mirror of
https://github.com/linuxserver/docker-code-server
synced 2025-06-26 18:27:40 +00:00
Compare commits
6 Commits
4.99.2-ls2
...
4.99.4-ls2
| Author | SHA1 | Date | |
|---|---|---|---|
|
6b64e1e967 | ||
|
|
a7294dfb09 | ||
|
|
a7e2b20ca2 | ||
|
badac0c5f0 | ||
|
|
e14c470234 | ||
|
|
ab481ce6bc |
0
.editorconfig
Executable file → Normal file
0
.editorconfig
Executable file → Normal file
0
.github/CONTRIBUTING.md
vendored
Executable file → Normal file
0
.github/CONTRIBUTING.md
vendored
Executable file → Normal file
0
.github/FUNDING.yml
vendored
Executable file → Normal file
0
.github/FUNDING.yml
vendored
Executable file → Normal file
0
.github/ISSUE_TEMPLATE/config.yml
vendored
Executable file → Normal file
0
.github/ISSUE_TEMPLATE/config.yml
vendored
Executable file → Normal file
0
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
Executable file → Normal file
0
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
Executable file → Normal file
0
.github/ISSUE_TEMPLATE/issue.feature.yml
vendored
Executable file → Normal file
0
.github/ISSUE_TEMPLATE/issue.feature.yml
vendored
Executable file → Normal file
0
.github/workflows/call_issue_pr_tracker.yml
vendored
Executable file → Normal file
0
.github/workflows/call_issue_pr_tracker.yml
vendored
Executable file → Normal file
0
.github/workflows/call_issues_cron.yml
vendored
Executable file → Normal file
0
.github/workflows/call_issues_cron.yml
vendored
Executable file → Normal file
0
.github/workflows/greetings.yml
vendored
Executable file → Normal file
0
.github/workflows/greetings.yml
vendored
Executable file → Normal file
0
.github/workflows/permissions.yml
vendored
Executable file → Normal file
0
.github/workflows/permissions.yml
vendored
Executable file → Normal file
19
README.md
19
README.md
@@ -78,6 +78,23 @@ git config --global user.email "email address"
|
||||
|
||||
How to create the [hashed password](https://github.com/cdr/code-server/blob/master/docs/FAQ.md#can-i-store-my-password-hashed).
|
||||
|
||||
## Read-Only Operation
|
||||
|
||||
This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/).
|
||||
|
||||
### Caveats
|
||||
|
||||
* `/tmp` must be mounted to tmpfs
|
||||
* `sudo` will not be available
|
||||
|
||||
## Non-Root Operation
|
||||
|
||||
This image can be run with a non-root user. For details please [read the docs](https://docs.linuxserver.io/misc/non-root/).
|
||||
|
||||
### Caveats
|
||||
|
||||
* `sudo` will not be available
|
||||
|
||||
## Usage
|
||||
|
||||
To help you get started creating a container from this image you can either use docker-compose or the docker cli.
|
||||
@@ -147,6 +164,8 @@ Containers are configured using parameters passed at runtime (such as those abov
|
||||
| `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain) |
|
||||
| `-e DEFAULT_WORKSPACE=/config/workspace` | If this optional variable is set, code-server will open this directory by default |
|
||||
| `-v /config` | Contains all relevant configuration files. |
|
||||
| `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). |
|
||||
| `--user=1000:1000` | Run container with a non-root user. Please [read the docs](https://docs.linuxserver.io/misc/non-root/). |
|
||||
|
||||
## Environment variables from files (Docker secrets)
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
NAME VERSION TYPE
|
||||
@babel/runtime 7.25.7 npm
|
||||
@babel/runtime 7.27.0 npm
|
||||
@c4312/eventsource-umd 3.0.5 npm
|
||||
@coder/logger 3.0.1 npm
|
||||
@mapbox/node-pre-gyp 1.0.11 npm
|
||||
@@ -37,7 +37,8 @@ abbrev 1.1.1 npm
|
||||
accepts 2.0.0 npm
|
||||
adduser 3.137ubuntu1 deb
|
||||
agent-base 6.0.2 npm
|
||||
agent-base 7.1.1 npm (+4 duplicates)
|
||||
agent-base 7.1.1 npm
|
||||
agent-base 7.1.3 npm (+3 duplicates)
|
||||
ansi-regex 5.0.1 npm
|
||||
aproba 2.0.0 npm
|
||||
apt 2.7.14build2 deb
|
||||
@@ -75,8 +76,8 @@ charenc 0.0.2 npm
|
||||
chownr 1.1.4 npm
|
||||
chownr 2.0.0 npm
|
||||
clojure 1.0.0 npm
|
||||
code-server 1.99.2 npm
|
||||
code-server 4.99.2 npm
|
||||
code-server 1.99.3 npm
|
||||
code-server 4.99.4 npm
|
||||
coffeescript 1.0.0 npm
|
||||
color-support 1.1.3 npm
|
||||
compressible 2.0.18 npm
|
||||
@@ -160,7 +161,7 @@ forwarded 0.2.0 npm
|
||||
fresh 0.5.2 npm
|
||||
fresh 2.0.0 npm
|
||||
fs-constants 1.0.0 npm
|
||||
fs-extra 11.2.0 npm (+1 duplicate)
|
||||
fs-extra 11.2.0 npm
|
||||
fs-minipass 2.1.0 npm
|
||||
fs.realpath 1.0.0 npm
|
||||
fsharp 1.0.0 npm
|
||||
@@ -170,7 +171,7 @@ gcc-14-base 14.2.0-4ubuntu2~24.04 deb
|
||||
get-intrinsic 1.3.0 npm
|
||||
get-proto 1.0.1 npm
|
||||
get-system-fonts 2.0.2 npm
|
||||
get-uri 6.0.3 npm
|
||||
get-uri 6.0.4 npm
|
||||
git 1.0.0 npm
|
||||
git 1:2.43.0-1ubuntu7.2 deb
|
||||
git-base 1.0.0 npm
|
||||
@@ -190,7 +191,7 @@ gpg-wks-client 2.4.4-2ubuntu17.2 deb
|
||||
gpgconf 2.4.4-2ubuntu17.2 deb
|
||||
gpgsm 2.4.4-2ubuntu17.2 deb
|
||||
gpgv 2.4.4-2ubuntu17.2 deb
|
||||
graceful-fs 4.2.11 npm (+1 duplicate)
|
||||
graceful-fs 4.2.11 npm
|
||||
grep 3.11-4build1 deb
|
||||
groovy 1.0.0 npm
|
||||
grunt 1.0.0 npm
|
||||
@@ -211,7 +212,7 @@ http-proxy-agent 7.0.2 npm
|
||||
httpolyglot 0.1.2 npm
|
||||
https-proxy-agent 5.0.1 npm
|
||||
https-proxy-agent 7.0.2 npm
|
||||
https-proxy-agent 7.0.5 npm (+1 duplicate)
|
||||
https-proxy-agent 7.0.6 npm (+1 duplicate)
|
||||
i18next 23.16.4 npm
|
||||
iconv-lite 0.5.2 npm
|
||||
iconv-lite 0.6.3 npm
|
||||
@@ -243,7 +244,7 @@ jsbn 1.1.0 npm
|
||||
jschardet 3.1.4 npm
|
||||
json 1.0.0 npm
|
||||
json-language-features 1.0.0 npm
|
||||
jsonfile 6.1.0 npm (+1 duplicate)
|
||||
jsonfile 6.1.0 npm
|
||||
julia 1.0.0 npm
|
||||
just-performance 4.3.0 npm
|
||||
kerberos 2.1.1 npm
|
||||
@@ -253,7 +254,7 @@ latex 1.0.0 npm
|
||||
less 1.0.0 npm
|
||||
less 590-2ubuntu2.1 deb
|
||||
libacl1 2.3.2-1build1.1 deb
|
||||
libapparmor1 4.0.1really4.0.1-0ubuntu0.24.04.3 deb
|
||||
libapparmor1 4.0.1really4.0.1-0ubuntu0.24.04.4 deb
|
||||
libapt-pkg6.0t64 2.7.14build2 deb
|
||||
libassuan0 2.5.6-1build1 deb
|
||||
libatomic1 14.2.0-4ubuntu2~24.04 deb
|
||||
@@ -314,7 +315,7 @@ libpam-modules-bin 1.5.3-5ubuntu5.1 deb
|
||||
libpam-runtime 1.5.3-5ubuntu5.1 deb
|
||||
libpam0g 1.5.3-5ubuntu5.1 deb
|
||||
libpcre2-8-0 10.42-4ubuntu2.1 deb
|
||||
libperl5.38t64 5.38.2-3.2build2.1 deb
|
||||
libperl5.38t64 5.38.2-3.2ubuntu0.1 deb
|
||||
libproc2-0 2:4.0.4-4ubuntu3.2 deb
|
||||
libpsl5t64 0.21.2-1.1build1 deb
|
||||
libreadline8t64 8.2-4build1 deb
|
||||
@@ -414,11 +415,11 @@ objective-c 1.0.0 npm
|
||||
on-finished 2.4.1 npm
|
||||
on-headers 1.0.2 npm
|
||||
once 1.4.0 npm (+1 duplicate)
|
||||
openssh-client 1:9.6p1-3ubuntu13.9 deb
|
||||
openssh-client 1:9.6p1-3ubuntu13.11 deb
|
||||
openssl 3.0.13-0ubuntu3.5 deb
|
||||
opentype.js 0.8.0 npm
|
||||
os-tmpdir 1.0.2 npm
|
||||
pac-proxy-agent 7.0.2 npm
|
||||
pac-proxy-agent 7.2.0 npm
|
||||
pac-resolver 7.0.1 npm
|
||||
parseurl 1.3.3 npm
|
||||
passwd 1:4.13+dfsg1-4ubuntu3.2 deb
|
||||
@@ -428,9 +429,9 @@ path-to-regexp 8.2.0 npm
|
||||
pem 1.14.8 npm
|
||||
pend 1.2.0 npm
|
||||
perl 1.0.0 npm
|
||||
perl 5.38.2-3.2build2.1 deb
|
||||
perl-base 5.38.2-3.2build2.1 deb
|
||||
perl-modules-5.38 5.38.2-3.2build2.1 deb
|
||||
perl 5.38.2-3.2ubuntu0.1 deb
|
||||
perl-base 5.38.2-3.2ubuntu0.1 deb
|
||||
perl-modules-5.38 5.38.2-3.2ubuntu0.1 deb
|
||||
php 1.0.0 npm
|
||||
php-language-features 1.0.0 npm
|
||||
picomatch 2.3.1 npm
|
||||
@@ -440,7 +441,7 @@ prebuild-install 7.1.2 npm
|
||||
procps 2:4.0.4-4ubuntu3.2 deb
|
||||
promise-stream-reader 1.0.1 npm
|
||||
proxy-addr 2.0.7 npm
|
||||
proxy-agent 6.4.0 npm
|
||||
proxy-agent 6.5.0 npm
|
||||
proxy-from-env 1.1.0 npm (+1 duplicate)
|
||||
publicsuffix 20231001.0357-0.1 deb
|
||||
pug 1.0.0 npm
|
||||
@@ -490,8 +491,10 @@ simple-browser 1.0.0 npm
|
||||
simple-concat 1.0.1 npm
|
||||
simple-get 4.0.1 npm
|
||||
smart-buffer 4.2.0 npm (+1 duplicate)
|
||||
socks 2.8.3 npm (+1 duplicate)
|
||||
socks-proxy-agent 8.0.4 npm (+1 duplicate)
|
||||
socks 2.8.3 npm
|
||||
socks 2.8.4 npm
|
||||
socks-proxy-agent 8.0.4 npm
|
||||
socks-proxy-agent 8.0.5 npm
|
||||
source-map 0.6.1 npm
|
||||
sprintf-js 1.1.3 npm (+1 duplicate)
|
||||
sql 1.0.0 npm
|
||||
@@ -535,7 +538,7 @@ typescript-language-features 1.0.0 npm
|
||||
tzdata 2025b-0ubuntu0.24.04 deb
|
||||
ubuntu-keyring 2023.11.28.1 deb
|
||||
undici 7.3.0 npm
|
||||
universalify 2.0.1 npm (+1 duplicate)
|
||||
universalify 2.0.1 npm
|
||||
unminimize 0.2.1 deb
|
||||
unpipe 1.0.0 npm
|
||||
util-deprecate 1.0.2 npm (+1 duplicate)
|
||||
|
||||
@@ -36,6 +36,13 @@ opt_param_env_vars:
|
||||
- {env_var: "SUDO_PASSWORD_HASH", env_value: "", desc: "Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`."}
|
||||
- {env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/coder/code-server/blob/main/docs/guide.md#using-a-subdomain)"}
|
||||
- {env_var: "DEFAULT_WORKSPACE", env_value: "/config/workspace", desc: "If this optional variable is set, code-server will open this directory by default"}
|
||||
readonly_supported: true
|
||||
readonly_message: |
|
||||
* `/tmp` must be mounted to tmpfs
|
||||
* `sudo` will not be available
|
||||
nonroot_supported: true
|
||||
nonroot_message: |
|
||||
* `sudo` will not be available
|
||||
# application setup block
|
||||
app_setup_block_enabled: true
|
||||
app_setup_block: |
|
||||
|
||||
@@ -3,18 +3,20 @@
|
||||
|
||||
mkdir -p /config/{extensions,data,workspace,.ssh}
|
||||
|
||||
if [[ -n "${SUDO_PASSWORD}" ]] || [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
|
||||
echo "setting up sudo access"
|
||||
if ! grep -q 'abc' /etc/sudoers; then
|
||||
echo "adding abc to sudoers"
|
||||
echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
|
||||
fi
|
||||
if [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
|
||||
echo "setting sudo password using sudo password hash"
|
||||
sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
|
||||
else
|
||||
echo "setting sudo password using SUDO_PASSWORD env var"
|
||||
echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
|
||||
if [[ -z ${LSIO_NON_ROOT_USER} ]] && [[ -z ${LSIO_READ_ONLY_FS} ]]; then
|
||||
if [[ -n "${SUDO_PASSWORD}" ]] || [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
|
||||
echo "setting up sudo access"
|
||||
if ! grep -q 'abc' /etc/sudoers; then
|
||||
echo "adding abc to sudoers"
|
||||
echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
|
||||
fi
|
||||
if [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
|
||||
echo "setting sudo password using sudo password hash"
|
||||
sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
|
||||
else
|
||||
echo "setting sudo password using SUDO_PASSWORD env var"
|
||||
echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -26,17 +28,19 @@ if [[ ! -f /config/.profile ]]; then
|
||||
cp /root/.profile /config/.profile
|
||||
fi
|
||||
|
||||
# fix permissions (ignore contents of workspace)
|
||||
PUID=${PUID:-911}
|
||||
if [[ ! "$(stat -c %u /config/.profile)" == "${PUID}" ]]; then
|
||||
echo "Change in ownership or new install detected, please be patient while we chown existing files"
|
||||
echo "This could take some time"
|
||||
find /config -path "/config/workspace" -prune -o -exec lsiown abc:abc {} +
|
||||
lsiown abc:abc /config/workspace
|
||||
fi
|
||||
chmod 700 /config/.ssh
|
||||
if [[ -n "$(ls -A /config/.ssh)" ]]; then
|
||||
find /config/.ssh/ -type d -exec chmod 700 '{}' \;
|
||||
find /config/.ssh/ -type f -exec chmod 600 '{}' \;
|
||||
find /config/.ssh/ -type f -iname '*.pub' -exec chmod 644 '{}' \;
|
||||
if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
|
||||
# fix permissions (ignore contents of workspace)
|
||||
PUID=${PUID:-911}
|
||||
if [[ ! "$(stat -c %u /config/.profile)" == "${PUID}" ]]; then
|
||||
echo "Change in ownership or new install detected, please be patient while we chown existing files"
|
||||
echo "This could take some time"
|
||||
find /config -path "/config/workspace" -prune -o -exec lsiown abc:abc {} +
|
||||
lsiown abc:abc /config/workspace
|
||||
fi
|
||||
chmod 700 /config/.ssh
|
||||
if [[ -n "$(ls -A /config/.ssh)" ]]; then
|
||||
find /config/.ssh/ -type d -exec chmod 700 '{}' \;
|
||||
find /config/.ssh/ -type f -exec chmod 600 '{}' \;
|
||||
find /config/.ssh/ -type f -iname '*.pub' -exec chmod 644 '{}' \;
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -14,9 +14,21 @@ else
|
||||
PROXY_DOMAIN_ARG="--proxy-domain=${PROXY_DOMAIN}"
|
||||
fi
|
||||
|
||||
exec \
|
||||
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
|
||||
s6-setuidgid abc \
|
||||
if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
|
||||
exec \
|
||||
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
|
||||
s6-setuidgid abc \
|
||||
/app/code-server/bin/code-server \
|
||||
--bind-addr 0.0.0.0:8443 \
|
||||
--user-data-dir /config/data \
|
||||
--extensions-dir /config/extensions \
|
||||
--disable-telemetry \
|
||||
--auth "${AUTH}" \
|
||||
"${PROXY_DOMAIN_ARG}" \
|
||||
"${DEFAULT_WORKSPACE:-/config/workspace}"
|
||||
else
|
||||
exec \
|
||||
s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 8443" \
|
||||
/app/code-server/bin/code-server \
|
||||
--bind-addr 0.0.0.0:8443 \
|
||||
--user-data-dir /config/data \
|
||||
@@ -25,3 +37,4 @@ exec \
|
||||
--auth "${AUTH}" \
|
||||
"${PROXY_DOMAIN_ARG}" \
|
||||
"${DEFAULT_WORKSPACE:-/config/workspace}"
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user