added s3 config inside of the vm

Author: Rene Schönfelder

modules/cloud-init/simple-setup-init.tftpl

@@ -39,3 +39,29 @@ runcmd:
 - chmod a+w ${shared_filesystem_mount}
 - echo "filesystem-0 ${shared_filesystem_mount} virtiofs rw 0 0" >> /etc/fstab
 %{endif}
+
+# install s3 access
+
+- snap install aws-cli --classic
+
+%{ for user in users}
+- mkdir -p /home/${user.user_name}/.aws
+- echo "[default]" > /home/${user.user_name}/.aws/credentials
+- echo "aws_access_key_id=${aws_access_key_id}" >> /home/${user.user_name}/.aws/credentials
+- echo "aws_secret_access_key=${aws_secret_access_key}" >> /home/${user.user_name}/.aws/credentials
+- echo "[default]" > /home/${user.user_name}/.aws/config
+- echo "endpoint_url = https://storage.eu-north1.nebius.cloud:443" >> /home/${user.user_name}/.aws/config
+- echo "region = eu-north1" >> /home/${user.user_name}/.aws/config
+- chown -R ${user.user_name}:${user.user_name} /home/${user.user_name}/.aws
+- chmod 600 /home/${user.user_name}/.aws/credentials
+%{ endfor }
+
+- mkdir -p /root/.aws
+- echo "[default]" > /root/.aws/credentials
+- echo "aws_access_key_id=${aws_access_key_id}" >> /root/.aws/credentials
+- echo "aws_secret_access_key=${aws_secret_access_key}" >> /root/.aws/credentials
+- echo "[default]" > /root/.aws/config
+- echo "endpoint_url = https://storage.eu-north1.nebius.cloud:443" >> /root/.aws/config
+- echo "region = eu-north1" >> /root/.aws/config
+
+

modules/instance/locals.tf

@@ -39,6 +39,7 @@ locals {
     extra_disk_id    = local.extra_disk_id
     state         = terraform.workspace
     users         = local.users
+
   })
   # current_region_defaults = local.regions_default[var.region]
   #

modules/instance/main.tf

@@ -65,11 +65,15 @@ resource "nebius_compute_v1_instance" "instance" {
     extra_path       = local.extra_path,
     extra_disk_id    = local.extra_disk_id,
     shared_filesystem_id = var.shared_filesystem_id,
-    shared_filesystem_mount = var.shared_filesystem_mount
+    shared_filesystem_mount = var.shared_filesystem_mount,
+    aws_access_key_id = var.aws_access_key_id,
+    aws_secret_access_key = var.aws_secret_access_key
   })
 }
 
 resource "local_file" "cloud_init_variables_log" {
   content  = local.cloud_init_log
   filename = "${path.module}/cloud-init-variables.log"
+
+
 }

modules/instance/variables.tf

@@ -97,3 +97,25 @@ variable "public_ip" {
   default = true
   description = "attach a public ip to the vm if true"
 }
+variable "mount_bucket" {
+  type = string
+  description = "name of a bucket that should be mounted into fs"
+  default = ""
+}
+
+variable "s3_mount_path" {
+  type = string
+  description = "mountpoint for s3 mount"
+  default = "/mnt/s3"
+}
+variable "aws_access_key_id" {
+  type = string
+  description = "S3 access key"
+  default = ""
+}
+
+variable "aws_secret_access_key" {
+  type = string
+  description = "S3 access key"
+  default = ""
+}

simple-solutions/ssh_keys.sh simple-solutions/s3_keys.shsimple-solutions/ssh_keys.sh renamed to simple-solutions/s3_keys.sh

@@ -1,5 +1,5 @@
-NEBIUS_TENANT_ID=''
-NEBIUS_PROJECT_ID=''
+NEBIUS_TENANT_ID='tenant-e00f3wdfzwfjgbcyfv'
+NEBIUS_PROJECT_ID='project-e00z6b02t8ddk96c49'
 
 if [ -z "${NEBIUS_TENANT_ID}" ]; then
   echo "Error: NEBIUS_TENANT_ID is not set"

simple-solutions/vm-instance/.envrc.sh

@@ -225,10 +225,10 @@ DATE_FORMAT='+%Y-%m-%dT%H:%M:%SZ'
 
 if [[ "$(uname)" == "Darwin" ]]; then
   # macOS
-  EXPIRATION_DATE=$(date -v +1d "${DATE_FORMAT}")
+  EXPIRATION_DATE=$(date -v +14d "${DATE_FORMAT}")
 else
   # Linux (assumes GNU date)
-  EXPIRATION_DATE=$(date -d '+1 day' "${DATE_FORMAT}")
+  EXPIRATION_DATE=$(date -d '+14 day' "${DATE_FORMAT}")
 fi
 
 echo 'Creating new access key for Object Storage'
@@ -280,6 +280,20 @@ else
   echo "Using existing bucket: ${NEBIUS_BUCKET_NAME}"
 fi
 
+aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
+aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
+aws configure set region eu-north1
+aws configure set endpoint_url https://storage.eu-north1.nebius.cloud:443
+mkdir -p ./.aws
+echo "[default]" > ./.aws/credentials
+echo "aws_access_key_id = $AWS_ACCESS_KEY_ID" >> ./.aws/credentials
+echo "aws_secret_access_key = $AWS_SECRET_ACCESS_KEY" >> ./.aws/credentials
+echo "[default]" > ./.aws/config
+echo "region = eu-north1" >> ./.aws/config
+echo "endpoint_url = https://storage.eu-north1.nebius.cloud:443" >> ./.aws/config
+export TF_VAR_aws_access_key_id=$AWS_ACCESS_KEY_ID
+export TF_VAR_aws_secret_access_key=$AWS_SECRET_ACCESS_KEY
+
 # endregion Bucket
 
 # region Backend override

simple-solutions/vm-instance/main.tf

@@ -17,4 +17,8 @@ module "instance-module" {
   add_extra_storage = var.add_extra_storage
   extra_storage_size_gb = var.extra_storage_size_gb
   public_ip = var.public_ip
+  mount_bucket = var.mount_bucket
+  s3_mount_path = var.s3_mount_path
+  aws_access_key_id = var.aws_access_key_id
+  aws_secret_access_key = var.aws_secret_access_key
 }

simple-solutions/vm-instance/terraform.tfvars

@@ -24,3 +24,4 @@ public_ip = true
 instance_count = 1
 
 shared_filesystem_id = ""
+mount_bucket = "renes-bucket"

simple-solutions/vm-instance/variables.tf

@@ -90,3 +90,27 @@ variable "public_ip" {
   default = true
   description = "attach a public ip to the vm if true"
 }
+
+variable "mount_bucket" {
+  type = string
+  description = "name of a bucket that should be mounted into fs"
+  default = ""
+}
+
+variable "s3_mount_path" {
+  type = string
+  description = "mountpoint for s3 mount"
+  default = "/mnt/s3"
+}
+
+variable "aws_access_key_id" {
+  type = string
+  description = "S3 access key"
+  default = ""
+}
+
+variable "aws_secret_access_key" {
+  type = string
+  description = "S3 access key"
+  default = ""
+}