#cloud-config
# Add the Helm repository
apt:
  sources:
    helm-stable.list:
      source: "deb https://baltocdn.com/helm/stable/debian/ all main"
      keyid: 81BF 832E 2F19 CD2A A047  1959 294A C482 7C1A 168A
      keyserver: keyserver.ubuntu.com

# Run "apt update" on first boot
package_update: true

# Run "apt upgrade" on first boot
package_upgrade: true

# Install useful packages
packages:
  - helm
  - openssh-server
  - avahi-daemon
  - vim-tiny
  - ufw

# Make /etc/resolv.conf point to a different resolv.conf generated by
#  systemd-resolve.  The default only contains a "nameserver" entry for the
#  stub resolver.  This version contains a more traditional list of nameservers
#  generated from DHCP or other network configuation.  This is important for
#  making name resolution work properly inside the containers.
runcmd:
  - unlink /etc/resolv.conf
  - ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

# Drop in a config for Rancher with pre-generated token
write_files:
  - path: /etc/rancher/rke2/config_template.yaml
    content: |
      token: ${TOKEN}
      tls-san:
        - ${CLUSTERNAME}
        - ${VMNAME}
        - ${VMSHORTNAME}
        - ${VMSHORTNAME}.local

# Add a 10GiB Swap file (maybe make this a partition in future)
swap:
  filename: /swap.img
  size: 10485760

# Create a default 'ubuntu' sudo enabled user.
users:
  - name: ubuntu
    primary_group: ubuntu
    groups: sudo
    # Set password to 'ubuntu'.  Change this once deployed.
    passwd: $6$rounds=4096$mFVbyJ93Uoeno$G6Eev2Rm/3FkT/9UBqjBc8x3upSqKL40bpSM9h57fyPZtNsH3Q6uQieMV.IcxQT3vdaNdK0le9j25soFkQC6H0
    lock_passwd: false