-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathdevUser.yml
More file actions
219 lines (218 loc) · 7.24 KB
/
devUser.yml
File metadata and controls
219 lines (218 loc) · 7.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
name: devUser
description: LXD profile with nested docker and accelerated GPU support for JetBrains toolbox.
config:
environment.LANG: en_US.UTF-8
environment.LANGUAGE: en_US:en
environment.DISPLAY: :0.0
environment.XAUTHORITY: /home/me/.Xauthority
nvidia.runtime: "true" # TODO only if you have an nvidia GPU.
raw.idmap: | # TODO Set your UID/GID
both 1000 1000
linux.kernel_modules: ip_tables,btrfs,overlay
security.nesting: "true"
security.privileged: "false"
user.user-data: |-
#cloud-config
output:
all: '| tee -a /var/log/cloud-init-output.log'
package_update: false
package_upgrade: false
write_files:
- path: /etc/rsylog.conf
content: |
module(load="imuxsock")
*.* @log.virtdmz
owner: root:root
permissions: '0644'
- path: /etc/docker/daemon.json
content: |
{
"hosts": [
"unix://",
"tcp://0.0.0.0:2345"
],
"storage-driver": "btrfs"
}
permissions: '0644'
owner: root:root
- path: /etc/systemd/system/docker.service.d/override.conf
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd
permissions: '0644'
owner: root:root
- path: /etc/systemd/system/containerd.service.d/override.conf
content: |
[Service]
ExecStartPre=
ExecStartPre=/bin/true
permissions: '0644'
owner: root:root
- path: /usr/local/bin/jetbrains-launcher
permissions: '0755'
owner: root:root # TODO Check your install path.
content: "\
#!/bin/bash\n\
# Runs latest version of jetbrains products installed by toolbox.\n\
set -e\n\
JB=~/.local/share/JetBrains/Toolbox/apps/ \n\
script=$(ls ${JB}/*/ch-0/*/bin/`basename $0`.sh | sort | tail -1)\n\
if [ -x ${script:-/dev/null} ] ; then\n\
exec $script $@\n\
else\n\
echo $launcher not found. Check $TBPATH\n\
exit 1\n\
fi\n"
- path: /home/me/.PyCharm2018.2/config/options/remote-servers.xml
permissions: '0660'
content: |
<application>
<component name="RemoteServers">
<remote-server name="Docker" type="docker">
<configuration>
<option name="apiUrl" value="unix:///var/run/docker.sock" />
<option name="certificatesPath" />
</configuration>
</remote-server>
</component>
</application>
- path: "/usr/local/bin/apt-get"
owner: root:root
permissions: '0555'
content: "\
#!/bin/bash\n\
exec /usr/bin/flock -w 900 -F --verbose
/var/cache/apt/archives/lock /usr/bin/apt-get $@\n"
runcmd:
- set -xe
- apt-get update
- apt-get -y upgrade
- curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
- apt-get install -y apt-transport-https curl
- add-apt-repository
"deb [arch=amd64] https://download.docker.com/linux/ubuntu
$(lsb_release -cs) stable"
- curl -fsSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
- add-apt-repository
"deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main"
- apt-get update
- apt-get install -y
docker-ce
docker-compose
vim
git
gpg
squashfuse
- usermod -aG docker me
- systemctl start docker
- docker image pull hello-world
- docker run --rm hello-world
- apt-get install -y
x11-apps
mesa-utils
alsa-utils
libxtst6
libgtk-3-common
libswt-gtk-3-java
google-chrome-beta
openjdk-8-jdk
openjdk-8-dbg
openjdk-8-doc
libnvidia-gl-390 # TODO validate appropriate gl library for your env.
- nvidia-smi
- '$(echo "export DISPLAY=:0.0 XAUTHORITY=/home/me/.Xauthority" |
tee -a /home/me/.bashrc | tee -a /home/me/.bash_profile)'
- chown -R me:me /home/me || true
- runuser me -c "glxinfo -B"
- runuser me -c "glxgears -info" &
- sleep 12
- killall glxgears
- cd /usr/local/bin
- umask 022
- "for i in idea pycharm clion datagrip phpstorm webstorm goland ;
do ln -s jetbrains-launcher $i ;
done"
- echo '#!/bin/true' > /etc/update-motd.d/98-fsck-at-reboot
- reboot &
users:
- name: me
groups:
- adm
lock_passwd: true
shell: /bin/bash
uid: 1000 # TODO Swap to your numeric UID/GID
gid: 1000
ssh-authorized-keys: # TODO Add your own keys
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPS4YhPW5BkRbYkazwX7s0bFcFefVv30\
l5qXA0oxWKxM3vlN8eAinmU8ejZ7PgdpzLLnhgm3Kt8HrLYdWzYjoRCeF9Fp+fMcU8KL7I\
s4KOrCSPKodHOIlV3AtqmNtb9zTwiwCHqPkY9JeaWfiXe2c675jOA5ZkMsaHuaEjbqCYgd\
I6boQJI7S/haPFzWDr/rbkijjw87t9nh3NP1Oy11QDqavqzjURyika1eBsHKAheBHkVUgt\
oUu43rMsGLjL/gyD5XNJntdSuENYWH rferguson@booger"
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8hW43gyNrayfJwjxZ80HKWboRvpDRnS\
LhEKGwDfBqfx5aaF67mmIhOE+fsUTed1Odoqo5iprQYEWoTSA6C2RX9G9BBoUVCiA7DMIf\
dBTfJ5G3mO1I8ZZazttQ2qp5/e9z4mpYzL410YZyZ6XrgWoazQpDGdb2pkSmADo8jc/rED\
yM+ZWRBNDOS4gxUPk5oy8HbpZmK380JYvvGNSZCj4QSe5IZa/bQx6NL88mEF/+BHEW6JFw\
+Awv7c1+GHDL5iYQnTAY+XG1BQdDwuziRFm8eWPYamgUd+4JKptcf1gW6W1EnIQ2i4OR2L\
R1/BIXwG0FMfs3gJlM1Wbh/giYSt8p rferguson@mendota"
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCg51sNuYolkEw52oIKw3OKzlso2UyS0h\
0+R9t5wQYGMk6SfS0PHFd6epwWP1aHnJJnyLIZGPB/qaiWz4dTJEhl5eRaBO0ca6/SbMCu\
wjCCE/6IMPphj79v14hXfOG42dF/wZN3AF2VJwI3xVcxAyEkEIgAb79X4wUO2nN6xli5ET\
Q+YxPVfxD8+A0B1p25Ef1NdnUdGHOBCkpV4rgcO2fLQHIspMlL/JDJ9CUyCvy5XM7elN37\
iOdEUysGCavTcA0MeUxjkFdyzJt+MNVve4t+hOF6p/HnIvhcGxME6CQRyX3rM5bPbWy1ER\
e7BXJmg4SZmG5QccaTzqcCBJyFTJDX rferguson@c302ca"
sudo:
- ALL=(ALL) NOPASSWD:ALL
devices: # TODO Swap in your home dir path.
Xauthority:
path: /home/me/.Xauthority
source: /home/rferguson/.Xauthority
type: disk
nvgpu:
type: gpu
uid: "0"
gid: "0"
x11:
path: /tmp/.X11-unix/X0
source: /tmp/.X11-unix/X0
type: disk
melocal:
source: /home/rferguson/.local
path: /home/me/.local
type: disk
gitconf:
source: /home/rferguson/.gitconfig
path: /home/me/.gitconfig
type: disk
gitignore:
source: /home/rferguson/.gitignore_global
path: /home/me/.gitignore_global
type: disk
gpg:
source: /home/rferguson/.gnupg
path: /home/me/.gnupg
type: disk
gradlehome:
source: /home/rferguson/.gradle
path: /home/me/.gradle
type: disk
ideavimrc:
source: /home/rferguson/.ideavimrc
path: /home/me/.ideavimrc
type: disk
aptcache:
source: /vdata/cache/apt
path: /var/cache/apt
type: disk
pipcache:
source: /vdata/cache/pip
path: /home/me/.cache/pip
type: disk
npmcache:
source: /vdata/cache/npm
path: /home/me/.npm
type: disk
share:
source: /vdata/share
path: /home/me/share
type: disk