From c81c964f23d1f33b0a96e710efe9330b3a10c4b1 Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Date: Thu, 5 May 2022 11:31:47 +0200
Subject: [PATCH 1/2] systemd and config: align rhel custom files with upstream

So far RHEL had its own custom .service and cloud.cfg files,
that diverged from upstream. We always replaced the generated files
with the ones we had.

This caused only confusion and made it harder to rebase and backport
patches targeting these files.
Hopefully this brings some alignment with upstream.
At the same time, we are going to delete our custom downstream-only files
and use the ones generated by .tmpl.

The mapping is
config/cloud.cfg.tmpl -> rhel/cloud.cfg
systemd/* -> rhel/systemd/*

Such rhel-specific files are open and available in the Centos repo:
https://gitlab.com/redhat/centos-stream/src/cloud-init

With this commit, we are also introducing modules in cloud.cfg that
were not in the default rhel cfg file, even though they should already
have been there with previous rebases and releases.
Anyways such modules support rhel as distro, and
therefore should cause no harm.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
---
 config/cloud.cfg.tmpl                   | 25 ++++++++++++++++++++++++-
 systemd/cloud-config.service.tmpl       |  6 ++++++
 systemd/cloud-final.service.tmpl        | 13 +++++++++++++
 systemd/cloud-init-local.service.tmpl   | 24 +++++++++++++++++++++++-
 systemd/cloud-init.service.tmpl         |  6 +++++-
 tests/unittests/test_render_cloudcfg.py |  1 +
 6 files changed, 72 insertions(+), 3 deletions(-)

diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index fb4b456cc7e..d5461bc21df 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -34,7 +34,11 @@ disable_root: true
 
 {% if variant in ["almalinux", "alpine", "amazon", "centos", "cloudlinux", "eurolinux",
                   "fedora", "miraclelinux", "openEuler", "rhel", "rocky", "virtuozzo"] %}
+{% if variant == "rhel" %}
+mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service,_netdev', '0', '2']
+{% else %}
 mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
+{% endif %}
 {% if variant == "amazon" %}
 resize_rootfs: noblock
 {% endif %}
@@ -66,6 +70,14 @@ network:
   config: disabled
 {% endif %}
 
+{% if variant == "rhel" %}
+# Default redhat settings:
+ssh_deletekeys:   1
+ssh_genkeytypes:  ['rsa', 'ecdsa', 'ed25519']
+syslog_fix_perms: ~
+disable_vmware_customization: false
+{% endif %}
+
 # The modules that run in the 'init' stage
 cloud_init_modules:
  - migrator
@@ -107,10 +119,15 @@ cloud_config_modules:
 {% endif %}
 {% if variant not in ["photon"] %}
  - ssh-import-id
- - keyboard
  - locale
+{% if variant not in ["rhel"] %}
+ - keyboard
+{% endif %}
 {% endif %}
  - set-passwords
+{% if variant in ["rhel"] %}
+ - rh_subscription
+{% endif %}
 {% if variant in ["rhel", "fedora", "photon"] %}
 {% if variant not in ["photon"] %}
  - spacewalk
@@ -239,6 +256,10 @@ system_info:
      name: ec2-user
      lock_passwd: True
      gecos: EC2 Default User
+{% elif variant == "rhel" %}
+     name: cloud-user
+     lock_passwd: true
+     gecos: Cloud User
 {% else %}
      name: {{ variant }}
      lock_passwd: True
@@ -254,6 +275,8 @@ system_info:
      groups: [adm, sudo]
 {% elif variant == "arch" %}
      groups: [wheel, users]
+{% elif variant == "rhel" %}
+     groups: [adm, systemd-journal]
 {% else %}
      groups: [wheel, adm, systemd-journal]
 {% endif %}
diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl
index 9d928ca2014..b8b81e6add7 100644
--- a/systemd/cloud-config.service.tmpl
+++ b/systemd/cloud-config.service.tmpl
@@ -2,8 +2,14 @@
 [Unit]
 Description=Apply the settings specified in cloud-config
 After=network-online.target cloud-config.target
+{% if variant not in ["rhel"] %}
 After=snapd.seeded.service
+{% endif %}
 Wants=network-online.target cloud-config.target
+{% if variant == "rhel" %}
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ConditionKernelCommandLine=!cloud-init=disabled
+{% endif %}
 
 [Service]
 Type=oneshot
diff --git a/systemd/cloud-final.service.tmpl b/systemd/cloud-final.service.tmpl
index 8207b18ca6d..85f423ac345 100644
--- a/systemd/cloud-final.service.tmpl
+++ b/systemd/cloud-final.service.tmpl
@@ -7,6 +7,10 @@ After=multi-user.target
 Before=apt-daily.service
 {% endif %}
 Wants=network-online.target cloud-config.service
+{% if variant == "rhel" %}
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ConditionKernelCommandLine=!cloud-init=disabled
+{% endif %}
 
 
 [Service]
@@ -15,7 +19,16 @@ ExecStart=/usr/bin/cloud-init modules --mode=final
 RemainAfterExit=yes
 TimeoutSec=0
 KillMode=process
+{% if variant == "rhel" %}
+# Restart NetworkManager if it is present and running.
+ExecStartPost=/bin/sh -c 'u=NetworkManager.service; \
+ out=$(systemctl show --property=SubState $u) || exit; \
+ [ "$out" = "SubState=running" ] || exit 0; \
+ systemctl reload-or-try-restart $u'
+{% else %}
 TasksMax=infinity
+{% endif %}
+
 
 # Output needs to appear in instance console output
 StandardOutput=journal+console
diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
index bcbd5b947ed..292a7ebee48 100644
--- a/systemd/cloud-init-local.service.tmpl
+++ b/systemd/cloud-init-local.service.tmpl
@@ -1,23 +1,45 @@
 ## template:jinja
 [Unit]
 Description=Initial cloud-init job (pre-networking)
-{% if variant in ["ubuntu", "unknown", "debian"] %}
+{% if variant in ["ubuntu", "unknown", "debian", "rhel" ] %}
 DefaultDependencies=no
 {% endif %}
 Wants=network-pre.target
+{% if variant not in ["rhel"] %}
 After=hv_kvp_daemon.service
+{% endif %}
 After=systemd-remount-fs.service
+{% if variant == "rhel" %}
+Requires=dbus.socket
+After=dbus.socket
+{% endif %}
 Before=NetworkManager.service
+{% if variant == "rhel" %}
+Before=network.service
+{% endif %}
 Before=network-pre.target
 Before=shutdown.target
+{% if variant == "rhel" %}
+Before=firewalld.target
+Conflicts=shutdown.target
+{% endif %}
 {% if variant in ["ubuntu", "unknown", "debian"] %}
 Before=sysinit.target
 Conflicts=shutdown.target
 {% endif %}
 RequiresMountsFor=/var/lib/cloud
+{% if variant == "rhel" %}
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ConditionKernelCommandLine=!cloud-init=disabled
+{% endif %}
 
 [Service]
 Type=oneshot
+{% if variant == "rhel" %}
+ExecStartPre=/bin/mkdir -p /run/cloud-init
+ExecStartPre=/sbin/restorecon /run/cloud-init
+ExecStartPre=/usr/bin/touch /run/cloud-init/enabled
+{% endif %}
 ExecStart=/usr/bin/cloud-init init --local
 RemainAfterExit=yes
 TimeoutSec=0
diff --git a/systemd/cloud-init.service.tmpl b/systemd/cloud-init.service.tmpl
index e71e5679065..c170aef72f7 100644
--- a/systemd/cloud-init.service.tmpl
+++ b/systemd/cloud-init.service.tmpl
@@ -1,7 +1,7 @@
 ## template:jinja
 [Unit]
 Description=Initial cloud-init job (metadata service crawler)
-{% if variant not in ["photon"] %}
+{% if variant not in ["photon", "rhel"] %}
 DefaultDependencies=no
 {% endif %}
 Wants=cloud-init-local.service
@@ -36,6 +36,10 @@ Before=shutdown.target
 Conflicts=shutdown.target
 {% endif %}
 Before=systemd-user-sessions.service
+{% if variant == "rhel" %}
+ConditionPathExists=!/etc/cloud/cloud-init.disabled
+ConditionKernelCommandLine=!cloud-init=disabled
+{% endif %}
 
 [Service]
 Type=oneshot
diff --git a/tests/unittests/test_render_cloudcfg.py b/tests/unittests/test_render_cloudcfg.py
index 30fbd1a4713..9f95d4488ca 100644
--- a/tests/unittests/test_render_cloudcfg.py
+++ b/tests/unittests/test_render_cloudcfg.py
@@ -68,6 +68,7 @@ def test_variant_sets_default_user_in_cloud_cfg(self, variant, tmpdir):
         default_user_exceptions = {
             "amazon": "ec2-user",
             "debian": "ubuntu",
+            "rhel": "cloud-user",
             "unknown": "ubuntu",
         }
         default_user = system_cfg["system_info"]["default_user"]["name"]

From 13406cd747233c9243bbf770dfcde32334644bf9 Mon Sep 17 00:00:00 2001
From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Date: Tue, 17 May 2022 09:45:43 +0200
Subject: [PATCH 2/2] applying comments of blackboxsw

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
---
 config/cloud.cfg.tmpl                 | 4 ++--
 systemd/cloud-config.service.tmpl     | 2 --
 systemd/cloud-init-local.service.tmpl | 2 --
 3 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl
index d5461bc21df..80ab4f9635f 100644
--- a/config/cloud.cfg.tmpl
+++ b/config/cloud.cfg.tmpl
@@ -72,7 +72,7 @@ network:
 
 {% if variant == "rhel" %}
 # Default redhat settings:
-ssh_deletekeys:   1
+ssh_deletekeys:   true
 ssh_genkeytypes:  ['rsa', 'ecdsa', 'ed25519']
 syslog_fix_perms: ~
 disable_vmware_customization: false
@@ -119,10 +119,10 @@ cloud_config_modules:
 {% endif %}
 {% if variant not in ["photon"] %}
  - ssh-import-id
- - locale
 {% if variant not in ["rhel"] %}
  - keyboard
 {% endif %}
+ - locale
 {% endif %}
  - set-passwords
 {% if variant in ["rhel"] %}
diff --git a/systemd/cloud-config.service.tmpl b/systemd/cloud-config.service.tmpl
index b8b81e6add7..d5568a6e05d 100644
--- a/systemd/cloud-config.service.tmpl
+++ b/systemd/cloud-config.service.tmpl
@@ -2,9 +2,7 @@
 [Unit]
 Description=Apply the settings specified in cloud-config
 After=network-online.target cloud-config.target
-{% if variant not in ["rhel"] %}
 After=snapd.seeded.service
-{% endif %}
 Wants=network-online.target cloud-config.target
 {% if variant == "rhel" %}
 ConditionPathExists=!/etc/cloud/cloud-init.disabled
diff --git a/systemd/cloud-init-local.service.tmpl b/systemd/cloud-init-local.service.tmpl
index 292a7ebee48..6f3f9d8d09e 100644
--- a/systemd/cloud-init-local.service.tmpl
+++ b/systemd/cloud-init-local.service.tmpl
@@ -5,9 +5,7 @@ Description=Initial cloud-init job (pre-networking)
 DefaultDependencies=no
 {% endif %}
 Wants=network-pre.target
-{% if variant not in ["rhel"] %}
 After=hv_kvp_daemon.service
-{% endif %}
 After=systemd-remount-fs.service
 {% if variant == "rhel" %}
 Requires=dbus.socket