diff --git a/.github/workflows/packer-aws.yml b/.github/workflows/packer-aws.yml index d25cfe5..92d80cb 100644 --- a/.github/workflows/packer-aws.yml +++ b/.github/workflows/packer-aws.yml @@ -24,4 +24,7 @@ jobs: - name: Run `packer build` id: build - run: packer build -var aws_access_key=${{ secrets.AWS_ACCESS_KEY }} -var aws_secret_key=${{ secrets.AWS_SECRET_KEY }} -var glueops_codespaces_container_tag=${{ github.event.workflow_run.head_branch }} aws.pkr.hcl + run: packer build -var glueops_codespaces_container_tag=${{ github.event.workflow_run.head_branch }} aws.pkr.hcl + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }} \ No newline at end of file diff --git a/README.md b/README.md index 07ee971..14a183f 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,36 @@ # codespaces +## Description: This repo contains all the environmental tools/dependencies to deploy the entire glueops platform. Tools include but are not limited to: terraform, helm, kubectl, etc. We primarily use this repository in all of our codespaces as well as github actions. Ref: https://github.com/GlueOps/glueops/blob/%F0%9F%9A%80%F0%9F%92%8E%F0%9F%99%8C%F0%9F%9A%80/.devcontainer/devcontainer.json#L5 -Releasing: +# Releasing: - Please stick to semver standards when dropping a new tag. -- Once you publish a release a new image will be built and uploaded to dockerhub: https://hub.docker.com/r/glueops/codespaces/tags +- Once you publish a release a new image will be built and uploaded to GHCR: https://github.com/GlueOps/codespaces/pkgs/container/codespaces + + + +# Running packer locally: + +It's best to just reference the github workflows under `.github/workflows` the packer workflows for each respective cloud start with `packer-*`. For each respective cloud you will notice env variables are being passed into a github action step. To do this locally, you will need to create credentials for the respective cloud and then `export` the applicable environment variables before running the `packer build` command. + + +### Running AWS: + + +```bash +export AWS_ACCESS_KEY_ID="XXXXXXXXXXXXXXXXX" +export AWS_SECRET_ACCESS_KEY="XXXXXXXXXXXXXXXXX" +packer build -var glueops_codespaces_container_tag=v0.52.0 aws.pkr.hcl +``` + +### Running Hetzner + +```bash +export HCLOUD_TOKEN="XXXXXXXXXXXXXXXXX" +packer build -var glueops_codespaces_container_tag=v0.52.0 hetzner.pkr.hcl +``` + + +_Note: v0.52.0 is the latest version at the time of creating this README.md you can check for the latest version here: https://github.com/GlueOps/codespaces/releases \ No newline at end of file diff --git a/aws.pkr.hcl b/aws.pkr.hcl index bdd9a06..9267526 100644 --- a/aws.pkr.hcl +++ b/aws.pkr.hcl @@ -1,19 +1,9 @@ -variable "aws_access_key" { - type = string -} - -variable "aws_secret_key" { - type = string -} - #https://github.com/GlueOps/codespaces/pkgs/container/codespaces variable "glueops_codespaces_container_tag" { type = string } source "amazon-ebs" "cde" { - access_key = "${var.aws_access_key}" - secret_key = "${var.aws_secret_key}" region = "us-west-2" source_ami_filter { filters = { @@ -21,7 +11,7 @@ source "amazon-ebs" "cde" { name = "debian-12-amd64-*" root-device-type = "ebs" } - owners = ["136693071363"] + owners = ["136693071363"] # Amazon most_recent = true } instance_type = "t3a.large" @@ -50,19 +40,17 @@ build { provisioner "shell" { scripts = [ - "os-setup.sh", + "os-setup-start.sh", + "developer-setup.sh", + "os-setup-finish.sh", + ] env = { BUILDER = "packer" + GLUEOPS_CODESPACES_CONTAINER_TAG = var.glueops_codespaces_container_tag } } - provisioner "shell" { - inline = [ - "sudo docker pull ghcr.io/glueops/codespaces:${var.glueops_codespaces_container_tag}", - ] - } - } packer { diff --git a/developer-setup.sh b/developer-setup.sh new file mode 100644 index 0000000..f09e5a9 --- /dev/null +++ b/developer-setup.sh @@ -0,0 +1,56 @@ +#!/bin/bash +set -e +# Prompt for GitHub username + +echo -e "\n\nEverything is now getting setup. This process will take a few minutes...\n\n" + +# Create user vscode +sudo adduser --disabled-password --uid 1337 --gecos "" vscode + +# Create .ssh directory for vscode +sudo mkdir -p /home/vscode/.ssh +sudo chmod 700 /home/vscode/.ssh + +sudo touch /home/vscode/.ssh/authorized_keys +sudo chmod 600 /home/vscode/.ssh/authorized_keys +sudo chown -R vscode:vscode /home/vscode/.ssh + +# Give vscode sudo access without a password +echo "vscode ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/vscode > /dev/null + +echo "Installing other requirements now" + +curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh && sudo apt-get update && sudo apt install tmux jq figlet -y && sudo apt-get clean +#export DEBIAN_FRONTEND=noninteractive +#sudo apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | awk -F " " {'print $2'} | xargs sudo apt-get install -y +sudo groupadd -f docker +sudo usermod -aG docker vscode +echo 'fs.inotify.max_user_instances=1024' | sudo tee -a /etc/sysctl.conf +echo 1024 | sudo tee /proc/sys/fs/inotify/max_user_instances +sudo curl https://raw.githubusercontent.com/GlueOps/development-only-utilities/v0.11.0/tools/developer-setup/.glueopsrc --output /home/vscode/.glueopsrc +echo "source /home/vscode/.glueopsrc" | sudo tee -a /home/vscode/.bashrc +sudo chown -R vscode:vscode /home/vscode +# disables the password for the current user (ex. root/admin/ubuntu users) +sudo passwd -d $USER +server_ip=$(echo $SSH_CONNECTION | awk '{print $3}') +echo "" +echo "" +#sudo figlet GlueOps | sudo tee /etc/motd +{ echo -e "\e[1;32m$(figlet GlueOps)\e[0m"; echo ""; echo -e "\e[1;34mPlease log in as user 'vscode' or switch to that user by running:\e[0m"; echo ""; echo -e "\e[1;33m sudo su - vscode\e[0m"; echo ""; echo -e "\e[1;34mAfter switching to the 'vscode' user, run the following command:\e[0m"; echo ""; echo -e "\e[1;33m dev\e[0m"; } | sudo tee /etc/motd + +#Install tailscale +curl -fsSL https://tailscale.com/install.sh | sh + + + +if [ -z "$GLUEOPS_CODESPACES_CONTAINER_TAG" ]; then + echo "GLUEOPS_CODESPACES_CONTAINER_TAG is not set." +else + # If the variable is set, pull the Docker image using the tag + echo "Pulling down codespace version: $GLUEOPS_CODESPACES_CONTAINER_TAG" + sudo docker pull ghcr.io/glueops/codespaces:$GLUEOPS_CODESPACES_CONTAINER_TAG +fi + +echo -e "\n\n\n\n\nPlease reboot using: sudo reboot \n\n" + + diff --git a/hetzner.pkr.hcl b/hetzner.pkr.hcl index 82fb247..05bd194 100644 --- a/hetzner.pkr.hcl +++ b/hetzner.pkr.hcl @@ -25,17 +25,15 @@ build { sources = ["source.hcloud.base-amd64"] provisioner "shell" { scripts = [ - "os-setup.sh", + "os-setup-start.sh", + "developer-setup.sh", + "os-setup-finish.sh", ] env = { BUILDER = "packer" + GLUEOPS_CODESPACES_CONTAINER_TAG = var.glueops_codespaces_container_tag } } - provisioner "shell" { - inline = [ - "sudo docker pull ghcr.io/glueops/codespaces:${var.glueops_codespaces_container_tag}", - ] - } } # packer.pkr.hcl diff --git a/os-setup.sh b/os-setup-finish.sh similarity index 60% rename from os-setup.sh rename to os-setup-finish.sh index 967b039..5ec52eb 100644 --- a/os-setup.sh +++ b/os-setup-finish.sh @@ -1,17 +1,6 @@ #!/bin/bash set -e -o pipefail -echo "waiting for cloud-init to finish..." -sudo cloud-init status --wait - -echo "installing packages..." -sudo apt-get update -echo "installing tailscale" -curl -fsSL https://tailscale.com/install.sh | sh -curl -sL setup.glueops.dev | sh - -# My setup... - echo "cleaning up" sudo cloud-init clean --machine-id --seed --logs sudo rm -rvf /var/lib/cloud/instances /etc/machine-id /var/lib/dbus/machine-id /var/log/cloud-init* diff --git a/os-setup-start.sh b/os-setup-start.sh new file mode 100644 index 0000000..7416bd1 --- /dev/null +++ b/os-setup-start.sh @@ -0,0 +1,9 @@ +#!/bin/bash +set -e -o pipefail + +echo "waiting for cloud-init to finish..." +sudo cloud-init status --wait + +echo "update packages..." +sudo apt-get update +