added windows supported hosts with userdata based on templating with pulumi outputs

Author: adrianriobo

pkg/infra/aws/modules/compute/compute.go

@@ -1,27 +1,11 @@
 package compute
 
 import (
-	"fmt"
-
-	"github.com/adrianriobo/qenvs/pkg/infra/util/command"
 	"github.com/adrianriobo/qenvs/pkg/util"
 	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2"
-	"github.com/pulumi/pulumi-command/sdk/go/command/remote"
 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 )
 
-func (r *Compute) OutputPrivateKey() string {
-	return fmt.Sprintf("%s-%s", OutputPrivateKey, r.Specs.ID)
-}
-
-func (r *Compute) OutputHost() string {
-	return fmt.Sprintf("%s-%s", OutputHost, r.Specs.ID)
-}
-
-func (r *Compute) OutputUsername() string {
-	return fmt.Sprintf("%s-%s", OutputUsername, r.Specs.ID)
-}
-
 func (c *Compute) getSecurityGroupsIDs() pulumi.StringArrayInput {
 	sgs := util.ArrayConvert(c.SG,
 		func(sg *ec2.SecurityGroup) pulumi.StringInput {
@@ -30,16 +14,16 @@ func (c *Compute) getSecurityGroupsIDs() pulumi.StringArrayInput {
 	return pulumi.StringArray(sgs[:])
 }
 
-func (c *Compute) remoteExec(ctx *pulumi.Context, cmdName, cmd string,
-	dependecies []pulumi.Resource) (*remote.Command, error) {
-	instance := command.RemoteInstance{
-		Instance:   c.Instance,
-		InstanceIP: &c.InstanceIP,
-		Username:   c.Username,
-		PrivateKey: c.PrivateKey}
-	return instance.RemoteExec(
-		ctx,
-		cmd,
-		cmdName,
-		dependecies)
-}
+// func (c *Compute) remoteExec(ctx *pulumi.Context, cmdName, cmd string,
+// 	dependecies []pulumi.Resource) (*remote.Command, error) {
+// 	instance := command.RemoteInstance{
+// 		Instance:   c.Instance,
+// 		InstanceIP: &c.InstanceIP,
+// 		Username:   c.Username,
+// 		PrivateKey: c.PrivateKey}
+// 	return instance.RemoteExec(
+// 		ctx,
+// 		cmd,
+// 		cmdName,
+// 		dependecies)
+// }

pkg/infra/aws/modules/compute/constants.go

@@ -1,7 +1,11 @@
 package compute
 
 const (
-	OutputHost       string = "Host"
-	OutputUsername   string = "Username"
-	OutputPrivateKey string = "PrivateKey"
+	OutputHost        string = "Host"
+	OutputUsername    string = "Username"
+	OutputPrivateKey  string = "PrivateKey"
+	OutputPasswordKey string = "Password"
+
+	DefaultRootBlockDeviceName string = "/dev/sda1"
+	DefaultRootBlockDeviceSize int    = 100
 )

pkg/infra/aws/modules/compute/host/macm1/macm1.go

@@ -25,7 +25,7 @@ func (r *MacM1Request) GetAMI(ctx *pulumi.Context) (*ec2.LookupAmiResult, error)
 	return ami.GetAMIByName(ctx, r.Specs.AMI.RegexName, r.Specs.AMI.Owner, r.Specs.AMI.Filters)
 }
 
-func (r *MacM1Request) GetUserdata() (pulumi.StringPtrInput, error) {
+func (r *MacM1Request) GetUserdata(ctx *pulumi.Context) (pulumi.StringPtrInput, error) {
 	return nil, nil
 }
 
@@ -55,9 +55,9 @@ func (r *MacM1Request) CustomSecurityGroups(ctx *pulumi.Context) ([]*ec2.Securit
 	return nil, nil
 }
 
-func (r *MacM1Request) GetPostScript() (string, error) {
+func (r *MacM1Request) GetPostScript(ctx *pulumi.Context) (string, error) {
 	return util.Template(
-		UserDataValues{
+		scriptDataValues{
 			r.Specs.AMI.DefaultUser,
 			r.Password},
 		"postscript", script)
@@ -67,32 +67,3 @@ func (r *MacM1Request) Create(ctx *pulumi.Context,
 	computeRequested compute.ComputeRequest) (*compute.Compute, error) {
 	return r.Request.Create(ctx, r)
 }
-
-var script string = `
-#!/bin/sh
-
-# Enable remote control (vnc)
-sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool false
-sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
-
-# Set user password
-sudo dscl . -passwd /Users/{{.Username}} {{.Password}}
-
-# Autologin
-sudo curl -o /tmp/kcpassword https://raw.githubusercontent.com/xfreebird/kcpassword/master/kcpassword
-sudo chmod +x /tmp/kcpassword
-sudo /tmp/kcpassword {{.Password}}
-sudo defaults write /Library/Preferences/com.apple.loginwindow autoLoginUser "{{.Username}}"
-
-sudo defaults write /Library/Preferences/.GlobalPreferences.plist com.apple.securitypref.logoutvalue -int 1200
-sudo defaults write /Library/Preferences/.GlobalPreferences.plist com.apple.autologout.AutoLogOutDelay -int 1200
-
-# autologin to take effect
-# run reboot on background to successfully finish the remote exec of the script
-(sleep 2 && sudo reboot)&
-`
-
-type UserDataValues struct {
-	Username string
-	Password string
-}

pkg/infra/aws/modules/compute/host/macm1/postscript.go

@@ -0,0 +1,33 @@
+package macm1
+
+var script string = `
+#!/bin/sh
+
+# Allow run x86 binaries on arm64 
+sudo softwareupdate --install-rosetta --agree-to-license
+
+# Enable remote control (vnc)
+sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool false
+sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist
+
+# Set user password
+sudo dscl . -passwd /Users/{{.Username}} {{.Password}}
+
+# Autologin
+sudo curl -o /tmp/kcpassword https://raw.githubusercontent.com/xfreebird/kcpassword/master/kcpassword
+sudo chmod +x /tmp/kcpassword
+sudo /tmp/kcpassword {{.Password}}
+sudo defaults write /Library/Preferences/com.apple.loginwindow autoLoginUser "{{.Username}}"
+
+sudo defaults write /Library/Preferences/.GlobalPreferences.plist com.apple.securitypref.logoutvalue -int 0
+sudo defaults write /Library/Preferences/.GlobalPreferences.plist com.apple.autologout.AutoLogOutDelay -int 0
+
+# autologin to take effect
+# run reboot on background to successfully finish the remote exec of the script
+(sleep 2 && sudo reboot)&
+`
+
+type scriptDataValues struct {
+	Username string
+	Password string
+}

pkg/infra/aws/modules/compute/host/rhel/rhel.go

@@ -22,7 +22,7 @@ func (r *RHELRequest) GetAMI(ctx *pulumi.Context) (*ec2.LookupAmiResult, error)
 	return ami.GetAMIByName(ctx, amiNameRegex, "", r.Specs.AMI.Filters)
 }
 
-func (r *RHELRequest) GetUserdata() (pulumi.StringPtrInput, error) {
+func (r *RHELRequest) GetUserdata(ctx *pulumi.Context) (pulumi.StringPtrInput, error) {
 	userdata, err := util.Template(
 		UserDataValues{
 			r.SubscriptionUsername,
@@ -43,7 +43,7 @@ func (r *RHELRequest) CustomSecurityGroups(ctx *pulumi.Context) ([]*ec2.Security
 	return nil, nil
 }
 
-func (r *RHELRequest) GetPostScript() (string, error) {
+func (r *RHELRequest) GetPostScript(ctx *pulumi.Context) (string, error) {
 	return "", nil
 }
 

pkg/infra/aws/modules/compute/host/windows/types.go

@@ -1,4 +1,4 @@
-package rhel
+package windows
 
 import (
 	"github.com/adrianriobo/qenvs/pkg/infra/aws/modules/compute"

pkg/infra/aws/modules/compute/host/windows/userdata.go

@@ -0,0 +1,51 @@
+package windows
+
+// type userDataValues struct {
+// 	Username      string
+// 	Password      string
+// 	AuthorizedKey string
+// }
+
+// var userdata string = `
+// <powershell>
+// # Create local user
+// $Password = ConvertTo-SecureString "{{.Password}}" -AsPlainText -Force
+// New-LocalUser {{.Username}} -Password $Password
+// # Run a process with new local user to create profile, so it will create home folder
+// $credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList {{.Username}}, $Password
+// Start-Process cmd /c -WindowStyle Hidden -Wait -Credential $credential -ErrorAction SilentlyContinue
+// # Add user to required groups
+// Add-LocalGroupMember -Group "Administrators" -Member {{.Username}}
+// # Check if this speed insall of crc...if msi installer checks if no reboot required
+// # Non eng Add-LocalGroupMember -Group "Hyper-V Administrators" -Member {{.Username}}
+// Add-LocalGroupMember -Member {{.Username}} -SID S-1-5-32-578
+// # Set autologon to user to allow start sshd for the user
+// # Check requirements for domain user
+// # https://docs.microsoft.com/en-us/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon
+// $RegistryPath = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
+// Set-ItemProperty $RegistryPath 'AutoAdminLogon' -Value "1" -Type String
+// Set-ItemProperty $RegistryPath 'DefaultUsername' -Value "{{.Username}}" -type String
+// Set-ItemProperty $RegistryPath 'DefaultPassword' -Value "{{.Password}}" -type String
+// # Install sshd
+// Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
+// Set-Service -Name sshd -StartupType 'Manual'
+// # This generate ssh certs + config file for us
+// Start-Service sshd
+// # Disable the service as need to start it as a user process on startup
+// Stop-Service sshd
+// # Add pub key for the user as authorized_key
+// New-Item -Path "C:\Users\{{.Username}}\.ssh" -ItemType Directory -Force
+// New-Item -Path C:\Users\{{.Username}}\.ssh -Name "authorized_keys" -ItemType "file" -Value "{{.AuthorizedKey}}"
+// # Set permissions valid permissions for hyper_user on authorized_keys + host_keys
+// $acl = Get-Acl C:\Users\{{.Username}}\.ssh\authorized_keys
+// $acl.SetOwner([System.Security.Principal.NTAccount] "{{.Username}}")
+// $acl.SetAccessRuleProtection($True, $False)
+// $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule([System.Security.Principal.NTAccount] "{{.Username}}","FullControl","Allow")
+// $acl.SetAccessRule($AccessRule)
+// Set-Acl C:\Users\{{.Username}}\.ssh\authorized_keys $acl
+// Set-Acl -Path "C:\ProgramData\ssh\*key" $acl
+// # Create bat script to start sshd as a user process on startup
+// New-Item -Path "C:\Users\{{.Username}}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" -Name start-openssh.bat -ItemType "file" -Value 'powershell -command "sshd -f C:\ProgramData\ssh\sshd_config"'
+// Restart-Computer
+// </powershell>
+// `

pkg/infra/aws/modules/compute/host/windows/windows.go

@@ -1,4 +1,4 @@
-package rhel
+package windows
 
 import (
 	"github.com/adrianriobo/qenvs/pkg/infra/aws/modules/compute"
@@ -17,55 +17,50 @@ func (r *WindowsRequest) GetAMI(ctx *pulumi.Context) (*ec2.LookupAmiResult, erro
 	return ami.GetAMIByName(ctx, r.Specs.AMI.RegexName, r.Specs.AMI.Owner, r.Specs.AMI.Filters)
 }
 
-func (r *WindowsRequest) GetUserdata() (pulumi.StringPtrInput, error) {
-
-	// https://charlesxu.io/wiki/infra-as-code/pulumi/
-	// https://www.pulumi.com/registry/packages/random/api-docs/randompassword/?utm_source=performance-max&utm_medium=cpc&utm_campaign=&utm_term=&utm_medium=ppc&utm_source=adwords&hsa_grp=&hsa_cam=18353585506&hsa_mt=&hsa_net=adwords&hsa_ver=3&hsa_acc=1926559913&hsa_ad=&hsa_src=x&hsa_tgt=&hsa_kw=&gclid=EAIaIQobChMIwP3C2sqK-wIVPY1oCR0EOgJoEAAYASAAEgJM6vD_BwE
-	// t := pulumi.All(r.KeyPair.Arn).ApplyT(
-	// 	func(args []interface{}) string {
-	// 		return args[0].(string)
-	// 	}).(pulumi.StringOutput)
-
-	// return t, nil
-
-	// st := pulumi.String("lalal")
-
-	// return st, nil
+func (r *WindowsRequest) GetUserdata(ctx *pulumi.Context) (pulumi.StringPtrInput, error) {
 	return nil, nil
 }
 
+// func (r *WindowsRequest) GetUserdata(ctx *pulumi.Context) (pulumi.StringPtrInput, error) {
+// 	password, err := utilInfra.CreatePassword(ctx, r.GetName())
+// 	if err != nil {
+// 		return nil, err
+// 	}
+// 	ctx.Export(r.OutputPrivateKey(), password.Result)
+// 	udBase64 := pulumi.All(password.Result, r.PublicKeyOpenssh).ApplyT(
+// 		func(args []interface{}) string {
+// 			password := args[0].(string)
+// 			authorizedKey := args[1].(string)
+// 			userdata, _ := util.Template(
+// 				userDataValues{
+// 					r.Specs.AMI.DefaultUser,
+// 					password,
+// 					authorizedKey},
+// 				fmt.Sprintf("%s-%s", "userdata", r.GetName()),
+// 				userdata)
+// 			return base64.StdEncoding.EncodeToString([]byte(userdata))
+// 		}).(pulumi.StringOutput)
+// 	return udBase64, nil
+// }
+
 func (r *WindowsRequest) GetDedicatedHost(ctx *pulumi.Context) (*ec2.DedicatedHost, error) {
 	return nil, nil
 }
 
 func (r *WindowsRequest) CustomIngressRules() []securityGroup.IngressRules {
-	return nil
+	return []securityGroup.IngressRules{
+		securityGroup.RDP_TCP}
 }
 
 func (r *WindowsRequest) CustomSecurityGroups(ctx *pulumi.Context) ([]*ec2.SecurityGroup, error) {
 	return nil, nil
 }
 
-func (r *WindowsRequest) GetPostScript() (string, error) {
+func (r *WindowsRequest) GetPostScript(ctx *pulumi.Context) (string, error) {
 	return "", nil
 }
 
 func (r *WindowsRequest) Create(ctx *pulumi.Context,
 	computeRequested compute.ComputeRequest) (*compute.Compute, error) {
 	return r.Request.Create(ctx, r)
 }
-
-// var cloudConfig string = `
-// #cloud-config
-// rh_subscription:
-//   username: {{.SubscriptionUsername}}
-//   password: {{.SubscriptionPassword}}
-//   auto-attach: true
-// packages:
-//   - podman
-// `
-
-// type UserDataValues struct {
-// 	SubscriptionUsername string
-// 	SubscriptionPassword string
-// }