Compare commits
4 Commits
Author | SHA1 | Date | |
---|---|---|---|
9f72a71e5b | |||
cb72e7c94c | |||
c899ac69a4 | |||
59b4f07cae |
22
Dockerfile
22
Dockerfile
@ -19,44 +19,44 @@ RUN \
|
|||||||
echo "**** install runtime dependencies ****" && \
|
echo "**** install runtime dependencies ****" && \
|
||||||
apt-get update && \
|
apt-get update && \
|
||||||
apt-get install -y \
|
apt-get install -y \
|
||||||
dbus-x11 \
|
|
||||||
git \
|
git \
|
||||||
nano \
|
nano \
|
||||||
net-tools \
|
net-tools \
|
||||||
netcat \
|
netcat \
|
||||||
sudo && \
|
sudo && \
|
||||||
apt-get install -y --no-install-recommends \
|
apt-get install -y --no-install-recommends \
|
||||||
|
dbus-x11 \
|
||||||
gnome-keyring \
|
gnome-keyring \
|
||||||
libatomic1 \
|
libatomic1 \
|
||||||
libsecret-1-dev && \
|
libsecret-1-dev && \
|
||||||
echo "**** install vscode-server ****" && \
|
echo "**** install vscode-server ****" && \
|
||||||
if [ -z ${CODE_RELEASE+x} ]; then \
|
if [ -z ${CODE_RELEASE+x} ]; then \
|
||||||
CODE_RELEASE=$(curl -sLX GET "https://update.code.visualstudio.com/api/latest/server-linux-x64-web/stable" \
|
CODE_RELEASE=$(curl -sLX GET "https://update.code.visualstudio.com/api/latest/server-linux-x64-web/insider" \
|
||||||
| jq '.version' -r); \
|
| jq '.version' -r); \
|
||||||
fi && \
|
fi && \
|
||||||
if [ -z ${CLI_RELEASE+x} ]; then \
|
if [ -z ${CLI_RELEASE+x} ]; then \
|
||||||
CLI_RELEASE=$(curl -sLX GET "https://vscodeserverlauncher.blob.core.windows.net/builds/latest" \
|
CLI_RELEASE=$(curl -sLX GET "https://vscodeserverlauncher.blob.core.windows.net/builds/latest" \
|
||||||
| jq '.version' -r); \
|
| jq '.version' -r); \
|
||||||
fi && \
|
fi && \
|
||||||
mkdir -p /usr/local/bin && \
|
mkdir -p /usr/local/bin && \
|
||||||
mkdir -p /app/vscode-server/server-stable-web/bin/${CODE_RELEASE} && \
|
mkdir -p /app/vscode-server/server-insiders-web/bin/${CODE_RELEASE} && \
|
||||||
mkdir -p /app/vscode-server/server-stable/bin/${CODE_RELEASE} && \
|
mkdir -p /app/vscode-server/server-insiders/bin/${CODE_RELEASE} && \
|
||||||
curl -o \
|
curl -o \
|
||||||
/usr/local/bin/code-server -L \
|
/usr/local/bin/code-server -L \
|
||||||
"https://vscodeserverlauncher.blob.core.windows.net/builds/${CLI_RELEASE}/x86_64-unknown-linux-gnu/x86_64-unknown-linux-gnu" && \
|
"https://vscodeserverlauncher.blob.core.windows.net/builds/${CLI_RELEASE}/x86_64-unknown-linux-gnu/x86_64-unknown-linux-gnu" && \
|
||||||
chmod +x /usr/local/bin/code-server && \
|
chmod +x /usr/local/bin/code-server && \
|
||||||
curl -o \
|
curl -o \
|
||||||
/tmp/vscode-server-web.tar.gz -L \
|
/tmp/vscode-server-web.tar.gz -L \
|
||||||
"https://az764295.vo.msecnd.net/stable/${CODE_RELEASE}/vscode-server-linux-x64-web.tar.gz" && \
|
"https://az764295.vo.msecnd.net/insider/${CODE_RELEASE}/vscode-server-linux-x64-web.tar.gz" && \
|
||||||
tar xf \
|
tar xf \
|
||||||
/tmp/vscode-server-web.tar.gz -C \
|
/tmp/vscode-server-web.tar.gz -C \
|
||||||
/app/vscode-server/server-stable-web/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
/app/vscode-server/server-insiders-web/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
||||||
curl -o \
|
curl -o \
|
||||||
/tmp/vscode-server.tar.gz -L \
|
/tmp/vscode-server.tar.gz -L \
|
||||||
"https://az764295.vo.msecnd.net/stable/${CODE_RELEASE}/vscode-server-linux-x64.tar.gz" && \
|
"https://az764295.vo.msecnd.net/insider/${CODE_RELEASE}/vscode-server-linux-x64.tar.gz" && \
|
||||||
tar xf \
|
tar xf \
|
||||||
/tmp/vscode-server.tar.gz -C \
|
/tmp/vscode-server.tar.gz -C \
|
||||||
/app/vscode-server/server-stable/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
/app/vscode-server/server-insiders/bin/${CODE_RELEASE}/ --strip-components=1 && \
|
||||||
echo "**** clean up ****" && \
|
echo "**** clean up ****" && \
|
||||||
apt-get clean && \
|
apt-get clean && \
|
||||||
rm -rf \
|
rm -rf \
|
||||||
|
@ -54,6 +54,8 @@ app_setup_block: |
|
|||||||
|
|
||||||
If `RUN_MODE` is set to either `web` or `server`, it only starts that component, if not specified, it runs both.
|
If `RUN_MODE` is set to either `web` or `server`, it only starts that component, if not specified, it runs both.
|
||||||
|
|
||||||
|
TODO: NOTE ABOUT SPACE FOR MULTIPLE VERSIONS
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# changelog
|
# changelog
|
||||||
|
33
root/etc/s6-overlay/s6-rc.d/init-keyring/run
Executable file
33
root/etc/s6-overlay/s6-rc.d/init-keyring/run
Executable file
@ -0,0 +1,33 @@
|
|||||||
|
#!/usr/bin/with-contenv bash
|
||||||
|
# shellcheck shell=bash
|
||||||
|
|
||||||
|
mkdir -p /config/.local/share/keyrings
|
||||||
|
|
||||||
|
if [ ! -f /var/lib/dbus/machine-id ]; then
|
||||||
|
dbus-uuidgen --ensure
|
||||||
|
sleep 1
|
||||||
|
cp "/var/lib/dbus/machine-id" "/config/.local/machine-id"
|
||||||
|
[[ -f "/var/lib/dbus/machine-id" ]] && rm "/var/lib/dbus/machine-id"
|
||||||
|
[[ -f "/etc/machine-id" ]] && rm "/etc/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -f /config/.local/machine-id ]; then
|
||||||
|
cp "/var/lib/dbus/machine-id" "/config/.local/machine-id"
|
||||||
|
rm "/var/lib/dbus/machine-id" "/etc/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ ! -L "/var/lib/dbus/machine-id" ]]; then
|
||||||
|
[[ -f "/var/lib/dbus/machine-id" ]] && rm "/var/lib/dbus/machine-id"
|
||||||
|
ln -s "/config/.local/machine-id" "/var/lib/dbus/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ ! -L "/etc/machine-id" ]]; then
|
||||||
|
[[ -f "/etc/machine-id" ]] && rm "/etc/machine-id"
|
||||||
|
ln -s "/config/.local/machine-id" "/etc/machine-id"
|
||||||
|
fi
|
||||||
|
|
||||||
|
eval $(s6-setuidgid abc dbus-launch --sh-syntax)
|
||||||
|
echo 'somecredstorepass' | eval $(s6-setuidgid abc gnome-keyring-daemon --daemonize --components=pkcs11,secrets,ssh --unlock)
|
||||||
|
echo -n "${DBUS_SESSION_BUS_ADDRESS}" >/run/s6/container_environment/DBUS_SESSION_BUS_ADDRESS
|
||||||
|
#echo -n "${GNOME_KEYRING_CONTROL}" >/run/s6/container_environment/GNOME_KEYRING_CONTROL
|
||||||
|
#echo -n "${SSH_AUTH_SOCK}" >/run/s6/container_environment/SSH_AUTH_SOCK
|
1
root/etc/s6-overlay/s6-rc.d/init-keyring/type
Normal file
1
root/etc/s6-overlay/s6-rc.d/init-keyring/type
Normal file
@ -0,0 +1 @@
|
|||||||
|
oneshot
|
1
root/etc/s6-overlay/s6-rc.d/init-keyring/up
Normal file
1
root/etc/s6-overlay/s6-rc.d/init-keyring/up
Normal file
@ -0,0 +1 @@
|
|||||||
|
/etc/s6-overlay/s6-rc.d/init-keyring/run
|
@ -1,8 +1,11 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
|
|
||||||
mkdir -p /config/{.vscode-headless,.config,.ssh}
|
mkdir -p /config/{.vscode-headless,.config,.ssh,workspace}
|
||||||
mkdir -p /run/dbus
|
|
||||||
|
if [ ! -d "${DEFAULT_WORKSPACE}" ];then
|
||||||
|
echo -n "/config/workspace" >/run/s6/container_environment/DEFAULT_WORKSPACE
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
|
if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
|
||||||
echo "setting up sudo access"
|
echo "setting up sudo access"
|
||||||
@ -27,17 +30,6 @@ for f in code_tunnel.json last-used-servers.json license_consent.json token.json
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -f /etc/machine-id ]; then
|
|
||||||
dbus-uuidgen --ensure
|
|
||||||
sleep 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "${DBUS_SESSION_BUS_PID}" ]; then
|
|
||||||
eval $(s6-setuidgid abc dbus-launch)
|
|
||||||
echo -n "${DBUS_SESSION_BUS_ADDRESS}" >/run/s6/container_environment/DBUS_SESSION_BUS_ADDRESS
|
|
||||||
echo -n "${DBUS_SESSION_BUS_PID}" >/run/s6/container_environment/DBUS_SESSION_BUS_PID
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
[[ ! -f /config/.bashrc ]] && \
|
[[ ! -f /config/.bashrc ]] && \
|
||||||
cp /root/.bashrc /config/.bashrc
|
cp /root/.bashrc /config/.bashrc
|
||||||
@ -45,9 +37,9 @@ fi
|
|||||||
cp /root/.profile /config/.profile
|
cp /root/.profile /config/.profile
|
||||||
|
|
||||||
echo "setting permissions::app"
|
echo "setting permissions::app"
|
||||||
lsiown -R abc:abc /app/vscode-server
|
lsiown abc:abc /app/vscode-server/{{server-insiders-web,server-insiders},{server-insiders-web,server-insiders}/bin}
|
||||||
echo "setting permissions::config"
|
echo "setting permissions::config"
|
||||||
find /config -path /config/.vscode-server -prune -o -exec chown abc:abc {} +
|
find /config -path /config/.vscode-server -prune -path /config/var -prune -o -exec chown abc:abc {} +
|
||||||
|
|
||||||
chmod 700 /config/.ssh
|
chmod 700 /config/.ssh
|
||||||
if [ -n "$(ls -A /config/.ssh)" ]; then
|
if [ -n "$(ls -A /config/.ssh)" ]; then
|
||||||
|
@ -1,5 +0,0 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
|
||||||
# shellcheck shell=bash
|
|
||||||
|
|
||||||
exec \
|
|
||||||
dbus-daemon --system --nofork
|
|
@ -1 +0,0 @@
|
|||||||
longrun
|
|
@ -1,10 +1,6 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
|
|
||||||
until [[ -e /run/dbus/system_bus_socket ]]; do
|
|
||||||
sleep 1s
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ -n "$CONNECTION_SECRET" ]; then
|
if [ -n "$CONNECTION_SECRET" ]; then
|
||||||
CODE_LOCAL_ARGS="${CODE_LOCAL_ARGS} --connection-token-file ${CONNECTION_SECRET}"
|
CODE_LOCAL_ARGS="${CODE_LOCAL_ARGS} --connection-token-file ${CONNECTION_SECRET}"
|
||||||
echo "Using connection secret from ${CONNECTION_SECRET}"
|
echo "Using connection secret from ${CONNECTION_SECRET}"
|
||||||
@ -19,7 +15,9 @@ exec \
|
|||||||
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8000" \
|
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8000" \
|
||||||
s6-setuidgid abc \
|
s6-setuidgid abc \
|
||||||
/usr/local/bin/code-server serve-local \
|
/usr/local/bin/code-server serve-local \
|
||||||
|
--verbose \
|
||||||
--accept-server-license-terms \
|
--accept-server-license-terms \
|
||||||
|
--quality insiders \
|
||||||
--host 0.0.0.0 \
|
--host 0.0.0.0 \
|
||||||
--disable-telemetry \
|
--disable-telemetry \
|
||||||
${CODE_LOCAL_ARGS}
|
${CODE_LOCAL_ARGS}
|
||||||
|
@ -1,14 +1,18 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
|
|
||||||
until [[ -e /run/dbus/system_bus_socket ]]; do
|
if [ -z ${TUNNEL_NAME+x} ]; then
|
||||||
sleep 1s
|
TUNNEL_NAME_ARG="--random-name"
|
||||||
done
|
else
|
||||||
|
TUNNEL_NAME_ARG="--name=${TUNNEL_NAME}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd /config || true
|
||||||
|
|
||||||
exec \
|
exec \
|
||||||
s6-setuidgid abc \
|
s6-setuidgid abc \
|
||||||
/usr/local/bin/code-server serve \
|
/usr/local/bin/code-server serve \
|
||||||
--accept-server-license-terms \
|
--accept-server-license-terms \
|
||||||
--random-name \
|
${TUNNEL_NAME_ARG} \
|
||||||
--disable-telemetry\
|
--disable-telemetry \
|
||||||
${CODE_ARGS}
|
${CODE_ARGS} || exit 1
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
|
|
||||||
_install=(/usr/local/bin/code-server "serve-local" "--accept-server-license-terms" "--install-extension")
|
_install=(/usr/local/bin/code-server "serve-local" "--accept-server-license-terms" "--quality" "insiders" "--install-extension")
|
||||||
|
|
||||||
if [ "$(whoami)" == "abc" ]; then
|
if [ "$(whoami)" == "abc" ]; then
|
||||||
"${_install[@]}" "$@"
|
"${_install[@]}" "$@"
|
||||||
|
Loading…
Reference in New Issue
Block a user