Hi,
We’re looking to strictly confine the juju snap and need these interfaces auto connected. There’s a few personal files ones outlined below with reasons.
- lxd (so juju can create lxd containers)
- ssh-keys (so juju can add the user’s ssh public key to authorized keys on instances it creates)
config-juju is so that the confined snap can access the usual juju config files in the user’s real home directory.
config-juju:
interface: personal-files
write:
- $HOME/.local/share/juju
cloud-credentials-juju allows juju to read various cloud config files of the user to use the credentials and cloud endpoints therein
cloud-credentials-juju:
interface: personal-files
read:
- $HOME/.aws
- $HOME/.azure
- $HOME/.config
- $HOME/.kube
- $HOME/.maasrc
- $HOME/.oci
- $HOME/.novarc
config-lxd allows juju to read the user’s lxd config
NB we might be doing something wrong here since we still get a permission denied trying to read $HOME/snap/lxd/current/.config/lxc/config.yaml
. Any ideas?
config-lxd:
interface: personal-files
read:
- $HOME/snap/lxd/current/.config/lxc
- $HOME/.config/lxc
We use the home
interface so that juju can read arbitrary user specified YAML files for adding cloud and credential definitions, storing backups etc. Since this is auto connected on traditional distros, I don’t think there’s a eed to ask for auto connect, right?
Thanks in advance.