More keyring updates
This commit is contained in:
parent
cb72e7c94c
commit
9f72a71e5b
12
Dockerfile
12
Dockerfile
@ -35,28 +35,28 @@ RUN \
|
|||||||
| jq '.version' -r); \
|
| jq '.version' -r); \
|
||||||
fi && \
|
fi && \
|
||||||
if [ -z ${CLI_RELEASE+x} ]; then \
|
if [ -z ${CLI_RELEASE+x} ]; then \
|
||||||
CLI_RELEASE=$(curl -sLX GET "https://vscodeserverlauncher.blob.core.windows.net/builds/latest" \
|
CLI_RELEASE=$(curl -sLX GET "https://vscodeserverlauncher.blob.core.windows.net/builds/latest" \
|
||||||
| jq '.version' -r); \
|
| jq '.version' -r); \
|
||||||
fi && \
|
fi && \
|
||||||
mkdir -p /usr/local/bin && \
|
mkdir -p /usr/local/bin && \
|
||||||
mkdir -p /app/vscode-server/server-insiders-web/bin/${CODE_RELEASE} && \
|
mkdir -p /app/vscode-server/server-insiders-web/bin/${CODE_RELEASE} && \
|
||||||
mkdir -p /app/vscode-server/server-insiders/bin/${CODE_RELEASE} && \
|
mkdir -p /app/vscode-server/server-insiders/bin/${CODE_RELEASE} && \
|
||||||
curl -o \
|
curl -o \
|
||||||
/usr/local/bin/code-server -L \
|
/usr/local/bin/code-server -L \
|
||||||
"https://vscodeserverlauncher.blob.core.windows.net/builds/${CLI_RELEASE}/x86_64-unknown-linux-gnu/x86_64-unknown-linux-gnu" && \
|
"https://vscodeserverlauncher.blob.core.windows.net/builds/${CLI_RELEASE}/x86_64-unknown-linux-gnu/x86_64-unknown-linux-gnu" && \
|
||||||
chmod +x /usr/local/bin/code-server && \
|
chmod +x /usr/local/bin/code-server && \
|
||||||
curl -o \
|
curl -o \
|
||||||
/tmp/vscode-server-web.tar.gz -L \
|
/tmp/vscode-server-web.tar.gz -L \
|
||||||
"https://az764295.vo.msecnd.net/insider/${CODE_RELEASE}/vscode-server-linux-x64-web.tar.gz" && \
|
"https://az764295.vo.msecnd.net/insider/${CODE_RELEASE}/vscode-server-linux-x64-web.tar.gz" && \
|
||||||
tar xf \
|
tar xf \
|
||||||
/tmp/vscode-server-web.tar.gz -C \
|
/tmp/vscode-server-web.tar.gz -C \
|
||||||
/app/vscode-server/server-insiders-web/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
/app/vscode-server/server-insiders-web/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
||||||
curl -o \
|
curl -o \
|
||||||
/tmp/vscode-server.tar.gz -L \
|
/tmp/vscode-server.tar.gz -L \
|
||||||
"https://az764295.vo.msecnd.net/insider/${CODE_RELEASE}/vscode-server-linux-x64.tar.gz" && \
|
"https://az764295.vo.msecnd.net/insider/${CODE_RELEASE}/vscode-server-linux-x64.tar.gz" && \
|
||||||
tar xf \
|
tar xf \
|
||||||
/tmp/vscode-server.tar.gz -C \
|
/tmp/vscode-server.tar.gz -C \
|
||||||
/app/vscode-server/server-insiders/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
/app/vscode-server/server-insiders/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
||||||
echo "**** clean up ****" && \
|
echo "**** clean up ****" && \
|
||||||
apt-get clean && \
|
apt-get clean && \
|
||||||
rm -rf \
|
rm -rf \
|
||||||
|
@ -54,6 +54,8 @@ app_setup_block: |
|
|||||||
|
|
||||||
If `RUN_MODE` is set to either `web` or `server`, it only starts that component, if not specified, it runs both.
|
If `RUN_MODE` is set to either `web` or `server`, it only starts that component, if not specified, it runs both.
|
||||||
|
|
||||||
|
TODO: NOTE ABOUT SPACE FOR MULTIPLE VERSIONS
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# changelog
|
# changelog
|
||||||
|
@ -3,12 +3,29 @@
|
|||||||
|
|
||||||
mkdir -p /config/.local/share/keyrings
|
mkdir -p /config/.local/share/keyrings
|
||||||
|
|
||||||
if [ -f /etc/machine-id ]; then
|
if [ ! -f /var/lib/dbus/machine-id ]; then
|
||||||
dbus-uuidgen --ensure
|
dbus-uuidgen --ensure
|
||||||
sleep 1
|
sleep 1
|
||||||
|
cp "/var/lib/dbus/machine-id" "/config/.local/machine-id"
|
||||||
|
[[ -f "/var/lib/dbus/machine-id" ]] && rm "/var/lib/dbus/machine-id"
|
||||||
|
[[ -f "/etc/machine-id" ]] && rm "/etc/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -f /config/.local/machine-id ]; then
|
||||||
|
cp "/var/lib/dbus/machine-id" "/config/.local/machine-id"
|
||||||
|
rm "/var/lib/dbus/machine-id" "/etc/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ ! -L "/var/lib/dbus/machine-id" ]]; then
|
||||||
|
[[ -f "/var/lib/dbus/machine-id" ]] && rm "/var/lib/dbus/machine-id"
|
||||||
|
ln -s "/config/.local/machine-id" "/var/lib/dbus/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ ! -L "/etc/machine-id" ]]; then
|
||||||
|
[[ -f "/etc/machine-id" ]] && rm "/etc/machine-id"
|
||||||
|
ln -s "/config/.local/machine-id" "/etc/machine-id"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "keyring"
|
|
||||||
eval $(s6-setuidgid abc dbus-launch --sh-syntax)
|
eval $(s6-setuidgid abc dbus-launch --sh-syntax)
|
||||||
echo 'somecredstorepass' | eval $(s6-setuidgid abc gnome-keyring-daemon --daemonize --components=pkcs11,secrets,ssh --unlock)
|
echo 'somecredstorepass' | eval $(s6-setuidgid abc gnome-keyring-daemon --daemonize --components=pkcs11,secrets,ssh --unlock)
|
||||||
echo -n "${DBUS_SESSION_BUS_ADDRESS}" >/run/s6/container_environment/DBUS_SESSION_BUS_ADDRESS
|
echo -n "${DBUS_SESSION_BUS_ADDRESS}" >/run/s6/container_environment/DBUS_SESSION_BUS_ADDRESS
|
||||||
|
@ -39,7 +39,7 @@ done
|
|||||||
echo "setting permissions::app"
|
echo "setting permissions::app"
|
||||||
lsiown abc:abc /app/vscode-server/{{server-insiders-web,server-insiders},{server-insiders-web,server-insiders}/bin}
|
lsiown abc:abc /app/vscode-server/{{server-insiders-web,server-insiders},{server-insiders-web,server-insiders}/bin}
|
||||||
echo "setting permissions::config"
|
echo "setting permissions::config"
|
||||||
find /config -path /config/.vscode-server -prune -o -exec chown abc:abc {} +
|
find /config -path /config/.vscode-server -prune -path /config/var -prune -o -exec chown abc:abc {} +
|
||||||
|
|
||||||
chmod 700 /config/.ssh
|
chmod 700 /config/.ssh
|
||||||
if [ -n "$(ls -A /config/.ssh)" ]; then
|
if [ -n "$(ls -A /config/.ssh)" ]; then
|
||||||
|
@ -1,8 +1,6 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
|
|
||||||
env | sort > /svc-env
|
|
||||||
|
|
||||||
if [ -n "$CONNECTION_SECRET" ]; then
|
if [ -n "$CONNECTION_SECRET" ]; then
|
||||||
CODE_LOCAL_ARGS="${CODE_LOCAL_ARGS} --connection-token-file ${CONNECTION_SECRET}"
|
CODE_LOCAL_ARGS="${CODE_LOCAL_ARGS} --connection-token-file ${CONNECTION_SECRET}"
|
||||||
echo "Using connection secret from ${CONNECTION_SECRET}"
|
echo "Using connection secret from ${CONNECTION_SECRET}"
|
||||||
@ -15,11 +13,11 @@ fi
|
|||||||
|
|
||||||
exec \
|
exec \
|
||||||
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8000" \
|
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8000" \
|
||||||
cd "$DEFAULT_WORKSPACE" \
|
s6-setuidgid abc \
|
||||||
s6-setuidgid abc \
|
/usr/local/bin/code-server serve-local \
|
||||||
/usr/local/bin/code-server serve-local \
|
--verbose \
|
||||||
--accept-server-license-terms\
|
--accept-server-license-terms \
|
||||||
--quality insiders \
|
--quality insiders \
|
||||||
--host 0.0.0.0 \
|
--host 0.0.0.0 \
|
||||||
--disable-telemetry \
|
--disable-telemetry \
|
||||||
${CODE_LOCAL_ARGS}
|
${CODE_LOCAL_ARGS}
|
||||||
|
@ -1,15 +1,18 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
|
|
||||||
until [[ -e /run/dbus/system_bus_socket ]]; do
|
if [ -z ${TUNNEL_NAME+x} ]; then
|
||||||
sleep 1s
|
TUNNEL_NAME_ARG="--random-name"
|
||||||
done
|
else
|
||||||
|
TUNNEL_NAME_ARG="--name=${TUNNEL_NAME}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd /config || true
|
||||||
|
|
||||||
exec \
|
exec \
|
||||||
cd "$DEFAULT_WORKSPACE" \
|
s6-setuidgid abc \
|
||||||
s6-setuidgid abc \
|
/usr/local/bin/code-server serve \
|
||||||
/usr/local/bin/code-server serve \
|
--accept-server-license-terms \
|
||||||
--accept-server-license-terms \
|
${TUNNEL_NAME_ARG} \
|
||||||
--random-name \
|
--disable-telemetry \
|
||||||
--disable-telemetry \
|
${CODE_ARGS} || exit 1
|
||||||
${CODE_ARGS} || exit 1
|
|
||||||
|
Loading…
Reference in New Issue
Block a user