| gio | 36b23b3 | 2024-08-25 12:20:54 +0400 | [diff] [blame] | 1 | input: { |
| 2 | name: string @name(Hostname) |
| 3 | username: string @name(Username) |
| 4 | authKey: string @name(Auth Key) @role(VPNAuthKey) @usernameField(username) |
| 5 | cpuCores: int | *1 @name(CPU Cores) |
| 6 | memory: string | *"2Gi" @name(Memory) |
| 7 | } |
| 8 | |
| 9 | name: "Virutal Machine" |
| 10 | namespace: "app-vm" |
| 11 | readme: "Virtual Machine" |
| 12 | description: "Virtual Machine" |
| 13 | icon: """ |
| 14 | <svg xmlns="http://www.w3.org/2000/svg" width="50" height="50" viewBox="0 0 2048 2048"><path fill="currentColor" d="M1280 384H640V256h640zm0 1024H640v-128h640zm0 256H640v-128h640zM1408 0q27 0 50 10t40 27t28 41t10 50v1792H384V128q0-27 10-50t27-40t41-28t50-10zm0 128H512v1664h896z"/></svg>""" |
| 15 | |
| 16 | charts: { |
| 17 | virtualMachine: { |
| 18 | kind: "GitRepository" |
| 19 | address: "https://code.v1.dodo.cloud/helm-charts" |
| 20 | branch: "main" |
| 21 | path: "charts/virtual-machine" |
| 22 | } |
| 23 | } |
| 24 | |
| 25 | helm: { |
| 26 | "virtual-machine": { |
| 27 | chart: charts.virtualMachine |
| 28 | values: { |
| 29 | name: input.name |
| 30 | cpuCores: input.cpuCores |
| 31 | memory: input.memory |
| 32 | disk: { |
| 33 | source: "https://cloud.debian.org/images/cloud/bookworm-backports/latest/debian-12-backports-generic-amd64.qcow2" |
| 34 | size: "64Gi" |
| 35 | } |
| 36 | ports: [22, 8080] |
| 37 | cloudInit: userData: _cloudInitUserData |
| 38 | } |
| 39 | } |
| 40 | } |
| 41 | |
| 42 | _cloudInitUserData: { |
| 43 | system_info: { |
| 44 | default_user: { |
| 45 | name: input.username |
| 46 | home: "/home/\(input.username)" |
| 47 | } |
| 48 | } |
| 49 | password: "dodo" // TODO(gio): remove if possible |
| 50 | chpasswd: { |
| 51 | expire: false |
| 52 | } |
| 53 | hostname: input.name |
| 54 | ssh_pwauth: true |
| 55 | disable_root: false |
| 56 | ssh_authorized_keys: [ |
| 57 | "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOa7FUrmXzdY3no8qNGUk7OPaRcIUi8G7MVbLlff9eB/ lekva@gl-mbp-m1-max.local" |
| 58 | ] |
| 59 | runcmd: [ |
| 60 | ["sh", "-c", "curl -fsSL https://tailscale.com/install.sh | sh"], |
| 61 | // TODO(gio): take auth key from input |
| 62 | // TODO(gio): enable tailscale ssh |
| 63 | ["sh", "-c", "tailscale up --login-server=https://headscale.\(global.domain) --auth-key=\(input.authKey) --accept-routes"], |
| 64 | ["sh", "-c", "curl -fsSL https://code-server.dev/install.sh | HOME=/home/\(input.username) sh"], |
| 65 | ["sh", "-c", "systemctl enable --now code-server@\(input.username)"], |
| 66 | ["sh", "-c", "sleep 10"], |
| 67 | // TODO(gio): listen only on tailscale interface |
| 68 | ["sh", "-c", "sed -i -e 's/127.0.0.1/0.0.0.0/g' /home/\(input.username)/.config/code-server/config.yaml"], |
| 69 | ["sh", "-c", "sed -i -e 's/auth: password/auth: none/g' /home/\(input.username)/.config/code-server/config.yaml"], |
| 70 | ["sh", "-c", "systemctl restart --now code-server@\(input.username)"], |
| 71 | ] |
| 72 | } |