# Preparing a backup image for cloud-init (reuse as golden image) This describes what was done to the **device** (e.g. 10.20.50.147) so the **backup image** you take from it is smaller and suitable for deployment as a **golden image** with cloud-init running on first boot. --- ## 1. Size reductions applied | Action | Effect | |--------|--------| | Removed old kernel (6.12.47) and headers | ~130 MB freed; current kernel 6.12.62 kept | | APT cache already cleaned | (done earlier) | | Logs truncated, journal vacuumed | (done earlier) | | KDE/Plasma removed | (done earlier; ~2.6 GB freed) | **Result:** Root filesystem ~**7.5 GB** used (28% of 29 GB). After taking the backup you can shrink with **PiShrink** (and optionally compress) for storage and faster deploy; see [EMMC-PROVISIONING-GUIDE.md](EMMC-PROVISIONING-GUIDE.md#shrinking-backup-and-golden-images-pishrink). --- ## 2. Cloud-init preparation (so it re-runs after deploy) These steps were run on the device so that when you **restore this image** to another reTerminal (or the same one after wipe), the next boot is treated as **first boot** and cloud-init runs again. | Step | What was done | |------|----------------| | **cloud-init clean** | `cloud-init clean --logs --machine-id --seed` so cloud-init state and seed are removed; next boot is detected as first boot. | | **machine-id** | Set to `uninitialized`; systemd will generate a new unique ID on first boot. | | **SSH host keys** | Removed from `/etc/ssh/`; `regenerate_ssh_host_keys.service` (or cloud-init) will create new keys on first boot. | | **Hostname** | Reset to `raspberrypi` in `/etc/hostname` and `/etc/hosts`; cloud-init can set the real hostname from **meta-data** or **user-data**. | No reboot was performed on the device so you can take the backup immediately. --- ## 3. Boot partition (NoCloud) The device already had cloud-init **NoCloud** files on the boot partition: - `/boot/firmware/user-data` - `/boot/firmware/meta-data` - `/boot/firmware/network-config` When you use this backup as **golden image** and deploy it: 1. **Cloud-init** will run on first boot and use these files. 2. If **user-data** is set up to download and run your **first-boot script** (e.g. from the provisioning portal), ensure: - The **FILE_SERVER** URL in that script (or in `first-boot.conf` on the server) is correct for the deployed network (e.g. `http://10.20.50.1:5000/files/first-boot` or your LXC IP). - The portal has the right **first-boot.conf** and **first-boot** assets (sync with `scripts/sync-portal-files-to-lxc.sh`). If you prefer different **user-data** / **meta-data** / **network-config** (e.g. different hostname, WiFi, or runcmd), either: - Edit them **on the device** before taking the backup, or - After copying the image to the host, **mount the boot partition** of the image and replace `user-data`, `meta-data`, and optionally `network-config` with your versions (see [EMMC-PROVISIONING-GUIDE.md](EMMC-PROVISIONING-GUIDE.md)). --- ## 4. Optional: further size reduction If you need a smaller image: - **Remove unused locales** (e.g. with `localepurge` or by removing locale packages); can save hundreds of MB. - **Remove more packages** (see [DEVICE-REMOVABLE-PACKAGES.md](DEVICE-REMOVABLE-PACKAGES.md)): e.g. CUPS, NFS, development tools, extra fonts. - **PiShrink** the backup after imaging (shrinks rootfs and optionally compresses); see the guide above. --- ## 5. Taking the backup 1. Use your normal **Backup** flow (e.g. reTerminal in boot mode → dashboard **Backup**), or `dd`/clone the eMMC to a file. 2. Optionally run **PiShrink** (and compress) on the host. 3. Set the result as **golden image** in the dashboard if you want to deploy it to other devices. 4. On first boot after deploy, cloud-init will run; SSH host keys and machine-id will be new; set hostname and the rest via **user-data** / **meta-data** or your first-boot script.