Naturally Stephane’s response is a lot easier and more logical.
Alternatively you could look into cloudbase-init for Windows VMs which can consume cidata from a virtual CDROM. I use it to:
- create a service account for Ansible (user & pass strings 19 chars max)
- enable WinRM with TLS
- set the time-zone
- set the hostname the same name as the Incus instance name so that Ansible can find the VM on the network and do the rest… you’d also need DDNS updates for this.
At the mo the cloud-init stuff goes in an Incus Profile that gets assigned to the VM during the creation process, but that all needs to belong in Terraform and the secure stuff in vaults. The Windows VM image is syspreped.
config:
cloud-init.user-data: |
#cloud-config
set_timezone: ????
users:
- name: ????
passwd: ????
primary_group: Administrators
first_logon_behaviour: false
inject_user_password: true
winrm_enable_basic_auth: true
winrm_configure_https_listener: true
...
devices:
nocloud:
source: cloud-init:config
type: disk