random-stuff/basic_configs/debian-hetzner-init.yaml

56 lines
1.2 KiB
YAML

#cloud-config
# vim: syntax=yaml
users:
- name: ${TARGET_USERNAME}
- sudo: ALL=ALL
- lock_passwd: true
- ssh_authorized_keys:
- ${SSH_PUB_KEY}
disable_root: true
packages:
- ufw
- nginx
- lego
- wireguard
- python-requests
package_update: true
package_upgrade: true
write-files:
- encoding: b64
content: ${WRAPPER_SCRIPT}
owner: root:root
path: /usr/local/bin/ddns-acme-porkbun
permissions: '0744'
- encoding: b64
content: ${DDNS_SCRIPT}
owner: root:root
path: /usr/local/bin/ddns-porkbun
permissions: '0744'
- content: |
[Unit]
Description=Renew acme certs and DDNS update
[Service]
Type=oneshot
ExecStart=/usr/local/bin/ddns-acme-porkbun renew
owner: root:root
path: /etc/systemd/system/ddns-acme-porkbun.service
permissions: '0644'
- content: |
[Unit]
Description=Renew certs and dns records periodically
[Timer]
OnCalendar=*-01,03,05,07,09,11-01 02:00:00
RandomizedDelaySec=12h
Persistent=true
[Install]
WantedBy=timers.target
owner: root:root
path: /usr/local/bin/ddns-acme-porkbun.timer
permissions: '0644'
runcmd:
- reboot