---
# we don't want to store anything system-related on the persistent disk,
# since we want it to be encrypted, and we can't really access it at boot
# time to type in a password
# persistent_data:
base::extra_script: |
  (sudo podman pull docker.io/pihole/pihole)
# still configure godwrap to write to /media/persistent since it will exist
# most of the time, and if a few cron runs end up on the root filesystem
# instead of the mounted disk, that's not the end of the world
godwrap::directory: /media/persistent/godwrap