compose-website/user_data

#cloud-config

ssh_authorized_keys:
  - "PUT YOUR SSH KEY PUBLIC HERE"

write_files:
  - path: /etc/ssh/sshd_config
    permissions: 0600
    owner: root:root
    content: |
      # Use most defaults for sshd configuration.
      UsePrivilegeSeparation sandbox
      Subsystem sftp internal-sftp
      PermitRootLogin no
      AllowUsers core
      PasswordAuthentication no
      ChallengeResponseAuthentication no
  - path: /etc/sysctl.d/libresh.conf
    permissions: 0644
    owner: root
    content: |
      fs.aio-max-nr=1048576
      vm.max_map_count=262144
      vm.overcommit_memory=1
      vm.nr_hugepages=0
  - path: /etc/hosts
    permissions: 0644
    owner: root
    content: |
      127.0.0.1 localhost
      255.255.255.255 broadcasthost
      ::1 localhost
  - path: /etc/environment
    permissions: 0644
    owner: root
    content: |
      NAMECHEAP_URL="namecheap.com"
      NAMECHEAP_API_USER="pierreo"
      NAMECHEAP_API_KEY=
      IP=`curl -s http://icanhazip.com/`
      FirstName="Pierre"
      LastName="Ozoux"
      Address=""
      PostalCode=""
      Country="Portugal"
      Phone="+351.967184553"
      EmailAddress="pierre@ozoux.net"
      City="Lisbon"
      CountryCode="PT"
      BACKUP_DESTINATION=root@xxxxx:port
      MAIL_USER=
      MAIL_PASS=
      MAIL_HOST=mail.indie.host
      MAIL_PORT=587
coreos:
  update:
    reboot-strategy: off
  units:
    - name: systemd-sysctl.service
      command: restart
    - name: swap.service
      enable: true
      command: start
      content: |
        [Unit]
        Description=Turn on swap
        [Service]
        Type=oneshot
        RemainAfterExit=true
        ExecStartPre=-/bin/bash -euxc ' \
          fallocate -l 8192m /swap &&\
          chmod 600 /swap &&\
          mkswap /swap'
        ExecStart=/sbin/swapon /swap
        ExecStop=/sbin/swapoff /swap
        [Install]
        WantedBy=local.target
    - name: install-compose.service
      command: start
      content: |
        [Unit]
        Description=Install Docker Compose
        [Service]
        Type=oneshot
        RemainAfterExit=true
        ExecStart=-/bin/bash -euxc ' \
          mkdir -p /opt/bin &&\
          url=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r \'.assets[].browser_download_url | select(contains("Linux") and contains("x86_64"))\') &&\
          curl -L $url > /opt/bin/docker-compose &&\
          chmod +x /opt/bin/docker-compose'
    - name: install-libresh.service
      command: start
      content: |
        [Unit]
        Description=Install libre.sh
        [Service]
        Type=oneshot
        RemainAfterExit=true
        ExecStart=-/bin/bash -euxc ' \
          git clone https://github.com/indiehosters/libre.sh.git /libre.sh &&\
          mkdir /{data,system} &&\
          mkdir /data/trash &&\
          cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload &&\
          systemctl enable web-net.service &&\
          systemctl start web-net.service &&\
          cp /libre.sh/utils/* /opt/bin/'