-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathContainerfile.j2
More file actions
124 lines (102 loc) · 4.8 KB
/
Containerfile.j2
File metadata and controls
124 lines (102 loc) · 4.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
ARG BASE_VERSION=15
FROM ghcr.io/daemonless/base:${BASE_VERSION} AS builder
ARG APP_VERSION=""
ARG UPSTREAM_URL="https://registry.npmjs.org/code-server/latest"
ARG UPSTREAM_JQ=".version"
# Build dependencies per https://github.com/coder/code-server/blob/main/docs/npm.md#freebsd
# libinotify: userland inotify for @parcel/watcher file watching
# node-pty: FreeBSD support merged upstream
RUN pkg update && \
pkg install -y \
FreeBSD-clang \
FreeBSD-toolchain \
FreeBSD-clibs-dev \
FreeBSD-runtime-dev \
node22 \
npm-node22 \
python3 \
gmake \
pkgconf \
git \
libinotify && \
pkg clean -ay && \
rm -rf /var/cache/pkg/* /var/db/pkg/repos/*
# npm global install fails on FreeBSD: ENOENT when it tries to chdir into
# lib/vscode/node_modules/* before those dirs exist. Workaround: extract
# the package tarball manually, then run npm install in each directory.
RUN APP_VERSION=${APP_VERSION:-$(fetch -qo - "${UPSTREAM_URL}" | jq -r "${UPSTREAM_JQ}")} && \
fetch -qo /tmp/code-server.tgz \
"https://registry.npmjs.org/code-server/-/code-server-${APP_VERSION}.tgz" && \
mkdir -p /usr/local/lib/node_modules/code-server && \
tar -xzf /tmp/code-server.tgz \
-C /usr/local/lib/node_modules/code-server --strip-components=1 && \
rm /tmp/code-server.tgz
WORKDIR /usr/local/lib/node_modules/code-server
# Remove kerberos from vscode - enterprise proxy auth only, disabled on FreeBSD
RUN python3 -c 'import json; p=json.load(open("lib/vscode/package.json")); p.get("dependencies",{}).pop("kerberos",None); p.get("devDependencies",{}).pop("@types/kerberos",None); json.dump(p,open("lib/vscode/package.json","w"),indent=2); print("Patched: kerberos removed")'
# Install lib/vscode deps first so the dir exists when code-server root install runs
# --ignore-scripts: skip vscode's full TS build; npm rebuild compiles native modules only
WORKDIR /usr/local/lib/node_modules/code-server/lib/vscode
RUN npm install --unsafe-perm --omit=dev --ignore-scripts --no-audit --no-fund
# FreeBSD compatibility patches — see patches/ for details
COPY patches/ /tmp/patches/
RUN patch -p1 < /tmp/patches/node-pty.patch && \
node /tmp/patches/ptyhost.js && \
node /tmp/patches/deviceid.js && \
node /tmp/patches/platform.js
RUN npm rebuild node-pty @vscode/spdlog @parcel/watcher @vscode/native-watchdog
# Install code-server root deps + run postinstall (compiles argon2, node-pty etc.)
WORKDIR /usr/local/lib/node_modules/code-server
RUN npm install --unsafe-perm --omit=dev --no-audit --no-fund
# Create global symlink and record version
RUN APP_VERSION=${APP_VERSION:-$(fetch -qo - "${UPSTREAM_URL}" | jq -r "${UPSTREAM_JQ}")} && \
ln -sf /usr/local/lib/node_modules/code-server/out/node/entry.js /usr/local/bin/code-server && \
mkdir -p /app && echo "${APP_VERSION}" > /app/version && \
npm cache clean --force
# Production image
FROM ghcr.io/daemonless/base:${BASE_VERSION}
ARG FREEBSD_ARCH=amd64
ARG APP_VERSION=""
ARG UPSTREAM_URL="https://registry.npmjs.org/code-server/latest"
ARG UPSTREAM_JQ=".version"
ARG PACKAGES="node22 npm-node22 ca_root_nss libinotify doas python3 gmake gcc llvm FreeBSD-clang FreeBSD-toolchain"
LABEL org.opencontainers.image.title="code-server" \
org.opencontainers.image.description="code-server on FreeBSD." \
org.opencontainers.image.source="https://github.com/daemonless/code-server" \
org.opencontainers.image.url="https://coder.com/docs/code-server" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.vendor="daemonless" \
org.opencontainers.image.authors="daemonless" \
io.daemonless.category="Development" \
io.daemonless.port="8080" \
io.daemonless.arch="${FREEBSD_ARCH}" \
io.daemonless.pkg-source="binary" \
io.daemonless.upstream-url="${UPSTREAM_URL}" \
io.daemonless.upstream-jq="${UPSTREAM_JQ}" \
io.daemonless.packages="${PACKAGES}" \
io.daemonless.wip="true"
# Runtime: node + dev tools
RUN pkg update && \
pkg install -y ${PACKAGES} && \
pkg clean -ay && \
rm -rf /var/cache/pkg/* /var/db/pkg/repos/* && \
chmod 4755 /usr/local/bin/doas && \
echo "permit nopass keepenv bsd" > /usr/local/etc/doas.conf && \
chmod 0400 /usr/local/etc/doas.conf
# Copy code-server from builder
COPY --from=builder /app/version /app/version
COPY --from=builder /usr/local/lib/node_modules /usr/local/lib/node_modules
RUN ln -sf /usr/local/lib/node_modules/code-server/out/node/entry.js /usr/local/bin/code-server && \
chmod -R o+rX /usr/local/lib/node_modules
# Copy root filesystem
COPY root/ /
# Set permissions
RUN chmod +x /etc/services.d/code-server/run /healthz
ENV HOME="/config"
# Workspace dir (matches linuxserver convention)
RUN mkdir -p /config/workspace && \
chown -R bsd:bsd /config
# Expose
EXPOSE 8080
# Volumes
VOLUME /config