cloud-init: allow custom network/user data files via snippets

Adds the 'cicustom' option to specify either or both network and user
options as property strings. Their parameters are files in a snippets
storage (e.g. local:snippets/network.yaml). If one or both are specified
they are used instead of their respective generated configuration.
This allows the use of completely custom configurations and is also a
possible solution for bug #2068 by specifying a custom user file that
contains package_upgrade: false.

Tested with Ubuntu 18.10 and cloud-init 18.4.7

Signed-off-by: David Limbeck <d.limbeck@proxmox.com>

PVE/API2/Qemu.pm

@@ -292,6 +292,7 @@ my $diskoptions = {
 };
 
 my $cloudinitoptions = {
+    cicustom => 1,
     cipassword => 1,
     citype => 1,
     ciuser => 1,

PVE/QemuServer.pm

@@ -644,6 +644,31 @@ EODESCR
     }
 };
 
+my $cicustom_fmt = {
+    meta => {
+	type => 'string',
+	optional => 1,
+	description => 'Specify a custom file containing all meta data passed to the VM via cloud-init. This is provider specific meaning configdrive2 and nocloud differ.',
+	format => 'pve-volume-id',
+	format_description => 'volume',
+    },
+    network => {
+	type => 'string',
+	optional => 1,
+	description => 'Specify a custom file containing all network data passed to the VM via cloud-init.',
+	format => 'pve-volume-id',
+	format_description => 'volume',
+    },
+    user => {
+	type => 'string',
+	optional => 1,
+	description => 'Specify a custom file containing all user data passed to the VM via cloud-init.',
+	format => 'pve-volume-id',
+	format_description => 'volume',
+    },
+};
+PVE::JSONSchema::register_format('pve-qm-cicustom', $cicustom_fmt);
+
 my $confdesc_cloudinit = {
     citype => {
 	optional => 1,
@@ -661,6 +686,12 @@ my $confdesc_cloudinit = {
 	type => 'string',
 	description => 'cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.',
     },
+    cicustom => {
+	optional => 1,
+	type => 'string',
+	description => 'cloud-init: Specify custom files to replace the automatically generated ones at start.',
+	format => 'pve-qm-cicustom',
+    },
     searchdomain => {
 	optional => 1,
 	type => 'string',

PVE/QemuServer/Cloudinit.pm

@@ -208,14 +208,16 @@ EOF
 sub generate_configdrive2 {
     my ($conf, $vmid, $drive, $volname, $storeid) = @_;
 
-    my $user_data = cloudinit_userdata($conf, $vmid);
+    my ($user_data, $network_data, $meta_data) = get_custom_cloudinit_files($conf);
-    my $network_data = configdrive2_network($conf);
+    $user_data = cloudinit_userdata($conf, $vmid) if !defined($user_data);
+    $network_data = configdrive2_network($conf) if !defined($network_data);
 
-    my $digest_data = $user_data . $network_data;
+    if (!defined($meta_data)) {
-    my $uuid_str = Digest::SHA::sha1_hex($digest_data);
+	my $digest_data = $user_data . $network_data;
-
+	my $uuid_str = Digest::SHA::sha1_hex($digest_data);
-    my $meta_data = configdrive2_metadata($uuid_str);
 
+	$meta_data = configdrive2_metadata($uuid_str);
+    }
     my $files = {
 	'/openstack/latest/user_data' => $user_data,
 	'/openstack/content/0000' => $network_data,
@@ -378,13 +380,16 @@ sub nocloud_metadata {
 sub generate_nocloud {
     my ($conf, $vmid, $drive, $volname, $storeid) = @_;
 
-    my $user_data = cloudinit_userdata($conf, $vmid);
+    my ($user_data, $network_data, $meta_data) = get_custom_cloudinit_files($conf);
-    my $network_data = nocloud_network($conf);
+    $user_data = cloudinit_userdata($conf, $vmid) if !defined($user_data);
+    $network_data = nocloud_network($conf) if !defined($network_data);
 
-    my $digest_data = $user_data . $network_data;
+    if (!defined($meta_data)) {
-    my $uuid_str = Digest::SHA::sha1_hex($digest_data);
+	my $digest_data = $user_data . $network_data;
+	my $uuid_str = Digest::SHA::sha1_hex($digest_data);
 
-    my $meta_data = nocloud_metadata($uuid_str);
+	$meta_data = nocloud_metadata($uuid_str);
+    }
 
     my $files = {
 	'/user-data' => $user_data,
@@ -394,6 +399,44 @@ sub generate_nocloud {
     commit_cloudinit_disk($conf, $vmid, $drive, $volname, $storeid, $files, 'cidata');
 }
 
+sub get_custom_cloudinit_files {
+    my ($conf) = @_;
+
+    my $cicustom = $conf->{cicustom};
+    my $files = $cicustom ? PVE::JSONSchema::parse_property_string('pve-qm-cicustom', $cicustom) : {};
+
+    my $network_volid = $files->{network};
+    my $user_volid = $files->{user};
+    my $meta_volid = $files->{meta};
+
+    my $storage_conf = PVE::Storage::config();
+
+    my $network_data;
+    if ($network_volid) {
+	$network_data = read_cloudinit_snippets_file($storage_conf, $network_volid);
+    }
+
+    my $user_data;
+    if ($user_volid) {
+	$user_data = read_cloudinit_snippets_file($storage_conf, $user_volid);
+    }
+
+    my $meta_data;
+    if ($meta_volid) {
+	$meta_data = read_cloudinit_snippets_file($storage_conf, $meta_volid);
+    }
+
+    return ($user_data, $network_data, $meta_data);
+}
+
+sub read_cloudinit_snippets_file {
+    my ($storage_conf, $volid) = @_;
+
+    my ($full_path, undef, $type) = PVE::Storage::path($storage_conf, $volid);
+    die "$volid is not in the snippets directory\n" if $type ne 'snippets';
+    return PVE::Tools::file_get_contents($full_path);
+}
+
 my $cloudinit_methods = {
     configdrive2 => \&generate_configdrive2,
     nocloud => \&generate_nocloud,