144 lines
4.3 KiB
Bash
144 lines
4.3 KiB
Bash
#!/bin/bash
|
|
#
|
|
# entrypoint.sh - Script to set up and run code-server in a Docker container
|
|
# Copyright (C) 2025 Jesus E.
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
#
|
|
|
|
set -e
|
|
|
|
# === Set TimeZone ===
|
|
TZ="${TZ:-UTC}"
|
|
echo "[entrypoint] Setting TimeZone to $TZ"
|
|
ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime
|
|
echo "$TZ" > /etc/timezone
|
|
|
|
DOCKER_USER="${DOCKER_USER:-coder}"
|
|
UID="${UID:-1000}"
|
|
GID="${GID:-1000}"
|
|
PASSWORD="${PASSWORD:-undefined}"
|
|
HASHED_PASSWORD="${HASHED_PASSWORD:-undefined}"
|
|
HOME_DIR="/home/coder"
|
|
|
|
if ! getent group "$DOCKER_USER" > /dev/null; then
|
|
groupadd -g "$GID" "$DOCKER_USER"
|
|
fi
|
|
|
|
if ! id "$DOCKER_USER" > /dev/null 2>&1; then
|
|
useradd -u "$UID" -g "$GID" -d "$HOME_DIR" -s /bin/bash "$DOCKER_USER"
|
|
usermod -aG docker "$DOCKER_USER"
|
|
echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
|
|
fi
|
|
|
|
echo "permit persist :$DOCKER_USER" > /etc/doas.conf
|
|
echo "permit nopass :$DOCKER_USER" >> /etc/doas.conf
|
|
chmod 0440 /etc/doas.conf
|
|
chown root:root /etc/doas.conf
|
|
|
|
mkdir -p "$HOME_DIR"
|
|
chown -R "$DOCKER_USER:$DOCKER_USER" "$HOME_DIR"
|
|
|
|
CONFIG_DIR="$HOME_DIR/.config/code-server"
|
|
mkdir -p "$CONFIG_DIR"
|
|
|
|
case "$PASSWORD:$HASHED_PASSWORD" in
|
|
none:*)
|
|
echo "[entrypoint] Disabling authentication"
|
|
AUTH_MODE="none"
|
|
YAML_AUTH_LINE=""
|
|
;;
|
|
undefined:undefined|:)
|
|
echo "ERROR: you must set either PASSWORD or HASHED_PASSWORD environment variable"
|
|
exit 1
|
|
;;
|
|
*:undefined)
|
|
echo "[entrypoint] Setting PASSWORD"
|
|
AUTH_MODE="password"
|
|
YAML_AUTH_LINE="password: \"$PASSWORD\""
|
|
;;
|
|
undefined:*)
|
|
echo "[entrypoint] Setting HASHED_PASSWORD"
|
|
AUTH_MODE="password"
|
|
YAML_AUTH_LINE="hashed-password: \"$HASHED_PASSWORD\""
|
|
;;
|
|
*)
|
|
echo "ERROR: Not supported combination of PASSWORD and HASHED_PASSWORD"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
cat > "$CONFIG_DIR/config.yaml" <<EOF
|
|
bind-addr: 0.0.0.0:8080
|
|
auth: $AUTH_MODE
|
|
$YAML_AUTH_LINE
|
|
cert: false
|
|
EOF
|
|
|
|
chown -R "$DOCKER_USER:$DOCKER_USER" "$CONFIG_DIR"
|
|
|
|
echo "[entrypoint] Starting Docker daemon..."
|
|
dockerd > /dev/null 2>&1 &
|
|
|
|
until docker info >/dev/null 2>&1; do
|
|
echo "[entrypoint] Waiting for Docker daemon to start..."
|
|
sleep 2
|
|
done
|
|
|
|
# ==== Install keybindings.json to enable terminal editor ====
|
|
if ! stat "$HOME_DIR/.local/share/code-server/User/keybindings.json" > /dev/null 2>&1; then
|
|
echo "[entrypoint] Creating default keybindings.json"
|
|
mkdir -p "$HOME_DIR/.local/share/code-server/User"
|
|
cat > "$HOME_DIR/.local/share/code-server/User/keybindings.json" <<EOF
|
|
[
|
|
{
|
|
"key": "ctrl+alt+t",
|
|
"command": "workbench.action.createTerminalEditor"
|
|
}
|
|
]
|
|
EOF
|
|
chown -R "$DOCKER_USER:$DOCKER_USER" "$HOME_DIR/.local/share/code-server/User"
|
|
else
|
|
echo "[entrypoint] keybindings.json already exists, skipping creation."
|
|
fi
|
|
|
|
# ==== Install pre-commit ===
|
|
if ! command -v pre-commit >/dev/null 2>&1; then
|
|
echo "[entrypoint] Installing pre-commit..."
|
|
su - "$DOCKER_USER" -c "pipx install pre-commit"
|
|
else
|
|
echo "[entrypoint] pre-commit already installed, skipping installation."
|
|
fi
|
|
|
|
# === Install checkov ===
|
|
if ! command -v checkov >/dev/null 2>&1; then
|
|
echo "[entrypoint] Installing checkov..."
|
|
su - "$DOCKER_USER" -c "pipx install checkov"
|
|
else
|
|
echo "[entrypoint] checkov already installed, skipping installation."
|
|
fi
|
|
|
|
# === Install hyperterm ===
|
|
if ! stat $HOME_DIR/.hyperterm > /dev/null 2>&1; then
|
|
echo "[entrypoint] Installing hyperterm..."
|
|
su - "$DOCKER_USER" -c "curl -Ls https://git.fridu.us/heckyel/hyperterm/raw/branch/master/install.sh \
|
|
-o \"$HOME_DIR/install.sh\" && bash \"$HOME_DIR/install.sh\" -s && rm \"$HOME_DIR/install.sh\""
|
|
else
|
|
echo "[entrypoint] Hyperterm already installed, skipping installation."
|
|
fi
|
|
|
|
# === Run code-server ===
|
|
echo "[entrypoint] Launching code-server as $DOCKER_USER"
|
|
exec su - "$DOCKER_USER" -c "code-server"
|