diff --git a/locals.tf b/locals.tf
index 0fe2a8c..d4fec46 100644
--- a/locals.tf
+++ b/locals.tf
@@ -145,9 +145,9 @@ locals {
     "[ -e /etc/rancher/k3s/k3s.yaml ] && exit 0",
   ]
 
-  install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=server sh -"])
+  install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=server sh -"])
 
-  install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=agent sh -"])
+  install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=agent sh -"])
 
   agent_nodepools = merge([
     for nodepool_name, nodepool_obj in var.agent_nodepools : {
diff --git a/modules/host/locals.tf b/modules/host/locals.tf
index 08306d6..2da653d 100644
--- a/modules/host/locals.tf
+++ b/modules/host/locals.tf
@@ -15,60 +15,7 @@ locals {
     "set -ex",
     "apt-get update",
     "apt-get install -y aria2",
-    "aria2c --follow-metalink=mem https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-kvm-and-xen.qcow2.meta4",
+    "aria2c --follow-metalink=mem https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-OpenStack-Cloud.qcow2.meta4",
     "qemu-img convert -p -f qcow2 -O host_device $(ls -a | grep -ie '^opensuse.*microos.*qcow2$') /dev/sda",
-    "sgdisk -e /dev/sda",
-    "parted -s /dev/sda resizepart 4 99%",
-    "parted -s /dev/sda mkpart primary ext2 99% 100%",
-    "partprobe /dev/sda && udevadm settle && fdisk -l /dev/sda",
-    "mount /dev/sda4 /mnt/ && btrfs filesystem resize max /mnt && umount /mnt",
-    "mke2fs -L ignition /dev/sda5",
-    "mount /dev/sda5 /mnt",
-    "mkdir /mnt/ignition",
-    "cp /root/config.ign /mnt/ignition/config.ign",
-    "mkdir /mnt/combustion",
-    "cp /root/script /mnt/combustion/script",
-    "umount /mnt"
   ]
-
-  ignition_config = jsonencode({
-    ignition = {
-      version = "3.0.0"
-    }
-    passwd = {
-      users = [{
-        name              = "root"
-        sshAuthorizedKeys = concat([local.ssh_public_key], var.additional_public_keys)
-      }]
-    }
-    storage = {
-      files = [
-        {
-          path      = "/etc/sysconfig/network/ifcfg-eth1"
-          mode      = 420
-          overwrite = true
-          contents  = { "source" = "data:,BOOTPROTO%3D%27dhcp%27%0ASTARTMODE%3D%27auto%27" }
-        },
-        {
-          path      = "/etc/ssh/sshd_config.d/kube-hetzner.conf"
-          mode      = 420
-          overwrite = true
-          contents  = { "source" = "data:,PasswordAuthentication%20no%0AX11Forwarding%20no%0AMaxAuthTries%202%0AAllowTcpForwarding%20no%0AAllowAgentForwarding%20no%0AAuthorizedKeysFile%20.ssh%2Fauthorized_keys" }
-        }
-      ]
-    }
-  })
-
-  combustion_script = <<EOF
-#!/bin/bash
-sed -i 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g' /etc/sysconfig/network/config
-sed -i 's#WAIT_FOR_INTERFACES="30"#WAIT_FOR_INTERFACES="60"#g' /etc/sysconfig/network/config
-sed -i 's#CHECK_DUPLICATE_IP="yes"#CHECK_DUPLICATE_IP="no"#g' /etc/sysconfig/network/config
-# combustion: network
-rpm --import https://rpm.rancher.io/public.key
-zypper refresh
-zypper --gpg-auto-import-keys install -y https://rpm.rancher.io/k3s/stable/common/microos/noarch/k3s-selinux-0.4-1.sle.noarch.rpm
-udevadm settle || true
-EOF
-
 }
diff --git a/modules/host/main.tf b/modules/host/main.tf
index beb8e99..99d4069 100644
--- a/modules/host/main.tf
+++ b/modules/host/main.tf
@@ -8,10 +8,20 @@ resource "hcloud_server" "server" {
   ssh_keys           = var.ssh_keys
   firewall_ids       = var.firewall_ids
   placement_group_id = var.placement_group_id
-
+  user_data          = data.template_cloudinit_config.config.rendered
 
   labels = var.labels
 
+  # Prevent destroying the whole cluster if the user changes
+  # any of the attributes that force to recreate the servers.
+  lifecycle {
+    ignore_changes = [
+      location,
+      ssh_keys,
+      user_data,
+    ]
+  }
+
   connection {
     user           = "root"
     private_key    = local.ssh_private_key
@@ -19,17 +29,6 @@ resource "hcloud_server" "server" {
     host           = self.ipv4_address
   }
 
-  provisioner "file" {
-    content     = local.ignition_config
-    destination = "/root/config.ign"
-  }
-
-  # Combustion script file to install k3s-selinux
-  provisioner "file" {
-    content     = local.combustion_script
-    destination = "/root/script"
-  }
-
   # Install MicroOS
   provisioner "remote-exec" {
     inline = local.microOS_install_commands
@@ -50,17 +49,6 @@ resource "hcloud_server" "server" {
       done
     EOT
   }
-
-  provisioner "remote-exec" {
-    inline = [
-      # Disable automatic reboot (after transactional updates), and configure the reboot method as kured
-      "set -ex",
-      "rebootmgrctl set-strategy off",
-      "echo 'REBOOT_METHOD=kured' > /etc/transactional-update.conf",
-      # set the hostname
-      "hostnamectl set-hostname ${self.name}"
-    ]
-  }
 }
 
 resource "hcloud_server_network" "server" {
@@ -68,3 +56,33 @@ resource "hcloud_server_network" "server" {
   server_id = hcloud_server.server.id
   subnet_id = var.ipv4_subnet_id
 }
+
+data "template_cloudinit_config" "config" {
+  gzip          = true
+  base64_encode = true
+
+  # Main cloud-config configuration file.
+  part {
+    filename     = "init.cfg"
+    content_type = "text/cloud-config"
+    content = templatefile(
+      "${path.module}/templates/userdata.yaml.tpl",
+      {
+        hostname          = var.name
+        sshAuthorizedKeys = concat([local.ssh_public_key], var.additional_public_keys)
+      }
+    )
+  }
+
+  # Initialization script (runs at every reboot)
+  part {
+    content_type = "text/cloud-boothook"
+    filename     = "boothook.sh"
+    content = templatefile(
+      "${path.module}/templates/boothook.sh.tpl",
+      {
+        hostname = var.name
+      }
+    )
+  }
+}
diff --git a/modules/host/templates/boothook.sh.tpl b/modules/host/templates/boothook.sh.tpl
new file mode 100644
index 0000000..0b1f461
--- /dev/null
+++ b/modules/host/templates/boothook.sh.tpl
@@ -0,0 +1,5 @@
+#!/bin/sh
+#cloud-boothook
+
+# Fix hostname after reboot
+hostnamectl hostname "${hostname}"
diff --git a/modules/host/templates/userdata.yaml.tpl b/modules/host/templates/userdata.yaml.tpl
new file mode 100644
index 0000000..c685b6e
--- /dev/null
+++ b/modules/host/templates/userdata.yaml.tpl
@@ -0,0 +1,45 @@
+#cloud-config
+write_files:
+
+# Configure private network
+- content: |
+    BOOTPROTO='dhcp'
+    STARTMODE='auto'
+  path: /etc/sysconfig/network/ifcfg-eth1
+
+# Disable ssh password authentication
+- content: |
+    PasswordAuthentication no
+    X11Forwarding no
+    MaxAuthTries 2
+    AllowTcpForwarding no
+    AllowAgentForwarding no
+    AuthorizedKeysFile .ssh/authorized_keys
+  path: /etc/ssh/sshd_config.d/kube-hetzner.conf
+
+# Setting the right reboot mode
+- content: | 
+    REBOOT_METHOD=kured
+  path: /etc/transactional-update.conf
+  append: true
+
+# Add ssh authorized keys
+ssh_authorized_keys:
+%{ for key in sshAuthorizedKeys ~}
+  - ${key}
+%{ endfor ~}
+
+runcmd:
+
+# Activate the private network
+- systemctl reload network
+
+# Activate ssh configuration
+- systemctl reload sshd
+
+# Fix hostname (during first boot)
+- hostnamectl hostname ${hostname}
+
+# Finishing automatic reboot via Kured setup
+- systemctl reload transactional-update
+- rebootmgrctl set-strategy off
\ No newline at end of file
diff --git a/modules/host/versions.tf b/modules/host/versions.tf
index fe79022..7c8da9d 100644
--- a/modules/host/versions.tf
+++ b/modules/host/versions.tf
@@ -12,5 +12,9 @@ terraform {
       source  = "tenstad/remote"
       version = "~> 0.0.23"
     }
+    template = {
+      source  = "hashicorp/template"
+      version = "~> 2.2.0"
+    }
   }
 }