Skip to content

Commit

Permalink
cloud.cfg.tmpl: reorganise, minimise/reduce duplication
Browse files Browse the repository at this point in the history 
Simplify the cloud.cfg.tmpl file. There is a lot of duplication
(e.g. the same sudo rule specified multiple times).

This also addresses #4267.
  • Loading branch information
@dermotbradley
dermotbradley committed Jul 21, 2023
1 parent 86c7007 commit b6ed4d1
Show file tree
Hide file tree
Showing 2 changed files with 132 additions and 154 deletions.
285 changes: 132 additions & 153 deletions config/cloud.cfg.tmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,21 @@
"miraclelinux", "rhel", "rocky", "virtuozzo" ] %}
{% if is_bsd %}
syslog_fix_perms: root:wheel
{% elif variant in ["suse"] %}
{% elif variant == "suse" %}
syslog_fix_perms: root:root
{% endif %}
# A set of users which may be applied and/or used by various modules
# when a 'default' entry is found it will reference the 'default_user'
# from the distro configuration specified below
users:
{% if variant in ["photon"] %}
{% if variant == "photon" %}
- name: root
lock_passwd: false
{% else %}
- default
{% endif %}

{% if variant in ["photon"] %}
{% if variant == "photon" %}
# VMware guest customization.
disable_vmware_customization: true
manage_etc_hosts: false
Expand All @@ -34,7 +34,8 @@ disable_root: false
disable_root: true
{% endif %}

{% if variant in ["alpine", "amazon", "fedora", "openEuler", "OpenCloudOS", "openmandriva", "photon", "TencentOS"] or is_rhel %}
{% if variant in ["alpine", "amazon", "fedora", "OpenCloudOS", "openEuler",
"openmandriva", "photon", "TencentOS"] or is_rhel %}
{% if is_rhel %}
mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2']
{% else %}
Expand Down Expand Up @@ -110,10 +111,10 @@ cloud_config_modules:
{% if variant in ["ubuntu"] %}
- wireguard
{% endif %}
{% if variant in ["ubuntu", "unknown", "debian"] %}
{% if variant in ["debian", "ubuntu", "unknown"] %}
- snap
{% endif %}
{% if variant in ["ubuntu"] %}
{% if variant == "ubuntu" %}
- ubuntu_autoinstall
{% endif %}
{% if variant not in ["photon"] %}
Expand All @@ -133,32 +134,32 @@ cloud_config_modules:
{% endif %}
- yum_add_repo
{% endif %}
{% if variant in ["ubuntu", "unknown", "debian"] %}
{% if variant in ["debian", "ubuntu", "unknown"] %}
- grub_dpkg
- apt_pipelining
- apt_configure
{% endif %}
{% if variant in ["ubuntu"] %}
{% if variant == "ubuntu" %}
- ubuntu_advantage
{% endif %}
{% if variant in ["suse"] %}
{% if variant == "suse" %}
- zypper_add_repo
{% endif %}
{% if variant in ["alpine"] %}
{% if variant == "alpine" %}
- apk_configure
{% endif %}
- ntp
- timezone
- disable_ec2_metadata
- runcmd
{% if variant in ["ubuntu", "unknown", "debian"] %}
{% if variant in ["debian", "ubuntu", "unknown"] %}
- byobu
{% endif %}

# The modules that run in the 'final' stage
cloud_final_modules:
- package_update_upgrade_install
{% if variant in ["ubuntu", "unknown", "debian"] %}
{% if variant in ["debian", "ubuntu", "unknown"] %}
- fan
- landscape
- lxd
Expand Down Expand Up @@ -191,34 +192,149 @@ cloud_final_modules:
system_info:
# This will affect which distro class gets used
{% if variant in ["alpine", "amazon", "arch", "debian", "fedora", "freebsd",
"gentoo", "netbsd", "mariner", "openbsd", "openEuler", "OpenCloudOS",
"openmandriva", "photon", "suse", "TencentOS", "ubuntu"] or is_rhel %}
"gentoo", "netbsd", "mariner", "openbsd", "OpenCloudOS",
"openEuler", "openmandriva", "photon", "suse", "TencentOS",
"ubuntu"] or is_rhel %}
distro: {{ variant }}
{% elif variant in ["dragonfly"] %}
{% elif variant == "dragonfly" %}
distro: dragonflybsd
{% else %}
# Unknown/fallback distro.
distro: ubuntu
{% endif %}
{% if variant in ["ubuntu", "unknown", "debian"] %}
{% if variant in ["alpine", "amazon", "arch", "debian", "fedora", "gentoo",
"OpenCloudOS", "openEuler", "openmandriva", "suse",
"TencentOS", "ubuntu", "unknown"] or is_rhel %}
# Default user name + that default users groups (if added/used)
{% endif %}
default_user:
{% if variant == "amazon" %}
name: ec2-user
{% elif variant in ["centos", "rhel"] %}
name: cloud-user
{% elif variant == "openmandriva" %}
name: omv
{% elif variant == "unknown" %}
name: ubuntu
{% else %}
name: {{ variant }}
{% endif %}
{% if variant in ["alpine", "amazon", "arch", "debian", "fedora", "gentoo",
"mariner", "OpenCloudOS", "openEuler", "openmandriva",
"photon", "suse", "TencentOS", "ubuntu", "unknown"]
or is_bsd or is_rhel %}
lock_passwd: True
{% endif %}
{% if variant == "amazon" %}
gecos: EC2 Default User
{% elif variant in ["centos", "rhel"] %}
gecos: Cloud User
{% elif variant == "debian" %}
gecos: Debian
{% elif variant == "dragonfly" %}
gecos: DragonFly
{% elif variant == "freebsd" %}
gecos: FreeBSD
{% elif variant == "mariner" %}
gecos: MarinerOS
{% elif variant == "netbsd" %}
gecos: NetBSD
{% elif variant == "openbsd" %}
gecos: OpenBSD
{% elif variant == "openmandriva" %}
gecos: OpenMandriva admin
{% elif variant == "photon" %}
gecos: PhotonOS
{% elif variant in ["ubuntu", "unknown"] %}
gecos: Ubuntu
{% else %}
gecos: {{ variant }} Cloud User
{% endif %}
{% if variant == "alpine" %}
groups: [adm, wheel]
{% elif variant == "arch" %}
groups: [wheel, users]
{% elif variant in ["debian", "ubuntu", "unknown"] %}
groups: [adm, cdrom, dip, lxd, sudo]
{% elif variant == "gentoo" %}
groups: [users, wheel]
primary_group: users
no_user_group: true
{% elif variant in ["mariner", "photon"] or is_bsd %}
groups: [wheel]
{% elif variant == "openmandriva" %}
groups: [wheel, users, systemd-journal]
{% elif is_rhel %}
groups: [adm, systemd-journal]
{% elif variant == "suse" %}
groups: [cdrom, users]
{% elif not is_bsd %}
groups: [wheel, adm, systemd-journal]
{% endif %}
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
{% if variant == "alpine" %}
shell: /bin/ash
{% elif variant in ["amazon", "arch", "debian", "fedora", "gentoo", "mariner",
"OpenCloudOS", "openEuler", "openmandriva", "photon",
"suse", "TencentOS", "ubuntu", "unknown"] or is_rhel %}
shell: /bin/bash
{% elif variant in ["dragonfly", "netbsd"] %}
shell: /bin/sh
{% elif variant == "freebsd" %}
shell: /bin/tcsh
{% elif variant == "openbsd" %}
shell: /bin/ksh
{% else %}
shell: /bin/bash
{% endif %}
{% if variant == "alpine" %}
network:
renderers: ['eni']
{% elif variant in ["debian", "ubuntu", "unknown"] %}
{# SRU_BLOCKER: do not ship network renderers on Xenial, Bionic or Eoan #}
network:
renderers: ['netplan', 'eni', 'sysconfig']
activators: ['netplan', 'eni', 'network-manager', 'networkd']
{% elif variant == "dragonfly" %}
network:
renderers: ['freebsd']
{% elif variant == "fedora" %}
network:
renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
{% elif variant in ["freebsd", "netbsd", "openbsd"] %}
network:
renderers: ['{{ variant }}']
{% elif variant in ["mariner", "photon"] %}
network:
renderers: ['networkd']
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']
{% elif is_rhel %}
network:
renderers: ['sysconfig', 'eni', 'netplan', 'network-manager', 'networkd' ]
{% endif %}
{% if variant == "photon" %}
# If set to true, cloud-init will not use fallback network config.
# In Photon, we have default network settings, hence if network settings are
# not explicitly given in metadata, don't use fallback network config.
disable_fallback_netcfg: true
{% endif %}
{% if variant in ["debian", "ubuntu", "unknown"] %}
# Automatically discover the best ntp_client
ntp_client: auto
{% endif %}
{% if variant in ["alpine", "amazon", "arch", "debian", "fedora", "gentoo",
"mariner", "OpenCloudOS", "openEuler", "openmandriva",
"photon", "suse", "TencentOS", "ubuntu", "unknown"]
or is_rhel %}
# Other config here will be given to the distro class and/or path classes
paths:
cloud_dir: /var/lib/cloud/
templates_dir: /etc/cloud/templates/
ssh_svcname: sshd
{% endif %}
{% if variant in ["debian", "ubuntu", "unknown"] %}
package_mirrors:
- arches: [i386, amd64]
failsafe:
Expand All @@ -244,141 +360,4 @@ system_info:
failsafe:
primary: http://ports.ubuntu.com/ubuntu-ports
security: http://ports.ubuntu.com/ubuntu-ports
ssh_svcname: ssh
{% elif variant in ["alpine", "amazon", "arch", "fedora",
"gentoo", "openEuler", "OpenCloudOS", "openmandriva", "suse", "TencentOS"] or is_rhel %}
# Default user name + that default users groups (if added/used)
default_user:
{% if variant == "amazon" %}
name: ec2-user
lock_passwd: True
gecos: EC2 Default User
{% elif variant in ["rhel", "centos"] %}
name: cloud-user
lock_passwd: true
gecos: Cloud User
{% elif variant == "openmandriva" %}
name: omv
lock_passwd: True
gecos: OpenMandriva admin
{% else %}
name: {{ variant }}
lock_passwd: True
gecos: {{ variant }} Cloud User
{% endif %}
{% if variant == "suse" %}
groups: [cdrom, users]
{% elif variant == "gentoo" %}
groups: [users, wheel]
primary_group: users
no_user_group: true
{% elif variant == "alpine" %}
groups: [adm, sudo]
{% elif variant == "arch" %}
groups: [wheel, users]
{% elif variant == "openmandriva" %}
groups: [wheel, users, systemd-journal]
{% elif is_rhel %}
groups: [adm, systemd-journal]
{% else %}
groups: [wheel, adm, systemd-journal]
{% endif %}
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
{% if variant == "alpine" %}
shell: /bin/ash
{% else %}
shell: /bin/bash
{% endif %}
# Other config here will be given to the distro class and/or path classes
paths:
cloud_dir: /var/lib/cloud/
templates_dir: /etc/cloud/templates/
ssh_svcname: sshd
{% elif variant in ["freebsd"] %}
# Default user name + that default users groups (if added/used)
default_user:
name: freebsd
lock_passwd: True
gecos: FreeBSD
groups: [wheel]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/tcsh
{% elif variant in ["dragonfly"] %}
# Default user name + that default users groups (if added/used)
default_user:
name: dragonfly
lock_passwd: True
gecos: DragonFly
groups: [wheel]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/sh
{% elif variant in ["netbsd"] %}
default_user:
name: netbsd
lock_passwd: True
gecos: NetBSD
groups: [wheel]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/sh
{% elif variant in ["openbsd"] %}
default_user:
name: openbsd
lock_passwd: True
gecos: OpenBSD
groups: [wheel]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/ksh
{% elif variant == "photon" %}
default_user:
name: photon
lock_passwd: True
gecos: PhotonOS
groups: [wheel]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
# Other config here will be given to the distro class and/or path classes
paths:
cloud_dir: /var/lib/cloud/
templates_dir: /etc/cloud/templates/
network:
renderers: ['networkd']

ssh_svcname: sshd

# If set to true, cloud-init will not use fallback network config.
# In Photon, we have default network settings, hence if network settings are
# not explicitly given in metadata, don't use fallback network config.
disable_fallback_netcfg: true
{% elif variant in ["mariner"] %}
default_user:
name: mariner
lock_passwd: True
gecos: MarinerOS
groups: [wheel]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
# Other config here will be given to the distro class and/or path classes
paths:
cloud_dir: /var/lib/cloud/
templates_dir: /etc/cloud/templates/
network:
renderers: ['networkd']

ssh_svcname: sshd
{% endif %}
{% if variant in ["freebsd", "netbsd", "openbsd"] %}
network:
renderers: ['{{ variant }}']
{% elif variant in ["dragonfly"] %}
network:
renderers: ['freebsd']
{% elif variant in ["fedora"] %}
network:
renderers: ['netplan', 'network-manager', 'networkd', 'sysconfig', 'eni']
{% elif is_rhel %}
network:
renderers: ['sysconfig', 'eni', 'netplan', 'network-manager', 'networkd' ]
{% elif variant == "openmandriva" %}
network:
renderers: ['network-manager', 'networkd']
{% endif %}
1 change: 0 additions & 1 deletion tests/unittests/test_render_cloudcfg.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,6 @@ def test_variant_sets_default_user_in_cloud_cfg(self, variant, tmpdir):

default_user_exceptions = {
"amazon": "ec2-user",
"debian": "ubuntu",
"rhel": "cloud-user",
"centos": "cloud-user",
"unknown": "ubuntu",
Expand Down

0 comments on commit b6ed4d1

Please sign in to comment.