-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathuser_data.sh
67 lines (56 loc) · 1.68 KB
/
user_data.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/usr/bin/env bash
set -euo pipefail
sudo hostname "worker-${unique_id}-${index}"
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up --auth-key="${tailscale_auth_key}"
sudo tailscale up --ssh
sudo dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
sudo dnf install -y docker-ce \
docker-ce-cli \
containerd.io \
docker-buildx-plugin \
docker-compose-plugin
sudo systemctl enable docker
sudo systemctl start docker
# NAT client setup
ip route add default via 10.6.0.1
# Persist NAT setup after reboots
cat <<EOF > /etc/NetworkManager/dispatcher.d/ifup-local
/usr/sbin/ip route add default via 10.6.0.1
EOF
chmod +x /etc/NetworkManager/dispatcher.d/ifup-local
mkdir -p /workspace/keys
cd /workspace/keys
cat << EOF > worker_key
${worker_private_key}
EOF
cat << EOF > tsa_host_key.pub
${tsa_host_public_key}
EOF
cd /workspace
cat << EOF > compose.yml
services:
worker:
image: docker.io/concourse/concourse:${image_tag}
command: worker
privileged: true
cgroup: host
restart: unless-stopped
logging:
driver: journald
stop_signal: SIGUSR2
volumes:
- /workspace/keys:/concourse-keys
environment:
CONCOURSE_NAME: worker-${unique_id}-${index}
CONCOURSE_RUNTIME: containerd
CONCOURSE_TSA_PUBLIC_KEY: /concourse-keys/tsa_host_key.pub
CONCOURSE_TSA_WORKER_PRIVATE_KEY: /concourse-keys/worker_key
CONCOURSE_TSA_HOST: ${web_load_balancer_ip}:2222
CONCOURSE_BIND_IP: 0.0.0.0
CONCOURSE_BAGGAGECLAIM_BIND_IP: 0.0.0.0
CONCOURSE_BAGGAGECLAIM_DRIVER: overlay
CONCOURSE_CONTAINERD_DNS_SERVER: "1.1.1.1"
CONCOURSE_CONTAINERD_MTU: 1450
EOF
sudo docker compose up -d