1 files changed, 87 insertions, 1 deletions
diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go
index 5c465d37d..84d3be296 100644
--- a/pkg/machine/ignition.go
+++ b/pkg/machine/ignition.go
@@ -1,4 +1,4 @@
-// +build amd64,!windows arm64,!windows
+// +build amd64 arm64
 
 package machine
 
@@ -7,6 +7,10 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net/url"
+	"os"
+	"path/filepath"
+
+	"github.com/sirupsen/logrus"
 )
 
 /*
@@ -44,6 +48,7 @@ func getNodeGrp(grpName string) NodeGroup {
 type DynamicIgnition struct {
 	Name      string
 	Key       string
+	TimeZone  string
 	VMName    string
 	WritePath string
 }
@@ -76,6 +81,37 @@ func NewIgnitionFile(ign DynamicIgnition) error {
 		Links:       getLinks(ign.Name),
 	}
 
+	// Add or set the time zone for the machine
+	if len(ign.TimeZone) > 0 {
+		var (
+			err error
+			tz  string
+		)
+		// local means the same as the host
+		// lookup where it is pointing to on the host
+		if ign.TimeZone == "local" {
+			tz, err = getLocalTimeZone()
+			if err != nil {
+				return err
+			}
+		} else {
+			tz = ign.TimeZone
+		}
+		tzLink := Link{
+			Node: Node{
+				Group:     getNodeGrp("root"),
+				Path:      "/etc/localtime",
+				Overwrite: boolToPtr(false),
+				User:      getNodeUsr("root"),
+			},
+			LinkEmbedded1: LinkEmbedded1{
+				Hard:   boolToPtr(false),
+				Target: filepath.Join("/usr/share/zoneinfo", tz),
+			},
+		}
+		ignStorage.Links = append(ignStorage.Links, tzLink)
+	}
+
 	// ready is a unit file that sets up the virtual serial device
 	// where when the VM is done configuring, it will send an ack
 	// so a listening host knows it can being interacting with it
@@ -322,6 +358,56 @@ machine_enabled=true
 		},
 	})
 
+	// get certs for current user
+	userHome, err := os.UserHomeDir()
+	if err != nil {
+		logrus.Warnf("Unable to copy certs via ignition %s", err.Error())
+		return files
+	}
+
+	certFiles := getCerts(filepath.Join(userHome, ".config/containers/certs.d"))
+	files = append(files, certFiles...)
+
+	certFiles = getCerts(filepath.Join(userHome, ".config/docker/certs.d"))
+	files = append(files, certFiles...)
+
+	return files
+}
+
+func getCerts(certsDir string) []File {
+	var (
+		files []File
+	)
+
+	certs, err := ioutil.ReadDir(certsDir)
+	if err == nil {
+		for _, cert := range certs {
+			b, err := ioutil.ReadFile(filepath.Join(certsDir, cert.Name()))
+			if err != nil {
+				logrus.Warnf("Unable to read cert file %s", err.Error())
+				continue
+			}
+			files = append(files, File{
+				Node: Node{
+					Group: getNodeGrp("root"),
+					Path:  filepath.Join("/etc/containers/certs.d/", cert.Name()),
+					User:  getNodeUsr("root"),
+				},
+				FileEmbedded1: FileEmbedded1{
+					Append: nil,
+					Contents: Resource{
+						Source: encodeDataURLPtr(string(b)),
+					},
+					Mode: intToPtr(0644),
+				},
+			})
+		}
+	} else {
+		if !os.IsNotExist(err) {
+			logrus.Warnf("Unable to copy certs via ignition, error while reading certs from %s:  %s", certsDir, err.Error())
+		}
+	}
+
 	return files
 }