name
is the name of the servicecommand
says to run a bash series of commands to copy the keys and start the bastion service itself. We copy the keys from a known location which will be uploaded in the next stepports
describes the service listening on 22, which is standard for SSHhostname
describes the hostname that will be generated for the bastion servicepublic-key
with no file extension. An example file with two keys might look like the following:/var/lib/bastion/
and make sure you select the bastion
service checkbox. You do not need to select "Secret" because this file only contains public keys which are not secrets.bastion
service. You can find it in the Hostname URLs
section shown below.bastion
as shown below: