|
| 1 | +#!/bin/bash -e |
| 2 | +################################################################################ |
| 3 | +## File: configure-environment.sh |
| 4 | +## Desc: Configure system and environment |
| 5 | +################################################################################ |
| 6 | +# Source the helpers for use with the script |
| 7 | +# shellcheck disable=SC1091 |
| 8 | +source "$HELPER_SCRIPTS"/os.sh |
| 9 | +source "$HELPER_SCRIPTS"/etc-environment.sh |
| 10 | + |
| 11 | +# Set ImageVersion and ImageOS env variables |
| 12 | +set_etc_environment_variable "ImageVersion" "${IMAGE_VERSION}" |
| 13 | +set_etc_environment_variable "ImageOS" "${IMAGE_OS}" |
| 14 | + |
| 15 | +# Set the ACCEPT_EULA variable to Y value to confirm your acceptance of the End-User Licensing Agreement |
| 16 | +set_etc_environment_variable "ACCEPT_EULA" "Y" |
| 17 | + |
| 18 | +# This directory is supposed to be created in $HOME and owned by user(https://github.com/actions/runner-images/issues/491) |
| 19 | +mkdir -p /etc/skel/.config/configstore |
| 20 | +# shellcheck disable=SC2016 |
| 21 | +set_etc_environment_variable "XDG_CONFIG_HOME" '$HOME/.config' |
| 22 | + |
| 23 | +# Change waagent entries to use /mnt for swap file |
| 24 | +# sed -i 's/ResourceDisk.Format=n/ResourceDisk.Format=y/g' /etc/waagent.conf |
| 25 | +# sed -i 's/ResourceDisk.EnableSwap=n/ResourceDisk.EnableSwap=y/g' /etc/waagent.conf |
| 26 | +# sed -i 's/ResourceDisk.SwapSizeMB=0/ResourceDisk.SwapSizeMB=4096/g' /etc/waagent.conf |
| 27 | + |
| 28 | +# Add localhost alias to ::1 IPv6 |
| 29 | +sed -i 's/::1 ip6-localhost ip6-loopback/::1 localhost ip6-localhost ip6-loopback/g' /etc/hosts |
| 30 | + |
| 31 | +# Prepare directory and env variable for toolcache |
| 32 | +AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache |
| 33 | +mkdir -p $AGENT_TOOLSDIRECTORY && echo "Directory created." || echo "Directory already exists." |
| 34 | +set_etc_environment_variable "AGENT_TOOLSDIRECTORY" "${AGENT_TOOLSDIRECTORY}" |
| 35 | +set_etc_environment_variable "RUNNER_TOOL_CACHE" "${AGENT_TOOLSDIRECTORY}" |
| 36 | +chmod -R 777 $AGENT_TOOLSDIRECTORY |
| 37 | + |
| 38 | +# https://github.com/orgs/community/discussions/47563 |
| 39 | +echo 'net.ipv6.conf.all.disable_ipv6=1' | tee -a /etc/sysctl.conf |
| 40 | +echo 'net.ipv6.conf.default.disable_ipv6=1' | tee -a /etc/sysctl.conf |
| 41 | +echo 'net.ipv6.conf.lo.disable_ipv6=1' | tee -a /etc/sysctl.conf |
| 42 | + |
| 43 | +# https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html |
| 44 | +# https://www.suse.com/support/kb/doc/?id=000016692 |
| 45 | +echo 'vm.max_map_count=262144' | tee -a /etc/sysctl.conf |
| 46 | + |
| 47 | +# https://kind.sigs.k8s.io/docs/user/known-issues/#pod-errors-due-to-too-many-open-files |
| 48 | +echo 'fs.inotify.max_user_watches=655360' | tee -a /etc/sysctl.conf |
| 49 | +echo 'fs.inotify.max_user_instances=1280' | tee -a /etc/sysctl.conf |
| 50 | + |
| 51 | +# https://github.com/actions/runner-images/issues/9491 |
| 52 | +echo 'vm.mmap_rnd_bits=28' | tee -a /etc/sysctl.conf |
| 53 | + |
| 54 | +# https://github.com/actions/runner-images/pull/7860 |
| 55 | +netfilter_rule='/etc/udev/rules.d/50-netfilter.rules' |
| 56 | +rules_directory="$(dirname "${netfilter_rule}")" |
| 57 | +mkdir -p "$rules_directory" |
| 58 | +touch $netfilter_rule |
| 59 | +echo 'ACTION=="add", SUBSYSTEM=="module", KERNEL=="nf_conntrack", RUN+="/usr/sbin/sysctl net.netfilter.nf_conntrack_tcp_be_liberal=1"' | tee -a $netfilter_rule |
0 commit comments