#cloud-config package_update: true package_upgrade: true packages: - apparmor - docker.io runcmd: - sed -i -e '/^\(#\|\)PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config - sed -i -e '/^\(#\|\)PasswordAuthentication/s/^.*$/PasswordAuthentication no/' /etc/ssh/sshd_config - sed -i -e '/^\(#\|\)X11Forwarding/s/^.*$/X11Forwarding no/' /etc/ssh/sshd_config - sed -i -e '/^\(#\|\)MaxAuthTries/s/^.*$/MaxAuthTries 2/' /etc/ssh/sshd_config - sed -i -e '/^\(#\|\)AllowTcpForwarding/s/^.*$/AllowTcpForwarding no/' /etc/ssh/sshd_config - sed -i -e '/^\(#\|\)AllowAgentForwarding/s/^.*$/AllowAgentForwarding no/' /etc/ssh/sshd_config - sed -i -e '/^\(#\|\)AuthorizedKeysFile/s/^.*$/AuthorizedKeysFile .ssh\/authorized_keys/' /etc/ssh/sshd_config - sed -i '$a AllowUsers runner' /etc/ssh/sshd_config - curl -sSL https://code.forgejo.org/forgejo/runner/releases/download/v2.1.0/forgejo-runner-amd64 > /usr/bin/forgejo-runner - echo 'f0dab69994fcdc3d35ef34b59ff3cff6f44a70112a6e7125f1fb7949d879e02e2a2d1d0a3ac8732b2bae7e47bfb7358a8fa5f409fe4d85e48c4e69b0c38c8e43 /usr/bin/forgejo-runner' | sha512sum -c && chmod +x /usr/bin/forgejo-runner - mkdir -p /etc/runner - cd /etc/runner && /usr/bin/forgejo-runner register --no-interactive --token ${runner_token} --name runner --instance https://codeberg.org --labels docker:docker://node:16-bullseye - /usr/bin/forgejo-runner generate-config > /etc/runner/config.yml - chown -R runner:runner /etc/runner - | cat > /etc/systemd/system/runner.service <