ubuntu-autoinstaller/templates/user-data.tmpl

#cloud-config
autoinstall:
  version: 1

  # Network configuration – Ethernet + optional Wi‑Fi
  network:
    version: 2
    ethernets:
      all-eth:
        match:
          name: "en*" # matches common Ethernet interface names
        dhcp4: true
        optional: true # not required; if no eth interface exists, ignore

  # ─── IDENTITY ──────────────────────────────────────────────────────────────
  identity:
    hostname: nokia
    username: alfoldi
    password: "${USER_PASSWORD_HASH}"

  # ─── SSH ───────────────────────────────────────────────────────────────────
  ssh:
    install-server: true
    allow-pw: false
    authorized-keys:
      - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgcJfi0dZotMWa8zQvxXduM76GmQfoPvMU5FjIFZCAa alfonzso@gmail.com"

  locale: en_US.UTF-8

  keyboard:
    layout: us

  # ─── DISK LAYOUT: LVM on LUKS ──────────────────────────────────────────────
  storage:
    layout:
      name: lvm
      # match:
      #   path: /dev/nvme0n1
      sizing-policy: all
      encrypted: true
      password: "${LUKS_PASSPHRASE}"

  user-data:
    chpasswd:
      expire: false
      list:
        - root:${USER_PASSWORD_HASH}

    # ─── CERT FILES ────────────────────────────────────────────────────────────
    write_files:
      - path: /nokia/vpn/NOKIA_Root_CA.crt
        permissions: "0600"
        owner: ${TARGET_USER}:${TARGET_USER}
        encoding: b64
        content: "${NOKIA_CA_CERT_B64}"

      - path: /nokia/vpn/${TARGET_USER}.ipa.nsn-net.net.crt
        permissions: "0600"
        owner: ${TARGET_USER}:${TARGET_USER}
        encoding: b64
        content: "${NOKIA_CLIENT_CERT_B64}"

      - path: /nokia/vpn/${TARGET_USER}.ipa.nsn-net.net.key
        permissions: "0600"
        owner: ${TARGET_USER}:${TARGET_USER}
        encoding: b64
        content: "${NOKIA_CLIENT_KEY_B64}"

      # - path: /etc/himmelblau/himmelblau.conf
      #   owner: ${TARGET_USER}:${TARGET_USER}
      #   content: |
      #     [global]
      #     domain = nokia.com
      #     home_attr = CN
      #     home_alias = CN
      #     use_etc_skel = true
      #     pam_allow_groups = zsolt.alfoldi@nokia.com
      #     # user_map_file = /etc/himmelblau/user-map
      #
      # - path: /etc/himmelblau/user-map
      #   owner: ${TARGET_USER}:${TARGET_USER}
      #   content: |
      #     ${TARGET_USER}:zsolt.${TARGET_USER}@nokia.com

      - path: /etc/ssh/sshd_config.d/99-custom.conf
        permissions: "0644"
        owner: root:root
        content: |
          X11Forwarding yes
          X11DisplayOffset 10
          X11UseLocalhost no
          GatewayPorts yes

      - path: /etc/systemd/sleep.conf
        permissions: "0644"
        owner: root:root
        content: |
          [Sleep]
          AllowSuspend=no
          AllowHibernation=no
          AllowSuspendThenHibernate=no
          AllowHybridSleep=no

      - path: /etc/systemd/logind.conf.d/no-powersave.conf
        permissions: "0644"
        owner: root:root
        content: |
          [Login]
          HandleLidSwitch=ignore
          HandleLidSwitchExternalPower=ignore
          HandleLidSwitchDocked=ignore
          HandleSuspendKey=ignore
          HandleHibernateKey=ignore
          IdleAction=ignore

      - path: /etc/dconf/db/local.d/99-custom-gnome
        permissions: "0644"
        owner: root:root
        content: |
          [org/gnome/desktop/interface]
          color-scheme='prefer-dark'
          gtk-theme='Adwaita-dark'

          [org/gnome/shell]
          disabled-extensions=['ubuntu-dock@ubuntu.com']
          enabled-extensions=['dash-to-panel@jderose9.github.com']
          disable-user-extensions=false

          [org/gnome/settings-daemon/plugins/power]
          sleep-inactive-ac-type='nothing'
          sleep-inactive-battery-type='nothing'
          # power-button-action='nothing'

          [org/gnome/desktop/session]
          idle-delay=uint32 0

          [system/proxy]
          autoconfig-url='proxyconf.glb.nokia.com/proxy.pac'
          ignore-hosts=['localhost', '127.0.0.0/8', '::1', '192.168.1.1', '192.168.0.0', '192.168.0.0/8']
          mode='none'

          [system/proxy/http]
          host='10.158.100.1'

          [system/proxy/https]
          host='10.158.100.1'
          port=8080

      - path: /etc/dconf/profile/user
        owner: root:root
        content: |
          user-db:user
          system-db:local

  # ─── PACKAGES ──────────────────────────────────────────────────────────────
  packages:
    - git
    - curl
    - wget
    - vim
    - gettext
    - build-essential
    - python3
    - python3-pip
    - python3-venv
    - apt-transport-https
    - ca-certificates
    - gnupg
    - lsb-release
    - openssh-server
    - net-tools

  # early-commands:
  #   - mkdir -p /target/nokia/vpn
  #   - mkdir -p /target/etc/himmelblau

  late-commands:
    - bash -x /cdrom/nocloud/wifi.sh
    - mkdir -p /target/home/${TARGET_USER}/nocloud
    - cp /cdrom/nocloud/* /target/home/${TARGET_USER}/nocloud/

  updates: all
  shutdown: poweroff

# vim: set filetype=yaml :