Archived
1
0

docker: Fix $DOCKER_USER (#2057)

We do not try renaming $HOME anymore as there is no good way
to do it.

We also only try to convert if the user hasn't been changed.

Finally I added usage to the docker docs in install.md

Closes #2056
This commit is contained in:
Anmol Sethi 2020-09-03 18:38:40 -04:00 committed by GitHub
parent 4a250be79a
commit 9fb318cf15
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 15 deletions

View File

@ -39,6 +39,9 @@ COPY ci/release-image/entrypoint.sh /usr/bin/entrypoint.sh
RUN dpkg -i /tmp/code-server*$(dpkg --print-architecture).deb && rm /tmp/code-server*.deb RUN dpkg -i /tmp/code-server*$(dpkg --print-architecture).deb && rm /tmp/code-server*.deb
EXPOSE 8080 EXPOSE 8080
USER coder # This way, if someone sets $DOCKER_USER, docker-exec will still work as
# the uid will remain the same. note: only relevant if -u isn't passed to
# docker-run.
USER 1000
WORKDIR /home/coder WORKDIR /home/coder
ENTRYPOINT ["/usr/bin/entrypoint.sh", "--bind-addr", "0.0.0.0:8080", "."] ENTRYPOINT ["/usr/bin/entrypoint.sh", "--bind-addr", "0.0.0.0:8080", "."]

View File

@ -1,18 +1,20 @@
#!/usr/bin/env sh #!/bin/sh
set -eu set -eu
if [ "${DOCKER_USER-}" ]; then
echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
sudo usermod --login "$DOCKER_USER" \
--move-home --home "/home/$DOCKER_USER" \
coder
sudo groupmod -n "$DOCKER_USER" coder
sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
sudo sed -i "s/coder/$DOCKER_USER/g" /etc/fixuid/config.yml
export HOME="/home/$DOCKER_USER"
fi
# This isn't set by default. # This isn't set by default.
export USER="$(whoami)" export USER="$(whoami)"
if [ "${DOCKER_USER-}" != "$USER" ]; then
echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
# Unfortunately we cannot change $HOME as we cannot move any bind mounts
# nor can we bind mount $HOME into a new home as that requires a privileged container.
sudo usermod --login "$DOCKER_USER" coder
sudo groupmod -n "$DOCKER_USER" coder
export USER="$(whoami)"
sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
sudo sed -i "s/coder/$DOCKER_USER/g" /etc/fixuid/config.yml
fi
dumb-init fixuid -q /usr/bin/code-server "$@" dumb-init fixuid -q /usr/bin/code-server "$@"

View File

@ -179,10 +179,11 @@ code-server
# easily access/modify your code-server config in $HOME/.config/code-server/config.json # easily access/modify your code-server config in $HOME/.config/code-server/config.json
# outside the container. # outside the container.
mkdir -p ~/.config mkdir -p ~/.config
docker run -it -p 127.0.0.1:8080:8080 \ docker run -it --name code-server -p 127.0.0.1:8080:8080 \
-v "$HOME/.config:/home/coder/.config" \ -v "$HOME/.config:/home/coder/.config" \
-v "$PWD:/home/coder/project" \ -v "$PWD:/home/coder/project" \
-u "$(id -u):$(id -g)" \ -u "$(id -u):$(id -g)" \
-e "DOCKER_USER=$USER" \
codercom/code-server:latest codercom/code-server:latest
``` ```