1

I am trying to setup a headless ubuntu server so that in init a rdp would be setup so that I can connect to the Remote Desktop right away after the boot process is complete.

I found that this https://learn.microsoft.com/en-us/azure/virtual-machines/linux/use-remote-desktop?tabs=azure-powershell, works well if I do the setup manually but now I am trying to automate this using cloud-init.

For this I am passing following .yaml as user data to my cloud provider:

#cloud-config

package_update: true


users:


    

  • default
    • 

  • name: xrpd
groups:
      

    • xrdp
      • 

    • ssl-cert
      • 

    

    • 



packages:


    

  • xfce4
    • 

  • xrdp
    • 

  • net-tools
    • 



runcmd:


    

  • [ systemctl, enable, xrdp ]
    • 

  • [ echo, xfce4-session, >~/.xsession ]
    • 

  • [ systemctl, restart, xrdp ]
    • 

  • [ ufw, allow, 3389 ]
    • 



power_state:
  mode: reboot
  message: rebooting after initial setup
  timeout: 30
  condition: True

Update works and packages are installed, xrdp is enabled etc. However, the user 'xrdp' is not set to be a part of a ssl-cert group and I fail to see why?

Thanks for the help!

Turbotrout
  • 21

2 Answers2

1

Got it working now, thanks to falcojr for hints. Here is the working version:

#cloud-config

package_update: true


packages:


    

  • xfce4
    • 

  • xrdp
    • 

  • net-tools
    • 



write_files:


    

  • path: /root/.xsession
content: |
  xfce4-session
    • 



runcmd:


    

  • [ adduser, "xrdp", "ssl-cert"]
    • 

  • [ systemctl, enable, xrdp ]
    • 

  • [ systemctl, restart, xrdp ]
    • 

  • [ ufw, allow, "3389" ]
    • 



power_state:
  mode: reboot
  message: rebooting after initial setup
  timeout: 30
  condition: True

So the first thing is that I ditched the user setup and I just use runcmd, I use adduser instead of usermod, seems to work.

Another thing was replacing the 'echo xfce4-session >~/.xsession' command. Since this actually writes 'xfce4-session' to a hidden file, I replaced it with just write_files.

Cheers!

Turbotrout
  • 21
0

Cloud-init's users_groups module runs before the package_update_upgrade_install module so the ssl-cert group does not exist when the xrpd user is getting created.

A workaround could be to add something like this to your runcmd:

  - "usermod -a -G ssl-cert xrpd"

Also note that your current yaml is technically invalid. Every sub-array should only contain strings and neither >~/.xsession nor 3389 are strings. After being fixed, your runcmd could look something like:

runcmd:
  - "usermod -a -G ssl-cert xrpd"
  - [systemctl, enable, xrdp]
  - [echo, xfce4-session, ">~/.xsession"]
  - [systemctl, restart, xrdp]
  - [ufw, allow, "3389"]
falcojr
  • 556