#cloud-config

users:
  - name: arch
    groups:
      - wheel
      - users
    lock_passwd: false
    passwd: $6$KHqF91TQzQNJECRV$/zMRa92BqMB5juUpKfIHbOpOdUPyNlLJTpymplTOP.uqoonD/AZzNRnA/XACZTuqyxAktuohSjXhyfskbRjbO1
    ssh_authorized_keys:
      - ${ssh_public_key}
    sudo: ALL=(ALL) NOPASSWD:ALL
packages:
  - bash-completion
  - man
  - man-pages
  - nginx
  - qemu-guest-agent
  - ripgrep
  - tmux
  - tree
  - vim
write_files:
  - content: |
      10.10.66.50 k8s
      10.10.66.100 worker0
      10.10.66.101 worker1
      10.10.66.200 controller0
      10.10.66.201 controller1
    path: /etc/hosts
    append: true
  - content: |
      worker_processes auto;
      error_log /var/log/nginx/error.log;
      events {
        worker_connections 1024;
      }
      http {
        include mime.types;
        resolver 127.0.0.1 [::1];
        default_type application/octet-stream;
        sendfile on;
        types_hash_max_size 4096;
        keepalive_requests 55;
        keepalive_timeout 55;
      }
      include conf.d/k8s_load_balancer.conf;
    path: /etc/nginx/nginx.conf
  - content: |
      stream {
        upstream k8s_apiserver {
          server controller0:6443;
          server controller1:6443;
        }
        server {
          listen 6443;
          proxy_pass k8s_apiserver;
        }
      }
    path: /etc/nginx/conf.d/k8s_load_balancer.conf
runcmd:
  - [ systemctl, enable, --now, qemu-guest-agent, nginx ]