Support ro/non-root

2025-06-26 18:27:40 +00:00 · 2025-05-11 14:33:51 +01:00
parent badac0c5f0
commit a7e2b20ca2
15 changed files with 57 additions and 16 deletions
--- a/root/etc/s6-overlay/s6-rc.d/init-code-server/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-code-server/run
@@ -26,17 +26,19 @@ if [[ ! -f /config/.profile ]]; then
    cp /root/.profile /config/.profile
 fi

-# fix permissions (ignore contents of workspace)
-PUID=${PUID:-911}
-if [[ ! "$(stat -c %u /config/.profile)" == "${PUID}" ]]; then
-    echo "Change in ownership or new install detected, please be patient while we chown existing files"
-    echo "This could take some time"
-    find /config -path "/config/workspace" -prune -o -exec lsiown abc:abc {} +
-    lsiown abc:abc /config/workspace
-fi
-chmod 700 /config/.ssh
-if [[ -n "$(ls -A /config/.ssh)" ]]; then
-    find /config/.ssh/ -type d -exec chmod 700 '{}' \;
-    find /config/.ssh/ -type f -exec chmod 600 '{}' \;
-    find /config/.ssh/ -type f -iname '*.pub' -exec chmod 644 '{}' \;
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    # fix permissions (ignore contents of workspace)
+    PUID=${PUID:-911}
+    if [[ ! "$(stat -c %u /config/.profile)" == "${PUID}" ]]; then
+        echo "Change in ownership or new install detected, please be patient while we chown existing files"
+        echo "This could take some time"
+        find /config -path "/config/workspace" -prune -o -exec lsiown abc:abc {} +
+        lsiown abc:abc /config/workspace
+    fi
+    chmod 700 /config/.ssh
+    if [[ -n "$(ls -A /config/.ssh)" ]]; then
+        find /config/.ssh/ -type d -exec chmod 700 '{}' \;
+        find /config/.ssh/ -type f -exec chmod 600 '{}' \;
+        find /config/.ssh/ -type f -iname '*.pub' -exec chmod 644 '{}' \;
+    fi
 fi
--- a/root/etc/s6-overlay/s6-rc.d/svc-code-server/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-code-server/run
@@ -14,9 +14,21 @@ else
    PROXY_DOMAIN_ARG="--proxy-domain=${PROXY_DOMAIN}"
 fi

-exec \
-    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
-        s6-setuidgid abc \
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
+            s6-setuidgid abc \
+                /app/code-server/bin/code-server \
+                    --bind-addr 0.0.0.0:8443 \
+                    --user-data-dir /config/data \
+                    --extensions-dir /config/extensions \
+                    --disable-telemetry \
+                    --auth "${AUTH}" \
+                    "${PROXY_DOMAIN_ARG}" \
+                    "${DEFAULT_WORKSPACE:-/config/workspace}"
+else
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
            /app/code-server/bin/code-server \
                --bind-addr 0.0.0.0:8443 \
                --user-data-dir /config/data \
@@ -25,3 +37,4 @@ exec \
                --auth "${AUTH}" \
                "${PROXY_DOMAIN_ARG}" \
                "${DEFAULT_WORKSPACE:-/config/workspace}"
+fi