Generate cloud-config outside of cidata.iso too

This does not include any mounts, networks, nor boot scripts. It is assumed that "reverse-sshfs" is being used, for mounts. It also does not include lima-guestagent, nerdctl-full.tgz, or any of the provisioning scripts that are in the cidata... Signed-off-by: Anders F Björklund <[email protected]>
lima-vm · Apr 5, 2024 · 17ec2bd · 17ec2bd
1 parent 8584007
commit 17ec2bd
Show file tree

Hide file tree

Showing 8 changed files with 119 additions and 0 deletions.
diff --git a/.yamllint b/.yamllint
@@ -2,6 +2,10 @@
 
 extends: default
 
+ignore: |
+  # this is a yaml template, needs to be executed
+  pkg/cidata/cloud-config.yaml
+
 rules:
   indentation:
     indent-sequences: false

diff --git a/cmd/limactl/start.go b/cmd/limactl/start.go
@@ -14,6 +14,7 @@ import (
 	"github.com/containerd/containerd/identifiers"
 	"github.com/lima-vm/lima/cmd/limactl/editflags"
 	"github.com/lima-vm/lima/cmd/limactl/guessarg"
+	"github.com/lima-vm/lima/pkg/cidata"
 	"github.com/lima-vm/lima/pkg/editutil"
 	"github.com/lima-vm/lima/pkg/ioutilx"
 	"github.com/lima-vm/lima/pkg/limayaml"
@@ -343,6 +344,9 @@ func createInstance(ctx context.Context, st *creatorState, saveBrokenEditorBuffe
 	if err := os.WriteFile(filePath, st.yBytes, 0o644); err != nil {
 		return nil, err
 	}
+	if err := cidata.GenerateCloudConfig(instDir, st.instName, y); err != nil {
+		return nil, err
+	}
 	if err := os.WriteFile(filepath.Join(instDir, filenames.LimaVersion), []byte(version.Version), 0o444); err != nil {
 		return nil, err
 	}

diff --git a/pkg/cidata/cidata.go b/pkg/cidata/cidata.go
@@ -319,6 +319,24 @@ func templateArgs(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, t
 	return &args, nil
 }
 
+func GenerateCloudConfig(instDir, name string, y *limayaml.LimaYAML) error {
+	args, err := templateArgs(instDir, name, y, 0, 0, "", 0, "")
+	if err != nil {
+		return err
+	}
+
+	if err := ValidateTemplateArgs(args); err != nil {
+		return err
+	}
+
+	config, err := ExpandTemplate(args)
+	if err != nil {
+		return err
+	}
+
+	return os.WriteFile(filepath.Join(instDir, filenames.CloudConfig), config, 0o644)
+}
+
 func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, nerdctlArchive string, vsockPort int, virtioPort string) error {
 	args, err := templateArgs(instDir, name, y, udpDNSLocalPort, tcpDNSLocalPort, nerdctlArchive, vsockPort, virtioPort)
 	if err != nil {

diff --git a/pkg/cidata/cloud-config.yaml b/pkg/cidata/cloud-config.yaml
@@ -0,0 +1,62 @@
+#cloud-config
+# vim:syntax=yaml
+
+growpart:
+  mode: auto
+  devices: ['/']
+
+{{- if .UpgradePackages }}
+package_update: true
+package_upgrade: true
+package_reboot_if_required: true
+{{- end }}
+
+{{- if or (eq .MountType "9p") (eq .MountType "virtiofs") }}
+{{- if .Mounts }}
+# mounts are not included here
+{{- end }}
+{{- end }}
+
+{{- if .TimeZone }}
+timezone: {{.TimeZone}}
+{{- end }}
+
+users:
+  - name: "{{.User}}"
+    uid: "{{.UID}}"
+    homedir: "{{.Home}}"
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    lock_passwd: true
+    ssh-authorized-keys:
+    {{- range $val := .SSHPubKeys }}
+      - {{ printf "%q" $val }}
+    {{- end }}
+
+{{- if .DNSAddresses }}
+# resolv_conf is not included here
+{{- end }}
+
+{{ with .CACerts }}
+ca_certs:
+  remove_defaults: {{ .RemoveDefaults }}
+  {{- if .Trusted}}
+  trusted:
+  {{- range $cert := .Trusted }}
+  - |
+    {{- range $line := $cert.Lines }}
+    {{ $line }}
+    {{- end }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+
+{{- if .BootCmds }}
+bootcmd:
+  {{- range $cmd := $.BootCmds }}
+- |
+    {{- range $line := $cmd.Lines }}
+  {{ $line }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/pkg/cidata/template.go b/pkg/cidata/template.go
@@ -19,6 +19,9 @@ var templateFS embed.FS
 
 const templateFSRoot = "cidata.TEMPLATE.d"
 
+//go:embed cloud-config.yaml
+var cloudConfigYaml string
+
 type CACerts struct {
 	RemoveDefaults *bool
 	Trusted        []Cert
@@ -118,6 +121,13 @@ func ValidateTemplateArgs(args *TemplateArgs) error {
 	return nil
 }
 
+func ExpandTemplate(args *TemplateArgs) ([]byte, error) {
+	if err := ValidateTemplateArgs(args); err != nil {
+		return nil, err
+	}
+	return textutil.ExecuteTemplate(cloudConfigYaml, args)
+}
+
 func ExecuteTemplate(args *TemplateArgs) ([]iso9660util.Entry, error) {
 	if err := ValidateTemplateArgs(args); err != nil {
 		return nil, err

diff --git a/pkg/cidata/template_test.go b/pkg/cidata/template_test.go
@@ -10,6 +10,25 @@ import (
 
 var defaultRemoveDefaults = false
 
+func TestConfig(t *testing.T) {
+	args := &TemplateArgs{
+		Name: "default",
+		User: "foo",
+		UID:  501,
+		Home: "/home/foo.linux",
+		SSHPubKeys: []string{
+			"ssh-rsa dummy [email protected]",
+		},
+		MountType: "reverse-sshfs",
+		CACerts: CACerts{
+			RemoveDefaults: &defaultRemoveDefaults,
+		},
+	}
+	config, err := ExpandTemplate(args)
+	assert.NilError(t, err)
+	t.Log(string(config))
+}
+
 func TestTemplate(t *testing.T) {
 	args := &TemplateArgs{
 		Name: "default",

diff --git a/pkg/store/filenames/filenames.go b/pkg/store/filenames/filenames.go
@@ -30,6 +30,7 @@ const (
 	LimaVersion        = "lima-version" // Lima version used to create instance
 	CIDataISO          = "cidata.iso"
 	CIDataISODir       = "cidata"
+	CloudConfig        = "cloud-config.yaml"
 	BaseDisk           = "basedisk"
 	DiffDisk           = "diffdisk"
 	Kernel             = "kernel"

diff --git a/website/content/en/docs/dev/Internals/_index.md b/website/content/en/docs/dev/Internals/_index.md
@@ -35,6 +35,7 @@ Metadata:
 - `protected`: empty file, used by `limactl protect`
 
 cloud-init:
+- `cloud-config.yaml`: cloud-init configuration.
 - `cidata.iso`: cloud-init ISO9660 image. See [`cidata.iso`](#cidataiso).
 
 disk: