Skip to content

Instantly share code, notes, and snippets.

@arvati
Last active June 19, 2022 07:18
Show Gist options
  • Save arvati/b5170a6c6048b0ea55e77f52cde2b396 to your computer and use it in GitHub Desktop.
Save arvati/b5170a6c6048b0ea55e77f52cde2b396 to your computer and use it in GitHub Desktop.
Install cdr/code-server on alpine (and debian) lxc
#!/sbin/openrc-run
name=$RC_SVCNAME
description="$name - VS Code on a remote server"
password="secret"
homedir="/root"
command="env PASSWORD=$password /usr/local/bin/$name"
server="0.0.0.0"
port="443"
command_args="--extensions-dir $homedir/.local/share/$name/extensions --host $server --user-data-dir $homedir/.local/share/$name --port $port --disable-telemetry --cert=$homedir/certs/$name.crt --cert-key=$homedir/certs/$name.key /srv"
command_user="root:root"
pidfile="/run/$name/$name.pid"
command_background="yes"
extra_commands="report"
depend() {
use logger dns
need net
}
start_pre() {
checkpath --directory --owner $command_user --mode 0775 \
/run/$name /var/log/$name
}
start()
{
default_start
report
}
stop()
{
default_stop
}
status()
{
default_status
report
}
report() {
# Report to the user
einfo "You can login at: https://$server:$port/"
einfo "Using password: $password"
}
#!/bin/sh
### BEGIN INIT INFO
# Provides: code-server
# Required-Start: $local_fs $network $named $time $syslog
# Required-Stop: $local_fs $network $named $time $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: code-server - VS Code on a remote server
### END INIT INFO
dir="/root"
password="secret"
user="root"
server="0.0.0.0"
port="443"
name=`basename $0`
pid_file="/var/run/$name.pid"
stdout_log="/var/log/$name.log"
stderr_log="/var/log/$name.err"
cmd="env PASSWORD=$password /usr/local/bin/$name --extensions-dir $dir/.local/share/$name/extensions --host $server --user-data-dir $dir/.local/share/$name --port $port --disable-telemetry --cert=$dir/certs/$name.crt --cert-key=$dir/certs/$name.key /srv"
#env PASSWORD=secret /usr/local/bin/code-server --extensions-dir /root/.local/share/code-server/extensions --host 0.0.0.0 --user-data-dir /root/.local/share/code-server --port 443 --disable-telemetry --cert=/root/certs/code-server.crt --cert-key=/root/certs/code-server.key /srv
get_pid() {
cat "$pid_file"
}
is_running() {
[ -f "$pid_file" ] && ps -p `get_pid` > /dev/null 2>&1
}
report() {
# Report to the user
echo "You can login at: https://$server:$port/"
echo "Using password: $password"
}
case "$1" in
start)
if is_running; then
echo "Already started"
else
echo "Starting $name"
cd "$dir"
if [ -z "$user" ]; then
sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
else
sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
fi
echo $! > "$pid_file"
if ! is_running; then
echo "Unable to start, see $stdout_log and $stderr_log"
exit 1
fi
report
fi
;;
stop)
if is_running; then
echo -n "Stopping $name.."
kill `get_pid`
for i in 1 2 3 4 5 6 7 8 9 10
# for i in `seq 10`
do
if ! is_running; then
break
fi
echo -n "."
sleep 1
done
echo
if is_running; then
echo "Not stopped; may still be shutting down or shutdown may have failed"
exit 1
else
echo "Stopped"
if [ -f "$pid_file" ]; then
rm "$pid_file"
fi
fi
else
echo "Not running"
fi
;;
restart)
$0 stop
if is_running; then
echo "Unable to stop, will not attempt to start"
exit 1
fi
$0 start
;;
status)
if is_running; then
echo "Running"
report
else
echo "Stopped"
exit 1
fi
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
exit 0
cd /root/
service code-server stop
wget https://github.com/cdr/code-server/releases/download/2.1698/code-server2.1698-vsc1.41.1-alpine-x86_64.tar.gz
tar -xvzf code-server2.1698-vsc1.41.1-alpine-x86_64.tar.gz
mv /root/code-server2.1698-vsc1.41.1-alpine-x86_64 /opt/code-server2.1698-vsc1.41.1-alpine-x86_64
cd /
rm /usr/local/bin/code-server
chmod +x /opt/code-server2.1698-vsc1.41.1-alpine-x86_64/code-server
ln -s ../../../opt/code-server2.1698-vsc1.41.1-alpine-x86_64/code-server /usr/local/bin/code-server
service code-server start
# if this does not work need to compile from source
service code-server stop
rm /usr/local/bin/code-server
rm -fr /opt/code-server2.1698-vsc1.41.1-alpine-x86_64
cd /root/
#wget https://github.com/cdr/code-server/archive/1.1140-vsc1.33.1.zip
wget https://github.com/cdr/code-server/archive/3.1.0.zip
#unzip 1.1140-vsc1.33.1.zip
unzip 3.1.0.zip
#mv /root/code-server-1.1140-vsc1.33.1 /opt/code-server-1.1140-vsc1.33.1
mv /root/code-server-3.1.0 /opt/code-server-3.1.0
#cd /opt/code-server-1.1140-vsc1.33.1
cd /opt/code-server-3.1.0
yarn
npm_config_build_from_source=true NODE_ENV=production npm_config_unsafe_perm=true yarn task build:server:binary --force
#ln -s ../../../opt/code-server-1.1140-vsc1.33.1/packages/server/cli-musl-x64 /usr/local/bin/code-server
ln -s ../../../opt/code-server-1.1140-vsc1.33.1/packages/server/cli-musl-x64 /usr/local/bin/code-server
service code-server start
# to run manuaaly
code-server -H -N --disable-telemetry
# make certificate
mkdir ~/certs
cd ~/certs
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout code-server.key -out code-server.crt -subj /CN=example.com -addext subjectAltName=DNS:example.com,DNS:example.net,IP:192.168.1.75
# check out my start script - change the password
nano /etc/init.d/code-server
chmod +x /etc/init.d/code-server
service code-server stop
cd /root/
wget https://github.com/cdr/code-server/releases/download/2.1698/code-server2.1698-vsc1.41.1-linux-x86_64.tar.gz
#wget https://github.com/cdr/code-server/releases/download/3.1.0/code-server-3.1.0-linux-x86_64.tar.gz
tar -xvzf code-server2.1698-vsc1.41.1-linux-x86_64.tar.gz
#tar -xvzf code-server-3.1.0-linux-x86_64.tar.gz
mv /root/code-server2.1698-vsc1.41.1-linux-x86_64 /opt/code-server2.1698-vsc1.41.1-linux-x86_64
#mv /root/code-server-3.1.0-linux-x86_64 /opt/code-server-3.1.0-linux-x86_64
cd /
chmod +x /opt/code-server2.1698-vsc1.41.1-linux-x86_64/code-server
#chmod +x /opt/code-server-3.1.0-linux-x86_64/code-server
rm /usr/local/bin/code-server
ln -s ../../../opt/code-server2.1698-vsc1.41.1-linux-x86_64/code-server /usr/local/bin/code-server
#ln -s ../../../opt/code-server-3.1.0-linux-x86_64/code-server /usr/local/bin/code-server
service code-server start
# make certificate
mkdir ~/certs
cd ~/certs
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout code-server.key -out code-server.crt -subj /CN=example.com -addext subjectAltName=DNS:example.com,DNS:example.net,IP:192.168.1.75
# check out my start script - change the password
nano /etc/init.d/code-server
chmod +x /etc/init.d/code-server
update-rc.d code-server defaults
@arvati
Copy link
Author

arvati commented Jun 14, 2019

could improve start code to have status option showing password to connect like this: coder/code-server#753

# -----------
# The following is specific for "code-server"
#
# Extract the password from the log, and give user some instructions
start=$(date +%s)   # time now
until passwd=$(grep -sm1 "$SEARCH" "$LOG_FILE"); do
  sleep .1
  now=$(date +%s)
  if (( now - start > WAIT_TIME )); then
    echo "Sir, \"$PROGRAM\" refuses to divulge the password!"
    echo "Well lieutenant, maybe we should kill it and get a new one!"
    echo "I suggest you run \"$PROGNAME -k\", and try again."
    exit 1
  fi
done

# clean up password (keeping the bolding)
passwd=$(sed 's/.*'"$SEARCH"'//;'<<<"$passwd")$'\e[0m'

# Report to the user
echo ""
echo "You can now login at the URL..."
echo ""
echo "  "$'\e[1m'"https://$SERVER:8443/"$'\e[0m'
echo ""
echo "  Using the password: $passwd"
echo ""

Need to test in alpine linux
Link: https://github.com/OpenRC/openrc/blob/master/service-script-guide.md

@antofthy
Copy link

Just remember that it should run at user level, and only one user on a machine can run it, and that user should be the only one that can get that password.

Normal linux IS a mutli-user environment! Even is most small machines only ever have one user.
The using a user-level start code has protection in that regard. Systemd does not, and would assume machine is a single user only machine.

@arvati
Copy link
Author

arvati commented Jun 15, 2019

Thanks. You are right.
This code in running inside an lxc container that is supposed to be used only for one user at a time.
The idea is to duplicate the entire lxc container to have one for each user if needed.

@antofthy
Copy link

antofthy commented Jun 19, 2019 via email

@parsalotfy
Copy link

I don't know how can I use this code in order to get code-server running on an Alpine container.
Could you please give me an instruction?
Thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment