bash - Cloudinit是否可以用于自动化复杂的配置，例如UFW和Apache

Question

Cloudinit 可以处理基本配置，例如创建用户和组、安装软件包、挂载存储点等(请参阅 Cloud Config Examples )。但它可以处理如下更复杂的任务吗？如果可以，如何处理？一个最小的工作示例将不胜感激。

 # KNOWN: Replicating the below user creation with sudo privelges and a home                                    
 # directory is possible through cloudinit
 sudo adduser johnny
 sudo usermod -aG sudo johnny
 
 # KNOWN: Replicating the below public/private key creation is possible through
 # cloudinit
 ssh <a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="056f6a6d6b7c4534352b352b352b34" rel="noreferrer noopener nofollow">[email protected]</a> "ssh-keygen -t rsa"
 
 # UNKNOWN: Is it possible to update the firewall rules in cloudinit or should
 # one simply SSH in afterwards like so
 ssh <a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="345e5b5c5a5a4d7405041a041a041a05" rel="noreferrer noopener nofollow">[email protected]</a> "
     sudo ufw enable
     sudo ufw allow http
     sudo ufw allow https"
 
 # UNKNOWN: Is it possible to deploy LetsEncrypt cetrificates or should one
 # simply SSH in afterwrds like so
 ssh <a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="5c3633343232251c6d6c726c726c726d" rel="noreferrer noopener nofollow">[email protected]</a> "
     sudo service apache2 restart
     sudo certbot --apache"
 
 # UNKNOWN: Is it possible to clone and install git repositories or should one
 # simply SSH in afterwards like so
 ssh <a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="78121710161601384948564856485649" rel="noreferrer noopener nofollow">[email protected]</a> "
     GIT_NAME=johnny
     <a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d3949a878c969e929a9feeb9bcbbbdbdaafda1bab0bc93b0baa7baa9b6bdfdb5b6b7b6a1b2a7babcbd" rel="noreferrer noopener nofollow">[email protected]</a>
     git confing --global user.name $GIT_NAME
     git confing --global user.email $GIT_EMAIL
     git clone <a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="98fff1ecd8fff1ecf0edfab6fbf7f5" rel="noreferrer noopener nofollow">[email protected]</a>:Federation:clandathu.git
     cd clandathu/install
     make --kill-em-all
     sudo make install"      

Answer 1

如果您特指 cloud-config ，那么您列出的所有未知数都没有特定的 modules对于他们来说。但是，您也可以通过 runcmd 运行任意 shell 脚本。模块，或通过指定 script as your user data而不是云配置。它只需以 #! 开头，而不是 #cloud-config 。如果您想要云配置和自定义 shell 脚本，您可以构建 mime multi part archive使用 cloud-init 辅助命令。