Restart sshd in cloud-init

ooni · Sep 24, 2024 · 5ab06e4 · 5ab06e4
1 parent c219068
commit 5ab06e4
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/tf/environments/prod/main.tf b/tf/environments/prod/main.tf
@@ -240,7 +240,8 @@ resource "aws_s3_bucket" "oonith_codepipeline_bucket" {
 }
 
 data "aws_secretsmanager_secret_version" "deploy_key" {
-  secret_id = module.adm_iam_roles.oonidevops_deploy_key_arn
+  secret_id  = module.adm_iam_roles.oonidevops_deploy_key_arn
+  depends_on = [module.adm_iam_roles]
 }
 
 # The aws_codestarconnections_connection resource is created in the state

diff --git a/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml b/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
@@ -155,6 +155,8 @@ write_files:
       }
 
 runcmd:
+  - sshd -t
+  - systemctl restart sshd
   - ufw default deny incoming
   - ufw default allow outgoing
   - ufw allow 2222/tcp