MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-03-25 21:41:12 -07:00
Code Issues Packages Projects Releases Wiki Activity

feat(offload): implement internal-only network architecture and disable external IPs

Browse Source
This commit is contained in:
mkorwel
2026-03-15 13:18:15 -07:00
parent 7b9a8294ee
commit bb36fc4486
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gemini/skills/offload/scripts/fleet.ts
View File

@@ -6,6 +6,7 @@
import { spawnSync } from 'child_process';
import path from 'path';
import fs from 'fs';
import os from 'os';
const PROJECT_ID = 'gemini-cli-team-quota';
const USER = process.env.USER || 'mattkorwel';
@@ -80,6 +81,7 @@ runcmd:
'--metadata', `enable-oslogin=TRUE${sshKeyMetadata ? `,ssh-keys=${sshKeyMetadata}` : ''}`,
'--labels', `owner=${USER.replace(/[^a-z0-9_-]/g, '_')},type=offload-worker`,
'--tags', `gcli-offload-${USER}`,
'--network-interface', 'network-tier=PREMIUM,no-address',
'--scopes', 'https://www.googleapis.com/auth/cloud-platform'
], { stdio: 'inherit' });

8
.gemini/skills/offload/scripts/setup.ts
View File

@@ -42,7 +42,7 @@ export async function runSetup(env: NodeJS.ProcessEnv = process.env) {
const useContainer = await confirm('Use Container-Native mode (Container-Optimized OS)?');
console.log(`🔍 Verifying access and finding worker ${targetVM}...`);
const statusCheck = spawnSync(`gcloud compute instances describe ${targetVM} --project ${projectId} --zone ${zone} --format="json(status,networkInterfaces[0].accessConfigs[0].natIP)"`, { shell: true });
const statusCheck = spawnSync(`gcloud compute instances describe ${targetVM} --project ${projectId} --zone ${zone} --format="json(status,networkInterfaces[0].networkIP)"`, { shell: true });
let instanceData: any;
try {
@@ -55,7 +55,7 @@ export async function runSetup(env: NodeJS.ProcessEnv = process.env) {
}
const status = instanceData.status;
const publicIp = instanceData.networkInterfaces[0].accessConfigs[0].natIP;
const internalIp = instanceData.networkInterfaces[0].networkIP;
if (status !== 'RUNNING') {
console.log(`⚠️ Worker is ${status}. Starting it for initialization...`);
@@ -63,12 +63,12 @@ export async function runSetup(env: NodeJS.ProcessEnv = process.env) {
}
// 1. Configure Fast-Path SSH Alias
console.log(`\n🚀 Configuring Fast-Path SSH Alias...`);
console.log(`\n🚀 Configuring Fast-Path SSH Alias (Internal IP)...`);
const sshAlias = 'gcli-worker';
const sshConfigPath = path.join(os.homedir(), '.ssh/config');
const sshEntry = `
Host ${sshAlias}
HostName ${publicIp}
HostName ${internalIp}
IdentityFile ~/.ssh/google_compute_engine
User ${env.USER || 'mattkorwel'}_google_com
CheckHostIP no