From dbd3d59354a90e6a142d3694c4e0a516d34e948b Mon Sep 17 00:00:00 2001
From: Mischa Taylor <taylor@linux.com>
Date: Sun, 23 Jun 2024 15:00:08 -0400
Subject: [PATCH] Add debian 12 aarch64 template

---
 debian/cloud/aarch64/README.md                |  92 +++++
 .../aarch64/debian-12-aarch64.pkrvars.hcl     |   3 +
 debian/cloud/aarch64/debian.pkr.hcl           | 117 ++++++
 .../cloud/docs/MOUNT_CLOUD_IMAGE_AARCH64.md   | 357 +++++++++++++++++-
 debian/cloud/docs/MOUNT_CLOUD_IMAGE_X86_64.md |   2 +-
 ..._JETSON_ARM64_DEBIAN_CLOUD_IMAGE_MANUAL.md | 122 ++++++
 6 files changed, 678 insertions(+), 15 deletions(-)
 create mode 100644 debian/cloud/aarch64/README.md
 create mode 100644 debian/cloud/aarch64/debian-12-aarch64.pkrvars.hcl
 create mode 100644 debian/cloud/aarch64/debian.pkr.hcl
 create mode 100644 debian/cloud/docs/QEMU_NVIDIA_JETSON_ARM64_DEBIAN_CLOUD_IMAGE_MANUAL.md

diff --git a/debian/cloud/aarch64/README.md b/debian/cloud/aarch64/README.md
new file mode 100644
index 0000000..c8c92f8
--- /dev/null
+++ b/debian/cloud/aarch64/README.md
@@ -0,0 +1,92 @@
+# Debian aarch64 cloud images
+
+## Debian 12
+
+```
+cd debian/cloud/aarch64
+packer init .
+PACKER_LOG=1 packer build \
+  -var-file debian-12-aarch64.pkrvars.hcl \
+  debian.pkr.hcl
+```
+
+```
+
+$ sudo qemu-img convert \
+    -f qcow2 \
+    -O qcow2 \
+    output-debian-12-aarch64/debian-12-aarch64.qcow2 \
+    /var/lib/libvirt/images/debian-12-aarch64.qcow2
+$ sudo qemu-img resize \
+    -f qcow2 \
+    /var/lib/libvirt/images/debian-12-aarch64.qcow2 \
+    32G
+```
+
+```
+$ sudo apt-get install libosinfo-bin
+$ osinfo-query os
+```
+
+```
+virt-install \
+  --connect qemu:///system \
+  --name debian-12 \
+  --boot uefi \
+  --memory 4096 \
+  --vcpus 2 \
+  --os-variant debian10 \
+  --disk /var/lib/libvirt/images/debian-12-aarch64.qcow2,bus=virtio \
+  --network network=host-network,model=virtio \
+  --noautoconsole \
+  --console pty,target_type=serial \
+  --import \
+  --debug
+
+virsh console debian-12
+
+# login with packer user
+
+# Check networking - you may notice that the network interface is down and
+# the name of the interface generated in netplan doesn't match. If not 
+# correct, can regenerate with cloud-init
+# ip reports that enp1s0 is down
+$ ip --brief a
+lo               UNKNOWN        127.0.0.1/8 ::1/128 
+enp1s0           UP             10.63.34.169/22 metric 100 fe80::5054:ff:fee1:b969/64
+
+# Check to make sure cloud-init is greater than 23.4
+$ cloud-init --version
+/usr/bin/cloud-init 22.4.2
+
+# NOTE: Because Ubuntu 20.04 has a version of cloud-init earlier than 23.4
+# it does not have the "clean" parameter, instead regenerate the netplan
+# config with the following
+
+# Make cloud-init regenerate the network configuration
+sudo rm /var/lib/cloud/data/instance-id
+sudo cloud-init init --local
+
+$ sudo reboot
+
+# Verify image boots with the networking enabled
+$ ip --brief a
+lo               UNKNOWN        127.0.0.1/8 ::1/128 
+enp1s0           UP             10.63.46.11/22 metric 100 fe80::5054:ff:fe04:483/64
+
+
+$ cloud-init status
+status: done
+
+# Disable cloud-init
+$ sudo touch /etc/cloud/cloud-init.disabled
+
+# Verify cloud-init is disabled
+$ cloud-init status
+status: disabled
+```
+
+```
+$ virsh shutdown debian-12
+$ virsh undefine debian-12 --nvram --remove-all-storage
+```
diff --git a/debian/cloud/aarch64/debian-12-aarch64.pkrvars.hcl b/debian/cloud/aarch64/debian-12-aarch64.pkrvars.hcl
new file mode 100644
index 0000000..afe383d
--- /dev/null
+++ b/debian/cloud/aarch64/debian-12-aarch64.pkrvars.hcl
@@ -0,0 +1,3 @@
+iso_checksum = "file:https://cloud.debian.org/images/cloud/bookworm/latest/SHA512SUMS"
+iso_url = "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-arm64.qcow2"
+vm_name = "debian-12-aarch64"
diff --git a/debian/cloud/aarch64/debian.pkr.hcl b/debian/cloud/aarch64/debian.pkr.hcl
new file mode 100644
index 0000000..c7d1517
--- /dev/null
+++ b/debian/cloud/aarch64/debian.pkr.hcl
@@ -0,0 +1,117 @@
+packer {
+  required_plugins {
+    qemu = {
+      version = "~> 1"
+      source  = "github.com/hashicorp/qemu"
+    }
+  }
+}
+
+variable "efi_boot" {
+  type    = bool
+  default = false
+}
+
+variable "efi_firmware_code" {
+  type    = string
+  default = null
+}
+
+variable "efi_firmware_vars" {
+  type    = string
+  default = null
+}
+
+variable "ssh_username" {
+  type    = string
+  default = "packer"
+}
+
+variable "ssh_password" {
+  type    = string
+  default = "packer"
+}
+
+variable "vm_name" {
+  type    = string
+  default = "debian-12-aarch64"
+}
+
+source "file" "user_data" {
+  content = <<EOF
+#cloud-config
+user: ${var.ssh_username}
+password: ${var.ssh_password}
+chpasswd: { expire: False }
+ssh_pwauth: True
+EOF
+  target  = "boot-${var.vm_name}/user-data"
+}
+
+source "file" "meta_data" {
+  content = <<EOF
+instance-id: debian-cloud
+local-hostname: debian-cloud
+EOF
+  target  = "boot-${var.vm_name}/meta-data"
+}
+
+build {
+  sources = ["sources.file.user_data", "sources.file.meta_data"]
+
+  provisioner "shell-local" {
+    inline = ["genisoimage -output boot-${var.vm_name}/cidata.iso -input-charset utf-8 -volid cidata -joliet -r boot-${var.vm_name}/user-data boot-${var.vm_name}/meta-data"]
+  }
+}
+
+variable "iso_checksum" {
+  type    = string
+  default = "file:https://cloud.debian.org/images/cloud/bookworm/latest/SHA512SUMS"
+}
+
+variable "iso_url" {
+  type    = string
+  default = "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-arm64.qcow2"
+}
+
+source "qemu" "debian" {
+  disk_compression = true
+  disk_image       = true
+  disk_size        = "32G"
+  format           = "qcow2"
+  iso_checksum     = var.iso_checksum
+  iso_url          = var.iso_url
+  qemu_binary      = "qemu-system-aarch64"
+  qemuargs = [
+    ["-cdrom", "boot-${var.vm_name}/cidata.iso"],
+    ["-cpu", "max"],
+    ["-boot", "strict=on"],
+    ["-monitor", "none"],
+    /* ["-device", "virtio-gpu-pci"], */
+  ]
+  output_directory  = "output-${var.vm_name}"
+  shutdown_command  = "echo '${var.ssh_password}' | sudo -S shutdown -P now"
+  ssh_password      = var.ssh_password
+  ssh_timeout       = "120s"
+  ssh_username      = var.ssh_username
+  vm_name           = "${var.vm_name}.qcow2"
+  machine_type      = "virt,gic-version=max"
+  net_device        = "virtio-net"
+  disk_interface    = "virtio"
+  efi_boot          = var.efi_boot
+  efi_firmware_code = "/usr/share/AAVMF/AAVMF_CODE.fd"
+  efi_firmware_vars = "/usr/share/AAVMF/AAVMF_VARS.fd"
+}
+
+build {
+  sources = ["source.qemu.debian"]
+
+  # cloud-init may still be running when we start executing scripts
+  # To avoid race conditions, make sure cloud-init is done first
+  provisioner "shell" {
+    execute_command   = "echo '${var.ssh_password}' | {{ .Vars }} sudo -S -E sh -eux '{{ .Path }}'"
+    scripts = [
+      "../scripts/cloud-init-wait.sh",
+    ]
+  }
+}
diff --git a/debian/cloud/docs/MOUNT_CLOUD_IMAGE_AARCH64.md b/debian/cloud/docs/MOUNT_CLOUD_IMAGE_AARCH64.md
index 31c718f..e0945cb 100644
--- a/debian/cloud/docs/MOUNT_CLOUD_IMAGE_AARCH64.md
+++ b/debian/cloud/docs/MOUNT_CLOUD_IMAGE_AARCH64.md
@@ -2,7 +2,7 @@
 
 ```
 curl -LO https://cloud.debian.org/images/cloud/bookworm/latest/SHA512SUMS
-curl -LO https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-arm64.qcow2
+curl -LO https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-arm64.qcow2
 ```
 
 ## Loopback mount - requires converting qcow to raw
@@ -20,24 +20,24 @@ If the image is in QCOW2 format, convert it to raw:
 qemu-img convert \
   -f qcow2 \
   -O raw \
-  debian-12-genericcloud-arm64.qcow2 \
-  debian-12-genericcloud-arm64.raw
+  debian-12-generic-arm64.qcow2 \
+  debian-12-generic-arm64.raw
 ```
 
 Find the offset of where the partition starts:
 
 ```
-$ fdisk -l debian-12-genericcloud-arm64.raw 
-Disk debian-12-genericcloud-arm64.raw: 2 GiB, 2147483648 bytes, 4194304 sectors
+$ fdisk -l debian-12-generic-arm64.raw
+Disk debian-12-generic-arm64.raw: 2 GiB, 2147483648 bytes, 4194304 sectors
 Units: sectors of 1 * 512 = 512 bytes
 Sector size (logical/physical): 512 bytes / 512 bytes
 I/O size (minimum/optimal): 512 bytes / 512 bytes
 Disklabel type: gpt
-Disk identifier: AA17B800-9DDD-174C-87FE-0BBA5A1FF598
+Disk identifier: 9EFC615F-FA64-464B-BDA6-4C4126E2627F
 
-Device                              Start     End Sectors  Size Type
-debian-12-genericcloud-arm64.raw1  262144 4192255 3930112  1.9G Linux root
-debian-12-genericcloud-arm64.raw15   2048  262143  260096  127M EFI System
+Device                         Start     End Sectors  Size Type
+debian-12-generic-arm64.raw1  262144 4192255 3930112  1.9G Linux root (ARM-64)
+debian-12-generic-arm64.raw15   2048  262143  260096  127M EFI System
 
 Partition table entries are not in disk order.
 
@@ -48,7 +48,7 @@ $ echo $((262144 * 512))
 
 # Mount the image
 sudo mkdir /mnt/debian-12
-sudo mount -o loop,offset=134217728 debian-12-genericcloud-arm64.raw /mnt/debian-12
+sudo mount -o loop,offset=134217728 debian-12-generic-arm64.raw /mnt/debian-12
 
 $ ls /mnt/debian-12/
 bin   dev  home  lost+found  mnt  proc  run   srv  tmp  var
@@ -64,10 +64,10 @@ sudo rmdir /mnt/debian-12
 ```
 # Load the nbd module
 $ sudo modprobe -v nbd
-insmod /lib/modules/6.5.0-41-generic/kernel/drivers/block/nbd.ko
+insmod /lib/modules/5.10.192-tegra/kernel/drivers/block/nbd.ko
 # Verify the nbd module is loaded
 $ lsmod | grep nbd
-nbd                    65536  0
+nbd                    45056  2
 
 $ ls /dev/nbd*
 /dev/nbd0   /dev/nbd11  /dev/nbd14  /dev/nbd3  /dev/nbd6  /dev/nbd9
@@ -75,7 +75,7 @@ $ ls /dev/nbd*
 /dev/nbd10  /dev/nbd13  /dev/nbd2   /dev/nbd5  /dev/nbd8
 
 # Connect the QCOW2 image as a network block device
-$ sudo qemu-nbd --connect=/dev/nbd0 debian-12-genericcloud-arm64.qcow2
+$ sudo qemu-nbd --connect=/dev/nbd0 debian-12-generic-arm64.qcow2
 
 # Create a mount point directory
 $ sudo mkdir /mnt/debian-12
@@ -86,7 +86,7 @@ Units: sectors of 1 * 512 = 512 bytes
 Sector size (logical/physical): 512 bytes / 512 bytes
 I/O size (minimum/optimal): 512 bytes / 512 bytes
 Disklabel type: gpt
-Disk identifier: AA17B800-9DDD-174C-87FE-0BBA5A1FF598
+Disk identifier: 9EFC615F-FA64-464B-BDA6-4C4126E2627F
 
 Device        Start     End Sectors  Size Type
 /dev/nbd0p1  262144 4192255 3930112  1.9G Linux root (ARM-64)
@@ -95,5 +95,334 @@ Device        Start     End Sectors  Size Type
 Partition table entries are not in disk order.
 
 
+$ sudo mount /dev/nbd0p1 /mnt/debian-12/
 
+$ ls /mnt/debian-12/
+bin   dev  home  lost+found  mnt  proc  run   srv  tmp  var
+boot  etc  lib   media       opt  root  sbin  sys  usr
+
+# Use chroot jail to execute commands inside of the mounted root filesystem
+ sudo chroot /mnt/debian-12/
+root@agx01:/# ls
+bin   dev  home  lost+found  mnt  proc	run   srv  tmp	var
+boot  etc  lib	 media	     opt  root	sbin  sys  usr
+root@crake-kvm-playpen:/# exit
+exit
+
+# Exit chroot and unmount the image file
+$ sudo umount /mnt/debian-12
+$ sudo qemu-nbd --disconnect /dev/nbd0
+$ sudo rmdir /mnt/debian-12
+$ sudo rmmod nbd
+```
+
+## Mount cloud image with guestfish
+
+```
+sudo apt-get update
+sudo apt-get install libguestfs-tools
+
+$ guestfish --version
+guestfish 1.40.2
+```
+
+## Debian 12/Bookworm Cloud Image
+
+```
+$ curl -LO https://cloud.debian.org/images/cloud/bookworm/latest/SHA512SUMS
+$ curl -LO https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-arm64.qcow2
+
+$ sudo modprobe -v nbd
+insmod /lib/modules/5.10.192-tegra/kernel/drivers/block/nbd.ko
+# Verify the nbd module is loaded
+$ lsmod | grep nbd
+nbd                    45056  2
+$ sudo qemu-nbd --connect=/dev/nbd0 debian-12-generic-arm64.qcow2
+$ sudo mkdir /mnt/debian-12
+
+$ sudo fdisk -l /dev/nbd0
+Disk /dev/nbd0: 2 GiB, 2147483648 bytes, 4194304 sectors
+Units: sectors of 1 * 512 = 512 bytes
+Sector size (logical/physical): 512 bytes / 512 bytes
+I/O size (minimum/optimal): 512 bytes / 512 bytes
+Disklabel type: gpt
+Disk identifier: 9EFC615F-FA64-464B-BDA6-4C4126E2627F
+
+Device        Start     End Sectors  Size Type
+/dev/nbd0p1  262144 4192255 3930112  1.9G Linux root (ARM-64)
+/dev/nbd0p15   2048  262143  260096  127M EFI System
+
+Partition table entries are not in disk order.
+
+
+$ sudo mount /dev/nbd0p1 /mnt/debian-12/
+$ sudo chroot /mnt/debian-12/
+root@agx01:/# ls
+exit
+$ sudo umount /mnt/debian-12
+$ sudo rmdir /mnt/debian-12
+```
+
+```
+$ sudo chroot /mnt/debian-12/
+root@agx01:/# ls
+bin   dev  home  lost+found  mnt  proc	run   srv  tmp	var
+boot  etc  lib	 media	     opt  root	sbin  sys  usr
+root@agx01:/# cat /etc/cloud/cloud.cfg
+# The top level settings are used as module
+# and system configuration.
+# A set of users which may be applied and/or used by various modules
+# when a 'default' entry is found it will reference the 'default_user'
+# from the distro configuration specified below
+users:
+   - default
+
+
+# If this is set, 'root' will not be able to ssh in and they
+# will get a message to login instead as the default $user
+disable_root: true
+
+# This will cause the set+update hostname module to not operate (if true)
+preserve_hostname: false
+
+apt:
+   # This prevents cloud-init from rewriting apt's sources.list file,
+   # which has been a source of surprise.
+   preserve_sources_list: true
+
+# If you use datasource_list array, keep array items in a single line.
+# If you use multi line array, ds-identify script won't read array items.
+# Example datasource config
+# datasource:
+#    Ec2:
+#      metadata_urls: [ 'blah.com' ]
+#      timeout: 5 # (defaults to 50 seconds)
+#      max_wait: 10 # (defaults to 120 seconds)
+
+
+
+
+# The modules that run in the 'init' stage
+cloud_init_modules:
+ - migrator
+ - seed_random
+ - bootcmd
+ - write-files
+ - growpart
+ - resizefs
+ - disk_setup
+ - mounts
+ - set_hostname
+ - update_hostname
+ - update_etc_hosts
+ - ca-certs
+ - rsyslog
+ - users-groups
+ - ssh
+
+# The modules that run in the 'config' stage
+cloud_config_modules:
+ - snap
+ - ssh-import-id
+ - keyboard
+ - locale
+ - set-passwords
+ - grub-dpkg
+ - apt-pipelining
+ - apt-configure
+ - ntp
+ - timezone
+ - disable-ec2-metadata
+ - runcmd
+ - byobu
+
+# The modules that run in the 'final' stage
+cloud_final_modules:
+ - package-update-upgrade-install
+ - fan
+ - landscape
+ - lxd
+ - write-files-deferred
+ - puppet
+ - chef
+ - mcollective
+ - salt-minion
+ - reset_rmc
+ - refresh_rmc_and_interface
+ - rightscale_userdata
+ - scripts-vendor
+ - scripts-per-once
+ - scripts-per-boot
+ - scripts-per-instance
+ - scripts-user
+ - ssh-authkey-fingerprints
+ - keys-to-console
+ - install-hotplug
+ - phone-home
+ - final-message
+ - power-state-change
+
+# System and/or distro specific settings
+# (not accessible to handlers/transforms)
+system_info:
+   # This will affect which distro class gets used
+   distro: debian
+   # Default user name + that default users groups (if added/used)
+   default_user:
+     name: debian
+     lock_passwd: True
+     gecos: Debian
+     groups: [adm, audio, cdrom, dialout, dip, floppy, netdev, plugdev, sudo, video]
+     sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+     shell: /bin/bash
+   # Other config here will be given to the distro class and/or path classes
+   paths:
+      cloud_dir: /var/lib/cloud/
+      templates_dir: /etc/cloud/templates/
+   package_mirrors:
+     - arches: [default]
+       failsafe:
+         primary: https://deb.debian.org/debian
+         security: https://deb.debian.org/debian-security
+   ssh_svcname: ssh
+```
+
+```
+# cat /etc/cloud/clean.d/README 
+-- cloud-init's clean.d run-parts directory --
+
+This directory is provided for third party applications which need
+additional configuration artifact cleanup from the filesystem when
+the command `cloud-init clean` is invoked.
+
+The `cloud-init clean` operation is typically performed by image creators
+when preparing a golden image for clone and redeployment. The clean command
+removes any cloud-init semaphores, allowing cloud-init to treat the next
+boot of this image as the "first boot". When the image is next booted
+cloud-init will performing all initial configuration based on any valid
+datasource meta-data and user-data.
+
+Any executable scripts in this subdirectory will be invoked in lexicographical
+order with run-parts by the command: sudo cloud-init clean.
+
+Typical format of such scripts would be a ##-<some-app> like the following:
+  /etc/cloud/clean.d/99-live-installer
+```
+
+```
+# ls /etc/cloud/cloud.cfg.d
+01_debian_cloud.cfg  05_logging.cfg  README
+
+# cat /etc/cloud/cloud.cfg.d/README 
+# All files with the '.cfg' extension in this directory will be read by
+# cloud-init. They are read in lexical order. Later files overwrite values in
+# earlier files.
+
+# cat /etc/cloud/cloud.cfg.d/README 
+# All files with the '.cfg' extension in this directory will be read by
+# cloud-init. They are read in lexical order. Later files overwrite values in
+# earlier files.
+root@agx01:/# cat /etc/cloud/cloud.cfg.d/01_debian_cloud.cfg 
+apt:
+  generate_mirrorlists: true
+
+system_info:
+  default_user:
+    name: debian
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    shell: /bin/bash
+    lock_passwd: True
+    gecos: Debian
+    groups: [adm, audio, cdrom, dialout, dip, floppy, plugdev, sudo, video]
+    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+    shell: /bin/bash
+
+# cat /etc/cloud/cloud.cfg.d/05_logging.cfg 
+## This yaml formated config file handles setting
+## logger information.  The values that are necessary to be set
+## are seen at the bottom.  The top '_log' are only used to remove
+## redundency in a syslog and fallback-to-file case.
+##
+## The 'log_cfgs' entry defines a list of logger configs
+## Each entry in the list is tried, and the first one that
+## works is used.  If a log_cfg list entry is an array, it will
+## be joined with '\n'.
+_log:
+ - &log_base |
+   [loggers]
+   keys=root,cloudinit
+   
+   [handlers]
+   keys=consoleHandler,cloudLogHandler
+   
+   [formatters]
+   keys=simpleFormatter,arg0Formatter
+   
+   [logger_root]
+   level=DEBUG
+   handlers=consoleHandler,cloudLogHandler
+   
+   [logger_cloudinit]
+   level=DEBUG
+   qualname=cloudinit
+   handlers=
+   propagate=1
+   
+   [handler_consoleHandler]
+   class=StreamHandler
+   level=WARNING
+   formatter=arg0Formatter
+   args=(sys.stderr,)
+   
+   [formatter_arg0Formatter]
+   format=%(asctime)s - %(filename)s[%(levelname)s]: %(message)s
+   
+   [formatter_simpleFormatter]
+   format=[CLOUDINIT] %(filename)s[%(levelname)s]: %(message)s
+ - &log_file |
+   [handler_cloudLogHandler]
+   class=FileHandler
+   level=DEBUG
+   formatter=arg0Formatter
+   args=('/var/log/cloud-init.log', 'a', 'UTF-8')
+ - &log_syslog |
+   [handler_cloudLogHandler]
+   class=handlers.SysLogHandler
+   level=DEBUG
+   formatter=simpleFormatter
+   args=("/dev/log", handlers.SysLogHandler.LOG_USER)
+
+log_cfgs:
+# Array entries in this list will be joined into a string
+# that defines the configuration.
+#
+# If you want logs to go to syslog, uncomment the following line.
+# - [ *log_base, *log_syslog ]
+#
+# The default behavior is to just log to a file.
+# This mechanism that does not depend on a system service to operate.
+ - [ *log_base, *log_file ]
+# A file path can also be used.
+# - /etc/log.conf
+
+# This tells cloud-init to redirect its stdout and stderr to
+# 'tee -a /var/log/cloud-init-output.log' so the user can see output
+# there without needing to look on the console.
+output: {all: '| tee -a /var/log/cloud-init-output.log'}
+```
+
+```
+# ls /etc/cloud/templates/
+chef_client.rb.tmpl	   host.mariner.tmpl	 ntp.conf.freebsd.tmpl
+chrony.conf.alpine.tmpl    hosts.alpine.tmpl	 ntp.conf.opensuse.tmpl
+chrony.conf.centos.tmpl    hosts.arch.tmpl	 ntp.conf.photon.tmpl
+chrony.conf.cos.tmpl	   hosts.debian.tmpl	 ntp.conf.rhel.tmpl
+chrony.conf.debian.tmpl    hosts.freebsd.tmpl	 ntp.conf.sles.tmpl
+chrony.conf.fedora.tmpl    hosts.gentoo.tmpl	 ntp.conf.ubuntu.tmpl
+chrony.conf.freebsd.tmpl   hosts.photon.tmpl	 ntpd.conf.openbsd.tmpl
+chrony.conf.opensuse.tmpl  hosts.redhat.tmpl	 resolv.conf.tmpl
+chrony.conf.photon.tmpl    hosts.suse.tmpl	 sources.list.debian.tmpl
+chrony.conf.rhel.tmpl	   ntp.conf.alpine.tmpl  sources.list.ubuntu.tmpl
+chrony.conf.sles.tmpl	   ntp.conf.debian.tmpl  systemd.resolved.conf.tmpl
+chrony.conf.ubuntu.tmpl    ntp.conf.fedora.tmpl  timesyncd.conf.tmpl
 ```
diff --git a/debian/cloud/docs/MOUNT_CLOUD_IMAGE_X86_64.md b/debian/cloud/docs/MOUNT_CLOUD_IMAGE_X86_64.md
index c5a65d2..820ca51 100644
--- a/debian/cloud/docs/MOUNT_CLOUD_IMAGE_X86_64.md
+++ b/debian/cloud/docs/MOUNT_CLOUD_IMAGE_X86_64.md
@@ -115,7 +115,7 @@ exit
 $ sudo umount /mnt/debian-12
 $ sudo qemu-nbd --disconnect /dev/nbd0
 $ sudo rmdir /mnt/debian-12
-$ rmmod nbd
+$ sudo rmmod nbd
 ```
 
 ## Mount cloud image with guestfish
diff --git a/debian/cloud/docs/QEMU_NVIDIA_JETSON_ARM64_DEBIAN_CLOUD_IMAGE_MANUAL.md b/debian/cloud/docs/QEMU_NVIDIA_JETSON_ARM64_DEBIAN_CLOUD_IMAGE_MANUAL.md
new file mode 100644
index 0000000..0018846
--- /dev/null
+++ b/debian/cloud/docs/QEMU_NVIDIA_JETSON_ARM64_DEBIAN_CLOUD_IMAGE_MANUAL.md
@@ -0,0 +1,122 @@
+# QEMU Nvidia Jetson ARM64 Debian Cloud Images
+
+Download the Debian cloud image
+
+```
+$ curl -LO https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-arm64.qcow2
+
+$ qemu-img info debian-12-generic-arm64.qcow2 
+image: debian-12-generic-arm64.qcow2
+file format: qcow2
+virtual size: 2 GiB (2147483648 bytes)
+disk size: 394 MiB
+cluster_size: 65536
+Format specific information:
+    compat: 1.1
+    lazy refcounts: false
+    refcount bits: 16
+    corrupt: false
+
+$ qemu-img convert \
+    -O qcow2 \
+    debian-12-generic-arm64.qcow2 \
+    debian-12.qcow2
+
+# Resize the image
+$ qemu-img resize \
+    -f qcow2 \
+    debian-12.qcow2 32G
+```
+
+Create a cloud-init configuration
+
+```
+touch network-config
+
+cat >meta-data <<EOF
+instance-id: debian-12
+local-hostname: debian-12
+EOF
+
+cat <<EOF > user-data
+#cloud-config
+password: superseekret
+chpasswd:
+  expire: False
+ssh_pwauth: True
+EOF
+```
+
+Create the cloud-init ISO
+
+```
+sudo apt-get update
+sudo apt-get install genisoimage
+genisoimage \
+    -input-charset utf-8 \
+    -output cloud-init.iso \
+    -volid cidata -rational-rock -joliet \
+    user-data meta-data network-config
+```
+
+Create a firmware image
+
+```
+# Qemu expects aarch firmware images to be 64M so the firmware
+# images can't be used as is, some padding is needed to
+# create an image for pflash
+dd if=/dev/zero of=flash0.img bs=1M count=64
+dd if=/usr/share/AAVMF/AAVMF_CODE.fd of=flash0.img conv=notrunc
+dd if=/dev/zero of=flash1.img bs=1M count=64
+```
+
+Run the VM with QEMU
+
+```
+# login: debian
+qemu-system-aarch64 \
+  -name debian-12 \
+  -machine virt,accel=kvm,gic-version=3,kernel-irqchip=on \
+  -cpu host \
+  -smp 2 \
+  -m 2G \
+  -device virtio-keyboard \
+  -device virtio-mouse \
+  -device virtio-gpu-pci \
+  -nographic \
+  -device virtio-net-pci,netdev=net0 \
+  -netdev user,id=net0,hostfwd=tcp::2222-:22 \
+  -drive file=debian-12.qcow2,if=virtio,format=qcow2 \
+  -cdrom cloud-init.iso \
+  -drive if=pflash,format=raw,readonly=on,unit=0,file=flash0.img \
+  -drive if=pflash,format=raw,unit=1,file=flash1.img
+
+Ctrl-a h: Show help (displays all available commands).
+Ctrl-a x: Exit QEMU.
+Ctrl-a c: Switch between the monitor and the console.
+Ctrl-a s: Send a break signal.
+
+qemu-system-x86_64 \
+  -name debian-12 \
+  -machine virt,accel=kvm,type=q35 \
+  -cpu host \
+  -smp 2 \
+  -m 2G \
+  -device virtio-keyboard \
+  -device virtio-mouse \
+  -device virtio-net-pci,netdev=net0 \
+  -netdev user,id=net0,hostfwd=tcp::2222-:22 \
+  -drive file=debian-12.qcow2,if=virtio,format=qcow2 \
+  -cdrom cloud-init.iso \
+  -drive if=pflash,format=raw,readonly=on,unit=0,file=/usr/share/OVMF/OVMF_CODE_
+4M.fd \
+  -drive if=pflash,format=raw,readonly=on,unit=1,file=/usr/share/OVMF/OVMF_VARS_
+4M.fd
+```
+
+Login to the image
+
+```
+# debian / superseekret
+ssh cloud-user@localhost -p 2222
+```