code-server/Containerfile at main · daemonless/code-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# --------------------------------------------------------------------------
# THIS FILE IS AUTOGENERATED - DO NOT EDIT MANUALLY
#
# Source: Containerfile.j2
# --------------------------------------------------------------------------

ARG BASE_VERSION=15
FROM ghcr.io/daemonless/base:${BASE_VERSION} AS builder

ARG APP_VERSION=""
ARG UPSTREAM_URL="https://registry.npmjs.org/code-server/latest"
ARG UPSTREAM_JQ=".version"

# Build dependencies per https://github.com/coder/code-server/blob/main/docs/npm.md#freebsd
# libinotify: userland inotify for @parcel/watcher file watching
# node-pty: FreeBSD support merged upstream
RUN pkg update && \
    pkg install -y \
    FreeBSD-clang \
    FreeBSD-toolchain \
    FreeBSD-clibs-dev \
    FreeBSD-runtime-dev \
    node22 \
    npm-node22 \
    python3 \
    gmake \
    pkgconf \
    git \
    libinotify && \
    pkg clean -ay && \
    rm -rf /var/cache/pkg/* /var/db/pkg/repos/*

# npm global install fails on FreeBSD: ENOENT when it tries to chdir into
# lib/vscode/node_modules/* before those dirs exist. Workaround: extract
# the package tarball manually, then run npm install in each directory.

RUN APP_VERSION=${APP_VERSION:-$(fetch -qo - "${UPSTREAM_URL}" | jq -r "${UPSTREAM_JQ}")} && \
    fetch -qo /tmp/code-server.tgz \
        "https://registry.npmjs.org/code-server/-/code-server-${APP_VERSION}.tgz" && \
    mkdir -p /usr/local/lib/node_modules/code-server && \
    tar -xzf /tmp/code-server.tgz \
        -C /usr/local/lib/node_modules/code-server --strip-components=1 && \
    rm /tmp/code-server.tgz

WORKDIR /usr/local/lib/node_modules/code-server

# Remove kerberos from vscode - enterprise proxy auth only, disabled on FreeBSD
RUN python3 -c 'import json; p=json.load(open("lib/vscode/package.json")); p.get("dependencies",{}).pop("kerberos",None); p.get("devDependencies",{}).pop("@types/kerberos",None); json.dump(p,open("lib/vscode/package.json","w"),indent=2); print("Patched: kerberos removed")'

# Install lib/vscode deps first so the dir exists when code-server root install runs
# --ignore-scripts: skip vscode's full TS build; npm rebuild compiles native modules only
WORKDIR /usr/local/lib/node_modules/code-server/lib/vscode
RUN npm install --unsafe-perm --omit=dev --ignore-scripts --no-audit --no-fund

# FreeBSD compatibility patches — see patches/ for details
COPY patches/ /tmp/patches/
RUN patch -p1 < /tmp/patches/node-pty.patch && \
    node /tmp/patches/ptyhost.js && \
    node /tmp/patches/deviceid.js && \
    node /tmp/patches/platform.js

RUN npm rebuild node-pty @vscode/spdlog @parcel/watcher @vscode/native-watchdog

# Install code-server root deps + run postinstall (compiles argon2, node-pty etc.)
WORKDIR /usr/local/lib/node_modules/code-server
RUN npm install --unsafe-perm --omit=dev --no-audit --no-fund

# Create global symlink and record version
RUN APP_VERSION=${APP_VERSION:-$(fetch -qo - "${UPSTREAM_URL}" | jq -r "${UPSTREAM_JQ}")} && \
    ln -sf /usr/local/lib/node_modules/code-server/out/node/entry.js /usr/local/bin/code-server && \
    mkdir -p /app && echo "${APP_VERSION}" > /app/version && \
    npm cache clean --force

# Production image
FROM ghcr.io/daemonless/base:${BASE_VERSION}

ARG FREEBSD_ARCH=amd64
ARG APP_VERSION=""
ARG UPSTREAM_URL="https://registry.npmjs.org/code-server/latest"
ARG UPSTREAM_JQ=".version"
ARG PACKAGES="node22 npm-node22 ca_root_nss libinotify doas python3 gmake gcc llvm FreeBSD-clang FreeBSD-toolchain"

LABEL org.opencontainers.image.title="code-server" \
      org.opencontainers.image.description="code-server on FreeBSD." \
      org.opencontainers.image.source="https://github.com/daemonless/code-server" \
      org.opencontainers.image.url="https://coder.com/docs/code-server" \
      org.opencontainers.image.licenses="MIT" \
      org.opencontainers.image.vendor="daemonless" \
      org.opencontainers.image.authors="daemonless" \
      io.daemonless.category="Development" \
      io.daemonless.port="8080" \
      io.daemonless.arch="${FREEBSD_ARCH}" \
      io.daemonless.pkg-source="binary" \
      io.daemonless.upstream-url="${UPSTREAM_URL}" \
      io.daemonless.upstream-jq="${UPSTREAM_JQ}" \
      io.daemonless.packages="${PACKAGES}" \
      io.daemonless.wip="true"

# Runtime: node + dev tools
RUN pkg update && \
    pkg install -y ${PACKAGES} && \
    pkg clean -ay && \
    rm -rf /var/cache/pkg/* /var/db/pkg/repos/* && \
    chmod 4755 /usr/local/bin/doas && \
    echo "permit nopass keepenv bsd" > /usr/local/etc/doas.conf && \
    chmod 0400 /usr/local/etc/doas.conf

# Copy code-server from builder
COPY --from=builder /app/version /app/version
COPY --from=builder /usr/local/lib/node_modules /usr/local/lib/node_modules
RUN ln -sf /usr/local/lib/node_modules/code-server/out/node/entry.js /usr/local/bin/code-server && \
    chmod -R o+rX /usr/local/lib/node_modules

# Copy root filesystem
COPY root/ /

# Set permissions
RUN chmod +x /etc/services.d/code-server/run /healthz

ENV HOME="/config"

# Workspace dir (matches linuxserver convention)
RUN mkdir -p /config/workspace && \
    chown -R bsd:bsd /config

# Expose
EXPOSE 8080

# Volumes
VOLUME /config