A Terraform-based project for provisioning and managing a remote development virtual machine in Google Cloud Platform with ARM64 architecture.
MyDevMachine creates a consistent, reproducible, and secure ARM64-based development environment that can be accessed remotely. It provisions a Google Compute Engine VM with the following features:
- ARM64 Architecture: Ampere Altra CPU for ARM64 development and testing
- Development Tools: VSCode, Google Cloud SDK, and modern terminal emulators
- Remote Access: SSH with X11 forwarding and VNC with desktop environment
- Security: IP-based access restrictions through firewall rules
- Terraform CLI (v1.8.2+)
- Google Cloud SDK
- GCP account with appropriate permissions
- Authentication to GCP (
gcloud auth application-default login) - GCP project configured (
gcloud config set project your-project-id)
-
Clone this repository:
git clone https://github.com/yourusername/mydevmachine.git cd mydevmachine -
Update the
main.tffile with your GCP project ID and authorized IP addresses:project = "your-gcp-project-id"
And in the firewall rule:
source_ranges = [ "your-ip-address/32", ]
-
Initialize Terraform:
terraform init
-
Plan the deployment:
terraform plan
-
Apply the configuration:
terraform apply
-
After deployment, note the VM's external IP address from the output:
external_ip_address = "XX.XX.XX.XX"
ssh -X username@VM_IP-
Create an SSH tunnel:
ssh -L 5901:localhost:5901 username@VM_IP
-
Connect your VNC client to
localhost:5901 -
Use the default password:
development(change this after first login)
For comprehensive documentation, please refer to the Memory Bank directory, which contains detailed information about:
- Project purpose and requirements
- System architecture and design patterns
- Technical details and constraints
- Security model and best practices
- Access procedures and troubleshooting
- Current status and future plans
myDevMachine/
├── main.tf # Main Terraform configuration
├── terraform.tfstate # Terraform state file
├── terraform.tfstate.backup # Terraform state backup
├── .terraform.lock.hcl # Terraform provider lock file
├── memory-bank/ # Comprehensive project documentation
├── update-ip.sh # Script to update allowed IP addresses
├── change-vnc-password.sh # Helper script for changing VNC password
├── create-vnc-tunnel.sh # Script to create SSH tunnels for VNC
└── README.md # This file
The project includes several utility scripts to simplify common tasks:
Updates the allowed IP addresses in the firewall rules to grant access from your current location.
# Run with automatic IP detection
./update-ip.sh
# Specify an IP address
./update-ip.sh --ip 192.168.1.1/32
# Check current allowed IPs
./update-ip.sh --checkGuides you through the process of changing the VNC password on the VM.
# Run with interactive prompts
./change-vnc-password.sh
# Specify VM IP and username
./change-vnc-password.sh --ip 34.58.231.218 --user myusernameCreates a secure SSH tunnel for VNC access to the VM.
# Run with interactive prompts
./create-vnc-tunnel.sh
# Specify VM IP and username
./create-vnc-tunnel.sh --ip 34.58.231.218 --user myusername
# Use custom ports
./create-vnc-tunnel.sh --ip 34.58.231.218 --user myusername --port 5902 --remote 5902- The default VNC password should be changed immediately after first login
- Firewall rules restrict access to specific IP addresses
- Use SSH tunneling for secure VNC connections
- Regularly update the allowed IP addresses in the firewall rules
- Update the Memory Bank documentation when making changes
- Follow Infrastructure as Code best practices
- Test changes thoroughly before applying to production
- Document any new features or configuration options
This project is licensed under the MIT License - see the LICENSE file for details.