diff --git a/services/maintenance/kustomization.yaml b/services/maintenance/kustomization.yaml index 2df777ab..57c406bf 100644 --- a/services/maintenance/kustomization.yaml +++ b/services/maintenance/kustomization.yaml @@ -27,8 +27,6 @@ resources: - soteria-deployment.yaml - oneoffs/ariadne-migrate-job.yaml - oneoffs/titan-24-rootfs-sweep-job.yaml - - oneoffs/titan-24-lesavka-desktop-helper-job.yaml - - oneoffs/titan-24-lesavka-desktop-helper-cleanup-job.yaml - ariadne-service.yaml - soteria-service.yaml - disable-k3s-traefik-daemonset.yaml diff --git a/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-cleanup-job.yaml b/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-cleanup-job.yaml deleted file mode 100644 index e07fbb34..00000000 --- a/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-cleanup-job.yaml +++ /dev/null @@ -1,67 +0,0 @@ -# services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-cleanup-job.yaml -# One-off cleanup for the temporary Lesavka paste-test desktop on titan-24. -# Run by setting spec.suspend to false, reconcile, then set it back to true. -apiVersion: batch/v1 -kind: Job -metadata: - name: titan-24-lesavka-desktop-helper-cleanup - namespace: maintenance - annotations: - kustomize.toolkit.fluxcd.io/force: "true" -spec: - suspend: true - backoffLimit: 1 - ttlSecondsAfterFinished: 3600 - template: - metadata: - labels: - app: titan-24-lesavka-desktop-helper-cleanup - spec: - restartPolicy: Never - nodeSelector: - kubernetes.io/hostname: titan-24 - tolerations: - - key: node.kubernetes.io/not-ready - operator: Exists - effect: NoSchedule - - key: node.kubernetes.io/unreachable - operator: Exists - effect: NoSchedule - - key: node.kubernetes.io/not-ready - operator: Exists - effect: NoExecute - tolerationSeconds: 300 - - key: node.kubernetes.io/unreachable - operator: Exists - effect: NoExecute - tolerationSeconds: 300 - hostPID: true - containers: - - name: cleanup - image: debian:13-slim - securityContext: - privileged: true - runAsUser: 0 - command: ["/bin/sh", "-c"] - args: - - | - set -euo pipefail - chroot /host /usr/bin/env bash <<'EOS' - set -euo pipefail - username="lesavka-test" - rm -f /etc/sddm.conf.d/60-lesavka-test-autologin.conf - if id "${username}" >/dev/null 2>&1; then - loginctl terminate-user "${username}" >/dev/null 2>&1 || true - userdel -r "${username}" >/dev/null 2>&1 || true - fi - EOS - - nsenter -t 1 -m -u -i -n -p -- systemctl restart sddm || \ - nsenter -t 1 -m -u -i -n -p -- systemctl restart display-manager - volumeMounts: - - name: host-root - mountPath: /host - volumes: - - name: host-root - hostPath: - path: / diff --git a/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-job.yaml b/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-job.yaml deleted file mode 100644 index 4ad36c1a..00000000 --- a/services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-job.yaml +++ /dev/null @@ -1,124 +0,0 @@ -# services/maintenance/oneoffs/titan-24-lesavka-desktop-helper-job.yaml -# One-off job to create a temporary autologin desktop for Lesavka paste testing on titan-24. -# Safe to delete the finished Job/pod after it succeeds. -apiVersion: batch/v1 -kind: Job -metadata: - name: titan-24-lesavka-desktop-helper - namespace: maintenance - annotations: - kustomize.toolkit.fluxcd.io/force: "true" -spec: - backoffLimit: 6 - ttlSecondsAfterFinished: 3600 - template: - metadata: - labels: - app: titan-24-lesavka-desktop-helper - spec: - restartPolicy: OnFailure - nodeSelector: - kubernetes.io/hostname: titan-24 - tolerations: - - key: node.kubernetes.io/not-ready - operator: Exists - effect: NoSchedule - - key: node.kubernetes.io/unreachable - operator: Exists - effect: NoSchedule - - key: node.kubernetes.io/not-ready - operator: Exists - effect: NoExecute - tolerationSeconds: 300 - - key: node.kubernetes.io/unreachable - operator: Exists - effect: NoExecute - tolerationSeconds: 300 - hostPID: true - containers: - - name: setup - image: debian:13-slim - securityContext: - privileged: true - runAsUser: 0 - command: ["/bin/sh", "-c"] - args: - - | - set -euo pipefail - chroot /host /usr/bin/env bash <<'EOS' - set -euo pipefail - username="lesavka-test" - home="/home/${username}" - session_name="plasmax11.desktop" - - if ! id "${username}" >/dev/null 2>&1; then - useradd -m -s /bin/bash "${username}" - fi - passwd -l "${username}" >/dev/null 2>&1 || true - - for group in audio video render input netdev plugdev; do - if getent group "${group}" >/dev/null 2>&1; then - usermod -a -G "${group}" "${username}" - fi - done - - install -d -m 755 /etc/sddm.conf.d - printf '%s\n' \ - '[Autologin]' \ - "User=${username}" \ - "Session=${session_name}" \ - 'Relogin=false' \ - >/etc/sddm.conf.d/60-lesavka-test-autologin.conf - - install -d -o "${username}" -g "${username}" -m 700 \ - "${home}/.config/autostart" \ - "${home}/.local/bin" - install -o "${username}" -g "${username}" -m 644 /dev/null "${home}/lesavka-paste-test.txt" - - printf '%s\n' \ - '#!/usr/bin/env bash' \ - 'set -euo pipefail' \ - 'cd "${HOME}"' \ - 'touch "${HOME}/lesavka-paste-test.txt"' \ - 'if command -v kate >/dev/null 2>&1; then' \ - ' exec kate "${HOME}/lesavka-paste-test.txt"' \ - 'fi' \ - 'if command -v kwrite >/dev/null 2>&1; then' \ - ' exec kwrite "${HOME}/lesavka-paste-test.txt"' \ - 'fi' \ - 'if command -v gedit >/dev/null 2>&1; then' \ - ' exec gedit "${HOME}/lesavka-paste-test.txt"' \ - 'fi' \ - 'if command -v mousepad >/dev/null 2>&1; then' \ - ' exec mousepad "${HOME}/lesavka-paste-test.txt"' \ - 'fi' \ - 'if command -v xterm >/dev/null 2>&1; then' \ - ' exec xterm -fa Monospace -fs 14 -e sh -lc "exec ${EDITOR:-vi} '\''${HOME}/lesavka-paste-test.txt'\''"' \ - 'fi' \ - 'exit 0' \ - >"${home}/.local/bin/lesavka-test-launch.sh" - chmod 755 "${home}/.local/bin/lesavka-test-launch.sh" - - printf '%s\n' \ - '[Desktop Entry]' \ - 'Type=Application' \ - 'Version=1.0' \ - 'Name=Lesavka Paste Test' \ - 'Comment=Open a visible editor for Lesavka clipboard testing' \ - 'Exec=/home/lesavka-test/.local/bin/lesavka-test-launch.sh' \ - 'Terminal=false' \ - 'X-GNOME-Autostart-enabled=true' \ - >"${home}/.config/autostart/lesavka-test.desktop" - - chown -R "${username}:${username}" "${home}/.config" "${home}/.local" "${home}/lesavka-paste-test.txt" - EOS - - nsenter -t 1 -m -u -i -n -p -- systemctl restart sddm || \ - nsenter -t 1 -m -u -i -n -p -- systemctl restart display-manager - volumeMounts: - - name: host-root - mountPath: /host - volumes: - - name: host-root - hostPath: - path: /