From 65b1fd707aaea422d01b9aa121ff79077f2ca76c Mon Sep 17 00:00:00 2001
From: James Falcon <therealfalcon@gmail.com>
Date: Mon, 10 Jul 2023 12:48:00 -0500
Subject: [PATCH 1/2] Update some cloud-init documentation.

- Remove ds-identify.cfg configuration as that's no longer needed
- Change 'set-password' references to 'set_password' as the name has
  changed.
- Add a warning about disabled hostkey generation as this can result
  in a MITM
- Small typos
---
 source/adminguide/templates/_cloud_init.rst | 28 ++++++++-------------
 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/source/adminguide/templates/_cloud_init.rst b/source/adminguide/templates/_cloud_init.rst
index 70acd9ad6f..85915b3ae4 100644
--- a/source/adminguide/templates/_cloud_init.rst
+++ b/source/adminguide/templates/_cloud_init.rst
@@ -54,17 +54,7 @@ These features can be implemented in `“Linux template creation process” <_cr
 	 
    Configure cloud-init to detect Cloudstack data source during runtime.
 	
-   ~  CentOS
-   
-    CentOS cloud-init looks for datasources in /etc/cloud/ds-indetify.cfg during boot. Add the following config in that file.
-   
-    .. code:: bash
-
-     datasource: CloudStack
-   
-   ~  Ubuntu
-   
-    Ubuntu cloud-init data sources can be specified in /etc/cloud/cloud.cfg.d/ directory. Add the following config in /etc/cloud/cloud.cfg.d/99_cloudstack.cfg.
+   Cloud-init data sources can be specified in /etc/cloud/cloud.cfg.d/ directory. Add the following config in /etc/cloud/cloud.cfg.d/99_cloudstack.cfg.
    
     .. code:: bash
 
@@ -75,15 +65,15 @@ These features can be implemented in `“Linux template creation process” <_cr
 	   
 #. **Password management**
 
-   Cloudstack integration with cloud-init `set-passwords module <https://cloudinit.readthedocs.io/en/latest/topics/modules.html?highlight=ssh_pwauth#set-passwords>`_ will enable the platform to set a password for each instance created from the Main Template. Additionally it will allow to reset the user password through the GUI.
+   Cloudstack integration with cloud-init `set_passwords module <https://cloudinit.readthedocs.io/en/latest/topics/modules.html?highlight=ssh_pwauth#set-passwords>`_ will enable the platform to set a password for each instance created from the Main Template. Additionally it will allow to reset the user password through the GUI.
    
-   - **Enable set-passwords module on every boot**
+   - **Enable set_passwords module on every boot**
    
-     By default the set-passwords module runs only on first boot of the instance, change that to run on every boot.
+     By default the set_passwords module runs only on first boot of the instance, change that to run on every boot.
    
      .. code:: bash
    
-      sudo sed -i s/" - set-passwords"/" - [set-passwords, always]"/g /etc/cloud/cloud.cfg
+      sudo sed -i s/" - set_passwords"/" - [set_passwords, always]"/g /etc/cloud/cloud.cfg
 	
    - **Specify the managed user**
    
@@ -113,13 +103,15 @@ These features can be implemented in `“Linux template creation process” <_cr
 	
    .. warning::
     
-    Cloud-init ssh module runs on every boot and will regenerate the certificate fingerprint of the host. This will cause a warning to anyone that logs in the system and also bring trouble to anyone trying to automate ssh access.
+    If the cloud-init ssh module is set to run every boot, it will regenerate the certificate fingerprint of the host. This will cause a warning to anyone that logs in the system and also bring trouble to anyone trying to automate ssh access.
 	
-   Disable cloud-init regenerating host certificates on boot. If template certificates are deleted they will be regenerated by the OS on instnace first boot.
+   Disable cloud-init regenerating host certificates on boot. If template certificates are deleted they will be regenerated by the OS on instance first boot.
 	
     .. code:: bash
 	
      echo "ssh_deletekeys: false" > /etc/cloud/cloud.cfg.d/49_hostkeys.cfg
+
+   Note that if this instance is moved or snapshotted, it will be vulnerable to man-in-the-middle attacks if the behavior is not re-enabled first.
 	 
 #. **Partition management**
 	
@@ -173,7 +165,7 @@ These features can be implemented in `“Linux template creation process” <_cr
 	   
    - **Extend Physical volume, Volume group and root lvm**
    
-     After parition is extended the upper layers should also be resized. This can be automated with cloud-init `runcmd module <https://cloudinit.readthedocs.io/en/latest/topics/modules.html?highlight=runcmd#runcmd>`_ . Set the configuration below in /etc/cloud/cloud.cfg.d/51_extend_volume.cfg.
+     After partition is extended the upper layers should also be resized. This can be automated with cloud-init `runcmd module <https://cloudinit.readthedocs.io/en/latest/topics/modules.html?highlight=runcmd#runcmd>`_ . Set the configuration below in /etc/cloud/cloud.cfg.d/51_extend_volume.cfg.
 	
      ~ CentOS
 	 	 

From c76165ef97c5c04b9bfaface427ebb85ad6f2390 Mon Sep 17 00:00:00 2001
From: James Falcon <therealfalcon@gmail.com>
Date: Tue, 25 Jul 2023 08:47:22 -0500
Subject: [PATCH 2/2] Ensure existing set-password and set_password work

---
 source/adminguide/templates/_cloud_init.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/adminguide/templates/_cloud_init.rst b/source/adminguide/templates/_cloud_init.rst
index 85915b3ae4..c3dfa2945d 100644
--- a/source/adminguide/templates/_cloud_init.rst
+++ b/source/adminguide/templates/_cloud_init.rst
@@ -73,7 +73,7 @@ These features can be implemented in `“Linux template creation process” <_cr
    
      .. code:: bash
    
-      sudo sed -i s/" - set_passwords"/" - [set_passwords, always]"/g /etc/cloud/cloud.cfg
+      sudo sed -i s/" - set[_|-]passwords"/" - [set_passwords, always]"/g /etc/cloud/cloud.cfg
 	
    - **Specify the managed user**