2023-04-16 23:16:10 +02:00
|
|
|
#cloud-config
|
|
|
|
|
|
|
|
|
|
hostname: ${hostname}
|
2023-07-18 23:22:08 +02:00
|
|
|
locale: en_IE
|
|
|
|
|
keyboard:
|
|
|
|
|
layout: ie
|
2023-04-16 23:16:10 +02:00
|
|
|
|
|
|
|
|
ssh_pwauth: true
|
|
|
|
|
users:
|
|
|
|
|
- name: ${username}
|
|
|
|
|
plain_text_passwd: ${password}
|
|
|
|
|
shell: /bin/bash
|
|
|
|
|
ssh_authorized_keys:
|
|
|
|
|
- ${ssh_key}
|
|
|
|
|
lock_passwd: false
|
|
|
|
|
sudo: ALL=(ALL) NOPASSWD:ALL
|
|
|
|
|
|
|
|
|
|
package_update: true
|
|
|
|
|
package_upgrade: true
|
|
|
|
|
package_reboot_if_required: false
|
|
|
|
|
packages:
|
|
|
|
|
# Install core packages
|
|
|
|
|
- apparmor
|
|
|
|
|
- base-devel
|
|
|
|
|
- firewalld
|
|
|
|
|
- qemu-guest-agent
|
|
|
|
|
- rng-tools
|
|
|
|
|
- spice-vdagent
|
|
|
|
|
|
|
|
|
|
# Install usefull core packages
|
|
|
|
|
- bash-completion
|
|
|
|
|
- git
|
|
|
|
|
- htop
|
|
|
|
|
- man
|
|
|
|
|
- pass
|
|
|
|
|
- python-notify2
|
|
|
|
|
- vim
|
|
|
|
|
- wget
|
|
|
|
|
|
|
|
|
|
# Install basic services
|
|
|
|
|
- networkmanager
|
2023-09-01 20:16:04 +02:00
|
|
|
- cups
|
|
|
|
|
- cups-pdf
|
|
|
|
|
- system-config-printer
|
2023-04-16 23:16:10 +02:00
|
|
|
|
|
|
|
|
# Install Graphical Interface
|
2023-07-18 23:22:08 +02:00
|
|
|
- plasma-meta
|
|
|
|
|
- plasma-wayland-session
|
2023-04-16 23:16:10 +02:00
|
|
|
- sddm
|
2023-09-01 20:16:04 +02:00
|
|
|
- dolphin
|
2023-04-16 23:16:10 +02:00
|
|
|
- konsole
|
2023-09-01 20:16:04 +02:00
|
|
|
- ark
|
2023-04-16 23:16:10 +02:00
|
|
|
|
|
|
|
|
# Install Applications
|
|
|
|
|
- firefox
|
2023-07-18 23:22:08 +02:00
|
|
|
- chromium
|
2023-04-16 23:16:10 +02:00
|
|
|
- terminator
|
|
|
|
|
|
|
|
|
|
runcmd:
|
|
|
|
|
|
|
|
|
|
# Regenerate grub.cfg
|
|
|
|
|
- [ grub-mkconfig, -o, /boot/grub/grub.cfg ]
|
|
|
|
|
|
|
|
|
|
# Enable firewall
|
|
|
|
|
|
|
|
|
|
# Enable core services
|
|
|
|
|
- [ systemctl, enable, apparmor ]
|
|
|
|
|
- [ systemctl, enable, auditd ]
|
|
|
|
|
- [ systemctl, enable, sddm ]
|
|
|
|
|
- [ systemctl, enable, NetworkManager ]
|
|
|
|
|
- [ systemctl, enable, rngd ]
|
|
|
|
|
- [ systemctl, enable, systemd-timesyncd.service ]
|
|
|
|
|
|
|
|
|
|
write_files:
|
|
|
|
|
|
|
|
|
|
# Enable AppArmor in kernel parameters
|
|
|
|
|
- path: /etc/default/grub
|
|
|
|
|
append: true
|
|
|
|
|
content: |
|
|
|
|
|
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT lsm=landlock,lockdown,yama,integrity,apparmor,bpf"
|
|
|
|
|
|
|
|
|
|
# Set some bash aliases
|
|
|
|
|
- path: /etc/skel/.bashrc
|
|
|
|
|
append: true
|
|
|
|
|
content: |
|
|
|
|
|
[[ -f ~/.bash_aliases ]] && source ~/.bash_aliases
|
