at-container-registry/deploy/upcloud/configs/cloudinit.sh.tmpl

#!/bin/bash
set -euo pipefail
exec > >(tee {{.LogFile}}) 2>&1

echo "=== {{.DisplayName}} Setup: {{.BinaryName}} ==="
echo "Started at $(date -u)"

# Wait for network/DNS
for i in $(seq 1 30); do
    if getent hosts go.dev >/dev/null 2>&1; then
        echo "Network ready after ${i}s"
        break
    fi
    sleep 1
done

# System packages
export DEBIAN_FRONTEND=noninteractive
apt-get update && apt-get upgrade -y
apt-get install -y git gcc make curl libsqlite3-dev nodejs npm htop systemd-timesyncd
sed -i 's/^#NTP=.*/NTP=0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org/' /etc/systemd/timesyncd.conf
timedatectl set-ntp true

# Persistent journald (capped, 7-day retention)
mkdir -p /var/log/journal
mkdir -p /etc/systemd/journald.conf.d
cat > /etc/systemd/journald.conf.d/atcr.conf << 'JOURNALEOF'
[Journal]
Storage=persistent
SystemMaxUse=500M
MaxRetentionSec=7day
JOURNALEOF
systemctl restart systemd-journald

# Swap (for small instances)
if [ ! -f /swapfile ]; then
    dd if=/dev/zero of=/swapfile bs=1M count=2048
    chmod 600 /swapfile && mkswap /swapfile && swapon /swapfile
    echo '/swapfile none swap sw 0 0' >> /etc/fstab
fi

# Install directory (binaries deployed via SCP)
mkdir -p {{.InstallDir}}/bin

# Service user & data dirs
useradd --system --no-create-home --shell /usr/sbin/nologin {{.SystemUser}} || true
mkdir -p {{.DataDir}} && chown {{.SystemUser}}:{{.SystemUser}} {{.DataDir}}

# Config file
mkdir -p {{.ConfigDir}}
if [ ! -f {{.ConfigPath}} ]; then
cat > {{.ConfigPath}} << 'CFGEOF'
{{.ConfigYAML}}
CFGEOF
else
    echo "Config {{.ConfigPath}} already exists, skipping overwrite (missing keys merged separately)"
fi

# Systemd service
cat > /etc/systemd/system/{{.ServiceName}}.service << 'SVCEOF'
{{.ServiceUnit}}
SVCEOF
systemctl daemon-reload
systemctl enable {{.ServiceName}}

echo "=== Setup complete at $(date -u) ==="