mirror of
https://github.com/luzifer-docker/code-server.git
synced 2024-10-18 09:14:22 +00:00
Initial setup
This commit is contained in:
commit
117566bd3c
3 changed files with 81 additions and 0 deletions
23
Dockerfile
Normal file
23
Dockerfile
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
FROM luzifer/archlinux
|
||||||
|
|
||||||
|
ARG CODE_SERVER_VERSION=3.10.2
|
||||||
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
|
ARG FIXUID_VERSION=0.5
|
||||||
|
|
||||||
|
COPY build.sh /usr/local/bin/build.sh
|
||||||
|
RUN set -ex \
|
||||||
|
&& bash /usr/local/bin/build.sh
|
||||||
|
|
||||||
|
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
|
||||||
|
|
||||||
|
EXPOSE 8080
|
||||||
|
|
||||||
|
# This way, if someone sets $DOCKER_USER, docker-exec will still work as
|
||||||
|
# the uid will remain the same. note: only relevant if -u isn't passed to
|
||||||
|
# docker-run.
|
||||||
|
USER 1000
|
||||||
|
ENV USER=coder
|
||||||
|
WORKDIR /home/coder
|
||||||
|
|
||||||
|
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
|
||||||
|
CMD ["--auth", "none", "--bind-addr", "0.0.0.0:8080", "."]
|
37
build.sh
Normal file
37
build.sh
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -euxo pipefail
|
||||||
|
|
||||||
|
build_packages=()
|
||||||
|
install_packages=(
|
||||||
|
curl
|
||||||
|
git
|
||||||
|
openssh
|
||||||
|
sudo
|
||||||
|
tar
|
||||||
|
)
|
||||||
|
|
||||||
|
pacman -Sy --noconfirm "${build_packages[@]}" "${install_packages[@]}"
|
||||||
|
|
||||||
|
# Install code-server release
|
||||||
|
curl -sSfL "https://github.com/cdr/code-server/releases/download/v${CODE_SERVER_VERSION}/code-server-${CODE_SERVER_VERSION}-linux-amd64.tar.gz" |
|
||||||
|
tar -xz -C /opt
|
||||||
|
mv /opt/code-server-${CODE_SERVER_VERSION}-linux-amd64 /opt/code-server
|
||||||
|
|
||||||
|
# Install dumb-init
|
||||||
|
curl -sSfLo /usr/bin/dumb-init "https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VERSION}/dumb-init_${DUMB_INIT_VERSION}_x86_64"
|
||||||
|
chmod 0755 /usr/bin/dumb-init
|
||||||
|
|
||||||
|
# Install and configure fixuid
|
||||||
|
curl -sSfL "https://github.com/boxboat/fixuid/releases/download/v${FIXUID_VERSION}/fixuid-${FIXUID_VERSION}-linux-amd64.tar.gz" |
|
||||||
|
tar -xz -C /usr/local/bin
|
||||||
|
chown root:root /usr/local/bin/fixuid
|
||||||
|
chmod 4755 /usr/local/bin/fixuid
|
||||||
|
|
||||||
|
mkdir -p /etc/fixuid
|
||||||
|
echo "user: coder\ngroup: coder" >/etc/fixuid/config.yml
|
||||||
|
|
||||||
|
# Configure user to use
|
||||||
|
useradd -m -u 1000 -U coder
|
||||||
|
echo "coder ALL=(ALL) NOPASSWD:ALL" >>/etc/sudoers.d/nopasswd
|
||||||
|
|
||||||
|
[ ${#build_packages[@]} -gt 0 ] && pacman -Rs --noconfirm "${build_packages[@]}" || true
|
21
entrypoint.sh
Executable file
21
entrypoint.sh
Executable file
|
@ -0,0 +1,21 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# We do this first to ensure sudo works below when renaming the user.
|
||||||
|
# Otherwise the current container UID may not exist in the passwd database.
|
||||||
|
eval "$(fixuid -q)"
|
||||||
|
|
||||||
|
if [ "${DOCKER_USER-}" ]; then
|
||||||
|
USER="$DOCKER_USER"
|
||||||
|
if [ "$DOCKER_USER" != "$(whoami)" ]; then
|
||||||
|
echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd >/dev/null
|
||||||
|
# Unfortunately we cannot change $HOME as we cannot move any bind mounts
|
||||||
|
# nor can we bind mount $HOME into a new home as that requires a privileged container.
|
||||||
|
sudo usermod --login "$DOCKER_USER" coder
|
||||||
|
sudo groupmod -n "$DOCKER_USER" coder
|
||||||
|
|
||||||
|
sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
dumb-init /opt/code-server/bin/code-server "$@"
|
Loading…
Reference in a new issue