diff --git a/ucloud-init.sh b/ucloud-init.sh
deleted file mode 100755
index 9adecc8..0000000
--- a/ucloud-init.sh
+++ /dev/null
@@ -1,105 +0,0 @@
-#!/bin/sh
-
-# Some Global Variables
-
-ssh_authorized_keys_path='/root/.ssh/authorized_keys'
-ssh_config_path='/etc/ssh/ssh_config'
-sshd_config_path='/etc/ssh/sshd_config'
-etc_resolv_path='/etc/resolv.conf'
-
-
-# Functions
-
-get_distro() {
-	OS=$(cat /etc/*release | grep ID | head -1 | cut -c 4-)
-	echo $OS
-}
-
-setup_ssh() {
-	tput setaf 2; tput bold; echo "Setting up SSH"; tput sgr0;
-
-	mkdir -p $(dirname $ssh_authorized_keys_path)
-	touch $ssh_authorized_keys_path
-
-	if ! grep -q "PasswordAuthentication no" $sshd_config_path; then
-		echo "PasswordAuthentication no" >> $sshd_config_path
-	fi
-
-	if ! grep -q "PermitRootLogin yes" $sshd_config_path; then
-		echo "PermitRootLogin yes" >> $sshd_config_path
-	fi
-
-	# TODO: Make sure to replace the following address with http://metadata
-	# whenever we got http://metadata resolving to url work successfully.
-
-	metadata=$(curl -s http://metadata)
-
-	echo "$metadata" | jq -r '.["ssh-keys"] | .[]' > ssh-key-list.txt
-	while read ssh_key; do
-		if ! grep -q "$ssh_key" $ssh_authorized_keys_path; then
-			echo $ssh_key >> $ssh_authorized_keys_path
-		fi
-
-	done  < ssh-key-list.txt
-	rm -f ssh-key-list.txt
-
-	service -q sshd restart
-}
-
-grow_partition() {
-	tput setaf 2; tput bold; echo "Growing Partition"; tput sgr0;
-
-	# TODO: Try to replace the growpart to parted
-	sh growpart -q /dev/vda 3 > /dev/null;
-}
-
-make_script_verbose() {
-	# Show output of this script
-	if [[ ! -e /etc/conf.d/local ]] && ! grep -q "rc_verbose=yes" /etc/conf.d/local; then
-		echo "rc_verbose=yes" >> /etc/conf.d/local
-	fi
-}
-
-setup_dns() {
-	tput setaf 2; tput bold; echo "Setting up DNS"; tput sgr0;
-
-	# Check if rdnssd is installed, if not put Google's DNS
-	# into /etc/resolv.conf and install rdnssd for the next time
-	if ! apk list | grep -q ndisc6; then
-		echo "nameserver 2001:4860:4860::8888" >> $etc_resolv_path
-		echo "nameserver 2001:4860:4860::8844" >> $etc_resolv_path
-		echo "nameserver 8.8.8.8" >> $etc_resolv_path
-		echo "nameserver 8.8.4.4" >> $etc_resolv_path	
-	fi	
-}
-
-# Main Code Starts here
-
-# Change dir to current dir
-cd "$(dirname "$0")"
-
-make_script_verbose
-
-setup_dns
-
-# Initial Package Installation
-if [[ $(get_distro) = "alpine" ]]; then
-	tput setaf 2; tput bold; echo "Installing/Updating/Upgrading Packages"; tput sgr0;
-
-	edge_package_flags='--update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted'
-	
-	apk update -q
-	apk upgrade
-	apk add -q ndisc6 $edge_package_flags
-	apk add -q openssh-server sfdisk util-linux jq curl ncurses
-else
-	echo "Unsupported OS"
-	exit 1
-fi
-
-rc-update -q add rdnssd
-service -q rdnssd start
-
-setup_ssh
-
-grow_partition
diff --git a/uncloud-init b/uncloud-init
new file mode 100755
index 0000000..0654060
--- /dev/null
+++ b/uncloud-init
@@ -0,0 +1,76 @@
+#!/bin/sh
+#
+# Initialize an uncloud VM. This script depends on:
+# curl grep getent (i.e. glibc) curl,dirname (i.e. coreutils)
+
+###
+# TODO: handle command-line parameters.
+
+DEPLOY_SSH_AUTHORIZED_KEYS=1
+OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS=0
+GROW_ROOT_PARTITION=0
+
+SSH_USER=root
+SSH_DAEMON_CONFIG=/etc/ssh/sshd_config
+UNCLOUD_METADATA_SERVER=https://key.wf
+
+###
+# SSH key deployment logic.
+
+deploy_ssh_authorized_keys () {
+	# Ensure SSHD configuration can be found.
+	if [ ! -f "$SSH_DAEMON_CONFIG" ]; then
+		echo "Could not find SSHD configuration at $SSH_DAEMON_CONFIG" >&2
+		exit 1
+	fi
+
+	# Ensure that login is not prevented by SSHD configuration.
+	if [ "$SSH_USER" = "root" ]; then
+		if grep -q -e "^PermitRootLogin no$" "$SSH_DAEMON_CONFIG"; then
+			echo "PermitRootLogin yes" >> "$SSH_DAEMON_CONFIG"
+		fi
+	fi
+
+	# Get home directory of SSH_USER.
+	homedir=$(getent passwd "$SSH_USER" | cut -d: -f6)
+	if [ $? != 0 ]; then
+		echo "Could not resolve user $SSH_USER." >&2
+		exit 1
+	fi
+
+	# Fetch and deploy SSH keys from metadata server.
+	authorized_keys_file="$homedir/.ssh/authorized_keys"
+	mkdir -p $(dirname "$authorized_keys_file")
+	if [ -f "$authorized_keys_file" ] \
+		&& if [ ! $OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS ];
+			echo "Aborting SSH key deployement to not override existing $authorized_keys_file."
+			echo "You can change this behavior with the OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS flag."
+			return
+	fi
+
+	curl "$METDATA_SERVER/fnux" --output $authorized_keys_file
+}
+
+###
+# Partition/filesystem growth logic.
+
+grow_root_partition () {
+	# TODO
+}
+
+###
+# Entrypoint.
+
+if [ $DEPLOY_SSH_AUTHORIZED_KEYS ]; then
+	routine='SSH authorized_keys deployment routine'
+	echo "--- RUNNING $routine..."
+	deploy_ssh_authorized_keys()
+	echo "--- DONE with $routine."
+fi
+
+if [ $GROW_ROOT_PARTITION ]: then
+	routine='SSH authorized_keys deployment routine'
+	echo "--- RUNNING $routine..."
+	grow_root_partition()
+	echo "--- DONE with $routine."
+fi