From e8bd8404e9b6589ced3631641a4f00080015d2e4 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 12:00:18 -0400 Subject: [PATCH 01/13] ssl --- root/etc/services.d/code-server/run | 2 ++ 1 file changed, 2 insertions(+) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 7189c9f6f..48b9165f0 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -16,4 +16,6 @@ exec \ --disable-telemetry \ --disable-updates \ --auth "${AUTH}" \ + --cert "${CERT}" \ + --cert-key "${CERT_KEY}" \ /config/workspace From 50655e59f13f25af2c54cc486647aa046ef3ff13 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 12:15:17 -0400 Subject: [PATCH 02/13] support custom workspace path --- root/etc/services.d/code-server/run | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 48b9165f0..56b7386b2 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -7,6 +7,12 @@ else echo "starting with no password" fi +if [ -n "${WORKSPACE_PATH}" ]; then + WORKSPACE="/config/workspace" +else + WORKSPACE="${WORKSPACE_PATH}" +fi + exec \ s6-setuidgid abc \ /usr/bin/code-server \ @@ -18,4 +24,4 @@ exec \ --auth "${AUTH}" \ --cert "${CERT}" \ --cert-key "${CERT_KEY}" \ - /config/workspace + "${WORKSPACE}" From e08e14778c8bbeef254b13bb9b472c98b06d2922 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 12:31:31 -0400 Subject: [PATCH 03/13] just overwrite it --- root/etc/services.d/code-server/run | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 56b7386b2..48b9165f0 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -7,12 +7,6 @@ else echo "starting with no password" fi -if [ -n "${WORKSPACE_PATH}" ]; then - WORKSPACE="/config/workspace" -else - WORKSPACE="${WORKSPACE_PATH}" -fi - exec \ s6-setuidgid abc \ /usr/bin/code-server \ @@ -24,4 +18,4 @@ exec \ --auth "${AUTH}" \ --cert "${CERT}" \ --cert-key "${CERT_KEY}" \ - "${WORKSPACE}" + /config/workspace From 51c5aa1f55c73b2935b328930206bdd195666c80 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 13:29:57 -0400 Subject: [PATCH 04/13] support leaving off cert_key --- root/etc/services.d/code-server/run | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 48b9165f0..f9afe6813 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -7,6 +7,12 @@ else echo "starting with no password" fi +if [ -n "${CERT_KEY}" ]; then + KEY="--cert-key ${CERT_KEY}" +else + KEY="" +fi + exec \ s6-setuidgid abc \ /usr/bin/code-server \ @@ -17,5 +23,5 @@ exec \ --disable-updates \ --auth "${AUTH}" \ --cert "${CERT}" \ - --cert-key "${CERT_KEY}" \ + "${KEY}" \ /config/workspace From f637fe5284d6b27b118d9ddeb1e3a5b934dce74e Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 13:36:19 -0400 Subject: [PATCH 05/13] fixup SSL --- root/etc/services.d/code-server/run | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index f9afe6813..6288529ca 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -7,10 +7,11 @@ else echo "starting with no password" fi -if [ -n "${CERT_KEY}" ]; then - KEY="--cert-key ${CERT_KEY}" +if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then + SSL_CONFIG="--cert ${SSL_CERT} --cert-key ${SSL_KEY}" else - KEY="" + echo "Running insecurely on HTTP." + SSL_CONFIG="" fi exec \ @@ -22,6 +23,5 @@ exec \ --disable-telemetry \ --disable-updates \ --auth "${AUTH}" \ - --cert "${CERT}" \ - "${KEY}" \ + "${SSL_CONFIG}" \ /config/workspace From 76d903014a3248a6c9d663d49cd200a65db21da7 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 13:48:56 -0400 Subject: [PATCH 06/13] docs --- README.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 36696c06d..a6d14a5b2 100644 --- a/README.md +++ b/README.md @@ -124,11 +124,13 @@ Container images are configured using parameters passed at runtime (such as thos | `-e TZ=Europe/London` | Specify a timezone to use EG Europe/London | | `-e PASSWORD=password` | Optional web gui password, if not provided, there will be no auth. | | `-e SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the code-server terminal with the specified password. | +| `-e SSL_CERT=/ssl/cert_file.crt` | If this optional variable is provided in conjunction with a key file the code-server run be served via HTTPS. | +| `-e SSL_KEY=/ssl/key_file.key` | If this optional variable is provided in conjunction with a cert file the code-server run be served via HTTPS. | | `-v /config` | Contains all relevant configuration files. | ## Environment variables from files (Docker secrets) -You can set any environment variable from a file by using a special prepend `FILE__`. +You can set any environment variable from a file by using a special prepend `FILE__`. As an example: @@ -155,9 +157,9 @@ In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as bel   ## Application Setup -Access the webui at `http://:8443`. -For github integration, drop your ssh key in to `/config/.ssh`. -Then open a terminal from the top menu and set your github username and email via the following commands +Access the webui at `http://:8443`. +For github integration, drop your ssh key in to `/config/.ssh`. +Then open a terminal from the top menu and set your github username and email via the following commands ``` git config --global user.name "username" git config --global user.email "email address" From 00e6a2ddca5e83a6708e92da144a9064bb7b9403 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 14:39:04 -0400 Subject: [PATCH 07/13] quote key/cert --- root/etc/services.d/code-server/run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 6288529ca..8ef99649e 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -8,7 +8,7 @@ else fi if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then - SSL_CONFIG="--cert ${SSL_CERT} --cert-key ${SSL_KEY}" + SSL_CONFIG="--cert \"${SSL_CERT}\" --cert-key \"${SSL_KEY}\"" else echo "Running insecurely on HTTP." SSL_CONFIG="" From bd3217a95d309efa48e235b1378ed13adf7998dd Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 14:43:08 -0400 Subject: [PATCH 08/13] quotes --- root/etc/services.d/code-server/run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 8ef99649e..66beaf50a 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -8,7 +8,7 @@ else fi if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then - SSL_CONFIG="--cert \"${SSL_CERT}\" --cert-key \"${SSL_KEY}\"" + SSL_CONFIG="--cert \'${SSL_CERT}\' --cert-key \'${SSL_KEY}\'" else echo "Running insecurely on HTTP." SSL_CONFIG="" From de02112c6be3aa57966234cd518396cdc286d385 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 14:50:11 -0400 Subject: [PATCH 09/13] no quotes --- root/etc/services.d/code-server/run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 66beaf50a..6288529ca 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -8,7 +8,7 @@ else fi if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then - SSL_CONFIG="--cert \'${SSL_CERT}\' --cert-key \'${SSL_KEY}\'" + SSL_CONFIG="--cert ${SSL_CERT} --cert-key ${SSL_KEY}" else echo "Running insecurely on HTTP." SSL_CONFIG="" From 00f6c41c05c5389f637e8e508a736548a7185b2e Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 16:42:06 -0400 Subject: [PATCH 10/13] try something else --- root/etc/services.d/code-server/run | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 6288529ca..52b3ac77e 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -8,10 +8,12 @@ else fi if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then - SSL_CONFIG="--cert ${SSL_CERT} --cert-key ${SSL_KEY}" + SSL_CERT="--cert ${SSL_CERT}" + SSL_KEY="--cert-key ${SSL_KEY}" else echo "Running insecurely on HTTP." - SSL_CONFIG="" + SSL_CERT="" + SSL_KEY="" fi exec \ @@ -23,5 +25,6 @@ exec \ --disable-telemetry \ --disable-updates \ --auth "${AUTH}" \ - "${SSL_CONFIG}" \ + "${SSL_CERT}" \ + "${SSL_KEY}" \ /config/workspace From ad9f675d0ae56768ffd485edf10767b2ecc08dce Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 17:21:29 -0400 Subject: [PATCH 11/13] update command --- root/etc/services.d/code-server/run | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 52b3ac77e..0fccb689c 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -8,23 +8,12 @@ else fi if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then - SSL_CERT="--cert ${SSL_CERT}" - SSL_KEY="--cert-key ${SSL_KEY}" + SSL_CONFIG=" --cert ${SSL_CERT} --cert-key ${SSL_KEY}" else echo "Running insecurely on HTTP." - SSL_CERT="" - SSL_KEY="" + SSL_CONFIG="" fi exec \ s6-setuidgid abc \ - /usr/bin/code-server \ - --port 8443 \ - --user-data-dir /config/data \ - --extensions-dir /config/extensions \ - --disable-telemetry \ - --disable-updates \ - --auth "${AUTH}" \ - "${SSL_CERT}" \ - "${SSL_KEY}" \ - /config/workspace + /usr/bin/code-server --port 8443 --user-data-dir /config/data --extensions-dir /config/extensions --disable-telemetry --disable-updates --auth "${AUTH}" "${SSL_CONFIG}" /config/workspace From 10b4ca71c9763269acbfbc789e6daf904443cb77 Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 17:27:35 -0400 Subject: [PATCH 12/13] extra space --- root/etc/services.d/code-server/run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 0fccb689c..93b9ea842 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -8,7 +8,7 @@ else fi if [ -n "${SSL_KEY}" ] && [ -n "${SSL_CERT}" ]; then - SSL_CONFIG=" --cert ${SSL_CERT} --cert-key ${SSL_KEY}" + SSL_CONFIG="--cert ${SSL_CERT} --cert-key ${SSL_KEY}" else echo "Running insecurely on HTTP." SSL_CONFIG="" From 10069e4c1e0354df44cab27636768ca56c2dcaab Mon Sep 17 00:00:00 2001 From: Thomas Bell Date: Sat, 28 Mar 2020 18:22:27 -0400 Subject: [PATCH 13/13] shoop --- root/etc/services.d/code-server/run | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/root/etc/services.d/code-server/run b/root/etc/services.d/code-server/run index 93b9ea842..6288529ca 100644 --- a/root/etc/services.d/code-server/run +++ b/root/etc/services.d/code-server/run @@ -16,4 +16,12 @@ fi exec \ s6-setuidgid abc \ - /usr/bin/code-server --port 8443 --user-data-dir /config/data --extensions-dir /config/extensions --disable-telemetry --disable-updates --auth "${AUTH}" "${SSL_CONFIG}" /config/workspace + /usr/bin/code-server \ + --port 8443 \ + --user-data-dir /config/data \ + --extensions-dir /config/extensions \ + --disable-telemetry \ + --disable-updates \ + --auth "${AUTH}" \ + "${SSL_CONFIG}" \ + /config/workspace