Make sure the initial eth0 IP is pinned

Author: nktpro

flake.lock

@@ -38,6 +38,9 @@
               "nix.enableLanguageServer" = true;
               "nix.formatterPath" = pkgs.nixpkgs-fmt + "/bin/nixpkgs-fmt";
               "nix.serverPath" = pkgs.rnix-lsp + "/bin/rnix-lsp";
+              "powershell.powerShellAdditionalExePaths" = {
+                "PowerShell Core" = "${pkgs.powershell}/bin/pwsh";
+              };
             };
           };
           jetski = pkgs.callPackage hotPot.lib.denoAppBuild
@@ -61,6 +64,7 @@
               inherit deno;
               inherit (pkgs)
                 kubectl
+                powershell
                 ;
             };
         in

flake.nix

@@ -0,0 +1 @@
+Restart-Service -Name "Multipass"

scripts/restart_multipassd.ps1

@@ -0,0 +1,117 @@
+Set-StrictMode -Version 2
+$ErrorActionPreference = 'Stop'
+
+try {
+  New-VMSwitch -name MultipassSwitch -NetAdapterName Ethernet -AllowManagementOS $true
+}
+catch {
+  if ($_.Exception.Message -notmatch "already bound") {
+    Write-Output $_
+    exit 1
+  }
+}
+
+$hostname = $env:COMPUTERNAME.ToLower()
+$multipassdPort = 51000
+$env:MULTIPASS_SERVER_ADDRESS = "$($hostname):$($multipassdPort)"
+Write-Output "Set MULTIPASS_SERVER_ADDRESS=$($env:MULTIPASS_SERVER_ADDRESS)"
+
+$binPathValue = "C:\Program Files\Multipass\bin\multipassd.exe /svc --verbosity debug --logger stderr --address $($env:MULTIPASS_SERVER_ADDRESS)"
+Write-Output "Reconfiguring multipassd to binPath=$binPathValue"
+& 'C:\Windows\System32\sc.exe' config "Multipass" binPath= $binPathValue start= delayed-auto
+
+Write-Output "Restarting multipassd"
+Restart-Service -Name "Multipass"
+
+function Wait-ForCommand {
+  param (
+    [ScriptBlock]$commandScriptBlock,
+    [int]$timeoutSeconds = 2,
+    [int]$maxAttempts = 10
+  )
+
+  $attempts = 0
+
+  while ($true) {
+    $job = Start-Job -ScriptBlock $commandScriptBlock
+    Wait-Job $job -Timeout $timeoutSeconds > $null 2>&1
+    $result = Receive-Job $job
+    Remove-Job -Force $job
+
+    if ($null -eq $result) {
+      Write-Output "Command timed out after $timeoutSeconds seconds"
+    }
+    else {
+      if ([string]$result -eq "0") {
+        return
+      }
+    }
+
+    if ($attempts -gt $maxAttempts) {
+      throw "Command failed to execute properly"
+    }
+    else {
+      Write-Host "Still waiting for command to complete..."
+      Start-Sleep -s 1
+      $attempts += 1
+    }
+  }
+}
+
+function Wait-ForMultipassd {
+  param (
+    [int]$timeoutSeconds = 2,
+    [int]$maxAttempts = 10
+  )
+  Write-Output "Waiting for multipassd to start"
+  $scriptBlock = {
+    $version = (multipass.exe version)
+    if ($LASTEXITCODE -eq 0 -and $version -notmatch "multipassd") {
+      return 0
+    }
+    return 1
+  }
+  Wait-ForCommand -commandScriptBlock $scriptBlock -timeoutSeconds $timeoutSeconds -maxAttempts $maxAttempts
+}
+
+Wait-ForMultipassd
+
+# Write-Output "Setting local.passphrase"
+# multipass.exe set local.passphrase=foo
+# if ($LASTEXITCODE -ne 0) {
+#   Write-Output "Failed to set local.passphrase"
+#   exit $LASTEXITCODE
+# }
+
+# Wait-ForMultipassd
+# Write-Output "Setting local.bridged-network"
+# multipass.exe set local.bridged-network=MultipassSwitch
+# if ($LASTEXITCODE -ne 0) {
+#   Write-Output "Failed to set local.bridged-network"
+#   exit $LASTEXITCODE
+# }
+
+# # # Wait-ForMultipassd
+# Write-Output "Getting ethernet IP"
+# try {
+#   $ethIp = (Get-NetIPAddress -InterfaceAlias "vEthernet (MultipassSwitch)" -AddressFamily IPv4).IPAddress
+# }
+# catch {
+#   Write-Output "Failed to get ethernet IP"
+#   Write-Output $_
+#   exit 1
+# }
+
+# Write-Output "Found ethernet IP: $ethIp"
+
+# Write-Output "Going to add portproxy rule for $($ethIp):$($multipassdPort)"
+# netsh interface portproxy add v4tov4 listenport=$multipassdPort listenaddress=$ethIp connectport=$multipassdPort connectaddress=127.0.0.1
+# if ($LASTEXITCODE -ne 0) {
+#   exit $LASTEXITCODE
+# }
+
+# Write-Output "Going to add firewall rule for $($ethIp):$($multipassdPort)"
+# New-NetFirewallRule -DisplayName "multipassd_51000" -Direction Inbound -Protocol TCP -LocalPort $multipassdPort -Action Allow -PolicyStore PersistentStore
+# if ($LASTEXITCODE -ne 0) {
+#   exit $LASTEXITCODE
+# }

scripts/setup_multipassd.ps1

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+SCRIPT_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
+
+NODE_ADDRESS=${1:?"The remote node address is required"}
+PS_SCRIPT=${2:?"The the powershell script name is required"}
+
+ssh -o LogLevel=error "${NODE_ADDRESS}" powershell.exe -NoLogo -NonInteractive -Command - < "${SCRIPT_DIR}/${PS_SCRIPT}.ps1"

scripts/ssh_pwsh.sh

@@ -0,0 +1,10 @@
+Get-Service sshd | Set-Service -StartupType Automatic
+
+$authorizedKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmxihXDTbdPX7rVLKzZt6r/Qt9eZnrXCAWxCrmTOpZ6 [email protected]"
+Set-Content `
+  -Force -Path $env:ProgramData\ssh\administrators_authorized_keys `
+  -Value "$authorizedKey"
+  
+icacls.exe ""$env:ProgramData\ssh\administrators_authorized_keys"" /inheritance:r /grant ""Administrators:F"" /grant ""SYSTEM:F""
+
+Start-Service sshd

scripts/sshd.ps1

@@ -40,6 +40,8 @@ export const ServerInstanceConfigSchema = Type.Object({
   nodeTaints: Type.Optional(Type.Record(NonEmptyString(), NonEmptyString())),
   sshDirectoryPath: NonEmptyString(),
   joinMetadataPath: Type.Optional(NonEmptyString()),
+  userName: Type.Optional(NonEmptyString()),
+  userPassword: Type.Optional(NonEmptyString()),
 });
 
 export const AgentInstanceConfigSchema = Type.Object({
@@ -61,6 +63,8 @@ export const AgentInstanceConfigSchema = Type.Object({
   nodeTaints: Type.Optional(Type.Record(NonEmptyString(), NonEmptyString())),
   sshDirectoryPath: NonEmptyString(),
   joinMetadataPath: NonEmptyString(),
+  userName: Type.Optional(NonEmptyString()),
+  userPassword: Type.Optional(NonEmptyString()),
 });
 
 export const InstanceConfigSchema = Type.Union([