Allow installing with no users (#574)

internal/agent/interactive_install.go

@@ -152,31 +152,45 @@ func InteractiveInstall(debug, spawnShell bool, sourceImgURL string) error {
 		return err
 	}
 
-	userName, err := prompt("User to setup", "kairos", canBeEmpty, true, false)
+	createUser, err := prompt("Do you want to create any users? If not, system will not be accesible via terminal or ssh", "y", yesNo, true, false)
 	if err != nil {
 		return err
 	}
 
-	userPassword, err := prompt("Password", "", canBeEmpty, true, true)
-	if err != nil {
-		return err
-	}
+	var userName, userPassword, sshKeys, makeAdmin string
 
-	if userPassword == "" {
-		userPassword = "!"
-	}
+	if isYes(createUser) {
+		userName, err = prompt("User to setup", "kairos", canBeEmpty, true, false)
+		if err != nil {
+			return err
+		}
 
-	users, err := prompt("SSH access (rsakey, github/gitlab supported, comma-separated)", "github:someuser,github:someuser2", canBeEmpty, true, false)
-	if err != nil {
-		return err
-	}
+		userPassword, err = prompt("Password", "", canBeEmpty, true, true)
+		if err != nil {
+			return err
+		}
 
-	// Cleanup the users if we selected the default values as they are not valid users
-	if users == "github:someuser,github:someuser2" {
-		users = ""
-	}
-	if users != "" {
-		sshUsers = strings.Split(users, ",")
+		if userPassword == "" {
+			userPassword = "!"
+		}
+
+		sshKeys, err = prompt("SSH access (rsakey, github/gitlab supported, comma-separated)", "github:someuser,github:someuser2", canBeEmpty, true, false)
+		if err != nil {
+			return err
+		}
+
+		makeAdmin, err = prompt("Make the user an admin (with sudo permissions)?", "y", yesNo, true, false)
+		if err != nil {
+			return err
+		}
+
+		// Cleanup the users if we selected the default values as they are not valid users
+		if sshKeys == "github:someuser,github:someuser2" {
+			sshKeys = ""
+		}
+		if sshKeys != "" {
+			sshUsers = strings.Split(sshKeys, ",")
+		}
 	}
 
 	// Prompt the user by prompts defined by the provider
@@ -216,41 +230,49 @@ func InteractiveInstall(debug, spawnShell bool, sourceImgURL string) error {
 		return InteractiveInstall(debug, spawnShell, sourceImgURL)
 	}
 
-	usersToSet := map[string]schema.User{}
-
-	stage := config.NetworkStage.String()
-
-	if userName != "" {
-		user := schema.User{
-			Name:              userName,
-			PasswordHash:      userPassword,
-			Groups:            []string{"admin"},
-			SSHAuthorizedKeys: sshUsers,
-		}
-
-		// If we got no ssh keys, we don't need network, do the user as soon as possible
-		if len(sshUsers) == 0 {
-			stage = config.InitramfsStage.String()
-		}
-
-		usersToSet = map[string]schema.User{
-			userName: user,
-		}
-	}
-
-	cloudConfig := schema.YipConfig{Name: "Config generated by the installer",
-		Stages: map[string][]schema.Stage{stage: {
-			{
-				Users: usersToSet,
-			},
-		}}}
-
 	// This is temporal to generate a valid cc file, no need to properly initialize everything
 	cc := &config.Config{
 		Install: &config.Install{
 			Device: device,
 		},
 	}
+
+	var cloudConfig schema.YipConfig
+
+	// Only add the user stage if we have any users
+	if userName != "" {
+		var isAdmin []string
+
+		if isYes(makeAdmin) {
+			isAdmin = append(isAdmin, "admin")
+		}
+
+		user := schema.User{
+			Name:              userName,
+			PasswordHash:      userPassword,
+			Groups:            isAdmin,
+			SSHAuthorizedKeys: sshUsers,
+		}
+
+		stage := config.NetworkStage.String()
+		// If we got no ssh keys, we don't need network, do the user as soon as possible
+		if len(sshUsers) == 0 {
+			stage = config.InitramfsStage.String()
+		}
+
+		cloudConfig = schema.YipConfig{Name: "Config generated by the installer",
+			Stages: map[string][]schema.Stage{stage: {
+				{
+					Users: map[string]schema.User{
+						userName: user,
+					},
+				},
+			}}}
+	} else {
+		// If no users, we need to set this option to skip the user validation and confirm that we want a system with no users.
+		cc.Install.NoUsers = true
+	}
+
 	// Merge all yamls into one
 	dat, err := config.MergeYAML(cloudConfig, cc, result)
 	if err != nil {