From 17ec2bd15d47d7c8d6e43c6223aa532e78239381 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= <anders.f.bjorklund@gmail.com>
Date: Fri, 5 Apr 2024 20:39:10 +0200
Subject: [PATCH] Generate cloud-config outside of cidata.iso too
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This does not include any mounts, networks, nor boot scripts.
It is assumed that "reverse-sshfs" is being used, for mounts.

It also does not include lima-guestagent, nerdctl-full.tgz,
or any of the provisioning scripts that are in the cidata...

Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
---
 .yamllint                                     |  4 ++
 cmd/limactl/start.go                          |  4 ++
 pkg/cidata/cidata.go                          | 18 ++++++
 pkg/cidata/cloud-config.yaml                  | 62 +++++++++++++++++++
 pkg/cidata/template.go                        | 10 +++
 pkg/cidata/template_test.go                   | 19 ++++++
 pkg/store/filenames/filenames.go              |  1 +
 .../content/en/docs/dev/Internals/_index.md   |  1 +
 8 files changed, 119 insertions(+)
 create mode 100644 pkg/cidata/cloud-config.yaml

diff --git a/.yamllint b/.yamllint
index a7c8c3f9e008..dae683c8f61d 100644
--- a/.yamllint
+++ b/.yamllint
@@ -2,6 +2,10 @@
 
 extends: default
 
+ignore: |
+  # this is a yaml template, needs to be executed
+  pkg/cidata/cloud-config.yaml
+
 rules:
   indentation:
     indent-sequences: false
diff --git a/cmd/limactl/start.go b/cmd/limactl/start.go
index af35f79f8a8a..712a278153ca 100644
--- a/cmd/limactl/start.go
+++ b/cmd/limactl/start.go
@@ -14,6 +14,7 @@ import (
 	"github.com/containerd/containerd/identifiers"
 	"github.com/lima-vm/lima/cmd/limactl/editflags"
 	"github.com/lima-vm/lima/cmd/limactl/guessarg"
+	"github.com/lima-vm/lima/pkg/cidata"
 	"github.com/lima-vm/lima/pkg/editutil"
 	"github.com/lima-vm/lima/pkg/ioutilx"
 	"github.com/lima-vm/lima/pkg/limayaml"
@@ -343,6 +344,9 @@ func createInstance(ctx context.Context, st *creatorState, saveBrokenEditorBuffe
 	if err := os.WriteFile(filePath, st.yBytes, 0o644); err != nil {
 		return nil, err
 	}
+	if err := cidata.GenerateCloudConfig(instDir, st.instName, y); err != nil {
+		return nil, err
+	}
 	if err := os.WriteFile(filepath.Join(instDir, filenames.LimaVersion), []byte(version.Version), 0o444); err != nil {
 		return nil, err
 	}
diff --git a/pkg/cidata/cidata.go b/pkg/cidata/cidata.go
index 96fabbebee14..2c392dd893f9 100644
--- a/pkg/cidata/cidata.go
+++ b/pkg/cidata/cidata.go
@@ -319,6 +319,24 @@ func templateArgs(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, t
 	return &args, nil
 }
 
+func GenerateCloudConfig(instDir, name string, y *limayaml.LimaYAML) error {
+	args, err := templateArgs(instDir, name, y, 0, 0, "", 0, "")
+	if err != nil {
+		return err
+	}
+
+	if err := ValidateTemplateArgs(args); err != nil {
+		return err
+	}
+
+	config, err := ExpandTemplate(args)
+	if err != nil {
+		return err
+	}
+
+	return os.WriteFile(filepath.Join(instDir, filenames.CloudConfig), config, 0o644)
+}
+
 func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, nerdctlArchive string, vsockPort int, virtioPort string) error {
 	args, err := templateArgs(instDir, name, y, udpDNSLocalPort, tcpDNSLocalPort, nerdctlArchive, vsockPort, virtioPort)
 	if err != nil {
diff --git a/pkg/cidata/cloud-config.yaml b/pkg/cidata/cloud-config.yaml
new file mode 100644
index 000000000000..a3bbed9c9330
--- /dev/null
+++ b/pkg/cidata/cloud-config.yaml
@@ -0,0 +1,62 @@
+#cloud-config
+# vim:syntax=yaml
+
+growpart:
+  mode: auto
+  devices: ['/']
+
+{{- if .UpgradePackages }}
+package_update: true
+package_upgrade: true
+package_reboot_if_required: true
+{{- end }}
+
+{{- if or (eq .MountType "9p") (eq .MountType "virtiofs") }}
+{{- if .Mounts }}
+# mounts are not included here
+{{- end }}
+{{- end }}
+
+{{- if .TimeZone }}
+timezone: {{.TimeZone}}
+{{- end }}
+
+users:
+  - name: "{{.User}}"
+    uid: "{{.UID}}"
+    homedir: "{{.Home}}"
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    lock_passwd: true
+    ssh-authorized-keys:
+    {{- range $val := .SSHPubKeys }}
+      - {{ printf "%q" $val }}
+    {{- end }}
+
+{{- if .DNSAddresses }}
+# resolv_conf is not included here
+{{- end }}
+
+{{ with .CACerts }}
+ca_certs:
+  remove_defaults: {{ .RemoveDefaults }}
+  {{- if .Trusted}}
+  trusted:
+  {{- range $cert := .Trusted }}
+  - |
+    {{- range $line := $cert.Lines }}
+    {{ $line }}
+    {{- end }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+
+{{- if .BootCmds }}
+bootcmd:
+  {{- range $cmd := $.BootCmds }}
+- |
+    {{- range $line := $cmd.Lines }}
+  {{ $line }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/pkg/cidata/template.go b/pkg/cidata/template.go
index fee75b276db8..5893e25034bb 100644
--- a/pkg/cidata/template.go
+++ b/pkg/cidata/template.go
@@ -19,6 +19,9 @@ var templateFS embed.FS
 
 const templateFSRoot = "cidata.TEMPLATE.d"
 
+//go:embed cloud-config.yaml
+var cloudConfigYaml string
+
 type CACerts struct {
 	RemoveDefaults *bool
 	Trusted        []Cert
@@ -118,6 +121,13 @@ func ValidateTemplateArgs(args *TemplateArgs) error {
 	return nil
 }
 
+func ExpandTemplate(args *TemplateArgs) ([]byte, error) {
+	if err := ValidateTemplateArgs(args); err != nil {
+		return nil, err
+	}
+	return textutil.ExecuteTemplate(cloudConfigYaml, args)
+}
+
 func ExecuteTemplate(args *TemplateArgs) ([]iso9660util.Entry, error) {
 	if err := ValidateTemplateArgs(args); err != nil {
 		return nil, err
diff --git a/pkg/cidata/template_test.go b/pkg/cidata/template_test.go
index be5be5f0622f..9ca337f7d164 100644
--- a/pkg/cidata/template_test.go
+++ b/pkg/cidata/template_test.go
@@ -10,6 +10,25 @@ import (
 
 var defaultRemoveDefaults = false
 
+func TestConfig(t *testing.T) {
+	args := &TemplateArgs{
+		Name: "default",
+		User: "foo",
+		UID:  501,
+		Home: "/home/foo.linux",
+		SSHPubKeys: []string{
+			"ssh-rsa dummy foo@example.com",
+		},
+		MountType: "reverse-sshfs",
+		CACerts: CACerts{
+			RemoveDefaults: &defaultRemoveDefaults,
+		},
+	}
+	config, err := ExpandTemplate(args)
+	assert.NilError(t, err)
+	t.Log(string(config))
+}
+
 func TestTemplate(t *testing.T) {
 	args := &TemplateArgs{
 		Name: "default",
diff --git a/pkg/store/filenames/filenames.go b/pkg/store/filenames/filenames.go
index 6615b410febe..bfeb27a5477f 100644
--- a/pkg/store/filenames/filenames.go
+++ b/pkg/store/filenames/filenames.go
@@ -30,6 +30,7 @@ const (
 	LimaVersion        = "lima-version" // Lima version used to create instance
 	CIDataISO          = "cidata.iso"
 	CIDataISODir       = "cidata"
+	CloudConfig        = "cloud-config.yaml"
 	BaseDisk           = "basedisk"
 	DiffDisk           = "diffdisk"
 	Kernel             = "kernel"
diff --git a/website/content/en/docs/dev/Internals/_index.md b/website/content/en/docs/dev/Internals/_index.md
index c1cd06ac7c80..e7b146832842 100644
--- a/website/content/en/docs/dev/Internals/_index.md
+++ b/website/content/en/docs/dev/Internals/_index.md
@@ -35,6 +35,7 @@ Metadata:
 - `protected`: empty file, used by `limactl protect`
 
 cloud-init:
+- `cloud-config.yaml`: cloud-init configuration.
 - `cidata.iso`: cloud-init ISO9660 image. See [`cidata.iso`](#cidataiso).
 
 disk: