#cloud-config autoinstall: version: 1 # Network configuration – Ethernet + optional Wi‑Fi network: version: 2 ethernets: all-eth: match: name: "en*" # matches common Ethernet interface names dhcp4: true optional: true # not required; if no eth interface exists, ignore # ─── IDENTITY ────────────────────────────────────────────────────────────── identity: hostname: nokia username: alfoldi password: "${USER_PASSWORD_HASH}" # ─── SSH ─────────────────────────────────────────────────────────────────── ssh: install-server: true allow-pw: false authorized-keys: - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgcJfi0dZotMWa8zQvxXduM76GmQfoPvMU5FjIFZCAa alfonzso@gmail.com" locale: en_US.UTF-8 keyboard: layout: us # ─── DISK LAYOUT: LVM on LUKS ────────────────────────────────────────────── storage: layout: name: lvm # match: # path: /dev/nvme0n1 sizing-policy: all encrypted: true password: "${LUKS_PASSPHRASE}" # ─── CERT FILES ──────────────────────────────────────────────────────────── write_files: - path: /nokia/vpn/NOKIA_Root_CA.crt permissions: "0600" owner: root:root encoding: b64 content: "${NOKIA_CA_CERT_B64}" - path: /nokia/vpn/alfoldi.ipa.nsn-net.net.crt permissions: "0600" owner: root:root encoding: b64 content: "${NOKIA_CLIENT_CERT_B64}" - path: /nokia/vpn/alfoldi.ipa.nsn-net.net.key permissions: "0600" owner: root:root encoding: b64 content: "${NOKIA_CLIENT_KEY_B64}" - path: /etc/systemd/logind.conf.d/lid.conf content: | [Login] HandleLidSwitch=ignore LidSwitchIgnoreInhibited=no # ─── PACKAGES ────────────────────────────────────────────────────────────── packages: - git - curl - wget - vim - build-essential - python3 - python3-pip - python3-venv - apt-transport-https - ca-certificates - gnupg - lsb-release - openssh-server early-commands: - mkdir -p /nokia/vpn - mkdir -p /target/nokia/vpn late-commands: # - cp /etc/resolv.conf /target/etc/resolv.conf - bash -x /cdrom/nocloud/wifi.sh - cp /cdrom/nocloud/post-install.sh /target/home/ updates: security shutdown: poweroff # vim: set filetype=yaml :