Add workspace templates with git identity configuration

- Add basic-ubuntu.json: Ubuntu Noble with networking helpers - Add residential.json: Ubuntu with Tailscale for exit node routing - Both templates install git and configure identity as "Thomas Marchand (agent) <agent@thomas.md>"
2026-01-11 18:04:13 +00:00
parent 6bd3151d38
commit d673fa9824
2 changed files with 22 additions and 0 deletions
--- a/workspace-template/basic-ubuntu.json
+++ b/workspace-template/basic-ubuntu.json
@@ -0,0 +1,8 @@
+{
+  "name": "basic-ubuntu",
+  "description": "Ubuntu workspace with networking helpers for container environments.",
+  "distro": "ubuntu-noble",
+  "skills": [],
+  "env_vars": {},
+  "init_script": "#!/usr/bin/env bash\nset -euo pipefail\n\nexport DEBIAN_FRONTEND=noninteractive\n\nif command -v apt-get >/dev/null 2>&1; then\n  apt-get update\n  apt-get install -y --no-install-recommends ca-certificates curl iproute2 iptables busybox git\n  git config --global user.name \"Thomas Marchand (agent)\"\n  git config --global user.email \"agent@thomas.md\"\nfi\n\nif command -v busybox >/dev/null 2>&1; then\n  ln -sf \"$(command -v busybox)\" /usr/local/bin/udhcpc\n  ln -sf \"$(command -v busybox)\" /usr/local/bin/udhcpc6\nfi\n\ncat >/usr/local/bin/openagent-udhcpc-script <<'EOF'\n#!/bin/sh\nset -eu\n\nmask2cidr() {\n  local nbits=0 IFS=.\n  for dec in $1; do\n    case $dec in\n      255) nbits=$((nbits+8));;\n      254) nbits=$((nbits+7));;\n      252) nbits=$((nbits+6));;\n      248) nbits=$((nbits+5));;\n      240) nbits=$((nbits+4));;\n      224) nbits=$((nbits+3));;\n      192) nbits=$((nbits+2));;\n      128) nbits=$((nbits+1));;\n      0) ;;\n    esac\n  done\n  echo \"$nbits\"\n}\n\ncase \"$1\" in\n  deconfig)\n    ip addr flush dev \"$interface\" || true\n    ;;\n  bound|renew)\n    ip addr flush dev \"$interface\" || true\n    mask_val=${subnet:-${mask:-255.255.255.0}}\n    cidr=$(mask2cidr \"$mask_val\")\n    ip addr add \"$ip/$cidr\" dev \"$interface\"\n    gateway=${router%% *}\n    if [ -z \"$gateway\" ]; then\n      gateway=10.88.0.1\n    fi\n    ip route replace default via \"$gateway\" dev \"$interface\"\n    if [ -n \"${dns:-}\" ]; then\n      printf \"nameserver %s\n\" $dns > /etc/resolv.conf\n    fi\n    ;;\n esac\nEOF\nchmod +x /usr/local/bin/openagent-udhcpc-script\n\n# Helper to bring up host0 networking (veth) with DHCP + sane DNS\ncat >/usr/local/bin/openagent-network-up <<'EOF'\n#!/usr/bin/env bash\nset -euo pipefail\n\nif ip link show host0 >/dev/null 2>&1; then\n  ip link set host0 up\n  if command -v udhcpc >/dev/null 2>&1; then\n    udhcpc -s /usr/local/bin/openagent-udhcpc-script -i host0 -q -n || true\n  elif command -v busybox >/dev/null 2>&1; then\n    busybox udhcpc -s /usr/local/bin/openagent-udhcpc-script -i host0 -q -n || true\n  fi\nfi\n\nprintf \"nameserver 1.1.1.1\nnameserver 8.8.8.8\n\" >/etc/resolv.conf\nEOF\nchmod +x /usr/local/bin/openagent-network-up\n"
+}
--- a/workspace-template/residential.json
+++ b/workspace-template/residential.json
@@ -0,0 +1,14 @@
+{
+  "name": "residential",
+  "description": "Ubuntu workspace with Tailscale installed and helper scripts to route traffic via a Tailscale exit node.",
+  "distro": "ubuntu-noble",
+  "skills": [],
+  "env_vars": {
+    "TS_AUTHKEY": "",
+    "TS_EXIT_NODE": "",
+    "TS_ACCEPT_DNS": "true",
+    "TS_EXIT_NODE_ALLOW_LAN": "false",
+    "TS_STATE_DIR": "/var/lib/tailscale"
+  },
+  "init_script": "#!/usr/bin/env bash\nset -euo pipefail\n\nexport DEBIAN_FRONTEND=noninteractive\n\nif command -v apt-get >/dev/null 2>&1; then\n  apt-get update\n  apt-get install -y --no-install-recommends ca-certificates curl iproute2 iptables busybox git\n  git config --global user.name \"Thomas Marchand (agent)\"\n  git config --global user.email \"agent@thomas.md\"\nfi\n\nif command -v busybox >/dev/null 2>&1; then\n  ln -sf \"$(command -v busybox)\" /usr/local/bin/udhcpc\n  ln -sf \"$(command -v busybox)\" /usr/local/bin/udhcpc6\nfi\n\ncat >/usr/local/bin/openagent-udhcpc-script <<'EOF'\n#!/bin/sh\nset -eu\n\nmask2cidr() {\n  local nbits=0 IFS=.\n  for dec in $1; do\n    case $dec in\n      255) nbits=$((nbits+8));;\n      254) nbits=$((nbits+7));;\n      252) nbits=$((nbits+6));;\n      248) nbits=$((nbits+5));;\n      240) nbits=$((nbits+4));;\n      224) nbits=$((nbits+3));;\n      192) nbits=$((nbits+2));;\n      128) nbits=$((nbits+1));;\n      0) ;;\n    esac\n  done\n  echo \"$nbits\"\n}\n\ncase \"$1\" in\n  deconfig)\n    ip addr flush dev \"$interface\" || true\n    ;;\n  bound|renew)\n    ip addr flush dev \"$interface\" || true\n    mask_val=${subnet:-${mask:-255.255.255.0}}\n    cidr=$(mask2cidr \"$mask_val\")\n    ip addr add \"$ip/$cidr\" dev \"$interface\"\n    gateway=${router%% *}\n    if [ -z \"$gateway\" ]; then\n      gateway=10.88.0.1\n    fi\n    ip route replace default via \"$gateway\" dev \"$interface\"\n    if [ -n \"${dns:-}\" ]; then\n      printf \"nameserver %s\n\" $dns > /etc/resolv.conf\n    fi\n    ;;\n esac\nEOF\nchmod +x /usr/local/bin/openagent-udhcpc-script\n\n# Install Tailscale\nif ! command -v tailscale >/dev/null 2>&1; then\n  curl -fsSL https://tailscale.com/install.sh | sh\nfi\n\n# Ensure runtime directories exist\nmkdir -p /var/lib/tailscale /run/tailscale\n\n# Helper to bring up host0 networking (veth) with DHCP + sane DNS\ncat >/usr/local/bin/openagent-network-up <<'EOF'\n#!/usr/bin/env bash\nset -euo pipefail\n\nif ip link show host0 >/dev/null 2>&1; then\n  ip link set host0 up\n  if command -v udhcpc >/dev/null 2>&1; then\n    udhcpc -s /usr/local/bin/openagent-udhcpc-script -i host0 -q -n || true\n  elif command -v busybox >/dev/null 2>&1; then\n    busybox udhcpc -s /usr/local/bin/openagent-udhcpc-script -i host0 -q -n || true\n  fi\nfi\n\nprintf \"nameserver 1.1.1.1\nnameserver 8.8.8.8\n\" >/etc/resolv.conf\nEOF\nchmod +x /usr/local/bin/openagent-network-up\n\n# Helper to bring up Tailscale with an exit node\ncat >/usr/local/bin/openagent-tailscale-up <<'EOF'\n#!/usr/bin/env bash\nset -euo pipefail\n\n: \"${TS_AUTHKEY:?TS_AUTHKEY not set}\"\n: \"${TS_EXIT_NODE:?TS_EXIT_NODE not set}\"\n\nTS_STATE_DIR=\"${TS_STATE_DIR:-/var/lib/tailscale}\"\nTS_SOCKET=\"${TS_SOCKET:-/run/tailscale/tailscaled.sock}\"\nTS_ACCEPT_DNS=\"${TS_ACCEPT_DNS:-true}\"\nTS_EXIT_NODE_ALLOW_LAN=\"${TS_EXIT_NODE_ALLOW_LAN:-false}\"\n\n/usr/local/bin/openagent-network-up >/dev/null 2>&1 || true\nmkdir -p \"$TS_STATE_DIR\" /run/tailscale\n\nif ! pgrep -f \"tailscaled\" >/dev/null 2>&1; then\n  tailscaled --state=\"${TS_STATE_DIR}/tailscaled.state\" --socket=\"$TS_SOCKET\" &\n  sleep 2\nfi\n\ntailscale up   --authkey \"${TS_AUTHKEY}\"   --exit-node \"${TS_EXIT_NODE}\"   --exit-node-allow-lan-access=\"${TS_EXIT_NODE_ALLOW_LAN}\"   --accept-dns=\"${TS_ACCEPT_DNS}\"\nEOF\nchmod +x /usr/local/bin/openagent-tailscale-up\n\n# Helper to verify exit node routing\ncat >/usr/local/bin/openagent-tailscale-check <<'EOF'\n#!/usr/bin/env bash\nset -euo pipefail\n\ntailscale status || true\nprintf \"Public IP: \"\n(curl -fsSL https://api.ipify.org || curl -fsSL https://ifconfig.me || true) && echo\nEOF\nchmod +x /usr/local/bin/openagent-tailscale-check\n"
+}