## template:jinja # The top level settings are used as module # and system configuration. {% set is_bsd = variant in ["dragonfly", "freebsd", "netbsd", "openbsd"] %} {% if is_bsd %} syslog_fix_perms: root:wheel {% elif variant in ["suse"] %} syslog_fix_perms: root:root {% endif %} # A set of users which may be applied and/or used by various modules # when a 'default' entry is found it will reference the 'default_user' # from the distro configuration specified below users: {% if variant in ["photon"] %} - name: root lock_passwd: false {% else %} - default {% endif %} {% if variant in ["photon"] %} # VMware guest customization. disable_vmware_customization: true manage_etc_hosts: false {% endif %} # If this is set, 'root' will not be able to ssh in and they # will get a message to login instead as the default $user {% if variant in ["freebsd", "photon"] %} disable_root: false {% else %} disable_root: true {% endif %} {% if variant in ["almalinux", "alpine", "amazon", "centos", "cloudlinux", "eurolinux", "fedora", "miraclelinux", "openEuler", "rhel", "rocky", "virtuozzo"] %} mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2'] {% if variant == "amazon" %} resize_rootfs: noblock {% endif %} resize_rootfs_tmp: /dev ssh_pwauth: 0 {% endif %} # This will cause the set+update hostname module to not operate (if true) preserve_hostname: false # If you use datasource_list array, keep array items in a single line. # If you use multi line array, ds-identify script won't read array items. {% if variant.endswith("bsd") %} # This should not be required, but leave it in place until the real cause of # not finding -any- datasources is resolved. datasource_list: ['NoCloud', 'ConfigDrive', 'Azure', 'OpenStack', 'Ec2'] {% endif %} # Example datasource config # datasource: # Ec2: # metadata_urls: [ 'blah.com' ] # timeout: 5 # (defaults to 50 seconds) # max_wait: 10 # (defaults to 120 seconds) {% if variant == "amazon" %} # Amazon Linux relies on ec2-net-utils for network configuration network: config: disabled {% endif %} # The modules that run in the 'init' stage cloud_init_modules: - migrator {% if variant not in ["netbsd"] %} - seed_random {% endif %} - bootcmd - write-files {% if variant not in ["netbsd", "openbsd"] %} - growpart - resizefs {% endif %} {% if not is_bsd %} - disk_setup - mounts {% endif %} - set_hostname - update_hostname - update_etc_hosts {% if variant in ["alpine", "photon"] %} - resolv_conf {% endif %} {% if not variant.endswith("bsd") %} {% if variant not in ["photon"] %} - ca-certs {% endif %} - rsyslog {% endif %} - users-groups - ssh # The modules that run in the 'config' stage cloud_config_modules: {% if variant in ["ubuntu", "unknown", "debian"] %} # Emit the cloud config ready event # this can be used by upstart jobs for 'start on cloud-config'. - emit_upstart - snap {% endif %} {% if variant not in ["photon"] %} - ssh-import-id - keyboard - locale {% endif %} - set-passwords {% if variant in ["rhel", "fedora", "photon"] %} {% if variant not in ["photon"] %} - spacewalk {% endif %} - yum-add-repo {% endif %} {% if variant in ["ubuntu", "unknown", "debian"] %} - grub-dpkg - apt-pipelining - apt-configure {% endif %} {% if variant in ["ubuntu"] %} - ubuntu-advantage {% endif %} {% if variant in ["suse"] %} - zypper-add-repo {% endif %} {% if variant in ["alpine"] %} - apk-configure {% endif %} {% if variant not in ["freebsd", "netbsd"] %} - ntp {% endif %} - timezone - disable-ec2-metadata - runcmd {% if variant in ["ubuntu", "unknown", "debian"] %} - byobu {% endif %} # The modules that run in the 'final' stage cloud_final_modules: - package-update-upgrade-install {% if variant in ["ubuntu", "unknown", "debian"] %} - fan - landscape - lxd {% endif %} {% if variant in ["ubuntu", "unknown"] %} - ubuntu-drivers {% endif %} - write-files-deferred - puppet - chef - mcollective - salt-minion - reset_rmc - refresh_rmc_and_interface - rightscale_userdata - scripts-vendor - scripts-per-once - scripts-per-boot - scripts-per-instance - scripts-user - ssh-authkey-fingerprints - keys-to-console - install-hotplug - phone-home - final-message - power-state-change # System and/or distro specific settings # (not accessible to handlers/transforms) system_info: # This will affect which distro class gets used {% if variant in ["almalinux", "alpine", "amazon", "arch", "centos", "cloudlinux", "debian", "eurolinux", "fedora", "freebsd", "gentoo", "netbsd", "miraclelinux", "openbsd", "openEuler", "photon", "rhel", "rocky", "suse", "ubuntu", "virtuozzo"] %} distro: {{ variant }} {% elif variant in ["dragonfly"] %} distro: dragonflybsd {% else %} # Unknown/fallback distro. distro: ubuntu {% endif %} {% if variant in ["ubuntu", "unknown", "debian"] %} # Default user name + that default users groups (if added/used) default_user: name: ubuntu lock_passwd: True gecos: Ubuntu groups: [adm, audio, cdrom, dialout, dip, floppy, lxd, netdev, plugdev, sudo, video] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/bash {# SRU_BLOCKER: do not ship network renderers on Xenial, Bionic or Eoan #} network: renderers: ['netplan', 'eni', 'sysconfig'] # Automatically discover the best ntp_client ntp_client: auto # Other config here will be given to the distro class and/or path classes paths: cloud_dir: /var/lib/cloud/ templates_dir: /etc/cloud/templates/ upstart_dir: /etc/init/ package_mirrors: - arches: [i386, amd64] failsafe: primary: http://archive.ubuntu.com/ubuntu security: http://security.ubuntu.com/ubuntu search: primary: - http://%(ec2_region)s.ec2.archive.ubuntu.com/ubuntu/ - http://%(availability_zone)s.clouds.archive.ubuntu.com/ubuntu/ - http://%(region)s.clouds.archive.ubuntu.com/ubuntu/ security: [] - arches: [arm64, armel, armhf] failsafe: primary: http://ports.ubuntu.com/ubuntu-ports security: http://ports.ubuntu.com/ubuntu-ports search: primary: - http://%(ec2_region)s.ec2.ports.ubuntu.com/ubuntu-ports/ - http://%(availability_zone)s.clouds.ports.ubuntu.com/ubuntu-ports/ - http://%(region)s.clouds.ports.ubuntu.com/ubuntu-ports/ security: [] - arches: [default] failsafe: primary: http://ports.ubuntu.com/ubuntu-ports security: http://ports.ubuntu.com/ubuntu-ports ssh_svcname: ssh {% elif variant in ["almalinux", "alpine", "amazon", "arch", "centos", "cloudlinux", "eurolinux", "fedora", "gentoo", "miraclelinux", "openEuler", "rhel", "rocky", "suse", "virtuozzo"] %} # Default user name + that default users groups (if added/used) default_user: {% if variant == "amazon" %} name: ec2-user lock_passwd: True gecos: EC2 Default User {% else %} name: {{ variant }} lock_passwd: True gecos: {{ variant }} Cloud User {% endif %} {% if variant == "suse" %} groups: [cdrom, users] {% elif variant == "gentoo" %} groups: [users, wheel] primary_group: users no_user_group: true {% elif variant == "alpine" %} groups: [adm, sudo] {% elif variant == "arch" %} groups: [wheel, users] {% else %} groups: [wheel, adm, systemd-journal] {% endif %} sudo: ["ALL=(ALL) NOPASSWD:ALL"] {% if variant == "alpine" %} shell: /bin/ash {% else %} shell: /bin/bash {% endif %} # Other config here will be given to the distro class and/or path classes paths: cloud_dir: /var/lib/cloud/ templates_dir: /etc/cloud/templates/ ssh_svcname: sshd {% elif variant in ["freebsd"] %} # Default user name + that default users groups (if added/used) default_user: name: freebsd lock_passwd: True gecos: FreeBSD groups: [wheel] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/tcsh {% elif variant in ["dragonfly"] %} # Default user name + that default users groups (if added/used) default_user: name: dragonfly lock_passwd: True gecos: DragonFly groups: [wheel] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/sh {% elif variant in ["netbsd"] %} default_user: name: netbsd lock_passwd: True gecos: NetBSD groups: [wheel] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/sh {% elif variant in ["openbsd"] %} default_user: name: openbsd lock_passwd: True gecos: OpenBSD groups: [wheel] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/ksh {% elif variant == "photon" %} default_user: name: photon lock_passwd: True gecos: PhotonOS groups: [wheel] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/bash # Other config here will be given to the distro class and/or path classes paths: cloud_dir: /var/lib/cloud/ templates_dir: /etc/cloud/templates/ network: renderers: ['networkd'] ssh_svcname: sshd # If set to true, cloud-init will not use fallback network config. # In Photon, we have default network settings, hence if network settings are # not explicitly given in metadata, don't use fallback network config. disable_fallback_netcfg: true {% endif %} {% if variant in ["freebsd", "netbsd", "openbsd"] %} network: renderers: ['{{ variant }}'] {% elif variant in ["dragonfly"] %} network: renderers: ['freebsd'] {% endif %}