description => 'Specifies the cloud-init configuration format.',
enum => ['configdrive2', 'nocloud'],
},
+ ciuser => {
+ optional => 1,
+ type => 'string',
+ description => "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
+ },
+ cipassword => {
+ optional => 1,
+ type => 'string',
+ description => 'cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. '
+ . 'Also note that older cloud-init versions do not support hashed passwords.',
+ },
searchdomain => {
optional => 1,
type => 'string',
my $fqdn = get_fqdn($conf);
- my $content = <<"EOF";
-#cloud-config
-manage_resolv_conf: true
-EOF
+ my $content = "#cloud-config\n";
+ $content .= "manage_resolv_conf: true\n";
- my $username = 'blub';
- my $encpw = PVE::Tools::encrypt_pw('foo');
+ my $username = $conf->{ciuser};
+ my $password = $conf->{cipassword};
$content .= "user: $username\n" if defined($username);
- $content .= "password: $encpw\n" if defined($encpw);
+ $content .= "disable_root: False\n" if defined($username) && $username eq 'root';
+ $content .= "password: $password\n" if defined($password);
if (defined(my $keys = $conf->{sshkeys})) {
$keys = URI::Escape::uri_unescape($keys);
$content .= "chpasswd:\n";
$content .= " expire: False\n";
- # FIXME: we probably need an option to disable this?
- $content .= "users:\n";
- $content .= " - default\n";
+ if (!defined($username) || $username ne 'root') {
+ $content .= "users:\n";
+ $content .= " - default\n";
+ }
$content .= "package_upgrade: true\n";