Back to Templates
Google Compute Engine (Devcontainer)
By:
Provision a Devcontainer on Google Compute Engine instances as Coder workspaces
Source
README
Resources (2)
Variables (1)
Copy and paste the following into main.tf and run coder template push:
1terraform {
2 required_providers {
3 coder = {
4 source = "coder/coder"
5 }
6 google = {
7 source = "hashicorp/google"
8 }
9 }
10}
11
12provider "coder" {
13}
14
15variable "project_id" {
16 description = "Which Google Compute Project should your workspace live in?"
17}
18
19data "coder_parameter" "zone" {
20 name = "zone"
21 display_name = "Zone"
22 description = "Which zone should your workspace live in?"
23 type = "string"
24 icon = "/emojis/1f30e.png"
25 default = "us-central1-a"
26 mutable = false
27 option {
28 name = "North America (Northeast)"
29 value = "northamerica-northeast1-a"
30 icon = "/emojis/1f1fa-1f1f8.png"
31 }
32 option {
33 name = "North America (Central)"
34 value = "us-central1-a"
35 icon = "/emojis/1f1fa-1f1f8.png"
36 }
37 option {
38 name = "North America (West)"
39 value = "us-west2-c"
40 icon = "/emojis/1f1fa-1f1f8.png"
41 }
42 option {
43 name = "Europe (West)"
44 value = "europe-west4-b"
45 icon = "/emojis/1f1ea-1f1fa.png"
46 }
47 option {
48 name = "South America (East)"
49 value = "southamerica-east1-a"
50 icon = "/emojis/1f1e7-1f1f7.png"
51 }
52}
53
54provider "google" {
55 zone = data.coder_parameter.zone.value
56 project = var.project_id
57}
58
59data "google_compute_default_service_account" "default" {
60}
61
62data "coder_workspace" "me" {
63}
64data "coder_workspace_owner" "me" {}
65
66resource "google_compute_disk" "root" {
67 name = "coder-${data.coder_workspace.me.id}-root"
68 type = "pd-ssd"
69 image = "debian-cloud/debian-12"
70 lifecycle {
71 ignore_changes = [name, image]
72 }
73}
74
75data "coder_parameter" "repo_url" {
76 name = "repo_url"
77 display_name = "Repository URL"
78 default = "https://github.com/coder/envbuilder-starter-devcontainer"
79 description = "Repository URL"
80 mutable = true
81}
82
83resource "coder_agent" "dev" {
84 count = data.coder_workspace.me.start_count
85 arch = "amd64"
86 auth = "token"
87 os = "linux"
88 dir = "/workspaces/${trimsuffix(basename(data.coder_parameter.repo_url.value), ".git")}"
89 connection_timeout = 0
90
91 metadata {
92 key = "cpu"
93 display_name = "CPU Usage"
94 interval = 5
95 timeout = 5
96 script = "coder stat cpu"
97 }
98 metadata {
99 key = "memory"
100 display_name = "Memory Usage"
101 interval = 5
102 timeout = 5
103 script = "coder stat mem"
104 }
105 metadata {
106 key = "disk"
107 display_name = "Disk Usage"
108 interval = 5
109 timeout = 5
110 script = "coder stat disk"
111 }
112}
113
114module "code-server" {
115 count = data.coder_workspace.me.start_count
116 source = "https://registry.coder.com/modules/code-server"
117 agent_id = coder_agent.dev[0].id
118}
119
120resource "google_compute_instance" "vm" {
121 name = "coder-${lower(data.coder_workspace_owner.me.name)}-${lower(data.coder_workspace.me.name)}-root"
122 machine_type = "e2-medium"
123 # data.coder_workspace_owner.me.name == "default" is a workaround to suppress error in the terraform plan phase while creating a new workspace.
124 desired_status = (data.coder_workspace_owner.me.name == "default" || data.coder_workspace.me.start_count == 1) ? "RUNNING" : "TERMINATED"
125
126 network_interface {
127 network = "default"
128 access_config {
129 // Ephemeral public IP
130 }
131 }
132
133 boot_disk {
134 auto_delete = false
135 source = google_compute_disk.root.name
136 }
137
138 service_account {
139 email = data.google_compute_default_service_account.default.email
140 scopes = ["cloud-platform"]
141 }
142
143 metadata = {
144 # The startup script runs as root with no $HOME environment set up, so instead of directly
145 # running the agent init script, create a user (with a homedir, default shell and sudo
146 # permissions) and execute the init script as that user.
147 startup-script = <<-META
148 #!/usr/bin/env sh
149 set -eux
150
151 # If user does not exist, create it and set up passwordless sudo
152 if ! id -u "${local.linux_user}" >/dev/null 2>&1; then
153 useradd -m -s /bin/bash "${local.linux_user}"
154 echo "${local.linux_user} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/coder-user
155 fi
156
157 # Check for Docker, install if not present
158 if ! command -v docker &> /dev/null
159 then
160 echo "Docker not found, installing..."
161 curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh 2>&1 >/dev/null
162 sudo usermod -aG docker ${local.linux_user}
163 newgrp docker
164 else
165 echo "Docker is already installed."
166 fi
167 # Start envbuilder
168 docker run --rm \
169 -h ${lower(data.coder_workspace.me.name)} \
170 -v /home/${local.linux_user}/envbuilder:/workspaces \
171 -e CODER_AGENT_TOKEN="${try(coder_agent.dev[0].token, "")}" \
172 -e CODER_AGENT_URL="${data.coder_workspace.me.access_url}" \
173 -e GIT_URL="${data.coder_parameter.repo_url.value}" \
174 -e INIT_SCRIPT="echo ${base64encode(try(coder_agent.dev[0].init_script, ""))} | base64 -d | sh" \
175 -e FALLBACK_IMAGE="codercom/enterprise-base:ubuntu" \
176 ghcr.io/coder/envbuilder
177 META
178 }
179}
180
181locals {
182 # Ensure Coder username is a valid Linux username
183 linux_user = lower(substr(data.coder_workspace_owner.me.name, 0, 32))
184}
185
186resource "coder_metadata" "workspace_info" {
187 count = data.coder_workspace.me.start_count
188 resource_id = google_compute_instance.vm.id
189
190 item {
191 key = "type"
192 value = google_compute_instance.vm.machine_type
193 }
194
195 item {
196 key = "zone"
197 value = data.coder_parameter.zone.value
198 }
199}
200
201resource "coder_metadata" "home_info" {
202 resource_id = google_compute_disk.root.id
203
204 item {
205 key = "size"
206 value = "${google_compute_disk.root.size} GiB"
207 }
208}
209