summaryrefslogtreecommitdiffstats
path: root/templates/machine/aws-ec2-x86-64/20_local.conf.inc
diff options
context:
space:
mode:
authorScott Murray <scott.murray@konsulko.com>2024-11-24 16:50:36 -0500
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>2024-11-25 11:23:11 +0000
commitf626aa26ed356487707df05713cefd66a8d3efc7 (patch)
tree512cd6c52befb8fe31cd208bacc24eb7a9421ae2 /templates/machine/aws-ec2-x86-64/20_local.conf.inc
parentb966ab7f6cbb1c4b0f7bedd35b92499435e1f50d (diff)
Update machine local.conf fragment numbering
Lower numbering of the local.conf fragments in the machine templates so they will be guaranteed to be before feature added fragments as opposed to mixed in with them. This allows referring to MACHINE in feature fragments in a stable fashion, and makes the generated local.conf a bit more readable. Bug-AGL: SPEC-5306 Change-Id: I193027dfeadda20fee1f74f925d980378ea076f5 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/30545 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account
Diffstat (limited to 'templates/machine/aws-ec2-x86-64/20_local.conf.inc')
-rw-r--r--templates/machine/aws-ec2-x86-64/20_local.conf.inc21
1 files changed, 21 insertions, 0 deletions
diff --git a/templates/machine/aws-ec2-x86-64/20_local.conf.inc b/templates/machine/aws-ec2-x86-64/20_local.conf.inc
new file mode 100644
index 000000000..58b4b087d
--- /dev/null
+++ b/templates/machine/aws-ec2-x86-64/20_local.conf.inc
@@ -0,0 +1,21 @@
+MACHINE = "aws-ec2-x86-64"
+
+VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"
+IMAGE_INSTALL:append = " cloud-init"
+DISTRO_FEATURES:append = " virtualization"
+
+
+# can we shuffle this out so CI still works
+INHERIT += "extrausers"
+# Hardening: Locking the root password. Creating the user without password for ssh key-based login only
+EXTRA_USERS_PARAMS = "usermod -L root; useradd -p '*' user"
+
+EXTRA_IMAGE_FEATURES:append = " ssh-server-openssh"
+
+# Forcing removal of debug-tweakes as that leads to reversing some sshd_config hardening done in our bbappend when do_rootfs runs
+EXTRA_IMAGE_FEATURES:remove = "debug-tweaks"
+
+AGL_DEFAULT_IMAGE_FSTYPES := "wic.vhd"
+
+# workaround bug in cloud-init leading to empty cloud-init-systemd package
+PACKAGES:pn-cloud-init:forcevariable = "cloud-init-src cloud-init-dbg cloud-init-staticdev cloud-init-dev cloud-init-doc cloud-init-locale cloud-init-systemd cloud-init"