From 556fbacf93f8a02332dbdb4ef1761339f9c2079c Mon Sep 17 00:00:00 2001 From: Ben Date: Wed, 8 Jun 2022 20:17:02 +0000 Subject: [PATCH 1/3] example: aws-linux: resize and use non-root user --- examples/templates/aws-linux/main.tf | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/examples/templates/aws-linux/main.tf b/examples/templates/aws-linux/main.tf index 3f6e2f83d8871..bf4ecf78eea02 100644 --- a/examples/templates/aws-linux/main.tf +++ b/examples/templates/aws-linux/main.tf @@ -36,19 +36,6 @@ variable "region" { } } -variable "disk_size" { - description = "Specify your disk size (GiBs)" - default = "20" - type = number - validation { - condition = ( - var.disk_size >= 8 && - var.disk_size <= 256 - ) - error_message = "Disk size must be between 8 and 256." - } -} - provider "aws" { region = var.region } @@ -93,6 +80,11 @@ Content-Disposition: attachment; filename="cloud-config.txt" #cloud-config cloud_final_modules: - [scripts-user, always] +hostname: ${lower(data.coder_workspace.me.name)} +users: +- name: ${lower(data.coder_workspace.me.owner)} + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash --// Content-Type: text/x-shellscript; charset="us-ascii" @@ -101,7 +93,7 @@ Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="userdata.txt" #!/bin/bash -sudo -u ubuntu sh -c '${coder_agent.dev.init_script}' +sudo -u ${lower(data.coder_workspace.me.owner)} sh -c '${coder_agent.dev.init_script}' --//-- EOT @@ -134,7 +126,7 @@ EOT resource "aws_instance" "dev" { ami = data.aws_ami.ubuntu.id availability_zone = "${var.region}a" - instance_type = "t3.micro" + instance_type = "t3.medium" user_data = data.coder_workspace.me.transition == "start" ? local.user_data_start : local.user_data_end tags = { From da6ade7b4da6a121e47812bcab554cf2d53b624e Mon Sep 17 00:00:00 2001 From: Ben Date: Wed, 8 Jun 2022 20:51:51 +0000 Subject: [PATCH 2/3] increase instance type --- examples/templates/aws-linux/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/templates/aws-linux/main.tf b/examples/templates/aws-linux/main.tf index bf4ecf78eea02..f437097286ed2 100644 --- a/examples/templates/aws-linux/main.tf +++ b/examples/templates/aws-linux/main.tf @@ -126,7 +126,7 @@ EOT resource "aws_instance" "dev" { ami = data.aws_ami.ubuntu.id availability_zone = "${var.region}a" - instance_type = "t3.medium" + instance_type = "t3.xlarge" user_data = data.coder_workspace.me.transition == "start" ? local.user_data_start : local.user_data_end tags = { From 78184129f7a281fca5d5b77750219f0d9a4de613 Mon Sep 17 00:00:00 2001 From: Ben Date: Thu, 9 Jun 2022 13:56:07 +0000 Subject: [PATCH 3/3] truncate long usernames --- examples/templates/aws-linux/main.tf | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/examples/templates/aws-linux/main.tf b/examples/templates/aws-linux/main.tf index f437097286ed2..5377f2702d022 100644 --- a/examples/templates/aws-linux/main.tf +++ b/examples/templates/aws-linux/main.tf @@ -82,7 +82,7 @@ cloud_final_modules: - [scripts-user, always] hostname: ${lower(data.coder_workspace.me.name)} users: -- name: ${lower(data.coder_workspace.me.owner)} +- name: ${local.linux_user} sudo: ALL=(ALL) NOPASSWD:ALL shell: /bin/bash @@ -93,7 +93,7 @@ Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="userdata.txt" #!/bin/bash -sudo -u ${lower(data.coder_workspace.me.owner)} sh -c '${coder_agent.dev.init_script}' +sudo -u ${local.linux_user} sh -c '${coder_agent.dev.init_script}' --//-- EOT @@ -121,6 +121,10 @@ Content-Disposition: attachment; filename="userdata.txt" sudo shutdown -h now --//-- EOT + + # Ensure Coder username is a valid Linux username + linux_user = lower(substr(data.coder_workspace.me.owner, 0, 32)) + } resource "aws_instance" "dev" {