#cloud-config

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

%{ if length(users) > 0 ~}
users:
%{ for user in users ~}
  - name: ${user.username}
    uid: ${user.uid}
%{ endfor ~}
%{ endif ~}

write_files:
  - path: /var/lib/docker/daemon.json
    permissions: "0644"
    owner: root
    content: |
      {
        "live-restore": true,
        "storage-driver": "overlay2",
        "log-opts": {
          "max-size": "1024m"
        }
      }
  # ${container_name} container service
  - path: /etc/systemd/system/${container_name}.service
    permissions: "0644"
    owner: root
    content: |
      [Unit]
      Description=Start ${container_name} container
      After=gcr-online.target docker.socket
      Wants=gcr-online.target docker.socket docker-events-collector.service
      [Service]
      %{~ if authenticate_gcr && length(users) > 0 ~}
      Environment="HOME=/home/${users[0].username}"
      ExecStartPre=/usr/bin/docker-credential-gcr configure-docker
      %{~ endif ~}
      ExecStart=/usr/bin/docker run --rm --name=${container_name} \
      %{~ if length(users) > 0 && run_as_first_user ~}
        --user=${users[0].uid} \
      %{~ endif ~}
      %{~ if docker_args != null ~}
        ${docker_args} \
      %{~ endif ~}
      %{~ for volume in container_volumes ~}
        -v ${volume.host}:${volume.container} \
      %{~ endfor ~}
        ${container_image} ${container_args}
      ExecStop=/usr/bin/docker stop ${container_name}
%{ for path, data in files ~}
  - path: ${path}
    owner: ${lookup(data, "owner", "root")}
    permissions: ${lookup(data, "permissions", "0644")}
    content: |
      ${indent(6, data.content)}
%{ endfor ~}

%{ if length(boot_commands) > 0 ~}
bootcmd:
%{ for command in boot_commands ~}
  - ${command}
%{ endfor ~}
%{ endif ~}

%{ if length(run_commands) > 0 ~}
runcmd:
%{ for command in run_commands ~}
  - ${command}
%{ endfor ~}
%{ endif ~}