[09:10] hello everyone - any comment on this potential security issue? https://github.com/canonical/cloud-init/issues/4112 [09:10] -ubottu:#cloud-init- Issue 4112 in canonical/cloud-init "ssh host key leaking into the logs when console is not available" [Open] [09:11] I opened this on github since cloud-init is moving away from LP [09:12] Ani: good start [09:13] So, first off: aren't ssh keys public? [09:13] like, you can connect via ssh to a server and it'll send you its keys [09:18] good point write-ssh-key-fingerprints  seems to be scanning public keys only > for f in /etc/ssh/ssh_host_*key.pub; do [09:20] 👍 [14:01] i love writing new code that should just work™, and doesn't. and then i test the old code that doesn't work either [14:08] (i did a qemu-img resize of the disk, but cc_growpart isn't doing it's thing. neither the old code nor the new one) [14:11] I'm pretty, and sure, this worked in the past… but then again, this is the first time i'm using MBR partitions in 320932 years. === sergiodj_ is now known as sergiodj [17:16] Hi all, is there a way in cloud-init to install pip packages? [17:21] SDes91: no [17:22] We only have the main package managers implemented [17:22] Would it be better than to install pip and some required pip packages via an ansible role? Or would you have some recommendations? [17:24] funnily enough, we can install Ansible from pip [17:24] * meena likes Puppet [17:25] hence the question since ansible can be installed with pip. [17:32] SDes91: see the discussion here https://github.com/canonical/cloud-init/pull/1950 [17:32] -ubottu:#cloud-init- Pull 1950 in canonical/cloud-init "Support snap in Ubuntu's 'install_packages'" [Closed] [17:32] SDes91: use "runcmd" [17:36] that is what I am currently doing. Thanks. Also a quick question,  can I setup the `apt.sources` in such a way that docker is preconfigured? I currently do the thing via runcmd [17:36] apt sources should run before packages [17:38] so an example in the docs for chef should be similar for the docker related apt sources setup? [17:39] SDes91: how would "apt.sources" preconfigure the docker daemon. Perhaps you are referring to adding an apt sources entry for Docker (the company) own Debian repo? I assume that can be done but you'd still need to install the docker packages using "packages:" [17:40] Yes. sorry for the wording. I mean setting up the apt sources for docker first and then installing it via packages. [17:42] SDes91: how you looked at the cloud-init docs to see how to do this? [17:43] https://cloudinit.readthedocs.io/en/latest/reference/examples.html#install-and-run-chef-recipes referring to the chef example? [17:45] so set up the `apt` part of the example to configure the public gpg key from docker and set the source should work maybe. [17:47] not sure why you're mentioning Chef, using the cc_apt_configure and cc_package_update_upgrade_install modules should be all you need for docker [17:48] sorry I am not very confident with cloud-init so I am relying on the examples to join the dots. [19:41] TIL: you can't extend a root partion on MBR, if there's swap after it. [19:55] 4 years after adding the feature wrong, i now know how to fix an issue… [20:22] TIL: you can't extend a root partion on GPT either, if there's swap after it. [20:22] ZFS wins again. [22:38] meena: yes growpart can only gow the root part if it is the LAST partition on the device, otherwise it would need to have code to shrink any partitions after rootfs to make space for root partition growing [22:39] that's why when I create OS disk images I place the root partition last... [23:05] "shrink any partitions after rootfs" == "move the start of the next partition after rootfs' partition further along the disk" [23:44] minimal: i need to check if that's an option [23:45] but it seems that a) using zfs, you don't care about that issue, and b) not creating a swap partition, and letting the growfs service do that does the trick