbWFuZCBub25lCiNBdXRob3JpemVkS2V5c0NvbW1hbmRVc2VyIG5vYm9keQoKIyBGb3IgdGhpcyB0byB3b3JrIHlvdSB3aWxsIGFsc28gbmVlZCBob3N0IGtleXMgaW4gL2V0Yy9zc2gvc3NoX2tub3duX2hvc3RzCiNIb3N0YmFzZWRBdXRoZW50aWNhdGlvbiBubwojIENoYW5nZSB0byB5ZXMgaWYgeW91IGRvbid0IHRydXN0IH4vLnNzaC9rbm93bl9ob3N0cyBmb3IKIyBIb3N0YmFzZWRBdXRoZW50aWNhdGlvbgojSWdub3JlVXNlcktub3duSG9zdHMgbm8KIyBEb24ndCByZWFkIHRoZSB1c2VyJ3Mgfi8ucmhvc3RzIGFuZCB+Ly5zaG9zdHMgZmlsZXMKI0lnbm9yZVJob3N0cyB5ZXMKCiMgVG8gZGlzYWJsZSB0dW5uZWxlZCBjbGVhciB0ZXh0IHBhc3N3b3JkcywgY2hhbmdlIHRvIG5vIGhlcmUhCiNQYXNzd29yZEF1dGhlbnRpY2F0aW9uIHllcwojUGVybWl0RW1wdHlQYXNzd29yZHMgbm8KUGFzc3dvcmRBdXRoZW50aWNhdGlvbiBubwoKIyBBbGxvdyBvbmx5IHVzZXJzIGluIHNzaF91c2VycyBncm91cApBbGxvd0dyb3VwcyBzc2hfdXNlcnMKCiMgQ2hhbmdlIHRvIG5vIHRvIGRpc2FibGUgcy9rZXkgcGFzc3dvcmRzCiNDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIHllcwpDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIG5vCgojIEtlcmJlcm9zIG9wdGlvbnMKI0tlcmJlcm9zQXV0aGVudGljYXRpb24gbm8KI0tlcmJlcm9zT3JMb2NhbFBhc3N3ZCB5ZXMKI0tlcmJlcm9zVGlja2V0Q2xlYW51cCB5ZXMKI0tlcmJlcm9zR2V0QUZTVG9rZW4gbm8KI0tlcmJlcm9zVXNlS3VzZXJvayB5ZXMKCiMgR1NTQVBJIG9wdGlvbnMKR1NTQVBJQXV0aGVudGljYXRpb24geWVzCkdTU0FQSUNsZWFudXBDcmVkZW50aWFscyBubwojR1NTQVBJU3RyaWN0QWNjZXB0b3JDaGVjayB5ZXMKI0dTU0FQSUtleUV4Y2hhbmdlIG5vCiNHU1NBUElFbmFibGVrNXVzZXJzIG5vCgojIFNldCB0aGlzIHRvICd5ZXMnIHRvIGVuYWJsZSBQQU0gYXV0aGVudGljYXRpb24sIGFjY291bnQgcHJvY2Vzc2luZywKIyBhbmQgc2Vzc2lvbiBwcm9jZXNzaW5nLiBJZiB0aGlzIGlzIGVuYWJsZWQsIFBBTSBhdXRoZW50aWNhdGlvbiB3aWxsCiMgYmUgYWxsb3dlZCB0aHJvdWdoIHRoZSBDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIGFuZAojIFBhc3N3b3JkQXV0aGVudGljYXRpb24uICBEZXBlbmRpbmcgb24geW91ciBQQU0gY29uZmlndXJhdGlvbiwKIyBQQU0gYXV0aGVudGljYXRpb24gdmlhIENoYWxsZW5nZVJlc3BvbnNlQXV0aGVudGljYXRpb24gbWF5IGJ5cGFzcwojIHRoZSBzZXR0aW5nIG9mICJQZXJtaXRSb290TG9naW4gd2l0aG91dC1wYXNzd29yZCIuCiMgSWYgeW91IGp1c3Qgd2FudCB0aGUgUEFNIGFjY291bnQgYW5kIHNlc3Npb24gY2hlY2tzIHRvIHJ1biB3aXRob3V0CiMgUEFNIGF1dGhlbnRpY2F0aW9uLCB0aGVuIGVuYWJsZSB0aGlzIGJ1dCBzZXQgUGFzc3dvcmRBdXRoZW50aWNhdGlvbgojIGFuZCBDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIHRvICdubycuCiMgV0FSTklORzogJ1VzZVBBTSBubycgaXMgbm90IHN1cHBvcnRlZCBpbiBSZWQgSGF0IEVudGVycHJpc2UgTGludXggYW5kIG1heSBjYXVzZSBzZXZlcmFsCiMgcHJvYmxlbXMuClVzZVBBTSB5ZXMKCiNBbGxvd0FnZW50Rm9yd2FyZGluZyB5ZXMKI0FsbG93VGNwRm9yd2FyZGluZyB5ZXMKI0dhdGV3YXlQb3J0cyBubwpYMTFGb3J3YXJkaW5nIHllcwojWDExRGlzcGxheU9mZnNldCAxMAojWDExVXNlTG9jYWxob3N0IHllcwojUGVybWl0VFRZIHllcwojUHJpbnRNb3RkIHllcwojUHJpbnRMYXN0TG9nIHllcwojVENQS2VlcEFsaXZlIHllcwojVXNlTG9naW4gbm8KI1VzZVByaXZpbGVnZVNlcGFyYXRpb24gc2FuZGJveAojUGVybWl0VXNlckVudmlyb25tZW50IG5vCiNDb21wcmVzc2lvbiBkZWxheWVkCiNDbGllbnRBbGl2ZUludGVydmFsIDAKI0NsaWVudEFsaXZlQ291bnRNYXggMwojU2hvd1BhdGNoTGV2ZWwgbm8KI1VzZUROUyB5ZXMKI1BpZEZpbGUgL3Zhci9ydW4vc3NoZC5waWQKI01heFN0YXJ0dXBzIDEwOjMwOjEwMAojUGVybWl0VHVubmVsIG5vCiNDaHJvb3REaXJlY3Rvcnkgbm9uZQojVmVyc2lvbkFkZGVuZHVtIG5vbmUKCiMgbm8gZGVmYXVsdCBiYW5uZXIgcGF0aAojQmFubmVyIG5vbmUKCiMgQWNjZXB0IGxvY2FsZS1yZWxhdGVkIGVudmlyb25tZW50IHZhcmlhYmxlcwpBY2NlcHRFbnYgTEFORyBMQ19DVFlQRSBMQ19OVU1FUklDIExDX1RJTUUgTENfQ09MTEFURSBMQ19NT05FVEFSWSBMQ19NRVNTQUdFUwpBY2NlcHRFbnYgTENfUEFQRVIgTENfTkFNRSBMQ19BRERSRVNTIExDX1RFTEVQSE9ORSBMQ19NRUFTVVJFTUVOVApBY2NlcHRFbnYgTENfSURFTlRJRklDQVRJT04gTENfQUxMIExBTkdVQUdFCkFjY2VwdEVudiBYTU9ESUZJRVJTCgojIG92ZXJyaWRlIGRlZmF1bHQgb2Ygbm8gc3Vic3lzdGVtcwpTdWJzeXN0ZW0gICAgICAgc2Z0cCAgICAvdXNyL2xpYmV4ZWMvb3BlbnNzaC9zZnRwLXNlcnZlcgoKIyBFeGFtcGxlIG9mIG92ZXJyaWRpbmcgc2V0dGluZ3Mgb24gYSBwZXItdXNlciBiYXNpcwojTWF0Y2ggVXNlciBhbm9uY3ZzCiMgICAgICAgWDExRm9yd2FyZGluZyBubwojICAgICAgIEFsbG93VGNwRm9yd2FyZGluZyBubwojICAgICAgIFBlcm1pdFRUWSBubwojICAgICAgIEZvcmNlQ29tbWFuZCBjdnMgc2VydmVy
    owner: root:root
    path: /etc/ssh/sshd_config

runcmd:
  - [ systemctl, daemon-reload ]
  - [ systemctl, enable, firewalld ]
  - [ systemctl, start, --no-block, firewalld ]
  - [ yum, install, -y, fail2ban]
  - [ systemctl, enable, fail2ban ]
  - [ systemctl, start, --no-block, fail2ban ]
  - [ yum-config-manager, --add-repo, "https://download.docker.com/linux/centos/docker-ce.repo" ]
  - [ yum, install, -y, docker-ce, docker-compose ]
  - [ systemctl, enable, docker ]
  - [ systemctl, start, --no-block, docker ]
  - /tmp/run.sh MN_PRIVATE_KEY