diff options
| author | Scott Moser <smoser@ubuntu.com> | 2013-08-24 00:07:35 -0400 |
|---|---|---|
| committer | Scott Moser <smoser@ubuntu.com> | 2013-08-24 00:07:35 -0400 |
| commit | 10c8ec1e5c1b16572a38afd08ee794d28c450054 (patch) | |
| tree | 9b806063a391efdb2550b6079f68322eb9872cc7 /doc | |
| parent | 0a667454289a788a6f406e66d78a34c7ec914daa (diff) | |
| download | vyos-cloud-init-10c8ec1e5c1b16572a38afd08ee794d28c450054.tar.gz vyos-cloud-init-10c8ec1e5c1b16572a38afd08ee794d28c450054.zip | |
changes to behavior on specifying keys.
The most likely end user operation (or at least a valid one) for base64
encoding would be to encode the user-data, but leave all other values
as plaintext.
In order to facilitate that, the user can simply add:
b64-user-data=true
to indicate that user-data is base64 encoded.
Other changes here are to change the cloud-config and metadata keynames
that are used.
base64_all = boolean(True)
base64_keys = [list, of, keys]
Fixed up tests to accomodate.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/examples/cloud-config-datasources.txt | 10 | ||||
| -rw-r--r-- | doc/sources/smartos/README.rst | 16 |
2 files changed, 20 insertions, 6 deletions
diff --git a/doc/examples/cloud-config-datasources.txt b/doc/examples/cloud-config-datasources.txt index 6ec0d57e..65a3cdf5 100644 --- a/doc/examples/cloud-config-datasources.txt +++ b/doc/examples/cloud-config-datasources.txt @@ -56,4 +56,12 @@ datasource: # a server on the other end. By default, the second serial console is the # device. SmartOS also uses a serial timeout of 60 seconds. serial_device: /dev/ttyS1 - serial timeout: 60 + serial_timeout: 60 + + # a list of keys that will not be base64 decoded even if base64_all + no_base64_decode: ['root_authorized_keys', 'motd_sys_info', + 'iptables_disable'] + # a plaintext, comma delimited list of keys whose values are b64 encoded + base64_keys: [] + # a boolean indicating that all keys not in 'no_base64_decode' are encoded + base64_all: False diff --git a/doc/sources/smartos/README.rst b/doc/sources/smartos/README.rst index 8f72fa0f..fd4e496d 100644 --- a/doc/sources/smartos/README.rst +++ b/doc/sources/smartos/README.rst @@ -53,14 +53,20 @@ are provided by SmartOS: * enable_motd_sys_info * iptables_disable +This list can be changed through system config of variable 'no_base64_decode'. + This means that user-script and user-data as well as other values can be base64 encoded. Since Cloud-init can only guess as to whether or not something is truly base64 encoded, the following meta-data keys are hints as to whether or not to base64 decode something: - * decode_base64: Except for excluded keys, attempt to base64 decode + * base64_all: Except for excluded keys, attempt to base64 decode the values. If the value fails to decode properly, it will be returned in its text - * base_64_encoded: A comma deliminated list of which values are base64 - encoded. - * no_base64_decode: This is a configuration setting (i.e. /etc/cloud/cloud.cfg.d) - that sets which values should not be base64 decoded. + * base64_keys: A comma deliminated list of which keys are base64 encoded. + * b64-<key>: + for any key, if there exists an entry in the metadata for 'b64-<key>' + Then 'b64-<key>' is expected to be a plaintext boolean indicating whether + or not its value is encoded. + * no_base64_decode: This is a configuration setting + (i.e. /etc/cloud/cloud.cfg.d) that sets which values should not be + base64 decoded. |