From c0690f0f58e641578adb6bc748f9c4db26c1f111 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 18:01:34 +0300 Subject: [PATCH 1/7] WIP --- windows-in-docker/files/CoderAgent.ps1 | 48 ++++++++++++++++ windows-in-docker/files/create_task.ps1 | 8 +++ windows-in-docker/files/install.bat | 2 + windows-in-docker/main.tf | 75 +++++++++++++++++++++++++ 4 files changed, 133 insertions(+) create mode 100644 windows-in-docker/files/CoderAgent.ps1 create mode 100644 windows-in-docker/files/create_task.ps1 create mode 100644 windows-in-docker/files/install.bat create mode 100644 windows-in-docker/main.tf diff --git a/windows-in-docker/files/CoderAgent.ps1 b/windows-in-docker/files/CoderAgent.ps1 new file mode 100644 index 0000000..7d66ecf --- /dev/null +++ b/windows-in-docker/files/CoderAgent.ps1 @@ -0,0 +1,48 @@ +# Sleep for a while in case the underlying provider deletes the resource on error. +trap { + Write-Error "=== Agent script exited with non-zero code. Sleeping 24h to preserve logs..." + Start-Sleep -Seconds 86400 +} + +# Attempt to download the coder agent. +# This could fail for a number of reasons, many of which are likely transient. +# So just keep trying! +while ($true) { + try { + $ProgressPreference = "SilentlyContinue" + + # executing shell to be named "sshd", otherwise it fails. See: + # https://github.com/microsoft/vscode-remote-release/issues/5699 + $BINARY_URL="${ACCESS_URL}/bin/coder-windows-${ARCH}.exe" + Write-Output "$(Get-Date) Fetching coder agent from ${BINARY_URL}" + Invoke-WebRequest -Uri "${BINARY_URL}" -OutFile $env:TEMP\sshd.exe + break + } catch { + Write-Output "$(Get-Date) error: unhandled exception fetching coder agent:" + Write-Output $_ + Write-Output "$(Get-Date) trying again in 30 seconds..." + Start-Sleep -Seconds 30 + } +} + +# Check if running in a Windows container +if (-not (Get-Command 'Set-MpPreference' -ErrorAction SilentlyContinue)) { + Write-Output "$(Get-Date) Set-MpPreference not available, skipping..." +} else { + Set-MpPreference -DisableRealtimeMonitoring $true -ExclusionPath $env:TEMP\sshd.exe +} + +$en +$env:CODER_AGENT_URL = "${ACCESS_URL}" + +# Check if we're running inside a Windows container! +$inContainer = $false +if ((Get-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control' -Name 'ContainerType' -ErrorAction SilentlyContinue) -ne $null) { + $inContainer = $true +} +if ($inContainer) { + # If we're in a container, run in a the foreground! + Start-Process -FilePath $env:TEMP\sshd.exe -ArgumentList "agent" -Wait -NoNewWindow +} else { + Start-Process -FilePath $env:TEMP\sshd.exe -ArgumentList "agent" -PassThru +} \ No newline at end of file diff --git a/windows-in-docker/files/create_task.ps1 b/windows-in-docker/files/create_task.ps1 new file mode 100644 index 0000000..39d9d82 --- /dev/null +++ b/windows-in-docker/files/create_task.ps1 @@ -0,0 +1,8 @@ +$task = @{ + TaskName = 'CoderAgent' + Action = (New-ScheduledTaskAction -Execute 'powershell.exe' -Argument '-sta -ExecutionPolicy Unrestricted -Command "$env:CODER_AGENT_TOKEN_FILE=\'C:\OEM\token.txt\'; & C:\OEM\CoderAgent.ps1 *>> C:\OEM\CoderAgent.log"') + Trigger = (New-ScheduledTaskTrigger -AtStartup), (New-ScheduledTaskTrigger -Once -At (Get-Date).AddSeconds(15)) + Settings = (New-ScheduledTaskSettingsSet -DontStopOnIdleEnd -ExecutionTimeLimit ([TimeSpan]::FromDays(3650)) -Compatibility Win8) + Principal = (New-ScheduledTaskPrincipal -UserId 'vm\coder' -RunLevel Highest -LogonType S4U) +} +Register-ScheduledTask @task -Force \ No newline at end of file diff --git a/windows-in-docker/files/install.bat b/windows-in-docker/files/install.bat new file mode 100644 index 0000000..dc237f4 --- /dev/null +++ b/windows-in-docker/files/install.bat @@ -0,0 +1,2 @@ +@echo off +PowerShell -NoProfile -ExecutionPolicy Bypass -Command "C:\OEM\create_task.ps1" \ No newline at end of file diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf new file mode 100644 index 0000000..7a07330 --- /dev/null +++ b/windows-in-docker/main.tf @@ -0,0 +1,75 @@ +terraform { + required_providers { + coder = { + source = "coder/coder" + } + docker = { + source = "kreuzwerker/docker" + version = "~> 3.0.0" + } + } +} + +provider "docker" {} + +provider "coder" {} + +data "coder_workspace" "me" {} + +resource "coder_agent" "dev" { + arch = "amd64" + os = "windows" + connection_timeout = 600 +} + +resource "local_file" "coder_agent_token" { + content = coder_agent.dev.token + filename = "${path.module}/files/token" +} + +data "docker_registry_image" "dockurr" { + name = "dockurr/windows" +} + +resource "docker_image" "dockurr" { + name = "${data.docker_registry_image.dockurr.name}@${data.docker_registry_image.dockurr.sha256_digest}" + pull_triggers = [ + data.docker_registry_image.dockurr.sha256_digest, + ] + keep_locally = true +} + +resource "docker_container" "dockurr" { + count = data.coder_workspace.me.start_count + image = docker_image.dockurr.name + name = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}" + hostname = data.coder_workspace.me.name + env = [ + "RAM_SIZE=16G", + "CPU_CORES=4", + ] + destroy_grace_seconds = 120 + stop_timeout = 120 + stop_signal = "SIGINT" + host { + host = "host.docker.internal" + ip = "host-gateway" + } + volumes { + container_path = "/storage" + host_path = "/home/ubuntu/dockurr" + read_only = false + } + volumes { + container_path = "/storage/oem" + host_path = "${abspath(path.module)}/files" + read_only = true + } + + devices { + host_path = "/dev/kvm" + } + capabilities { + add = ["NET_ADMIN"] + } +} From b9049196c9a3df14f268a31f22d5c979fa89376e Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 18:40:38 +0300 Subject: [PATCH 2/7] WIP --- windows-in-docker/.terraform.lock.hcl | 65 +++++++++++++++++++ windows-in-docker/build/Dockerfile | 2 + .../{ => build}/files/CoderAgent.ps1 | 0 .../{ => build}/files/create_task.ps1 | 0 .../{ => build}/files/install.bat | 0 windows-in-docker/main.tf | 40 +++++------- 6 files changed, 85 insertions(+), 22 deletions(-) create mode 100644 windows-in-docker/.terraform.lock.hcl create mode 100644 windows-in-docker/build/Dockerfile rename windows-in-docker/{ => build}/files/CoderAgent.ps1 (100%) rename windows-in-docker/{ => build}/files/create_task.ps1 (100%) rename windows-in-docker/{ => build}/files/install.bat (100%) diff --git a/windows-in-docker/.terraform.lock.hcl b/windows-in-docker/.terraform.lock.hcl new file mode 100644 index 0000000..0eb7174 --- /dev/null +++ b/windows-in-docker/.terraform.lock.hcl @@ -0,0 +1,65 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/coder/coder" { + version = "0.21.0" + hashes = [ + "h1:IbC4PFzMkwHHtWcTDdGCnI/azL2FA5BYnXZsqcXug0k=", + "zh:0c57113e09ac452418e3f141e9c3e8d380e27e50d94342ed0b4b2b08b50cc328", + "zh:220604b130744dd674e8eb7c21526bb93e1bd3d6c53d7779b430a0eb8b25b8a8", + "zh:473bf896f7bfd28e933cb3a02f0049c9a650ac68e8d8163784c14c0f9914ee34", + "zh:6b1c1e0285534c201840a6d44ab6465f18ac03a71f7095f1ea26662dad2d52e6", + "zh:6f70d37aacdc9df8346f9ea588eeab15a71d6a63fe5162434da853536a28e54b", + "zh:82299810d912da5575cb6b42710643f0836b7cbf7fa139e736bdf608b28754b3", + "zh:954f5859b9b8855bfff540aee7a22bc863ec5146e06bc9c4c84e8b5e235eea4f", + "zh:a082b0f568da1186e4e9a8e612180a0eabcc97c86f174acd90712dd86710b386", + "zh:aafeaec84b60317bb90d88c09f0d397f3367bb28bedb14010fba37437ce04697", + "zh:c37c0818566385c868cd2259ef374e3e1eef7f65306cb00692c8f1b8ccf5f191", + "zh:d4de664d00c5a30d7fcdf164321d928dcb80803844a6ff3bcee5c3e7aa0d42d8", + "zh:d5f64376d895fa66afa325530fac595fd25531f70429f7d99e56af20e498c17e", + "zh:e3612b35bb770af7eb325ed77083e1da65197487eeff2bf6fdf8472ff16cfdca", + "zh:ee6cc77a93ef920ec9fe0ff63decb1c7dd0a999330f8d23cbc64f16eec48d9f8", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} + +provider "registry.terraform.io/hashicorp/local" { + version = "2.5.1" + hashes = [ + "h1:8oTPe2VUL6E2d3OcrvqyjI4Nn/Y/UEQN26WLk5O/B0g=", + "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", + "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", + "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", + "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", + "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", + "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", + "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", + "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", + "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", + "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", + ] +} + +provider "registry.terraform.io/kreuzwerker/docker" { + version = "3.0.2" + constraints = "~> 3.0.0" + hashes = [ + "h1:cT2ccWOtlfKYBUE60/v2/4Q6Stk1KYTNnhxSck+VPlU=", + "zh:15b0a2b2b563d8d40f62f83057d91acb02cd0096f207488d8b4298a59203d64f", + "zh:23d919de139f7cd5ebfd2ff1b94e6d9913f0977fcfc2ca02e1573be53e269f95", + "zh:38081b3fe317c7e9555b2aaad325ad3fa516a886d2dfa8605ae6a809c1072138", + "zh:4a9c5065b178082f79ad8160243369c185214d874ff5048556d48d3edd03c4da", + "zh:5438ef6afe057945f28bce43d76c4401254073de01a774760169ac1058830ac2", + "zh:60b7fadc287166e5c9873dfe53a7976d98244979e0ab66428ea0dea1ebf33e06", + "zh:61c5ec1cb94e4c4a4fb1e4a24576d5f39a955f09afb17dab982de62b70a9bdd1", + "zh:a38fe9016ace5f911ab00c88e64b156ebbbbfb72a51a44da3c13d442cd214710", + "zh:c2c4d2b1fd9ebb291c57f524b3bf9d0994ff3e815c0cd9c9bcb87166dc687005", + "zh:d567bb8ce483ab2cf0602e07eae57027a1a53994aba470fa76095912a505533d", + "zh:e83bf05ab6a19dd8c43547ce9a8a511f8c331a124d11ac64687c764ab9d5a792", + "zh:e90c934b5cd65516fbcc454c89a150bfa726e7cf1fe749790c7480bbeb19d387", + "zh:f05f167d2eaf913045d8e7b88c13757e3cf595dd5cd333057fdafc7c4b7fed62", + "zh:fcc9c1cea5ce85e8bcb593862e699a881bd36dffd29e2e367f82d15368659c3d", + ] +} diff --git a/windows-in-docker/build/Dockerfile b/windows-in-docker/build/Dockerfile new file mode 100644 index 0000000..37824f1 --- /dev/null +++ b/windows-in-docker/build/Dockerfile @@ -0,0 +1,2 @@ +FROM dockurr/windows:latest +COPY ./files /storage/oem diff --git a/windows-in-docker/files/CoderAgent.ps1 b/windows-in-docker/build/files/CoderAgent.ps1 similarity index 100% rename from windows-in-docker/files/CoderAgent.ps1 rename to windows-in-docker/build/files/CoderAgent.ps1 diff --git a/windows-in-docker/files/create_task.ps1 b/windows-in-docker/build/files/create_task.ps1 similarity index 100% rename from windows-in-docker/files/create_task.ps1 rename to windows-in-docker/build/files/create_task.ps1 diff --git a/windows-in-docker/files/install.bat b/windows-in-docker/build/files/install.bat similarity index 100% rename from windows-in-docker/files/install.bat rename to windows-in-docker/build/files/install.bat diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf index 7a07330..b54d5b4 100644 --- a/windows-in-docker/main.tf +++ b/windows-in-docker/main.tf @@ -4,8 +4,7 @@ terraform { source = "coder/coder" } docker = { - source = "kreuzwerker/docker" - version = "~> 3.0.0" + source = "kreuzwerker/docker" } } } @@ -24,26 +23,28 @@ resource "coder_agent" "dev" { resource "local_file" "coder_agent_token" { content = coder_agent.dev.token - filename = "${path.module}/files/token" -} - -data "docker_registry_image" "dockurr" { - name = "dockurr/windows" + filename = "${path.root}/build/files/token" } resource "docker_image" "dockurr" { - name = "${data.docker_registry_image.dockurr.name}@${data.docker_registry_image.dockurr.sha256_digest}" - pull_triggers = [ - data.docker_registry_image.dockurr.sha256_digest, - ] + name = "dockurr/windows:latest" + build { + context = "./build" + } keep_locally = true + depends_on = [local_file.coder_agent_token] +} + + +resource "docker_volume" "storage" { + name = "coder-${data.coder_workspace.me.id}-storage" } resource "docker_container" "dockurr" { - count = data.coder_workspace.me.start_count - image = docker_image.dockurr.name - name = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}" - hostname = data.coder_workspace.me.name + count = data.coder_workspace.me.start_count + image = docker_image.dockurr.name + name = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}" + hostname = data.coder_workspace.me.name env = [ "RAM_SIZE=16G", "CPU_CORES=4", @@ -57,17 +58,12 @@ resource "docker_container" "dockurr" { } volumes { container_path = "/storage" - host_path = "/home/ubuntu/dockurr" + volume_name = docker_volume.storage.name read_only = false } - volumes { - container_path = "/storage/oem" - host_path = "${abspath(path.module)}/files" - read_only = true - } devices { - host_path = "/dev/kvm" + host_path = "/dev/kvm" } capabilities { add = ["NET_ADMIN"] From 354c77dc1ebac85f3bb58786431c710561652464 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 20:02:50 +0300 Subject: [PATCH 3/7] WIP --- windows-in-docker/build/files/create_task.ps1 | 2 +- windows-in-docker/build/files/install.bat | 5 +++++ windows-in-docker/main.tf | 5 ++++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/windows-in-docker/build/files/create_task.ps1 b/windows-in-docker/build/files/create_task.ps1 index 39d9d82..e54124a 100644 --- a/windows-in-docker/build/files/create_task.ps1 +++ b/windows-in-docker/build/files/create_task.ps1 @@ -1,6 +1,6 @@ $task = @{ TaskName = 'CoderAgent' - Action = (New-ScheduledTaskAction -Execute 'powershell.exe' -Argument '-sta -ExecutionPolicy Unrestricted -Command "$env:CODER_AGENT_TOKEN_FILE=\'C:\OEM\token.txt\'; & C:\OEM\CoderAgent.ps1 *>> C:\OEM\CoderAgent.log"') + Action = (New-ScheduledTaskAction -Execute 'powershell.exe' -Argument '-sta -ExecutionPolicy Unrestricted -Command "$env:CODER_AGENT_TOKEN_FILE=\'C:\OEM\token\'; & C:\OEM\CoderAgent.ps1 *>> C:\OEM\CoderAgent.log"') Trigger = (New-ScheduledTaskTrigger -AtStartup), (New-ScheduledTaskTrigger -Once -At (Get-Date).AddSeconds(15)) Settings = (New-ScheduledTaskSettingsSet -DontStopOnIdleEnd -ExecutionTimeLimit ([TimeSpan]::FromDays(3650)) -Compatibility Win8) Principal = (New-ScheduledTaskPrincipal -UserId 'vm\coder' -RunLevel Highest -LogonType S4U) diff --git a/windows-in-docker/build/files/install.bat b/windows-in-docker/build/files/install.bat index dc237f4..f92f595 100644 --- a/windows-in-docker/build/files/install.bat +++ b/windows-in-docker/build/files/install.bat @@ -1,2 +1,7 @@ @echo off +set LOGFILE=batch.log +call :LOG > %LOGFILE% +exit /B + +:LOG PowerShell -NoProfile -ExecutionPolicy Bypass -Command "C:\OEM\create_task.ps1" \ No newline at end of file diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf index b54d5b4..add8dc3 100644 --- a/windows-in-docker/main.tf +++ b/windows-in-docker/main.tf @@ -32,7 +32,10 @@ resource "docker_image" "dockurr" { context = "./build" } keep_locally = true - depends_on = [local_file.coder_agent_token] + triggers = { + always_run = "${timestamp()}" + } + depends_on = [local_file.coder_agent_token] } From 3b7625cbda1e1f71691d01868f3f39dc3cce6c0b Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 20:39:04 +0300 Subject: [PATCH 4/7] add triggers --- windows-in-docker/main.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf index add8dc3..1cc67b0 100644 --- a/windows-in-docker/main.tf +++ b/windows-in-docker/main.tf @@ -33,7 +33,8 @@ resource "docker_image" "dockurr" { } keep_locally = true triggers = { - always_run = "${timestamp()}" + dockerfile = sha1(join("", [for f in fileset(path.module, "build/Dockerfile") : filesha1(f)])) + token = sha1(local_file.coder_agent_token.content) } depends_on = [local_file.coder_agent_token] } From ffb103a96be991439eabb68b1fa3cb3a116afb40 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 21:20:11 +0300 Subject: [PATCH 5/7] fisrt boot takes way too longer --- windows-in-docker/main.tf | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf index 1cc67b0..2d84d17 100644 --- a/windows-in-docker/main.tf +++ b/windows-in-docker/main.tf @@ -18,7 +18,7 @@ data "coder_workspace" "me" {} resource "coder_agent" "dev" { arch = "amd64" os = "windows" - connection_timeout = 600 + connection_timeout = 1800 } resource "local_file" "coder_agent_token" { @@ -53,19 +53,31 @@ resource "docker_container" "dockurr" { "RAM_SIZE=16G", "CPU_CORES=4", ] + ports { + internal = 8006 + external = 8010 + } destroy_grace_seconds = 120 stop_timeout = 120 stop_signal = "SIGINT" + host { host = "host.docker.internal" ip = "host-gateway" } + volumes { container_path = "/storage" volume_name = docker_volume.storage.name read_only = false } + volumes { + container_path = "/storage/win11x64.iso" + host_path = "/home/ubuntu/windows/win11x64.iso" + read_only = true + } + devices { host_path = "/dev/kvm" } From b030e0d16e23008fe5e059b065f3a82ee89cb62d Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 22:06:05 +0300 Subject: [PATCH 6/7] Update create_task.ps1 and main.tf --- windows-in-docker/build/files/create_task.ps1 | 18 ++++++++++++------ windows-in-docker/main.tf | 3 ++- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/windows-in-docker/build/files/create_task.ps1 b/windows-in-docker/build/files/create_task.ps1 index e54124a..094cf60 100644 --- a/windows-in-docker/build/files/create_task.ps1 +++ b/windows-in-docker/build/files/create_task.ps1 @@ -1,8 +1,14 @@ +# Get the current user in the format domain\username +$currentUserId = whoami + +# Define the task properties $task = @{ - TaskName = 'CoderAgent' - Action = (New-ScheduledTaskAction -Execute 'powershell.exe' -Argument '-sta -ExecutionPolicy Unrestricted -Command "$env:CODER_AGENT_TOKEN_FILE=\'C:\OEM\token\'; & C:\OEM\CoderAgent.ps1 *>> C:\OEM\CoderAgent.log"') - Trigger = (New-ScheduledTaskTrigger -AtStartup), (New-ScheduledTaskTrigger -Once -At (Get-Date).AddSeconds(15)) - Settings = (New-ScheduledTaskSettingsSet -DontStopOnIdleEnd -ExecutionTimeLimit ([TimeSpan]::FromDays(3650)) -Compatibility Win8) - Principal = (New-ScheduledTaskPrincipal -UserId 'vm\coder' -RunLevel Highest -LogonType S4U) + TaskName = 'CoderAgent' + Action = (New-ScheduledTaskAction -Execute 'powershell.exe' -Argument '-sta -ExecutionPolicy Unrestricted -Command "$env:CODER_AGENT_TOKEN_FILE=\'C:\OEM\token\'; & C:\OEM\CoderAgent.ps1 *>> C:\OEM\CoderAgent.log"') + Trigger = @(New-ScheduledTaskTrigger -AtStartup, New-ScheduledTaskTrigger -Once -At (Get-Date).AddSeconds(15)) + Settings = (New-ScheduledTaskSettingsSet -DontStopOnIdleEnd -ExecutionTimeLimit ([TimeSpan]::FromDays(3650)) -Compatibility Win8) + Principal = (New-ScheduledTaskPrincipal -UserId $currentUserId -RunLevel Highest -LogonType S4U) } -Register-ScheduledTask @task -Force \ No newline at end of file + +# Register the task +Register-ScheduledTask @task -Force diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf index 2d84d17..2ce938c 100644 --- a/windows-in-docker/main.tf +++ b/windows-in-docker/main.tf @@ -27,7 +27,7 @@ resource "local_file" "coder_agent_token" { } resource "docker_image" "dockurr" { - name = "dockurr/windows:latest" + name = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}-dockurr" build { context = "./build" } @@ -81,6 +81,7 @@ resource "docker_container" "dockurr" { devices { host_path = "/dev/kvm" } + capabilities { add = ["NET_ADMIN"] } From c9878ce9c259f92d7625681e6d63d1962c5d7b0f Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Thu, 2 May 2024 22:15:43 +0300 Subject: [PATCH 7/7] Add debugging ports for agent startup in main.tf --- windows-in-docker/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows-in-docker/main.tf b/windows-in-docker/main.tf index 2ce938c..b206bfa 100644 --- a/windows-in-docker/main.tf +++ b/windows-in-docker/main.tf @@ -53,10 +53,14 @@ resource "docker_container" "dockurr" { "RAM_SIZE=16G", "CPU_CORES=4", ] + + # The following ports are added for debugging purposes + # TODO: Remove these ports when agent startup is figured out ports { internal = 8006 external = 8010 } + destroy_grace_seconds = 120 stop_timeout = 120 stop_signal = "SIGINT"