#cloud-config # vim: syntax=yaml users: - default - name: ${TARGET_USERNAME} sudo: ALL=ALL lock_passwd: true ssh_authorized_keys: - ${SSH_PUB_KEY} disable_root: true packages: - ufw - nginx - lego - wireguard - python-requests package_update: true package_upgrade: true write-files: - encoding: b64 content: ${WRAPPER_SCRIPT} owner: root:root path: /usr/local/bin/ddns-acme-porkbun permissions: '0744' - encoding: b64 content: ${DDNS_SCRIPT} owner: root:root path: /usr/local/bin/ddns-porkbun permissions: '0744' - content: | [Unit] Description=Renew acme certs and DDNS update [Service] Type=oneshot ExecStart=/usr/local/bin/ddns-acme-porkbun renew owner: root:root path: /etc/systemd/system/ddns-acme-porkbun.service permissions: '0644' - content: | [Unit] Description=Renew certs and dns records periodically [Timer] OnCalendar=*-01,03,05,07,09,11-01 02:00:00 RandomizedDelaySec=12h Persistent=true [Install] WantedBy=timers.target owner: root:root path: /usr/local/bin/ddns-acme-porkbun.timer permissions: '0644' runcmd: - reboot