#cloud-config

hostname: ${hostname}
locale: en_IE
keyboard:
  layout: ie

ssh_pwauth: true
users:
  - name: ${username}
    plain_text_passwd: ${password}
    shell: /bin/bash
    ssh_authorized_keys:
      - ${ssh_key}
    lock_passwd: false
    sudo: ALL=(ALL) NOPASSWD:ALL

package_update: true
package_upgrade: true
package_reboot_if_required: false
packages:
  # Install core packages
  - apparmor
  - base-devel
  - firewalld
  - qemu-guest-agent
  - rng-tools
  - spice-vdagent

  # Install usefull core packages
  - bash-completion
  - git
  - htop
  - man
  - pass
  - python-notify2
  - vim
  - wget

  # Install basic services
  - networkmanager
  - cups
  - cups-pdf
  - system-config-printer

  # Install Graphical Interface
  - plasma-meta
  - sddm
  - ark
  - dolphin
  - konsole
  - okular

  # Install Applications
  - firefox
  - chromium
  - terminator

runcmd:
  # Regenerate grub.cfg
  - grub-mkconfig -o /boot/grub/grub.cfg

  # Remove swapfile
  - swapoff -a
  - rm -rf /swap/
  - sed -e "/swap/d" -i /etc/fstab

  # Enable core services
  - systemctl enable apparmor
  - systemctl enable auditd
  - systemctl enable sddm
  - systemctl enable NetworkManager
  - systemctl enable rngd
  - systemctl enable avahi-daemon
  - systemctl enable systemd-timesyncd.service

write_files:
  # Enable AppArmor in kernel parameters
  - path: /etc/default/grub
    append: true
    content: |
      GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT lsm=landlock,lockdown,yama,integrity,apparmor,bpf apparmor.debug=1"

  # Set some bash aliases
  - path: /etc/skel/.bashrc
    append: true
    content: |
      [[ -f ~/.bash_aliases ]] && source ~/.bash_aliases

  # Setup shared directory
  - path: /etc/fstab
    append: true
    content: |
      0a31bc478ef8e2461a4b1cc10a24cc4 /home/user/Projects/apparmor.d  virtiofs defaults  0  1