setup.sh

#!/bin/bash
ID=400000  # some large uid outside of typical range, and outside of already mapped ranges in /etc/sub{u,g}id
_UID=$(id -u)
GID=$(id -g)
GROUP=$(id -gn)

# give lxd permission to map your user/group id through
sudo usermod --add-subuids ${_UID}-${_UID} --add-subgids ${GID}-${GID} root

# create a profile to control this, name it after $USER
lxc profile create $USER &> /dev/null || true

# configure profile
# this will rewrite the whole profile
cat << EOF | lxc profile edit $USER
name: $USER
description: allow home dir mounting for $USER
config:
  # this part maps the special uid/gid in the container to the correct host uid/gid
  raw.lxc: |
    lxc.id_map = u $ID $_UID 1
    lxc.id_map = g $ID $GID 1
  # this is cloud-init config that will create a user of the correct name and special uid/gid
  # in the container on first boot. Also gives passwordless sudo access to that user.
  user.user-data: |
    #cloud-config
    users:
      - name: $USER
        primary-group: $ID
        uid: $ID  # only works in xenial
        groups: sudo
        shell: $SHELL
        sudo: ['ALL=(ALL) NOPASSWD:ALL']
    # cloud init in trusty can't specify uids (bug lp:1396362), so we do it manually
    # this is a noop in xenial, as uid is already $ID
    # note, depending on timing, the usermod may trigger a chown of some files in your bind-mounted $HOME.
    # Annoying, but harmless, as it's chowning them to the same uid.
    runcmd:
      - "groupmod -g $ID $GROUP"
      - "usermod -u $ID $USER"
# this section adds your $HOME directory into the container. This is useful for vim, bash and ssh config, and such like.
devices:
  home:
    type: disk
    source: $HOME
    path: $HOME
EOF


# to launch a container using this profile:
# lxc launch ubuntu: -p default -p $USER

# to add an additional bind mount
# lxc config device add <container> <device name> disk source=/path/on/host path=path/in/container