#cloud-config autoinstall: version: 1 timezone: Europe/Budapest # Network configuration – Ethernet + optional Wi‑Fi network: version: 2 ethernets: all-eth: match: name: "en*" # matches common Ethernet interface names dhcp4: true optional: true # not required; if no eth interface exists, ignore # ─── IDENTITY ────────────────────────────────────────────────────────────── identity: hostname: nokia-l13g4-sisu username: alfoldi realname: "Zsolt Alfoldi" password: "${USER_PASSWORD_HASH}" # ─── SSH ─────────────────────────────────────────────────────────────────── ssh: install-server: true allow-pw: false authorized-keys: - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgcJfi0dZotMWa8zQvxXduM76GmQfoPvMU5FjIFZCAa alfonzso@gmail.com" locale: en_US.UTF-8 keyboard: layout: us # ─── DISK LAYOUT: LVM on LUKS ────────────────────────────────────────────── storage: layout: name: lvm # match: # path: /dev/nvme0n1 sizing-policy: all encrypted: true password: "${LUKS_PASSPHRASE}" user-data: chpasswd: expire: false list: - root:${USER_PASSWORD_HASH} # ─── CERT FILES ──────────────────────────────────────────────────────────── write_files: - path: /nokia/vpn/NOKIA_Root_CA.crt permissions: "0600" owner: ${TARGET_USER}:${TARGET_USER} encoding: b64 content: "${NOKIA_CA_CERT_B64}" - path: /nokia/vpn/${TARGET_USER}.ipa.nsn-net.net.crt permissions: "0600" owner: ${TARGET_USER}:${TARGET_USER} encoding: b64 content: "${NOKIA_CLIENT_CERT_B64}" - path: /nokia/vpn/${TARGET_USER}.ipa.nsn-net.net.key permissions: "0600" owner: ${TARGET_USER}:${TARGET_USER} encoding: b64 content: "${NOKIA_CLIENT_KEY_B64}" - path: /persists/sops/age/.keep permissions: "0600" owner: ${TARGET_USER}:${TARGET_USER} content: "" - path: /home/${TARGET_USER}/first_install.sh permissions: "0755" owner: ${TARGET_USER}:${TARGET_USER} # | | # envsubst hack \ / # ` content: | if [[ "$${Q}EUID" -ne 0 ]]; then echo "This script must be run as root" exit 1 fi chown ${TARGET_USER}:${TARGET_USER} -R /home/${TARGET_USER}/nocloud/ netplan generate || true netplan apply || true bash -x /home/${TARGET_USER}/nocloud/post-install.sh main # - path: /etc/himmelblau/himmelblau.conf # owner: ${TARGET_USER}:${TARGET_USER} # content: | # [global] # domain = nokia.com # home_attr = CN # home_alias = CN # use_etc_skel = true # pam_allow_groups = zsolt.alfoldi@nokia.com # # user_map_file = /etc/himmelblau/user-map # # - path: /etc/himmelblau/user-map # owner: ${TARGET_USER}:${TARGET_USER} # content: | # ${TARGET_USER}:zsolt.${TARGET_USER}@nokia.com - path: /etc/ssh/sshd_config.d/99-custom.conf permissions: "0644" owner: root:root content: | X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost no GatewayPorts yes - path: /etc/systemd/sleep.conf permissions: "0644" owner: root:root content: | [Sleep] AllowSuspend=no AllowHibernation=no AllowSuspendThenHibernate=no AllowHybridSleep=no - path: /etc/systemd/logind.conf.d/no-powersave.conf permissions: "0644" owner: root:root content: | [Login] HandleLidSwitch=ignore HandleLidSwitchExternalPower=ignore HandleLidSwitchDocked=ignore HandleSuspendKey=ignore HandleHibernateKey=ignore IdleAction=ignore - path: /etc/NetworkManager/conf.d/default-wifi-powersave-on.conf permissions: "0644" owner: root:root content: | [connection] wifi.powersave = 2 - path: /etc/dconf/db/local.d/99-custom-gnome permissions: "0644" owner: root:root content: | [org/gnome/desktop/interface] color-scheme='prefer-dark' gtk-theme='Adwaita-dark' [org/gnome/desktop/background] color-shading-type='solid' picture-options='zoom' picture-uri='file:///usr/share/backgrounds/Fuji_san_by_amaral.png' picture-uri-dark='file:///usr/share/backgrounds/Fuji_san_by_amaral.png' primary-color='#000000' secondary-color='#000000' [org/gnome/desktop/screensaver] picture-uri='file:///usr/share/backgrounds/Fuji_san_by_amaral.png' [org/gnome/desktop/session] idle-delay=uint32 0 [org/gnome/settings-daemon/plugins/power] idle-dim=false sleep-inactive-ac-type='nothing' sleep-inactive-battery-type='nothing' sleep-inactive-ac-timeout=3600 [org/gnome/desktop/peripherals/mouse] speed=-0.60 # [org/gnome/desktop/peripherals/touchpad] # edge-scrolling-enabled=true # two-finger-scrolling-enabled=false [org/gnome/desktop/peripherals/keyboard] numlock-state=true [org/gnome/desktop/notifications] show-banners=false [org/gnome/desktop/wm/keybindings] maximize=@as [] unmaximize=@as [] move-to-workspace-left=['h'] move-to-workspace-right=['l'] switch-to-workspace-left=['h'] switch-to-workspace-right=['l'] [org/gnome/mutter/keybindings] toggle-tiled-left=@as [] toggle-tiled-right=@as [] [org/gnome/shell] disable-user-extensions=false disabled-extensions=['ubuntu-dock@ubuntu.com'] enabled-extensions=['dash-to-panel@jderose9.github.com'] favorite-apps=['firefox_firefox.desktop', 'google-chrome.desktop', 'microsoft-edge.desktop', 'org.gnome.Nautilus.desktop', 'ZSTray.desktop', 'org.gnome.Settings.desktop', 'org.gnome.Terminal.desktop', 'msedge-cifhbcnohmdccbgoicgdjpfamggdegmo-Default.desktop'] [org/gnome/shell/extensions/dash-to-panel] dot-position='BOTTOM' panel-sizes='{"GSM-0x01010101":32,"IVO-0x00000000":32}' panel-anchors='{"GSM-0x01010101":"MIDDLE","IVO-0x00000000":"MIDDLE","HWP-3CQ5372CSD":"MIDDLE"}' panel-element-positions='{"GSM-0x01010101":[{"element":"showAppsButton","visible":true,"position":"stackedTL"},{"element":"activitiesButton","visible":false,"position":"stackedTL"},{"element":"leftBox","visible":true,"position":"stackedTL"},{"element":"taskbar","visible":true,"position":"stackedTL"},{"element":"centerBox","visible":true,"position":"stackedBR"},{"element":"dateMenu","visible":true,"position":"centerMonitor"},{"element":"rightBox","visible":true,"position":"stackedBR"},{"element":"systemMenu","visible":true,"position":"stackedBR"},{"element":"desktopButton","visible":true,"position":"stackedBR"}],"IVO-0x00000000":[{"element":"showAppsButton","visible":true,"position":"stackedTL"},{"element":"activitiesButton","visible":false,"position":"stackedTL"},{"element":"leftBox","visible":true,"position":"stackedTL"},{"element":"taskbar","visible":true,"position":"stackedTL"},{"element":"centerBox","visible":true,"position":"stackedBR"},{"element":"dateMenu","visible":true,"position":"centerMonitor"},{"element":"rightBox","visible":true,"position":"stackedBR"},{"element":"systemMenu","visible":true,"position":"stackedBR"},{"element":"desktopButton","visible":true,"position":"stackedBR"}]}' window-preview-title-position='TOP' hotkeys-overlay-combo='TEMPORARILY' prefs-opened=false [system/proxy] mode='none' autoconfig-url='' ignore-hosts=['localhost', '127.0.0.0/8', '::1', '192.168.1.1', '192.168.0.0', '192.168.0.0/8'] [system/proxy/http] host='10.158.100.1' [system/proxy/https] host='10.158.100.1' port=8080 [org/gnome/terminal/legacy/profiles:] default='71a9971e-e829-43a9-9b2f-4565c855d664' list=['b1dcc9dd-5262-4d8d-a863-c897e6d979b9', 'de8a9081-8352-4ce4-9519-5de655ad9361', '71a9971e-e829-43a9-9b2f-4565c855d664', '5083e06b-024e-46be-9cd2-892b814f1fc8', '95894cfd-82f7-430d-af6e-84d168bc34f5'] [org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9] cell-width-scale=1.0 font='Monospace 10' use-system-font=false [org/gnome/terminal/legacy/profiles:/:de8a9081-8352-4ce4-9519-5de655ad9361] visible-name='Catppuccin Latte' background-color='#eff1f5' foreground-color='#4c4f69' highlight-colors-set=true highlight-background-color='#dc8a78' highlight-foreground-color='#acb0be' cursor-colors-set=true cursor-background-color='#dc8a78' cursor-foreground-color='#eff1f5' use-theme-colors=false palette=['#5c5f77', '#d20f39', '#40a02b', '#df8e1d', '#1e66f5', '#ea76cb', '#179299', '#acb0be', '#6c6f85', '#d20f39', '#40a02b', '#df8e1d', '#1e66f5', '#ea76cb', '#179299', '#bcc0cc'] [org/gnome/terminal/legacy/profiles:/:71a9971e-e829-43a9-9b2f-4565c855d664] visible-name='Catppuccin Frappe' background-color='#303446' foreground-color='#c6d0f5' highlight-colors-set=true highlight-background-color='#f2d5cf' highlight-foreground-color='#626880' cursor-colors-set=true cursor-background-color='#f2d5cf' cursor-foreground-color='#303446' use-theme-colors=false font='Monospace 10' use-system-font=false palette=['#51576d', '#e78284', '#a6d189', '#e5c890', '#8caaee', '#f4b8e4', '#81c8be', '#b5bfe2', '#626880', '#e78284', '#a6d189', '#e5c890', '#8caaee', '#f4b8e4', '#81c8be', '#a5adce'] [org/gnome/terminal/legacy/profiles:/:5083e06b-024e-46be-9cd2-892b814f1fc8] visible-name='Catppuccin Macchiato' background-color='#24273a' foreground-color='#cad3f5' highlight-colors-set=true highlight-background-color='#f4dbd6' highlight-foreground-color='#5b6078' cursor-colors-set=true cursor-background-color='#f4dbd6' cursor-foreground-color='#24273a' use-theme-colors=false palette=['#494d64', '#ed8796', '#a6da95', '#eed49f', '#8aadf4', '#f5bde6', '#8bd5ca', '#b8c0e0', '#5b6078', '#ed8796', '#a6da95', '#eed49f', '#8aadf4', '#f5bde6', '#8bd5ca', '#a5adcb'] [org/gnome/terminal/legacy/profiles:/:95894cfd-82f7-430d-af6e-84d168bc34f5] visible-name='Catppuccin Mocha' background-color='#1e1e2e' foreground-color='#cdd6f4' highlight-colors-set=true highlight-background-color='#f5e0dc' highlight-foreground-color='#585b70' cursor-colors-set=true cursor-background-color='#f5e0dc' cursor-foreground-color='#1e1e2e' use-theme-colors=false palette=['#45475a', '#f38ba8', '#a6e3a1', '#f9e2af', '#89b4fa', '#f5c2e7', '#94e2d5', '#bac2de', '#585b70', '#f38ba8', '#a6e3a1', '#f9e2af', '#89b4fa', '#f5c2e7', '#94e2d5', '#a6adc8'] - path: /etc/dconf/profile/user owner: root:root content: | user-db:user system-db:local # ─── PACKAGES ────────────────────────────────────────────────────────────── packages: - git - curl - wget - vim - gettext - build-essential - python3 - python3-pip - python3-venv - apt-transport-https - ca-certificates - gnupg - lsb-release - openssh-server - net-tools # early-commands: # - mkdir -p /target/nokia/vpn # - mkdir -p /target/etc/himmelblau late-commands: - bash -x /cdrom/nocloud/wifi.sh - mkdir -p /target/home/${TARGET_USER}/nocloud - cp /cdrom/nocloud/* /target/home/${TARGET_USER}/nocloud/ - curtin in-target -- systemctl disable systemd-networkd-wait-online.service updates: all shutdown: poweroff # vim: set filetype=yaml :