linuxonazure

apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd

secure-sshd/azuredeploy.json

raw link view readme
1 {
2 "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
3 "contentVersion": "1.0.0.0",
4 "parameters": {
5 "admin-username": {
6 "type": "string"
7 },
8 "ssh-public-key": {
9 "type": "string"
10 }
11 },
12 "variables": {
13 "ssh-keypath": "[concat('/home/', parameters('admin-username'), '/.ssh/authorized_keys')]",
14 "unique-prefix": "[concat(replace(resourceGroup().name,'-',''), substring(uniquestring(resourceGroup().name), 0, 5))]",
15 "storage-name": "[variables('unique-prefix')]",
16 "vnet-name": "[concat(resourceGroup().name, '-vnet')]",
17 "ip-prefix": "[concat(resourceGroup().name, '-ip-')]",
18 "nsg-prefix": "[concat(resourceGroup().name, '-nsg')]",
19 "nic-prefix": "[concat(resourceGroup().name, '-nic-')]",
20 "access-nic-internal": "[concat(resourceGroup().name, '-access-nic-internal')]",
21 "access-nic-external": "[concat(resourceGroup().name, '-access-nic-external')]",
22 "vm-prefix": "[concat(resourceGroup().name, '-vm-')]",
23 "names": [ "alpha", "beta", "gamma", "delta", "epsilon", "zeta", "eta", "theta", "iota", "kappa", "lambda", "mu", "nu", "xi", "omicron", "pi", "rho", "sigma", "tau", "upsilon", "phi", "chi", "psi", "omega" ],
24 "private-vm-size": "Standard_DS1_v2",
25 "vnet-address-space": "10.16.0.0/12",
26 "vnet-subnet01-octet": 17,
27 "vnet-subnet02-octet": 18
28 },
29 "resources": [
30 {
31 "comments": "",
32 "type": "Microsoft.Network/publicIPAddresses",
33 "name": "[concat(variables('ip-prefix'), variables('names')[0])]",
34 "apiVersion": "2017-03-01",
35 "location": "[resourceGroup().location]",
36 "properties": {
37 "publicIPAllocationMethod": "Dynamic",
38 "idleTimeoutInMinutes": 4,
39 "dnsSettings": {
40 "domainNameLabel": "[concat(variables('unique-prefix'), '-', variables('names')[0])]"
41 }
42 },
43 "resources": [],
44 "dependsOn": []
45 },
46 {
47 "comments": "",
48 "type": "Microsoft.Network/publicIPAddresses",
49 "name": "[concat(variables('ip-prefix'), variables('names')[1])]",
50 "apiVersion": "2017-03-01",
51 "location": "[resourceGroup().location]",
52 "properties": {
53 "publicIPAllocationMethod": "Dynamic",
54 "idleTimeoutInMinutes": 4,
55 "dnsSettings": {
56 "domainNameLabel": "[concat(variables('unique-prefix'), '-', variables('names')[1])]"
57 }
58 },
59 "resources": [],
60 "dependsOn": []
61 },
62 {
63 "comments": "",
64 "type": "Microsoft.Compute/virtualMachines",
65 "name": "[concat(variables('vm-prefix'), variables('names')[0])]",
66 "apiVersion": "2016-04-30-preview",
67 "location": "[resourceGroup().location]",
68 "properties": {
69 "hardwareProfile": {
70 "vmSize": "Standard_DS2_v2"
71 },
72 "storageProfile": {
73 "imageReference": {
74 "publisher": "OpenLogic",
75 "offer": "CentOS",
76 "sku": "7.2",
77 "version": "latest"
78 },
79 "osDisk": {
80 "name": "[concat(variables('vm-prefix'), variables('names')[0], '-boot')]",
81 "createOption": "FromImage",
82 "vhd": {
83 "uri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('storage-name')), '2015-06-15').primaryEndpoints.blob, 'vhds/', variables('names')[0], '-boot.vhd')]"
84 },
85 "caching": "ReadWrite"
86 }
87 },
88 "osProfile": {
89 "computerName": "[concat(variables('vm-prefix'), variables('names')[0])]",
90 "adminUsername": "[parameters('admin-username')]",
91 "linuxConfiguration": {
92 "disablePasswordAuthentication": true,
93 "ssh": {
94 "publicKeys": [
95 {
96 "path": "[variables('ssh-keypath')]",
97 "keyData": "[parameters('ssh-public-key')]"
98 }
99 ]
100 }
101 }
102 },
103 "networkProfile": {
104 "networkInterfaces": [
105 {
106 "id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('nic-prefix'), variables('names')[0]))]",
107 "properties": { "primary": true }
108 },
109 {
110 "id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vm-prefix'), variables('names')[0], '-', variables('names')[1]))]",
111 "properties": { "primary": false }
112 }
113 ]
114 }
115 },
116 "resources": [],
117 "dependsOn": [
118 "[resourceId('Microsoft.Storage/storageAccounts', variables('storage-name'))]",
119 "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('nic-prefix'), variables('names')[0]))]",
120 "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vm-prefix'), variables('names')[0], '-', variables('names')[1]))]"
121 ]
122 },
123 {
124 "type": "Microsoft.Compute/virtualMachines/extensions",
125 "name": "[concat(variables('vm-prefix'), variables('names')[0], '/', 'script')]",
126 "apiVersion": "2015-05-01-preview",
127 "location": "[resourceGroup().location]",
128 "dependsOn": [
129 "[concat(variables('vm-prefix'), variables('names')[0])]"
130 ],
131 "properties": {
132 "publisher": "Microsoft.Azure.Extensions",
133 "type": "CustomScript",
134 "typeHandlerVersion": "2.0",
135 "autoUpgradeMinorVersion": true,
136 "settings": {
137 "fileUris": [
138 "https://linux.azure.david.betz.space/raw/secure-sshd/client-setup.sh"
139 ],
140 "commandToExecute": "sh client-setup.sh"
141 }
142 }
143 },
144 {
145 "comments": "",
146 "type": "Microsoft.Compute/virtualMachines",
147 "name": "[concat(variables('vm-prefix'), variables('names')[1])]",
148 "apiVersion": "2016-04-30-preview",
149 "location": "[resourceGroup().location]",
150 "properties": {
151 "hardwareProfile": {
152 "vmSize": "[variables('private-vm-size')]"
153 },
154 "storageProfile": {
155 "imageReference": {
156 "publisher": "OpenLogic",
157 "offer": "CentOS",
158 "sku": "7.2",
159 "version": "latest"
160 },
161 "osDisk": {
162 "name": "[concat(concat(variables('vm-prefix'), variables('names')[1]), '-boot')]",
163 "createOption": "FromImage",
164 "vhd": {
165 "uri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('storage-name')), '2015-06-15').primaryEndpoints.blob, 'vhds/', variables('names')[1], '-boot.vhd')]"
166 },
167 "caching": "ReadWrite"
168 }
169 },
170 "osProfile": {
171 "computerName": "[concat(variables('vm-prefix'), variables('names')[0])]",
172 "adminUsername": "[parameters('admin-username')]",
173 "linuxConfiguration": {
174 "disablePasswordAuthentication": true,
175 "ssh": {
176 "publicKeys": [
177 {
178 "path": "[variables('ssh-keypath')]",
179 "keyData": "[parameters('ssh-public-key')]"
180 }
181 ]
182 }
183 }
184 },
185 "networkProfile": {
186 "networkInterfaces": [
187 {
188 "id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vm-prefix'), variables('names')[1]))]"
189 }
190 ]
191 }
192 },
193 "resources": [],
194 "dependsOn": [
195 "[resourceId('Microsoft.Storage/storageAccounts', variables('storage-name'))]",
196 "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vm-prefix'), variables('names')[1]))]"
197 ]
198 },
199 {
200 "type": "Microsoft.Compute/virtualMachines/extensions",
201 "name": "[concat(variables('vm-prefix'), variables('names')[1], '/', 'script')]",
202 "apiVersion": "2015-05-01-preview",
203 "location": "[resourceGroup().location]",
204 "dependsOn": [
205 "[concat(variables('vm-prefix'), variables('names')[1])]"
206 ],
207 "properties": {
208 "publisher": "Microsoft.Azure.Extensions",
209 "type": "CustomScript",
210 "typeHandlerVersion": "2.0",
211 "autoUpgradeMinorVersion": true,
212 "settings": {
213 "fileUris": [
214 "https://linux.azure.david.betz.space/raw/secure-sshd/sshd-service-setup.sh"
215 ],
216 "commandToExecute": "sh sshd-service-setup.sh"
217 }
218 }
219 },
220 {
221 "comments": "",
222 "type": "Microsoft.Network/networkInterfaces",
223 "name": "[concat(variables('nic-prefix'), variables('names')[0])]",
224 "apiVersion": "2017-03-01",
225 "location": "[resourceGroup().location]",
226 "properties": {
227 "ipConfigurations": [
228 {
229 "name": "ifconfig1",
230 "properties": {
231 "privateIPAddress": "[concat('10.', variables('vnet-subnet01-octet'), '.0.4')]",
232 "privateIPAllocationMethod": "Static",
233 "publicIPAddress": {
234 "id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('ip-prefix'), variables('names')[0]))]"
235 },
236 "subnet": {
237 "id": "[concat(resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name')), '/subnets/subnet01')]"
238 }
239 }
240 }
241 ],
242 "dnsSettings": {
243 "dnsServers": []
244 },
245 "enableIPForwarding": false,
246 "networkSecurityGroup": {
247 "id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg-prefix'), variables('names')[0]))]"
248 }
249 },
250 "resources": [],
251 "dependsOn": [
252 "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('ip-prefix'), variables('names')[0]))]",
253 "[resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name'))]",
254 "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg-prefix'), variables('names')[0]))]"
255 ]
256 },
257 {
258 "comments": "",
259 "type": "Microsoft.Network/networkInterfaces",
260 "name": "[concat(variables('vm-prefix'), variables('names')[0], '-', variables('names')[1])]",
261 "apiVersion": "2017-03-01",
262 "location": "[resourceGroup().location]",
263 "properties": {
264 "ipConfigurations": [
265 {
266 "name": "ifconfig",
267 "properties": {
268 "privateIPAddress": "[concat('10.', variables('vnet-subnet02-octet'), '.0.4')]",
269 "privateIPAllocationMethod": "Static",
270 "subnet": {
271 "id": "[concat(resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name')), '/subnets/subnet02')]"
272 }
273 }
274 }
275 ],
276 "dnsSettings": {
277 "dnsServers": []
278 },
279 "enableIPForwarding": false,
280 "networkSecurityGroup": {
281 "id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg-prefix'), variables('names')[0]))]"
282 }
283 },
284 "resources": [],
285 "dependsOn": [
286 "[resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name'))]",
287 "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg-prefix'), variables('names')[0]))]"
288 ]
289 },
290 {
291 "comments": "",
292 "type": "Microsoft.Network/networkInterfaces",
293 "name": "[concat(variables('vm-prefix'), variables('names')[1])]",
294 "apiVersion": "2017-03-01",
295 "location": "[resourceGroup().location]",
296 "properties": {
297 "ipConfigurations": [
298 {
299 "name": "ifconfig",
300 "properties": {
301 "privateIPAddress": "[concat('10.', variables('vnet-subnet02-octet'), '.0.5')]",
302 "privateIPAllocationMethod": "Static",
303 "publicIPAddress": {
304 "id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('ip-prefix'), variables('names')[1]))]"
305 },
306 "subnet": {
307 "id": "[concat(resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name')), '/subnets/subnet02')]"
308 }
309 }
310 }
311 ],
312 "dnsSettings": {
313 "dnsServers": []
314 },
315 "enableIPForwarding": false,
316 "networkSecurityGroup": {
317 "id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg-prefix'), variables('names')[1]))]"
318 }
319 },
320 "resources": [],
321 "dependsOn": [
322 "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('ip-prefix'), variables('names')[1]))]",
323 "[resourceId('Microsoft.Network/virtualNetworks', variables('vnet-name'))]",
324 "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('nsg-prefix'), variables('names')[1]))]"
325 ]
326 },
327 {
328 "comments": "",
329 "type": "Microsoft.Network/virtualNetworks",
330 "name": "[variables('vnet-name')]",
331 "apiVersion": "2017-03-01",
332 "location": "[resourceGroup().location]",
333 "properties": {
334 "addressSpace": {
335 "addressPrefixes": [
336 "[variables('vnet-address-space')]"
337 ]
338 },
339 "subnets": [
340 {
341 "name": "subnet01",
342 "properties": {
343 "addressPrefix": "[concat('10.', variables('vnet-subnet01-octet'), '.0.0/16')]"
344 }
345 },
346 {
347 "name": "subnet02",
348 "properties": {
349 "addressPrefix": "[concat('10.', variables('vnet-subnet02-octet'), '.0.0/16')]"
350 }
351 }
352 ]
353 },
354 "resources": [],
355 "dependsOn": []
356 },
357 {
358 "comments": "",
359 "type": "Microsoft.Network/networkSecurityGroups",
360 "name": "[concat(variables('nsg-prefix'), variables('names')[0])]",
361 "apiVersion": "2017-03-01",
362 "location": "[resourceGroup().location]",
363 "properties": {
364 "securityRules": [
365 {
366 "name": "default-allow-ssh",
367 "properties": {
368 "protocol": "Tcp",
369 "sourcePortRange": "*",
370 "destinationPortRange": "22",
371 "sourceAddressPrefix": "*",
372 "destinationAddressPrefix": "*",
373 "access": "Allow",
374 "priority": 1000,
375 "direction": "Inbound"
376 }
377 },
378 {
379 "name": "http",
380 "properties": {
381 "protocol": "Tcp",
382 "sourcePortRange": "*",
383 "destinationPortRange": "80",
384 "sourceAddressPrefix": "*",
385 "destinationAddressPrefix": "*",
386 "access": "Allow",
387 "priority": 1100,
388 "direction": "Inbound"
389 }
390 },
391 {
392 "name": "https",
393 "properties": {
394 "protocol": "Tcp",
395 "sourcePortRange": "*",
396 "destinationPortRange": "443",
397 "sourceAddressPrefix": "*",
398 "destinationAddressPrefix": "*",
399 "access": "Allow",
400 "priority": 1200,
401 "direction": "Inbound"
402 }
403 }
404 ]
405 },
406 "resources": [],
407 "dependsOn": []
408 },
409 {
410 "comments": "",
411 "type": "Microsoft.Network/networkSecurityGroups",
412 "name": "[concat(variables('nsg-prefix'), variables('names')[1])]",
413 "apiVersion": "2017-03-01",
414 "location": "[resourceGroup().location]",
415 "properties": {
416 "securityRules": [
417 {
418 "name": "default-allow-ssh",
419 "properties": {
420 "protocol": "Tcp",
421 "sourcePortRange": "*",
422 "destinationPortRange": "22",
423 "sourceAddressPrefix": "*",
424 "destinationAddressPrefix": "*",
425 "access": "Allow",
426 "priority": 1000,
427 "direction": "Inbound"
428 }
429 },
430 {
431 "name": "default-allow-sshalt",
432 "properties": {
433 "protocol": "Tcp",
434 "sourcePortRange": "*",
435 "destinationPortRange": "2222",
436 "sourceAddressPrefix": "*",
437 "destinationAddressPrefix": "*",
438 "access": "Allow",
439 "priority": 1100,
440 "direction": "Inbound"
441 }
442 }
443 ]
444 },
445 "resources": [],
446 "dependsOn": []
447 },
448 {
449 "comments": "",
450 "type": "Microsoft.Storage/storageAccounts",
451 "sku": {
452 "name": "Standard_LRS",
453 "tier": "Standard"
454 },
455 "kind": "Storage",
456 "name": "[variables('storage-name')]",
457 "apiVersion": "2016-01-01",
458 "location": "[resourceGroup().location]",
459 "tags": {},
460 "properties": { },
461 "resources": [],
462 "dependsOn": []
463 }
464 ],
465 "outputs": {
466 "alpha": {
467 "type": "string",
468 "value": "[concat('ssh ', variables('unique-prefix'), '-', variables('names')[0], '.', resourceGroup().location, '.cloudapp.azure.com')]"
469 },
470 "beta": {
471 "type": "string",
472 "value": "[concat('ssh ', variables('unique-prefix'), '-', variables('names')[1], '.', resourceGroup().location, '.cloudapp.azure.com')]"
473 }
474 }
475 }
476
477
478
479
480
apache apache-python apache-secure autofs btrfs cdn-django couchdb create delete dhcp dns-bind dns-unbound dotnetcore elasticsearch elasticsearch-secure elasticsearch-secure-nodes hypervcreate iscsi lvm-ext4 lvm-ext4-snapshot lvm-striping lvm-xfs mariadb mongodb mongodb-secure multi nfs nfs4 ntp openldap postfix public-private pxe python-uwsgi-nginx quota quota-xfs raid-crypto-lvm readme redeploy redis samba samba-azure secure-sshd simple simple-managed-disks squid vsftpd