Assuming you already have the Fog gem installed:

First, as a prerequisite and as Jeff Gran notes, you’ll need to create a Rackspace image with the cloud-init package installed.

Next, similar to what Vladimir Vuksan describes, create a config.rb file, and populate the following values as appropriate for your environment:

#!/usr/bin/env ruby

@flavor_id = 3
@image_id = 1234567

@rackspace_username =  'example'
@rackspace_api_key = '1234....'

@private_key_path = './ssh/id_rsa'
@public_key_path = './ssh/id_rsa.pub'

The flavor_id values and image_id specify the instance size and the image you built with cloud-init installed (see the “fog” executable’s “Compute[:rackspace].flavors” and “Compute[:rackspace].images”, respectively); the Rackspace username and api_key can be retrieved from within the console under “Your Account: API Access.” The SSH key pair will be what you use to access the new instance as root.

Third, create a cloud-init user_data file ERB template; place it in ./cloud-init/user_data.erb; for example:

#cloud-config
apt_upgrade: true
hostname: <%= hostname %>

packages:
- emacs
- git
- puppet

#runcmd:

#ssh_keys:
#  rsa_private: |
#  rsa_public:
#  dsa_private: |
#  dsa_public:

Finally, the script you launch to deploy Rackspace images is as follows:

#!/usr/bin/env ruby

# Based on:
# http://blog.vuksan.com/2010/07/20/provision-to-cloud-in-5-minutes-using-fog/
# as well as:
# http://jeffgran.com/276/blog/ubuntu-cloud-init-rackspace-fog-ruby

require 'erb'
require 'optparse'

require 'rubygems'

require 'fog'
require 'mime'

# Parse options:
options = {}

optparse = OptionParser.new do|opts|
  opts.banner = "Usage new_instance.rb [options]"

  options[:name] = 'rax.example.com'
  opts.on( '-n', '--name INSTANCE_NAME', 'Instance name (default: rax.example.com)' ) do|n|
    options[:name] = n || 'rax.example.com'
  end

  options[:user_data] = './cloud-init/user_data.erb'
  opts.on( '-u', '--userdata USER_DATA', 'Path to Cloud-Init user_data ERB template (default: ./cloud-init/user_data.erb)' ) do |u|
    options[:user_data] = u || './cloud-init/user_data.erb'
  end

  opts.on( '-h', '--help', 'Display this help message' ) do
    puts opts
    exit
  end
end

optparse.parse!

hostname = options[:name] # to facilitate erb cloud-init template

# Create cloud-init data:

f = File.new(options[:user_data])
e = ERB.new(f.read)
user_data = MIME::MultipartMedia::Mixed.new
user_data.add_entity(MIME::TextMedia.new(e.result, 'text/plain'))

# Import Rackspace credentials:
require './config.rb'

# Connect to Rackspace:
connection = Fog::Compute.new({
  :provider           => 'Rackspace',
  :rackspace_api_key  => @rackspace_api_key,
  :rackspace_username => @rackspace_username
})

# Launch instance:
puts "Launching instance '#{options[:name]}'..."

server = connection.servers.bootstrap({
  :flavor_id        => @flavor_id,
  :image_id         => @image_id,
  :name             => hostname,
  :personality      => [ { 'path'     => '/var/lib/cloud/seed/nocloud-net/user-data',
                           'contents' => user_data.to_s },
                         { 'path'     => '/var/lib/cloud/seed/nocloud-net/meta-data',
                           'contents' => ' ' } ],
  :private_key_path => @private_key_path,
  :public_key_path  => @public_key_path
})

puts "Instance launched at #{server.public_ip_address()}"

Launch it with the “-h” flag to see usage; otherwise, launch it with no arguments to launch an instance with your default options.

From the f.lux website: “f.lux makes your computer screen look like the room you’re in, all the time. When the sun sets, it makes your computer look like your indoor lights. In the morning, it makes things look like sunlight again.” For me, the decrease in eye strain is palpable; at night, picking up a mobile phone or even looking at a TV after using a machine with f.lux installed is painful. (Obviously, if you need accurate color representation, you can’t have f.lux on; thankfully, temporarily disabling it is a breeze.)

There are are Windows, OS X and Linux versions available; installation on Ubuntu is made easy through a PPA. Here’s a little Puppet module for Ubuntu Maverick hosts, if Puppet is your thing:

class flux {

  exec { "add f.lux ppa":
    command => "/usr/bin/apt-add-repository ppa:kilian/f.lux",
    creates => "/etc/apt/sources.list.d/kilian-f_lux-maverick.list",
    notify => Exec["apt-get update"],
  }

  package { "fluxgui":
    ensure => present,
    require => Exec["add f.lux ppa"],
  }

}

See also: f5vpn-login.py, described here, and brought to my attention by sh4k3sph3r3. A CLI FirePass client is quite likely a better solution than separate browser instances, etc.

Preliminaries: Although the F5 FirePass SSL VPN product supports Linux, as best as I can tell, that support is somewhat limited: My understanding is that they officially claim support for 32-bit installs only, and they do not appear to track new distribution releases particularly aggressively. F5 has also been somewhat slow in supporting new browser versions: They announced support for Firefox 3 on October 6, 2008, nearly four months after its release and with only two months to go before Firefox 2 was end-of-lifed. For Firefox 3.6 support, a comment on the post linked above states that you need to request a special hot fix from F5 (which my site has not applied). There is no Google Chrome support that I am aware of.

Further, F5′s automated client installation tools have unfortunately never worked for me on Linux, even when the architecture and browser are in their support matrix. The manual download instruction links are also broken on the FirePass install I connect to.

Solution: Install a dedicated, 32-bit version of Firefox in a supported version; create a single-purpose Firefox profile for VPN use. Add the FirePass client to that browser and the operating system.

For the Firefox install, follow the “Manual Installation” instructions from the Ubuntu Community Documentation site. Install version 3.5 if your site does not have the hotfix mentioned above.

Be sure to create a new Firefox profile in your account for use with the FirePass; however, I recommend modifying the script in the Ubuntu documentation to automatically take you to your FirePass site (https://firepass.example.com/ for the purposes of this post):

#!/bin/bash
exec "\$HOME/firefox/firefox" -P mozilla-build https://firepass.example.com/

Next, download the client components from your F5 site; again, assuming firepass.example.com, retrieve and save:

https://firepass.example.com/vdesk/vpn/nogzip/downloads.php/linux/np_F5_SSL_VPN.so

and

https://firepass.example.com/vdesk/vpn/nogzip/downloads.php/linux/SSLVpn.tgz

Move np_F5_SSL_VPN.so to the plugins directory of the new Firefox installation – ~/firefox/plugins if following the Ubuntu documentation. Based on file layout, it appears that F5 intended for you to extract SSLVpn.tgz at the root of your file system. Instead of following this bad practice, in scratch space and as root, extract the SSLVpn.tgz tarball and manually move the files into place:

cp SSLVpn.tgz /tmp
cd /tmp
sudo tar -xvpzf SSLVpn.tgz
# inspect extracted files here...
cd /usr/local/lib
mkdir -p F5Networks/SSLVPN
cd /tmp/usr/local/lib/F5Networks/SSLVPN
cp -Rp etc svpn var /usr/local/lib/F5Networks/SSLVPN

Using the bash script above, you should now be able to launch your purpose-built FirePass browser installation and have it “just work” for Network Access. Good luck!

I was expecting some hassle getting wireless going after the install. Instead, it worked out of the box. I did have to recreate my login keyring in seahorse for reasons that I didn’t bother to pursue; the default keyring didn’t want to unlock on login, but since I had nothing in it, I lost nothing in recreating it.

As far as post-install modifications, I made /tmp, /var/tmp and /var/log all tmpfs file systems to reduce writes to the Eee’s SSD (I also chose ext2 instead of a journaling file system during the install and mounted it noatime for the same reason). I had to hunt down and install a 2.x version of Firefox in parallel to Firefox 3.x since F5′s FirePass VPN client doesn’t work in 3.x. (Cheap shot: The reason why they call it clientless is that it doesn’t actually work on any clients out there. In seriousness, the advantage over traditional VPN clients just isn’t there.)

Other than the above and installing a couple stock Ubuntu packages (Thunderbird and libstdc++5 for Firefox), I haven’t had to make any tweaks to the vanilla install. If you’ve got an Eee, I highly recommend this upgrade.