tausq
tausq
CCoder.com
Created by tausq on 5/11/2024 in #help
coder agent using token auth
Hi, I'm trying to start a coder agent using libvirt/KVM (not in a public cloud) and am having some challenges getting the coder agent to authenticate to my self-hosted coderd. In my terraform I use a remote-exec provisioner to do the init, like this:
resource "libvirt_domain" "domain-ubuntu" {
...
provisioner "remote-exec" {
inline = [
"bash -c 'export CODER_AGENT_TOKEN=${nonsensitive(coder_agent.main.token)}; ${coder_agent.main.init_script}'"
]
}
}
resource "libvirt_domain" "domain-ubuntu" {
...
provisioner "remote-exec" {
inline = [
"bash -c 'export CODER_AGENT_TOKEN=${nonsensitive(coder_agent.main.token)}; ${coder_agent.main.init_script}'"
]
}
}
I verified the token is correctly passed to the agent, but the agent gets 401 errors. Poking around in the db, the token is not populated in the workspace_agents table. Interestingly, if I kill the coder agent so that terraform apply completes, then I do see an entry getting added to workspace_agents with the right auth token, and manually doing a curl using that token works, so it looks like there is some sequencing issue here? What am I doing wrong?
11 replies