LiamPietralla/code-snippets
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

do non root user doc
Some checks failed
Build, Test & Publish / Build and Publish Container Image (push) Has been cancelled
Details
Build, Test & Publish / Deploy to Infrastructure (push) Has been cancelled
Details
Build, Test & Publish / Build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Liam Pietralla
2026-04-08 08:25:15 +10:00
parent 8f601b83d7
commit cfcfc70025
2 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.vitepress/config.mts
View File

@@ -147,6 +147,7 @@ export default defineConfig({
link: '/opentofu/', link: '/opentofu/',
collapsed: true, collapsed: true,
items: [ items: [
{ text: 'Digital Ocean Droplet Creation', link: '/opentofu/digital-ocean-droplet-non-root-user' },
{ text: 'Encrypted State', link: '/opentofu/encrypted-state' }, { text: 'Encrypted State', link: '/opentofu/encrypted-state' },
] ]
}, },

27
docs/opentofu/digital-ocean-droplet-non-root-user.md Normal file
View File

@@ -0,0 +1,27 @@
# Digital Ocean Droplet Non Root User
Digital Ocean droplets usually have a default user which is root, which is not ideal for security reasons. The following userdata script can be used to create a non-root user and set up SSH access for that user. This is typically used when creating a droplet with Terraform or any other infrastructure as code tool that supports user data.
```tf
data "digitalocean_ssh_key" "default" {
name = "my-ssh-key"
}
resource "digitalocean_droplet" "example" {
# ... other droplet configuration ...
user_data = <<-EOF
#cloud-config
users:
- name: reach
groups: sudo
shell: /bin/bash
sudo: ALL=(ALL) NOPASSWD:ALL
ssh-authorized-keys:
- ${data.digitalocean_ssh_key.default.public_key}
disable_root: true
package_update: true
package_upgrade: true
EOF
}