Allow adding files and run commands to the VM

Author: joecorall

README.md

@@ -76,7 +76,9 @@ Deploy a docker compose project to a Google Cloud Compute Instance.
 | <a name="input_os"></a> [os](#input\_os) | The host OS to install on the GCP instance | `string` | `"cos-125-19216-104-25"` | no |
 | <a name="input_overlay_source_instance"></a> [overlay\_source\_instance](#input\_overlay\_source\_instance) | Name of production instance to get latest snapshot from (e.g., 'ojs-production'). Terraform will automatically use the most recent snapshot from this instance's data disk. Leave empty for production environments. | `string` | `""` | no |
 | <a name="input_region"></a> [region](#input\_region) | GCP region for resources | `string` | `"us-east5"` | no |
+| <a name="input_rootfs"></a> [rootfs](#input\_rootfs) | Path to additional rootfs files to copy into the VM. Files will be merged with the base rootfs. Example: '../platform/terraform/rootfs' | `string` | `""` | no |
 | <a name="input_run_snapshots"></a> [run\_snapshots](#input\_run\_snapshots) | Enable daily snapshots of the data disk (recommended for production). Last seven days of snapshots are available. Also weekly snapshots for past year. | `bool` | `false` | no |
+| <a name="input_runcmd"></a> [runcmd](#input\_runcmd) | Additional commands to run during cloud-init. Commands are executed after the main initialization. | `list(string)` | `[]` | no |
 | <a name="input_users"></a> [users](#input\_users) | Map of usernames to lists of SSH public keys. Users will be created with docker group membership. Example: { "alice" = ["ssh-rsa AAAA..."], "bob" = ["ssh-ed25519 AAAA...", "ssh-rsa BBBB..."] } | `map(list(string))` | `{}` | no |
 | <a name="input_volume_names"></a> [volume\_names](#input\_volume\_names) | List of docker volumes to overlay from production snapshot (e.g., ['compose\_ojs-public']). Production data is mounted read-only as lower layer, staging writes go to upper layer. | `list(string)` | `[]` | no |
 | <a name="input_zone"></a> [zone](#input\_zone) | GCP zone for resources | `string` | `"us-east5-b"` | no |

main.tf

@@ -17,13 +17,27 @@ provider "google" {
 resource "time_static" "snapshot_time_static" {}
 
 locals {
-  rootFs = "${path.module}/rootfs"
+  rootFs            = "${path.module}/rootfs"
+  additional_rootfs = var.rootfs != "" ? var.rootfs : ""
+
+  # Get files from base rootfs
+  base_files = fileset(local.rootFs, "**")
+
+  # Get files from additional rootfs if path is provided
+  additional_files = local.additional_rootfs != "" ? fileset(local.additional_rootfs, "**") : []
+
+  # Combine both file sets (additional files will override base files with same path)
+  all_files = merge(
+    { for file in local.base_files : file => "${local.rootFs}/${file}" },
+    { for file in local.additional_files : file => "${local.additional_rootfs}/${file}" }
+  )
+
   write_files_content = join("\n", [
-    for file in fileset(local.rootFs, "**") : <<-EOT
-      - path: "/${replace(file, "${local.rootFs}/", "")}"
+    for file, fullpath in local.all_files : <<-EOT
+      - path: "/${file}"
         permissions: "0644"
         content: |
-          ${indent(4, file("${local.rootFs}/${file}"))}
+          ${indent(4, file(fullpath))}
 EOT
   ])
   docker_compose_scripts = join("\n", [
@@ -67,6 +81,7 @@ EOT
     USE_OVERLAY            = local.use_overlay,
     DOCKER_VOLUME_OVERLAYS = var.volume_names,
     SSH_USERS              = var.users,
+    ADDITIONAL_RUNCMD      = var.runcmd,
   })
 
   # have prod snapshot begin ten minutes after the initial run

templates/cloud-init.yml

@@ -39,3 +39,6 @@ runcmd:
 %{ for VOLUME in DOCKER_VOLUME_OVERLAYS ~}
 - bash /home/cloud-compose/overlay-init.sh "${VOLUME}" >> /home/cloud-compose/run.log 2>&1
 %{ endfor ~}
+%{ for CMD in ADDITIONAL_RUNCMD ~}
+- ${CMD}
+%{ endfor ~}

variables.tf

@@ -134,3 +134,16 @@ variable "users" {
   default     = {}
   description = "Map of usernames to lists of SSH public keys. Users will be created with docker group membership. Example: { \"alice\" = [\"ssh-rsa AAAA...\"], \"bob\" = [\"ssh-ed25519 AAAA...\", \"ssh-rsa BBBB...\"] }"
 }
+
+variable "rootfs" {
+  type        = string
+  default     = ""
+  description = "Path to additional rootfs files to copy into the VM. Files will be merged with the base rootfs. Example: '/path/to/custom/rootfs'"
+}
+
+variable "runcmd" {
+  type        = list(string)
+  default     = []
+  description = "Additional commands to run during cloud-init. Commands are executed after the main initialization."
+}
+