#cloud-config ssh_authorized_keys: - "PUT YOUR SSH KEY PUBLIC HERE" write_files: - path: /etc/ssh/sshd_config permissions: 0600 owner: root:root content: | # Use most defaults for sshd configuration. UsePrivilegeSeparation sandbox Subsystem sftp internal-sftp PermitRootLogin no AllowUsers core PasswordAuthentication no ChallengeResponseAuthentication no - path: /etc/sysctl.d/libresh.conf permissions: 0644 owner: root content: | fs.aio-max-nr=1048576 vm.max_map_count=262144 vm.overcommit_memory=1 vm.nr_hugepages=0 - path: /etc/hosts permissions: 0644 owner: root content: | 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost - path: /etc/environment permissions: 0644 owner: root content: | NAMECHEAP_URL="namecheap.com" NAMECHEAP_API_USER="pierreo" NAMECHEAP_API_KEY= IP=`curl -s http://icanhazip.com/` FirstName="Pierre" LastName="Ozoux" Address="" PostalCode="" Country="Portugal" Phone="+351.967184553" EmailAddress="pierre@ozoux.net" City="Lisbon" CountryCode="PT" BACKUP_DESTINATION=root@xxxxx:port MAIL_USER= MAIL_PASS= MAIL_HOST=mail.indie.host MAIL_PORT=587 coreos: update: reboot-strategy: off units: - name: systemd-sysctl.service command: restart - name: swap.service enable: true command: start content: | [Unit] Description=Turn on swap [Service] Type=oneshot RemainAfterExit=true ExecStartPre=-/bin/bash -euxc ' \ fallocate -l 8192m /swap &&\ chmod 600 /swap &&\ mkswap /swap' ExecStart=/sbin/swapon /swap ExecStop=/sbin/swapoff /swap [Install] WantedBy=local.target - name: install-compose.service command: start content: | [Unit] Description=Install Docker Compose [Service] Type=oneshot RemainAfterExit=true ExecStart=-/bin/bash -euxc ' \ mkdir -p /opt/bin &&\ url=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r \'.assets[].browser_download_url | select(contains("Linux") and contains("x86_64"))\') &&\ curl -L $url > /opt/bin/docker-compose &&\ chmod +x /opt/bin/docker-compose' - name: install-libresh.service command: start content: | [Unit] Description=Install libre.sh [Service] Type=oneshot RemainAfterExit=true ExecStart=-/bin/bash -euxc ' \ git clone https://github.com/indiehosters/libre.sh.git /libre.sh &&\ mkdir /{data,system} &&\ mkdir /data/trash &&\ cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload &&\ systemctl enable web-net.service &&\ systemctl start web-net.service &&\ cp /libre.sh/utils/* /opt/bin/'