Compare commits
3 Commits
a2d61d6972
...
017d5ce00d
| Author | SHA1 | Date | |
|---|---|---|---|
| 017d5ce00d | |||
| 6fada2f32a | |||
| 510ba707ad |
@@ -144,15 +144,21 @@ jobs:
|
|||||||
payload = resp.read().decode("utf-8")
|
payload = resp.read().decode("utf-8")
|
||||||
return json.loads(payload)
|
return json.loads(payload)
|
||||||
|
|
||||||
def wait_for_guest_agent(vmid, timeout_seconds=900):
|
def wait_for_guest_agent(vmid, timeout_seconds=300):
|
||||||
deadline = time.time() + timeout_seconds
|
deadline = time.time() + timeout_seconds
|
||||||
|
tries = 0
|
||||||
while time.time() < deadline:
|
while time.time() < deadline:
|
||||||
|
tries += 1
|
||||||
try:
|
try:
|
||||||
res = api_request("GET", f"/api2/json/nodes/{target_node}/qemu/{vmid}/agent/ping")
|
res = api_request("GET", f"/api2/json/nodes/{target_node}/qemu/{vmid}/agent/ping")
|
||||||
if res.get("data") == "pong":
|
if res.get("data") == "pong":
|
||||||
|
print(f"Guest agent ready for vmid {vmid}", flush=True)
|
||||||
return True
|
return True
|
||||||
except Exception:
|
except Exception:
|
||||||
pass
|
pass
|
||||||
|
if tries % 6 == 0:
|
||||||
|
remaining = int(deadline - time.time())
|
||||||
|
print(f"Waiting for guest agent on vmid {vmid} ({remaining}s left)", flush=True)
|
||||||
time.sleep(5)
|
time.sleep(5)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
@@ -193,13 +199,12 @@ jobs:
|
|||||||
safe_hostname = hostname.replace("'", "'\"'\"'")
|
safe_hostname = hostname.replace("'", "'\"'\"'")
|
||||||
cmd = (
|
cmd = (
|
||||||
"set -e; "
|
"set -e; "
|
||||||
f"printf '%s' '{safe_key}' > /etc/tailscale/authkey; "
|
|
||||||
f"printf '%s' '{safe_hostname}' > /etc/tailscale/hostname; "
|
|
||||||
"chmod 600 /etc/tailscale/authkey; "
|
|
||||||
f"hostnamectl set-hostname '{safe_hostname}' || true; "
|
f"hostnamectl set-hostname '{safe_hostname}' || true; "
|
||||||
|
"install -d -m 700 /var/lib/tailscale; "
|
||||||
|
"rm -f /var/lib/tailscale/tailscaled.state; "
|
||||||
"systemctl restart tailscaled; "
|
"systemctl restart tailscaled; "
|
||||||
"systemctl start tailscale-firstboot.service; "
|
f"/run/current-system/sw/bin/tailscale up --reset --auth-key='{safe_key}' --hostname='{safe_hostname}'; "
|
||||||
"tailscale status || true"
|
"/run/current-system/sw/bin/tailscale status || true"
|
||||||
)
|
)
|
||||||
|
|
||||||
exitcode, stdout, stderr = exec_guest(vmid, cmd)
|
exitcode, stdout, stderr = exec_guest(vmid, cmd)
|
||||||
@@ -227,4 +232,4 @@ jobs:
|
|||||||
print("\nTailscale enrollment completed for all managed VMs")
|
print("\nTailscale enrollment completed for all managed VMs")
|
||||||
PY
|
PY
|
||||||
|
|
||||||
python3 enroll_tailscale.py
|
python3 -u enroll_tailscale.py
|
||||||
|
|||||||
@@ -39,34 +39,6 @@
|
|||||||
|
|
||||||
security.sudo.wheelNeedsPassword = false;
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
|
||||||
systemd.services.tailscale-firstboot = {
|
|
||||||
description = "One-time Tailscale enrollment";
|
|
||||||
after = [ "network-online.target" "tailscaled.service" ];
|
|
||||||
wants = [ "network-online.target" "tailscaled.service" ];
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
RemainAfterExit = true;
|
|
||||||
};
|
|
||||||
script = ''
|
|
||||||
if [ ! -s /etc/tailscale/authkey ]; then
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
key="$(cat /etc/tailscale/authkey)"
|
|
||||||
ts_hostname=""
|
|
||||||
if [ -s /etc/tailscale/hostname ]; then
|
|
||||||
ts_hostname="--hostname=$(cat /etc/tailscale/hostname)"
|
|
||||||
fi
|
|
||||||
|
|
||||||
rm -f /var/lib/tailscale/tailscaled.state
|
|
||||||
${pkgs.tailscale}/bin/tailscale up --reset --auth-key="$key" $ts_hostname
|
|
||||||
|
|
||||||
rm -f /etc/tailscale/authkey
|
|
||||||
rm -f /etc/tailscale/hostname
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
btop
|
btop
|
||||||
curl
|
curl
|
||||||
|
|||||||
Reference in New Issue
Block a user