More keyring updates
This commit is contained in:
parent
cb72e7c94c
commit
9f72a71e5b
@ -54,6 +54,8 @@ app_setup_block: |
|
||||
|
||||
If `RUN_MODE` is set to either `web` or `server`, it only starts that component, if not specified, it runs both.
|
||||
|
||||
TODO: NOTE ABOUT SPACE FOR MULTIPLE VERSIONS
|
||||
|
||||
|
||||
|
||||
# changelog
|
||||
|
@ -3,12 +3,29 @@
|
||||
|
||||
mkdir -p /config/.local/share/keyrings
|
||||
|
||||
if [ -f /etc/machine-id ]; then
|
||||
if [ ! -f /var/lib/dbus/machine-id ]; then
|
||||
dbus-uuidgen --ensure
|
||||
sleep 1
|
||||
cp "/var/lib/dbus/machine-id" "/config/.local/machine-id"
|
||||
[[ -f "/var/lib/dbus/machine-id" ]] && rm "/var/lib/dbus/machine-id"
|
||||
[[ -f "/etc/machine-id" ]] && rm "/etc/machine-id"
|
||||
fi
|
||||
|
||||
if [ ! -f /config/.local/machine-id ]; then
|
||||
cp "/var/lib/dbus/machine-id" "/config/.local/machine-id"
|
||||
rm "/var/lib/dbus/machine-id" "/etc/machine-id"
|
||||
fi
|
||||
|
||||
if [[ ! -L "/var/lib/dbus/machine-id" ]]; then
|
||||
[[ -f "/var/lib/dbus/machine-id" ]] && rm "/var/lib/dbus/machine-id"
|
||||
ln -s "/config/.local/machine-id" "/var/lib/dbus/machine-id"
|
||||
fi
|
||||
|
||||
if [[ ! -L "/etc/machine-id" ]]; then
|
||||
[[ -f "/etc/machine-id" ]] && rm "/etc/machine-id"
|
||||
ln -s "/config/.local/machine-id" "/etc/machine-id"
|
||||
fi
|
||||
|
||||
echo "keyring"
|
||||
eval $(s6-setuidgid abc dbus-launch --sh-syntax)
|
||||
echo 'somecredstorepass' | eval $(s6-setuidgid abc gnome-keyring-daemon --daemonize --components=pkcs11,secrets,ssh --unlock)
|
||||
echo -n "${DBUS_SESSION_BUS_ADDRESS}" >/run/s6/container_environment/DBUS_SESSION_BUS_ADDRESS
|
||||
|
@ -39,7 +39,7 @@ done
|
||||
echo "setting permissions::app"
|
||||
lsiown abc:abc /app/vscode-server/{{server-insiders-web,server-insiders},{server-insiders-web,server-insiders}/bin}
|
||||
echo "setting permissions::config"
|
||||
find /config -path /config/.vscode-server -prune -o -exec chown abc:abc {} +
|
||||
find /config -path /config/.vscode-server -prune -path /config/var -prune -o -exec chown abc:abc {} +
|
||||
|
||||
chmod 700 /config/.ssh
|
||||
if [ -n "$(ls -A /config/.ssh)" ]; then
|
||||
|
@ -1,8 +1,6 @@
|
||||
#!/usr/bin/with-contenv bash
|
||||
# shellcheck shell=bash
|
||||
|
||||
env | sort > /svc-env
|
||||
|
||||
if [ -n "$CONNECTION_SECRET" ]; then
|
||||
CODE_LOCAL_ARGS="${CODE_LOCAL_ARGS} --connection-token-file ${CONNECTION_SECRET}"
|
||||
echo "Using connection secret from ${CONNECTION_SECRET}"
|
||||
@ -15,10 +13,10 @@ fi
|
||||
|
||||
exec \
|
||||
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8000" \
|
||||
cd "$DEFAULT_WORKSPACE" \
|
||||
s6-setuidgid abc \
|
||||
/usr/local/bin/code-server serve-local \
|
||||
--accept-server-license-terms\
|
||||
--verbose \
|
||||
--accept-server-license-terms \
|
||||
--quality insiders \
|
||||
--host 0.0.0.0 \
|
||||
--disable-telemetry \
|
||||
|
@ -1,15 +1,18 @@
|
||||
#!/usr/bin/with-contenv bash
|
||||
# shellcheck shell=bash
|
||||
|
||||
until [[ -e /run/dbus/system_bus_socket ]]; do
|
||||
sleep 1s
|
||||
done
|
||||
if [ -z ${TUNNEL_NAME+x} ]; then
|
||||
TUNNEL_NAME_ARG="--random-name"
|
||||
else
|
||||
TUNNEL_NAME_ARG="--name=${TUNNEL_NAME}"
|
||||
fi
|
||||
|
||||
cd /config || true
|
||||
|
||||
exec \
|
||||
cd "$DEFAULT_WORKSPACE" \
|
||||
s6-setuidgid abc \
|
||||
/usr/local/bin/code-server serve \
|
||||
--accept-server-license-terms \
|
||||
--random-name \
|
||||
${TUNNEL_NAME_ARG} \
|
||||
--disable-telemetry \
|
||||
${CODE_ARGS} || exit 1
|
||||
|
Loading…
Reference in New Issue
Block a user