Base.tf
· 4.9 KiB · Terraform
Surowy
terraform {
required_providers {
coder = {
source = "coder/coder"
version = "2.1.2"
}
docker = {
source = "kreuzwerker/docker"
version = "~> 3.0.2"
}
}
}
# Admin parameters
locals {
username = data.coder_workspace_owner.me.name
}
data "coder_provisioner" "me" {
}
provider "docker" {
host = "unix:///var/run/docker.sock"
}
data "coder_workspace" "me" {
}
data "coder_workspace_owner" "me" {
}
data "coder_external_auth" "gitea" {
id = "gitea"
}
data "coder_parameter" "force_rebuild" {
name = "force_rebuild"
type = "bool"
description = "Rebuild the Docker image rather than use the cached one."
mutable = true
default = false
ephemeral = true
}
module "code-server" {
source = "registry.coder.com/modules/code-server/coder"
version = "1.0.28"
agent_id = coder_agent.main.id
display_name = "VS Code"
slug = "code"
install_version = "4.96.4"
folder = "/home/${local.username}/workspace"
port = "8080"
extensions = [
"eamodio.gitlens",
"PKief.material-icon-theme"
]
}
module "personalize" {
source = "registry.coder.com/modules/personalize/coder"
version = "1.0.28"
agent_id = coder_agent.main.id
path = "~/personalize.sh"
}
module "nodejs" {
source = "registry.coder.com/modules/nodejs/coder"
version = "1.0.28"
agent_id = coder_agent.main.id
nvm_install_prefix = "/home/${local.username}/.nvm"
node_versions = [
"20",
"22"
]
default_node_version = "22"
}
module "coder-login" {
source = "registry.coder.com/modules/coder-login/coder"
version = "1.0.28"
agent_id = coder_agent.main.id
}
module "git-config" {
source = "registry.coder.com/modules/git-config/coder"
version = "1.0.28"
agent_id = coder_agent.main.id
allow_username_change = false
}
module "git-commit-signing" {
source = "registry.coder.com/modules/git-commit-signing/coder"
version = "1.0.28"
agent_id = coder_agent.main.id
}
provider "coder" {
}
resource "coder_agent" "main" {
arch = data.coder_provisioner.me.arch
os = "linux"
dir = "/home/${local.username}/workspace/"
}
resource "coder_script" "auto-update" {
agent_id = coder_agent.main.id
script = "/opt/scripts/auto-update.sh"
display_name = "Auto Update"
run_on_start = true
start_blocks_login = false
}
resource "docker_volume" "home_volume" {
name = "coder-${data.coder_workspace.me.id}-home"
# Protect the volume from being deleted due to changes in attributes.
lifecycle {
ignore_changes = all
}
# Add labels in Docker to keep track of orphan resources.
labels {
label = "coder.owner"
value = data.coder_workspace_owner.me.name
}
labels {
label = "coder.owner_id"
value = data.coder_workspace_owner.me.id
}
labels {
label = "coder.workspace_id"
value = data.coder_workspace.me.id
}
# This field becomes outdated if the workspace is renamed but can
# be useful for debugging or cleaning out dangling volumes.
labels {
label = "coder.workspace_name_at_creation"
value = data.coder_workspace.me.name
}
}
resource "docker_image" "main" {
name = "coder-${data.coder_workspace.me.id}"
build {
context = "."
build_args = {
USER = local.username
}
}
triggers = {
docker_sha1 = sha1(filesha1("./Dockerfile"))
terraform_sha1 = sha1(filesha1("./Base.tf"))
rebuild_sha1 = data.coder_parameter.force_rebuild.value
assets_sha1 = sha1(join("", [for f in fileset(path.module, "./assets/*") : filesha1(f)]))
}
}
resource "docker_container" "workspace" {
count = data.coder_workspace.me.start_count
image = docker_image.main.name
# Uses lower() to avoid Docker restriction on container names.
name = "coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}"
# Hostname makes the shell more user friendly: coder@my-workspace:~$
hostname = data.coder_workspace.me.name
# Use the docker gateway if the access URL is 127.0.0.1
entrypoint = ["sh", "-c", replace(coder_agent.main.init_script, "/localhost|127\\.0\\.0\\.1/", "host.docker.internal")]
env = ["CODER_AGENT_TOKEN=${coder_agent.main.token}"]
host {
host = "host.docker.internal"
ip = "host-gateway"
}
volumes {
container_path = "/home/${local.username}"
volume_name = docker_volume.home_volume.name
read_only = false
}
# Add labels in Docker to keep track of orphan resources.
labels {
label = "coder.owner"
value = data.coder_workspace_owner.me.name
}
labels {
label = "coder.owner_id"
value = data.coder_workspace_owner.me.id
}
labels {
label = "coder.workspace_id"
value = data.coder_workspace.me.id
}
labels {
label = "coder.workspace_name"
value = data.coder_workspace.me.name
}
}
| 1 | terraform { |
| 2 | required_providers { |
| 3 | coder = { |
| 4 | source = "coder/coder" |
| 5 | version = "2.1.2" |
| 6 | } |
| 7 | docker = { |
| 8 | source = "kreuzwerker/docker" |
| 9 | version = "~> 3.0.2" |
| 10 | } |
| 11 | } |
| 12 | } |
| 13 | |
| 14 | # Admin parameters |
| 15 | |
| 16 | locals { |
| 17 | username = data.coder_workspace_owner.me.name |
| 18 | } |
| 19 | |
| 20 | data "coder_provisioner" "me" { |
| 21 | } |
| 22 | |
| 23 | provider "docker" { |
| 24 | host = "unix:///var/run/docker.sock" |
| 25 | } |
| 26 | |
| 27 | data "coder_workspace" "me" { |
| 28 | } |
| 29 | |
| 30 | data "coder_workspace_owner" "me" { |
| 31 | } |
| 32 | |
| 33 | data "coder_external_auth" "gitea" { |
| 34 | id = "gitea" |
| 35 | } |
| 36 | |
| 37 | data "coder_parameter" "force_rebuild" { |
| 38 | name = "force_rebuild" |
| 39 | type = "bool" |
| 40 | description = "Rebuild the Docker image rather than use the cached one." |
| 41 | mutable = true |
| 42 | default = false |
| 43 | ephemeral = true |
| 44 | } |
| 45 | |
| 46 | module "code-server" { |
| 47 | source = "registry.coder.com/modules/code-server/coder" |
| 48 | version = "1.0.28" |
| 49 | agent_id = coder_agent.main.id |
| 50 | display_name = "VS Code" |
| 51 | slug = "code" |
| 52 | install_version = "4.96.4" |
| 53 | folder = "/home/${local.username}/workspace" |
| 54 | port = "8080" |
| 55 | extensions = [ |
| 56 | "eamodio.gitlens", |
| 57 | "PKief.material-icon-theme" |
| 58 | ] |
| 59 | } |
| 60 | |
| 61 | module "personalize" { |
| 62 | source = "registry.coder.com/modules/personalize/coder" |
| 63 | version = "1.0.28" |
| 64 | agent_id = coder_agent.main.id |
| 65 | path = "~/personalize.sh" |
| 66 | } |
| 67 | |
| 68 | module "nodejs" { |
| 69 | source = "registry.coder.com/modules/nodejs/coder" |
| 70 | version = "1.0.28" |
| 71 | agent_id = coder_agent.main.id |
| 72 | nvm_install_prefix = "/home/${local.username}/.nvm" |
| 73 | node_versions = [ |
| 74 | "20", |
| 75 | "22" |
| 76 | ] |
| 77 | default_node_version = "22" |
| 78 | } |
| 79 | |
| 80 | module "coder-login" { |
| 81 | source = "registry.coder.com/modules/coder-login/coder" |
| 82 | version = "1.0.28" |
| 83 | agent_id = coder_agent.main.id |
| 84 | } |
| 85 | |
| 86 | module "git-config" { |
| 87 | source = "registry.coder.com/modules/git-config/coder" |
| 88 | version = "1.0.28" |
| 89 | agent_id = coder_agent.main.id |
| 90 | allow_username_change = false |
| 91 | } |
| 92 | |
| 93 | module "git-commit-signing" { |
| 94 | source = "registry.coder.com/modules/git-commit-signing/coder" |
| 95 | version = "1.0.28" |
| 96 | agent_id = coder_agent.main.id |
| 97 | } |
| 98 | |
| 99 | provider "coder" { |
| 100 | } |
| 101 | |
| 102 | resource "coder_agent" "main" { |
| 103 | arch = data.coder_provisioner.me.arch |
| 104 | os = "linux" |
| 105 | dir = "/home/${local.username}/workspace/" |
| 106 | } |
| 107 | |
| 108 | resource "coder_script" "auto-update" { |
| 109 | agent_id = coder_agent.main.id |
| 110 | script = "/opt/scripts/auto-update.sh" |
| 111 | display_name = "Auto Update" |
| 112 | run_on_start = true |
| 113 | start_blocks_login = false |
| 114 | } |
| 115 | |
| 116 | resource "docker_volume" "home_volume" { |
| 117 | name = "coder-${data.coder_workspace.me.id}-home" |
| 118 | # Protect the volume from being deleted due to changes in attributes. |
| 119 | lifecycle { |
| 120 | ignore_changes = all |
| 121 | } |
| 122 | # Add labels in Docker to keep track of orphan resources. |
| 123 | labels { |
| 124 | label = "coder.owner" |
| 125 | value = data.coder_workspace_owner.me.name |
| 126 | } |
| 127 | labels { |
| 128 | label = "coder.owner_id" |
| 129 | value = data.coder_workspace_owner.me.id |
| 130 | } |
| 131 | labels { |
| 132 | label = "coder.workspace_id" |
| 133 | value = data.coder_workspace.me.id |
| 134 | } |
| 135 | # This field becomes outdated if the workspace is renamed but can |
| 136 | # be useful for debugging or cleaning out dangling volumes. |
| 137 | labels { |
| 138 | label = "coder.workspace_name_at_creation" |
| 139 | value = data.coder_workspace.me.name |
| 140 | } |
| 141 | } |
| 142 | |
| 143 | resource "docker_image" "main" { |
| 144 | name = "coder-${data.coder_workspace.me.id}" |
| 145 | build { |
| 146 | context = "." |
| 147 | build_args = { |
| 148 | USER = local.username |
| 149 | } |
| 150 | } |
| 151 | triggers = { |
| 152 | docker_sha1 = sha1(filesha1("./Dockerfile")) |
| 153 | terraform_sha1 = sha1(filesha1("./Base.tf")) |
| 154 | rebuild_sha1 = data.coder_parameter.force_rebuild.value |
| 155 | assets_sha1 = sha1(join("", [for f in fileset(path.module, "./assets/*") : filesha1(f)])) |
| 156 | } |
| 157 | } |
| 158 | |
| 159 | resource "docker_container" "workspace" { |
| 160 | count = data.coder_workspace.me.start_count |
| 161 | image = docker_image.main.name |
| 162 | # Uses lower() to avoid Docker restriction on container names. |
| 163 | name = "coder-${data.coder_workspace_owner.me.name}-${lower(data.coder_workspace.me.name)}" |
| 164 | # Hostname makes the shell more user friendly: coder@my-workspace:~$ |
| 165 | hostname = data.coder_workspace.me.name |
| 166 | # Use the docker gateway if the access URL is 127.0.0.1 |
| 167 | entrypoint = ["sh", "-c", replace(coder_agent.main.init_script, "/localhost|127\\.0\\.0\\.1/", "host.docker.internal")] |
| 168 | env = ["CODER_AGENT_TOKEN=${coder_agent.main.token}"] |
| 169 | host { |
| 170 | host = "host.docker.internal" |
| 171 | ip = "host-gateway" |
| 172 | } |
| 173 | volumes { |
| 174 | container_path = "/home/${local.username}" |
| 175 | volume_name = docker_volume.home_volume.name |
| 176 | read_only = false |
| 177 | } |
| 178 | # Add labels in Docker to keep track of orphan resources. |
| 179 | labels { |
| 180 | label = "coder.owner" |
| 181 | value = data.coder_workspace_owner.me.name |
| 182 | } |
| 183 | labels { |
| 184 | label = "coder.owner_id" |
| 185 | value = data.coder_workspace_owner.me.id |
| 186 | } |
| 187 | labels { |
| 188 | label = "coder.workspace_id" |
| 189 | value = data.coder_workspace.me.id |
| 190 | } |
| 191 | labels { |
| 192 | label = "coder.workspace_name" |
| 193 | value = data.coder_workspace.me.name |
| 194 | } |
| 195 | } |
| 196 |