From efdfc6feb5744d8ad4bd07e35fa8d662925e3e96 Mon Sep 17 00:00:00 2001 From: crupest Date: Sun, 30 Oct 2022 22:44:26 +0800 Subject: ... --- docker/code-server/Dockerfile | 25 ++++++++++++ docker/code-server/archlinux-setup-user.bash | 24 +++++++++++ docker/code-server/archlinux-setup.bash | 61 ++++++++++++++++++++++++++++ docker/code-server/restore-pacman-conf.py | 47 +++++++++++++++++++++ 4 files changed, 157 insertions(+) create mode 100644 docker/code-server/Dockerfile create mode 100755 docker/code-server/archlinux-setup-user.bash create mode 100755 docker/code-server/archlinux-setup.bash create mode 100755 docker/code-server/restore-pacman-conf.py (limited to 'docker/code-server') diff --git a/docker/code-server/Dockerfile b/docker/code-server/Dockerfile new file mode 100644 index 0000000..180cb7e --- /dev/null +++ b/docker/code-server/Dockerfile @@ -0,0 +1,25 @@ +FROM archlinux:latest + +ARG CRUPEST_USER +ARG CRUPEST_GROUP +ARG CRUPEST_UID=1000 +ARG CRUPEST_GID=1000 +ARG CRUPEST_PACKAGES="" +ARG CRUPEST_AUR_PACKAGES="" +ARG USE_CHINA_MIRROR="false" +ARG CHINA_MIRROR_URL="https://mirrors.tuna.tsinghua.edu.cn/archlinux/\$repo/os/\$arch" + +ADD ./archlinux-setup.bash ./archlinux-setup-user.bash ./restore-pacman-conf.py /tmp/ + +ENV CRUPEST_IN_DOCKER="true" +WORKDIR /tmp +RUN /tmp/archlinux-setup.bash +USER ${CRUPEST_UID}:${CRUPEST_GID} +WORKDIR /home/${CRUPEST_USER} +RUN /tmp/archlinux-setup-user.bash + +VOLUME [ "/data" ] +EXPOSE 8080 + +ENV CODE_SERVER_CONFIG="/data/code-server-config.yaml" +ENTRYPOINT [ "code-sever", "--bind-addr", "0.0.0.0:8080" ] diff --git a/docker/code-server/archlinux-setup-user.bash b/docker/code-server/archlinux-setup-user.bash new file mode 100755 index 0000000..2b39bd2 --- /dev/null +++ b/docker/code-server/archlinux-setup-user.bash @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# check if we are in docker by CRUPEST_IN_DOCKER +if [ "${CRUPEST_IN_DOCKER}" != "true" ]; then + echo "This script is intended to be run in a docker container." + exit 1 +fi + +cd ~ || exit 1 + +mkdir data + +mkdir aur +cd aur || exit 1 + +# install all aur packages +for aur_package in ${CRUPEST_AUR_PACKAGES} ; do + echo "Installing ${aur_package} from AUR..." + git clone "https://aur.archlinux.org/${aur_package}.git" --depth 1 + pushd "${aur_package}" || exit 1 + makepkg -sr --noconfirm + makepkg --packagelist | sudo pacman -U --noconfirm - + popd || exit 1 +done diff --git a/docker/code-server/archlinux-setup.bash b/docker/code-server/archlinux-setup.bash new file mode 100755 index 0000000..c926384 --- /dev/null +++ b/docker/code-server/archlinux-setup.bash @@ -0,0 +1,61 @@ +#!/usr/bin/env bash + +# check if we are in docker by CRUPEST_IN_DOCKER +if [ "${CRUPEST_IN_DOCKER}" != "true" ]; then + echo "This script is intended to be run in a docker container." + exit 1 +fi + +# check if we are root +if [ "$(id -u)" != "0" ]; then + echo "This script must be run as root." + exit 1 +fi + +# CRUPEST_USER, CRUPEST_UID, CRUPEST_GID must be defined +if [ -z "$CRUPEST_USER" ] || [ -z "$CRUPEST_UID" ] || [ -z "$CRUPEST_GID" ]; then + echo "CRUPEST_USER, CRUPEST_UID, CRUPEST_GID must be defined." + exit 1 +fi + +# if we are in China (by checking USE_CHINA_MIRROR), use the mirror in China +if [ "$USE_CHINA_MIRROR" = "true" ]; then + echo "You have set USE_CHINA_MIRROR to true, using mirror ${CHINA_MIRROR_URL} (set by CHINA_MIRROR_URL) in China." + echo "Server = ${CHINA_MIRROR_URL}" > /etc/pacman.d/mirrorlist +fi + +# from now on, we don't allow error +set -e + +# Update the system and I need python3 +pacman -Syu --noconfirm python + +# execute the restore pacman config script +python3 ./restore-pacman-conf.py + +# reinstall all installed packages +pacman -Qnq | pacman -S --noconfirm --overwrite=* - + +# install new packages +echo "base-devel git ${CRUPEST_PACKAGES}" | tr " " "\n" | pacman -S --noconfirm --needed - + +# if GROUP not defined, set it the same to USER +if [ -z "$CRUPEST_GROUP" ]; then + CRUPEST_GROUP="$CRUPEST_USER" +fi + +# check if GROUP exists. if not create it with GID +if ! grep -q "^${CRUPEST_GROUP}:" /etc/group; then + groupadd -g "$CRUPEST_GID" "$CRUPEST_GROUP" +fi + +# create user for UID and GID +useradd -m -u "${CRUPEST_UID}" -g "${CRUPEST_GID}" "${CRUPEST_USER}" + +# add the user to sudo +echo "${CRUPEST_USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers + +# create data directory and change the permission +mkdir -p /data +chown "${CRUPEST_USER}":"${CRUPEST_GROUP}" /data +chmod 700 /data diff --git a/docker/code-server/restore-pacman-conf.py b/docker/code-server/restore-pacman-conf.py new file mode 100755 index 0000000..3486dd3 --- /dev/null +++ b/docker/code-server/restore-pacman-conf.py @@ -0,0 +1,47 @@ +#!/usr/bin/env python3 + +# Fxxk damn shit bash script and linux tools. They just don't work well with text processing, which took me a long time to discover the stupid fact. + +import os +import os.path +import sys +import urllib.request +from http.client import HTTPResponse + +PACMAN_NO_EXTRACT_URL = 'https://gitlab.archlinux.org/archlinux/archlinux-docker/-/raw/master/pacman-conf.d-noextract.conf' + +# check if this is in docker by CRUPEST_IN_DOCKER env +if not os.environ.get('CRUPEST_IN_DOCKER'): + print("Not in docker, exiting!", file=sys.stderr) + exit(1) + +# check if I'm root +if os.geteuid() != 0: + print("Not root, exiting!", file=sys.stderr) + exit(1) + +# check if pacman.conf exists +if not os.path.exists('/etc/pacman.conf'): + print("/etc/pacman.conf does not exist, are you running this in Arch Linux? Exiting!", file=sys.stderr) + exit(2) + +# Download pacman-no-extract file from url +res: HTTPResponse = urllib.request.urlopen(PACMAN_NO_EXTRACT_URL) +if res.status != 200: + print( + f"Failed to download pacman-no-extract file from url: {PACMAN_NO_EXTRACT_URL}, exiting!", file=sys.stderr) + exit(3) + +# Read the content of pacman-no-extract file +pacman_no_extract_content = res.read().decode('utf-8') + +# Read the content of pacman.conf +with open('/etc/pacman.conf', 'r') as f: + pacman_conf_content = f.read() + # remove pacman_no_extract_content from pacman_conf_content + pacman_conf_content = pacman_conf_content.replace( + pacman_no_extract_content, '') + +# Write the content of pacman.conf +with open('/etc/pacman.conf', 'w') as f: + f.write(pacman_conf_content) -- cgit v1.2.3