#cloud-config

package_update: true
package_upgrade: true

packages:
  - docker.io
  - docker-compose-v2
  - git
  - curl

users:
  - name: deploy
    groups: docker, sudo
    shell: /bin/bash
    sudo: ALL=(ALL) NOPASSWD:ALL
    ssh_authorized_keys:
      - ${ssh_public_key}
      - ${deploy_ssh_public_key}

write_files:
  - path: /opt/writekit/.env
    permissions: '0600'
    content: |
      ${indent(6, env_file)}

  - path: /opt/writekit/docker-compose.yml
    permissions: '0644'
    content: |
      ${indent(6, docker_compose)}

  - path: /etc/docker/daemon.json
    permissions: '0644'
    content: |
      {
        "insecure-registries": ["10.0.0.3:5000"],
        "log-driver": "json-file",
        "log-opts": {
          "max-size": "10m",
          "max-file": "3"
        }
      }

runcmd:
  - systemctl enable docker
  - systemctl start docker
  - mkdir -p /opt/writekit/data/tenants
  - chown -R deploy:deploy /opt/writekit

  - |
    set -a
    . /opt/writekit/.env
    set +a
    cd /opt/writekit && docker compose up -d postgres traefik
    sleep 10
    docker compose exec -T postgres psql -U writekit -c "CREATE DATABASE writekit_staging;" || true

final_message: "WriteKit prod server ready after $$UPTIME seconds"