Versions Compared

Old Version 10

changes.mady.by.user Eigil Obrestad

Saved on

compared with

New Version Current

changes.mady.by.user Lars Erik Pedersen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Cloud-config let you send additional configuration to the cloud-init process running within your virtual machine. This can be a useful tool to ensure updates are installed as the VM is created, that custom users are created and lots of other possibilities. We recommend to check out the Cloud-Config documentation even though we have some examples on this page

...

Info

This is only tested and verified on Ubuntu Server 20.04 and 22.04


If you want to run package upgrades as a part of the first boot, uncomment at the commented lines

...

Code Block
languageyml
#cloud-config
#package_upgrade: true
timezone: "Europe/Oslo"
ssh_pwauth: true
packages:
  - libnss-ldapd
  - nscd

write_files:
  - encoding: b64
    content: IwojIC9ldGMvbnNjZC5jb25mCiMKIyBBbiBleGFtcGxlIE5hbWUgU2VydmljZSBDYWNoZSBjb25maWcgZmlsZS4gIFRoaXMgZmlsZSBpcyBuZWVkZWQgYnkgbnNjZC4KIwojIExlZ2FsIGVudHJpZXMgYXJlOgojCiMJbG9nZmlsZQkJCTxmaWxlPgojCWRlYnVnLWxldmVsCQk8bGV2ZWw+CiMJdGhyZWFkcwkJCTxpbml0aWFsICN0aHJlYWRzIHRvIHVzZT4KIwltYXgtdGhyZWFkcwkJPG1heGltdW0gI3RocmVhZHMgdG8gdXNlPgojCXNlcnZlci11c2VyICAgICAgICAgICAgIDx1c2VyIHRvIHJ1biBzZXJ2ZXIgYXMgaW5zdGVhZCBvZiByb290PgojCQlzZXJ2ZXItdXNlciBpcyBpZ25vcmVkIGlmIG5zY2QgaXMgc3RhcnRlZCB3aXRoIC1TIHBhcmFtZXRlcnMKIyAgICAgICBzdGF0LXVzZXIgICAgICAgICAgICAgICA8dXNlciB3aG8gaXMgYWxsb3dlZCB0byByZXF1ZXN0IHN0YXRpc3RpY3M+CiMJcmVsb2FkLWNvdW50CQl1bmxpbWl0ZWR8PG51bWJlcj4KIwlwYXJhbm9pYQkJPHllc3xubz4KIwlyZXN0YXJ0LWludGVydmFsCTx0aW1lIGluIHNlY29uZHM+CiMKIyAgICAgICBlbmFibGUtY2FjaGUJCTxzZXJ2aWNlPiA8eWVzfG5vPgojCXBvc2l0aXZlLXRpbWUtdG8tbGl2ZQk8c2VydmljZT4gPHRpbWUgaW4gc2Vjb25kcz4KIwluZWdhdGl2ZS10aW1lLXRvLWxpdmUgICA8c2VydmljZT4gPHRpbWUgaW4gc2Vjb25kcz4KIyAgICAgICBzdWdnZXN0ZWQtc2l6ZQkJPHNlcnZpY2U+IDxwcmltZSBudW1iZXI+CiMJY2hlY2stZmlsZXMJCTxzZXJ2aWNlPiA8eWVzfG5vPgojCXBlcnNpc3RlbnQJCTxzZXJ2aWNlPiA8eWVzfG5vPgojCXNoYXJlZAkJCTxzZXJ2aWNlPiA8eWVzfG5vPgojCW1heC1kYi1zaXplCQk8c2VydmljZT4gPG51bWJlciBieXRlcz4KIwlhdXRvLXByb3BhZ2F0ZQkJPHNlcnZpY2U+IDx5ZXN8bm8+CiMKIyBDdXJyZW50bHkgc3VwcG9ydGVkIGNhY2hlIG5hbWVzIChzZXJ2aWNlcyk6IHBhc3N3ZCwgZ3JvdXAsIGhvc3RzLCBzZXJ2aWNlcwojCgoKIwlsb2dmaWxlCQkJL3Zhci9sb2cvbnNjZC5sb2cKIwl0aHJlYWRzCQkJNAojCW1heC10aHJlYWRzCQkzMgojCXNlcnZlci11c2VyCQlub2JvZHkKIwlzdGF0LXVzZXIJCXNvbWVib2R5CglkZWJ1Zy1sZXZlbAkJMAojCXJlbG9hZC1jb3VudAkJNQoJcGFyYW5vaWEJCW5vCiMJcmVzdGFydC1pbnRlcnZhbAkzNjAwCgoJZW5hYmxlLWNhY2hlCQlwYXNzd2QJCXllcwoJcG9zaXRpdmUtdGltZS10by1saXZlCXBhc3N3ZAkJNjAwCgluZWdhdGl2ZS10aW1lLXRvLWxpdmUJcGFzc3dkCQkyMAoJc3VnZ2VzdGVkLXNpemUJCXBhc3N3ZAkJMjExCgljaGVjay1maWxlcwkJcGFzc3dkCQl5ZXMKCXBlcnNpc3RlbnQJCXBhc3N3ZAkJeWVzCglzaGFyZWQJCQlwYXNzd2QJCXllcwoJbWF4LWRiLXNpemUJCXBhc3N3ZAkJMzM1NTQ0MzIKCWF1dG8tcHJvcGFnYXRlCQlwYXNzd2QJCXllcwoKCWVuYWJsZS1jYWNoZQkJZ3JvdXAJCXllcwoJcG9zaXRpdmUtdGltZS10by1saXZlCWdyb3VwCQkzNjAwCgluZWdhdGl2ZS10aW1lLXRvLWxpdmUJZ3JvdXAJCTYwCglzdWdnZXN0ZWQtc2l6ZQkJZ3JvdXAJCTIxMQoJY2hlY2stZmlsZXMJCWdyb3VwCQl5ZXMKCXBlcnNpc3RlbnQJCWdyb3VwCQl5ZXMKCXNoYXJlZAkJCWdyb3VwCQl5ZXMKCW1heC1kYi1zaXplCQlncm91cAkJMzM1NTQ0MzIKCWF1dG8tcHJvcGFnYXRlCQlncm91cAkJeWVzCgoJZW5hYmxlLWNhY2hlCQlob3N0cwkJeWVzCglwb3NpdGl2ZS10aW1lLXRvLWxpdmUJaG9zdHMJCTM2MDAKCW5lZ2F0aXZlLXRpbWUtdG8tbGl2ZQlob3N0cwkJMjAKCXN1Z2dlc3RlZC1zaXplCQlob3N0cwkJMjExCgljaGVjay1maWxlcwkJaG9zdHMJCXllcwoJcGVyc2lzdGVudAkJaG9zdHMJCXllcwoJc2hhcmVkCQkJaG9zdHMJCXllcwoJbWF4LWRiLXNpemUJCWhvc3RzCQkzMzU1NDQzMgoKCWVuYWJsZS1jYWNoZQkJc2VydmljZXMJeWVzCglwb3NpdGl2ZS10aW1lLXRvLWxpdmUJc2VydmljZXMJMjg4MDAKCW5lZ2F0aXZlLXRpbWUtdG8tbGl2ZQlzZXJ2aWNlcwkyMAoJc3VnZ2VzdGVkLXNpemUJCXNlcnZpY2VzCTIxMQoJY2hlY2stZmlsZXMJCXNlcnZpY2VzCXllcwoJcGVyc2lzdGVudAkJc2VydmljZXMJeWVzCglzaGFyZWQJCQlzZXJ2aWNlcwl5ZXMKCW1heC1kYi1zaXplCQlzZXJ2aWNlcwkzMzU1NDQzMgoKIyBuZXRncm91cCBjYWNoaW5nIGlzIGtub3duLWJyb2tlbiwgc28gZGlzYWJsZSBpdCBpbiB0aGUgZGVmYXVsdCBjb25maWcsCiMgc2VlOiBodHRwczovL2J1Z3MubGF1bmNocGFkLm5ldC91YnVudHUvK3NvdXJjZS9lZ2xpYmMvK2J1Zy8xMDY4ODg5CgllbmFibGUtY2FjaGUJCW5ldGdyb3VwCW5vCglwb3NpdGl2ZS10aW1lLXRvLWxpdmUJbmV0Z3JvdXAJMjg4MDAKCW5lZ2F0aXZlLXRpbWUtdG8tbGl2ZQluZXRncm91cAkyMAoJc3VnZ2VzdGVkLXNpemUJCW5ldGdyb3VwCTIxMQoJY2hlY2stZmlsZXMJCW5ldGdyb3VwCXllcwoJcGVyc2lzdGVudAkJbmV0Z3JvdXAJeWVzCglzaGFyZWQJCQluZXRncm91cAl5ZXMKCW1heC1kYi1zaXplCQluZXRncm91cAkzMzU1NDQzMgo=
    owner: root:root
    path: /etc/nscd.conf
    mode: '0600'
  - encoding: b64
    content: IyAvZXRjL25zbGNkLmNvbmYKIyBuc2xjZCBjb25maWd1cmF0aW9uIGZpbGUuIFNlZSBuc2xjZC5jb25mKDUpCiMgZm9yIGRldGFpbHMuCgojIFRoZSB1c2VyIGFuZCBncm91cCBuc2xjZCBzaG91bGQgcnVuIGFzLgp1aWQgbnNsY2QKZ2lkIG5zbGNkCgojIFRoZSBsb2NhdGlvbiBhdCB3aGljaCB0aGUgTERBUCBzZXJ2ZXIocykgc2hvdWxkIGJlIHJlYWNoYWJsZS4KdXJpIGxkYXBzOi8vYXQubnRudS5ubwoKIyBUaGUgc2VhcmNoIGJhc2UgdGhhdCB3aWxsIGJlIHVzZWQgZm9yIGFsbCBxdWVyaWVzLgpiYXNlIGRjPW50bnUsZGM9bm8KYmFzZSBncm91cCBvdT1ncm91cHMsZGM9bnRudSxkYz1ubwpiYXNlIHBhc3N3ZCBvdT11c2VycyxkYz1udG51LGRjPW5vCgptYXAgcGFzc3dkIGhvbWVEaXJlY3RvcnkgIi9ob21lL2xvY2FsLyR1aWQiCgojIEdlY29zLWZlbHRldCBpIExEQVAgZXIgNy1iaXQgQVNDSUksIHPDpSB2aSBsZXNlciBDTiBpIHN0ZWRldAptYXAgcGFzc3dkIGdlY29zIGNuCgojIFRoZSBMREFQIHByb3RvY29sIHZlcnNpb24gdG8gdXNlLgojbGRhcF92ZXJzaW9uIDMKCiMgVGhlIEROIHRvIGJpbmQgd2l0aCBmb3Igbm9ybWFsIGxvb2t1cHMuCiNiaW5kZG4gY249YW5ub255bW91cyxkYz1leGFtcGxlLGRjPW5ldAojYmluZHB3IHNlY3JldAoKIyBUaGUgRE4gdXNlZCBmb3IgcGFzc3dvcmQgbW9kaWZpY2F0aW9ucyBieSByb290Lgojcm9vdHB3bW9kZG4gY249YWRtaW4sZGM9ZXhhbXBsZSxkYz1jb20KCiMgU1NMIG9wdGlvbnMKI3NzbCBvZmYKdGxzX3JlcWNlcnQgZGVtYW5kCnRsc19jYWNlcnRmaWxlIC9ldGMvc3NsL2NlcnRzL2NhLWNlcnRpZmljYXRlcy5jcnQKCiMgVGhlIHNlYXJjaCBzY29wZS4KI3Njb3BlIHN1YgoKIyBEb24ndCBzZWFyY2ggbGRhcCBmb3Igc3lzdGVtIHVzZXJzCm5zc19taW5fdWlkIDEwMDAK
    owner: root:root
    path: /etc/nslcd.conf
    mode: '0400'
  - encoding: b64
    content: IwojIC9ldGMvbnNzd2l0Y2guY29uZgojCiMgQW4gZXhhbXBsZSBOYW1lIFNlcnZpY2UgU3dpdGNoIGNvbmZpZyBmaWxlLiBUaGlzIGZpbGUgc2hvdWxkIGJlCiMgc29ydGVkIHdpdGggdGhlIG1vc3QtdXNlZCBzZXJ2aWNlcyBhdCB0aGUgYmVnaW5uaW5nLgojCiMgVGhlIGVudHJ5ICdbTk9URk9VTkQ9cmV0dXJuXScgbWVhbnMgdGhhdCB0aGUgc2VhcmNoIGZvciBhbgojIGVudHJ5IHNob3VsZCBzdG9wIGlmIHRoZSBzZWFyY2ggaW4gdGhlIHByZXZpb3VzIGVudHJ5IHR1cm5lZAojIHVwIG5vdGhpbmcuIE5vdGUgdGhhdCBpZiB0aGUgc2VhcmNoIGZhaWxlZCBkdWUgdG8gc29tZSBvdGhlciByZWFzb24KIyAobGlrZSBubyBOSVMgc2VydmVyIHJlc3BvbmRpbmcpIHRoZW4gdGhlIHNlYXJjaCBjb250aW51ZXMgd2l0aCB0aGUKIyBuZXh0IGVudHJ5LgojCiMgTGVnYWwgZW50cmllcyBhcmU6CiMKIyAgICAgICBjb21wYXQgICAgICAgICAgICAgICAgICBVc2UgTGliYzUgY29tcGF0aWJpbGl0eSBzZXR1cAojICAgICAgIG5pc3BsdXMgICAgICAgICAgICAgICAgIFVzZSBOSVMrIChOSVMgdmVyc2lvbiAzKQojICAgICAgIG5pcyAgICAgICAgICAgICAgICAgICAgIFVzZSBOSVMgKE5JUyB2ZXJzaW9uIDIpLCBhbHNvIGNhbGxlZCBZUAojICAgICAgIGRucyAgICAgICAgICAgICAgICAgICAgIFVzZSBETlMgKERvbWFpbiBOYW1lIFNlcnZpY2UpIGZvciBJUHY0IG9ubHkKIyAgICAgICBkbnM2ICAgICAgICAgICAgICAgICAgICBVc2UgRE5TIGZvciBJUHY0IGFuZCBJUHY2CiMgICAgICAgZmlsZXMgICAgICAgICAgICAgICAgICAgVXNlIHRoZSBsb2NhbCBmaWxlcwojICAgICAgIGRiICAgICAgICAgICAgICAgICAgICAgIFVzZSB0aGUgL3Zhci9kYiBkYXRhYmFzZXMKIyAgICAgICBbTk9URk9VTkQ9cmV0dXJuXSAgICAgICBTdG9wIHNlYXJjaGluZyBpZiBub3QgZm91bmQgc28gZmFyCiMKIyBGb3IgbW9yZSBpbmZvcm1hdGlvbiwgcGxlYXNlIHJlYWQgdGhlIG5zc3dpdGNoLmNvbmYuNSBtYW51YWwgcGFnZS4KIwoKcGFzc3dkOiAgICAgICAgIGZpbGVzIGxkYXAKZ3JvdXA6ICAgICAgICAgIGZpbGVzIGxkYXAKc2hhZG93OiAgICAgICAgIGZpbGVzCmhvc3RzOiAgICAgICAgICBmaWxlcyBkbnMKbmV0d29ya3M6ICAgICAgIGZpbGVzCgpzZXJ2aWNlczogICAgICAgZmlsZXMKcHJvdG9jb2xzOiAgICAgIGZpbGVzCnJwYzogICAgICAgICAgICBmaWxlcwpldGhlcnM6ICAgICAgICAgZmlsZXMKbmV0bWFza3M6ICAgICAgIGZpbGVzCnB1YmxpY2tleTogICAgICBmaWxlcwpib290cGFyYW1zOiAgICAgZmlsZXMKYXV0b21vdW50OiAgICAgIGZpbGVzCmFsaWFzZXM6ICAgICAgICBmaWxlcwoKbmV0Z3JvdXA6ICAgICAgIGZpbGVzIG5pcwoKaXBub2RlczogICAgICAgIGZpbGVzIGRucwpzZW5kbWFpbHZhcnM6ICAgZmlsZXMKcHJpbnRlcnM6ICAgICAgIHVzZXIgZmlsZXMKCmF1dGhfYXR0cjogICAgICBmaWxlcwpwcm9mX2F0dHI6ICAgICAgZmlsZXMKcHJvamVjdDogICAgICAgIGZpbGVzCg==
    owner: root:root
    path: /etc/nsswitch.conf
    mode: '0400'
  - path: /etc/nslcd.conf
    content: |
      filter passwd (ntnuMemberOf=GROUPNAME)
      # Dummy comment to prevent errors
    append: true
  - path: /etc/sudoers.d/10_administrators
    content: | 
      USERNAME ALL=(ALL) NOPASSWD:ALL
      %GROUPNAME ALL=(ALL) NOPASSWD:ALL
    owner: root:root
    mode: '0440'
  - path: /etc/ssh/sshd_config
    content: |
      AllowUsers ubuntu USER1 USER2
      Match group GROUPNAME
        AllowUsers *
    append: true

runcmd:
  - pam-auth-update --enable mkhomedir
  - pam-auth-update --force
  - systemctl restart sshd

#power_state:
#  delay: "now"
#  mode: reboot
#  message: Finished - rebooting
#  timeout: 30
#  condition: True

...