Configuring users in bootc images

I’ve started playing with bootable containers (bootc) for the purpose of maybe finally moving my home setup from manually installing everything to some form of infrastructure as code, at least for my VMs.

But I would like the images to be deployable non-interactively and having my user account preconfigured, including pulling my dotfiles from git. There doesn’t seem to be a good option for a human user account. My options are:

• just set up the user by banging a series of commands right in the Containerfile, which bootc documentation specifically advises not to do for a range of reasons,
• variety of ways to “inject” an account into the system on image build or deploy time that don’t offer any way to run further setup on that account, beyond maybe setting up SSH keys,
• “injecting” the account at build time and some sort of firstboot script that does the rest of the setup.

How would you set up a user for a bootc image?

How are you accessing the containers? If it’s SSH, you can put the public key into the image for the account you’re SSHing from, so that the login is passwordless. Fedora bootc getting started / authentication users and groups.

Why incur the overhead of virtualization or containers when there’s Ansible/Chef/Puppet or OpenTofu (libre fork of Terraform) to install on bare metal? You could even have a preconfiguration file for Debian Unattended Installs. I guess the hard question is: why not bite the bullet and learn* the Nix declarative language from NixOS.

*: it’s like JSON, so think Terraform with declarative-type programmability.

K3n.