bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
titan-iac/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-job.yaml

125 lines
4.6 KiB
YAML
Raw Normal View History

maintenance(titan-24): add desktop helper and rootfs sweep
2026-04-15 22:24:24 -03:00
# services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-job.yaml
# One-off job to create a temporary autologin desktop for Lesavka paste testing on titan-24.
# Safe to delete the finished Job/pod after it succeeds.
apiVersion: batch/v1
kind: Job
metadata:
name: titan-24-lesavka-desktop-helper
namespace: maintenance
annotations:
kustomize.toolkit.fluxcd.io/force: "true"
spec:
maintenance(titan-24): keep helper retries armed
2026-04-15 22:50:41 -03:00
backoffLimit: 6
maintenance(titan-24): add desktop helper and rootfs sweep
2026-04-15 22:24:24 -03:00
ttlSecondsAfterFinished: 3600
template:
metadata:
labels:
app: titan-24-lesavka-desktop-helper
spec:
restartPolicy: OnFailure
nodeSelector:
kubernetes.io/hostname: titan-24
tolerations:
maintenance(titan-24): tolerate unreachable helper jobs
2026-04-15 22:30:22 -03:00
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoSchedule
- key: node.kubernetes.io/unreachable
operator: Exists
effect: NoSchedule
maintenance(titan-24): add desktop helper and rootfs sweep
2026-04-15 22:24:24 -03:00
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoExecute
tolerationSeconds: 300
- key: node.kubernetes.io/unreachable
operator: Exists
effect: NoExecute
tolerationSeconds: 300
hostPID: true
containers:
- name: setup
image: debian:13-slim
securityContext:
privileged: true
runAsUser: 0
command: ["/bin/sh", "-c"]
args:
- |
set -euo pipefail
chroot /host /usr/bin/env bash <<'EOS'
set -euo pipefail
username="lesavka-test"
home="/home/${username}"
session_name="plasmax11.desktop"
if ! id "${username}" >/dev/null 2>&1; then
useradd -m -s /bin/bash "${username}"
fi
passwd -l "${username}" >/dev/null 2>&1 || true
for group in audio video render input netdev plugdev; do
if getent group "${group}" >/dev/null 2>&1; then
usermod -a -G "${group}" "${username}"
fi
done
install -d -m 755 /etc/sddm.conf.d
printf '%s\n' \
'[Autologin]' \
"User=${username}" \
"Session=${session_name}" \
'Relogin=false' \
>/etc/sddm.conf.d/60-lesavka-test-autologin.conf
install -d -o "${username}" -g "${username}" -m 700 \
"${home}/.config/autostart" \
"${home}/.local/bin"
install -o "${username}" -g "${username}" -m 644 /dev/null "${home}/lesavka-paste-test.txt"
printf '%s\n' \
'#!/usr/bin/env bash' \
'set -euo pipefail' \
'cd "${HOME}"' \
'touch "${HOME}/lesavka-paste-test.txt"' \
'if command -v kate >/dev/null 2>&1; then' \
' exec kate "${HOME}/lesavka-paste-test.txt"' \
'fi' \
'if command -v kwrite >/dev/null 2>&1; then' \
' exec kwrite "${HOME}/lesavka-paste-test.txt"' \
'fi' \
'if command -v gedit >/dev/null 2>&1; then' \
' exec gedit "${HOME}/lesavka-paste-test.txt"' \
'fi' \
'if command -v mousepad >/dev/null 2>&1; then' \
' exec mousepad "${HOME}/lesavka-paste-test.txt"' \
'fi' \
'if command -v xterm >/dev/null 2>&1; then' \
' exec xterm -fa Monospace -fs 14 -e sh -lc "exec ${EDITOR:-vi} '\''${HOME}/lesavka-paste-test.txt'\''"' \
'fi' \
'exit 0' \
>"${home}/.local/bin/lesavka-test-launch.sh"
chmod 755 "${home}/.local/bin/lesavka-test-launch.sh"
printf '%s\n' \
'[Desktop Entry]' \
'Type=Application' \
'Version=1.0' \
'Name=Lesavka Paste Test' \
'Comment=Open a visible editor for Lesavka clipboard testing' \
'Exec=/home/lesavka-test/.local/bin/lesavka-test-launch.sh' \
'Terminal=false' \
'X-GNOME-Autostart-enabled=true' \
>"${home}/.config/autostart/lesavka-test.desktop"
chown -R "${username}:${username}" "${home}/.config" "${home}/.local" "${home}/lesavka-paste-test.txt"
EOS
nsenter -t 1 -m -u -i -n -p -- systemctl restart sddm || \
nsenter -t 1 -m -u -i -n -p -- systemctl restart display-manager
volumeMounts:
- name: host-root
mountPath: /host
volumes:
- name: host-root
hostPath:
path: /
Reference in New Issue Copy Permalink