terraform/modules/apps/gateway/cloud-init/service.yaml

#cloud-config
hostname: ${hostname}
local-hostname: ${hostname}
fqdn: ${hostname}.${domain}
manage_etc_hosts: true

users:
  - default
  - name: ${hostname}
    groups: sudo
    shell: /bin/bash
    sudo: ALL=(ALL) NOPASSWD:ALL
    ssh_authorized_keys:
      - ${ssh_key}

disable_root: true

package_update: true
package_upgrade: false

packages:
  - git
  - nfs-common
  - curl
  - python3-flask
  - gunicorn

write_files:
  - path: /opt/gateway/env.sh
    permissions: "0644"
    content: |
      ${environment-setup-script}
  - path: /opt/gateway/gateway.env
    permissions: "0644"
    content: |
      ${env-file-content}
  - path: /opt/gateway/install-traefik.sh
    permissions: "0755"
    content: |
      ${install-traefik-script}
  - path: /usr/local/bin/pull-webhook.py
    permissions: "0755"
    content: |
      ${pull-webhook-script}
  - path: /etc/systemd/system/pull-webhook.service
    permissions: "0755"
    content: |
      ${pull-webhook-service}
  - path: /etc/systemd/system/traefik.service
    permissions: "0755"
    content: |
      ${traefik-service}

runcmd:
  - /opt/gateway/install-traefik.sh
  - systemctl enable pull-webhook.service
  - systemctl start pull-webhook.service

final_message: |
  Base system ready for ${hostname}