tausq Posts - Answer Overflow

tausq

•Created by tausq on 5/11/2024 in #help

coder agent using token auth

Hi, I'm trying to start a coder agent using libvirt/KVM (not in a public cloud) and am having some challenges getting the coder agent to authenticate to my self-hosted coderd. In my terraform I use a remote-exec provisioner to do the init, like this:

resource "libvirt_domain" "domain-ubuntu" {
...
  provisioner "remote-exec" {
    inline = [
      "bash -c 'export CODER_AGENT_TOKEN=${nonsensitive(coder_agent.main.token)}; ${coder_agent.main.init_script}'"
    ]
  }
}

resource "libvirt_domain" "domain-ubuntu" {
...
  provisioner "remote-exec" {
    inline = [
      "bash -c 'export CODER_AGENT_TOKEN=${nonsensitive(coder_agent.main.token)}; ${coder_agent.main.init_script}'"
    ]
  }
}

I verified the token is correctly passed to the agent, but the agent gets 401 errors. Poking around in the db, the token is not populated in the workspace_agents table. Interestingly, if I kill the coder agent so that terraform apply completes, then I do see an entry getting added to workspace_agents with the right auth token, and manually doing a curl using that token works, so it looks like there is some sequencing issue here? What am I doing wrong?

11 replies

Gaming

Programming