Rename container for tailscale ssh

gbraad · Jan 11, 2025 · cf67906 · cf67906
1 parent a2621a1
commit cf67906
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 2 deletions.
diff --git a/.devcontainer/Containerfile b/.devcontainer/Containerfile
@@ -16,3 +16,5 @@ USER gbraad
 RUN git clone https://github.com/gbraad/dotfiles.git /home/gbraad/.dotfiles \
     && cd ~/.dotfiles \
     && ./install.sh
+
+ENTRYPOINT [ "/sbin/init" ]
diff --git a/.github/workflows/build-container.yaml → .github/workflows/build-container.yml b/.github/workflows/build-container.yaml → .github/workflows/build-container.yml
@@ -15,7 +15,9 @@ jobs:
         os:
           - ubuntu-24.04
     steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
       - name: Run podman build
-        run: podman build -t ghcr.io/gbraad/dotfiles/test:40 -f .devcontainer/Containerfile .
+        run: podman build -t ghcr.io/gbraad/dotfiles:latest -f .devcontainer/Containerfile .
       - name: Push image to ghcr.io
-        run: podman push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} ghcr.io/gbraad/dotfiles/test:40
+        run: podman push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} ghcr.io/gbraad/dotfiles:latest
diff --git a/.github/workflows/tailscale-ssh.yml b/.github/workflows/tailscale-ssh.yml
@@ -0,0 +1,33 @@
+name: tailscale-ssh
+on:
+  workflow_dispatch:
+
+jobs:
+  dotfiles-test:
+    runs-on: ubuntu-24.04
+
+    steps:
+      - name: Remove unwanted stuff
+        uses: gbraad-devenv/remove-unwanted@v1
+      - name: Run system container with `podman` and `-user root`
+        run: |
+          podman run -d --name dotfiles --hostname code-${HOSTNAME} --systemd=always --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=SYS_ADMIN --device=/dev/net/tun --device=/dev/fuse -u root ghcr.io/gbraad/dotfiles:latest
+      - name: Tailscale setup (root)
+        run: |
+          podman exec dotfiles systemctl enable --now tailscaled
+          until podman exec dotfiles tailscale up --auth-key ${TAILSCALE_AUTHKEY} --ssh
+          do
+              sleep 0.1
+          done
+          podman exec dotfiles chmod 640 /etc/shadow
+        env:
+          TAILSCALE_AUTHKEY: ${{ secrets.TAILSCALE_AUTHKEY}}
+      - name: Hang around
+        run: |
+          until podman exec dotfiles systemctl is-active --quiet tailscaled
+          do
+               sleep 1
+          done
+          IP=`podman exec dotfiles tailscale ip -4`
+          echo "Use the following command to connect \`tailscale ssh gbraad@${IP}\`"
+          sleep infinity
diff --git a/zsh/.devenv b/zsh/.devenv
@@ -5,6 +5,7 @@ workdir=/home/gbraad
 shell=/bin/zsh
 
 [images]
+dot=ghcr.io/gbraad/dotfiles:latest
 fed=ghcr.io/gbraad-devenv/fedora/systemd:41
 code=ghcr.io/gbraad-devenv/fedora/code-cli:41
 desk=ghcr.io/gbraad-devenv/fedora/rdesktop:41