From cf679066dd95186cdb97b8955418670a7a36f6c9 Mon Sep 17 00:00:00 2001
From: Gerard Braad <me@gbraad.nl>
Date: Sat, 11 Jan 2025 11:36:51 +0000
Subject: [PATCH] Rename container for tailscale ssh

---
 .devcontainer/Containerfile                   |  2 ++
 ...ild-container.yaml => build-container.yml} |  6 ++--
 .github/workflows/tailscale-ssh.yml           | 33 +++++++++++++++++++
 zsh/.devenv                                   |  1 +
 4 files changed, 40 insertions(+), 2 deletions(-)
 rename .github/workflows/{build-container.yaml => build-container.yml} (65%)
 create mode 100644 .github/workflows/tailscale-ssh.yml

diff --git a/.devcontainer/Containerfile b/.devcontainer/Containerfile
index d3f83dd..8d37cd0 100644
--- a/.devcontainer/Containerfile
+++ b/.devcontainer/Containerfile
@@ -16,3 +16,5 @@ USER gbraad
 RUN git clone https://github.com/gbraad/dotfiles.git /home/gbraad/.dotfiles \
     && cd ~/.dotfiles \
     && ./install.sh
+
+ENTRYPOINT [ "/sbin/init" ]
\ No newline at end of file
diff --git a/.github/workflows/build-container.yaml b/.github/workflows/build-container.yml
similarity index 65%
rename from .github/workflows/build-container.yaml
rename to .github/workflows/build-container.yml
index 83cf276..1cd50e1 100644
--- a/.github/workflows/build-container.yaml
+++ b/.github/workflows/build-container.yml
@@ -15,7 +15,9 @@ jobs:
         os:
           - ubuntu-24.04
     steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
       - name: Run podman build
-        run: podman build -t ghcr.io/gbraad/dotfiles/test:40 -f .devcontainer/Containerfile .
+        run: podman build -t ghcr.io/gbraad/dotfiles:latest -f .devcontainer/Containerfile .
       - name: Push image to ghcr.io
-        run: podman push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} ghcr.io/gbraad/dotfiles/test:40
+        run: podman push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} ghcr.io/gbraad/dotfiles:latest
diff --git a/.github/workflows/tailscale-ssh.yml b/.github/workflows/tailscale-ssh.yml
new file mode 100644
index 0000000..32bb6a1
--- /dev/null
+++ b/.github/workflows/tailscale-ssh.yml
@@ -0,0 +1,33 @@
+name: tailscale-ssh
+on:
+  workflow_dispatch:
+
+jobs:
+  dotfiles-test:
+    runs-on: ubuntu-24.04
+    
+    steps:
+      - name: Remove unwanted stuff
+        uses: gbraad-devenv/remove-unwanted@v1
+      - name: Run system container with `podman` and `-user root`
+        run: |
+          podman run -d --name dotfiles --hostname code-${HOSTNAME} --systemd=always --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=SYS_ADMIN --device=/dev/net/tun --device=/dev/fuse -u root ghcr.io/gbraad/dotfiles:latest
+      - name: Tailscale setup (root)
+        run: |
+          podman exec dotfiles systemctl enable --now tailscaled
+          until podman exec dotfiles tailscale up --auth-key ${TAILSCALE_AUTHKEY} --ssh
+          do
+              sleep 0.1
+          done
+          podman exec dotfiles chmod 640 /etc/shadow
+        env:
+          TAILSCALE_AUTHKEY: ${{ secrets.TAILSCALE_AUTHKEY}}
+      - name: Hang around
+        run: |
+          until podman exec dotfiles systemctl is-active --quiet tailscaled
+          do
+               sleep 1
+          done
+          IP=`podman exec dotfiles tailscale ip -4`
+          echo "Use the following command to connect \`tailscale ssh gbraad@${IP}\`"
+          sleep infinity
\ No newline at end of file
diff --git a/zsh/.devenv b/zsh/.devenv
index 439fb08..5e8609d 100644
--- a/zsh/.devenv
+++ b/zsh/.devenv
@@ -5,6 +5,7 @@ workdir=/home/gbraad
 shell=/bin/zsh
 
 [images]
+dot=ghcr.io/gbraad/dotfiles:latest
 fed=ghcr.io/gbraad-devenv/fedora/systemd:41
 code=ghcr.io/gbraad-devenv/fedora/code-cli:41
 desk=ghcr.io/gbraad-devenv/fedora/rdesktop:41