Update scripts to be in sync with debain
This commit is contained in:
Родитель
3b57795b93
Коммит
8d46ad8c23
|
@ -3,13 +3,16 @@
|
|||
# Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
|
||||
#-------------------------------------------------------------------------------------------------------------
|
||||
|
||||
# Syntax: ./common-alpine.sh <install zsh flag> <username> <user UID> <user GID>
|
||||
#
|
||||
# Docs: https://github.com/microsoft/vscode-dev-containers/blob/master/script-library/docs/common.md
|
||||
#
|
||||
# Syntax: ./common-alpine.sh [install zsh flag] [username] [user UID] [user GID] [install Oh My *! flag]
|
||||
|
||||
INSTALL_ZSH=${1:-"true"}
|
||||
USERNAME=${2:-"vscode"}
|
||||
USER_UID=${3:-1000}
|
||||
USER_GID=${4:-1000}
|
||||
USERNAME=${2:-"automatic"}
|
||||
USER_UID=${3:-"automatic"}
|
||||
USER_GID=${4:-"automatic"}
|
||||
INSTALL_OH_MYS=${5:-"true"}
|
||||
|
||||
set -e
|
||||
|
||||
|
@ -18,73 +21,253 @@ if [ "$(id -u)" -ne 0 ]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
# Install git, bash, dependencies, and add a non-root user
|
||||
apk update
|
||||
apk add --no-cache \
|
||||
git \
|
||||
openssh-client \
|
||||
less \
|
||||
bash \
|
||||
libgcc \
|
||||
libstdc++ \
|
||||
curl \
|
||||
wget \
|
||||
unzip \
|
||||
nano \
|
||||
jq \
|
||||
gnupg \
|
||||
procps \
|
||||
coreutils \
|
||||
ca-certificates \
|
||||
krb5-libs \
|
||||
libintl \
|
||||
libssl1.1 \
|
||||
lttng-ust \
|
||||
tzdata \
|
||||
userspace-rcu \
|
||||
zlib \
|
||||
shadow
|
||||
|
||||
# Install man pages - package name varies between 3.12 and earlier versions
|
||||
if apk info man > /dev/null 2>&1; then
|
||||
apk add man man-pages
|
||||
else
|
||||
apk add mandoc man-pages
|
||||
# Switch to bash right away
|
||||
if [ "${SWITCHED_TO_BASH}" != "true" ]; then
|
||||
apk add bash
|
||||
export SWITCHED_TO_BASH=true
|
||||
exec /bin/bash "$0" "$@"
|
||||
exit $?
|
||||
fi
|
||||
|
||||
# Create or update a non-root user to match UID/GID - see https://aka.ms/vscode-remote/containers/non-root-user.
|
||||
if id -u $USERNAME > /dev/null 2>&1; then
|
||||
# If in automatic mode, determine if a user already exists, if not use vscode
|
||||
if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
|
||||
USERNAME=""
|
||||
POSSIBLE_USERS=("vscode", "node", "codespace", "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
|
||||
for CURRENT_USER in ${POSSIBLE_USERS[@]}; do
|
||||
if id -u ${CURRENT_USER} > /dev/null 2>&1; then
|
||||
USERNAME=${CURRENT_USER}
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [ "${USERNAME}" = "" ]; then
|
||||
USERNAME=vscode
|
||||
fi
|
||||
elif [ "${USERNAME}" = "none" ]; then
|
||||
USERNAME=root
|
||||
USER_UID=0
|
||||
USER_GID=0
|
||||
fi
|
||||
|
||||
# Load markers to see which steps have already run
|
||||
MARKER_FILE="/usr/local/etc/vscode-dev-containers/common"
|
||||
if [ -f "${MARKER_FILE}" ]; then
|
||||
echo "Marker file found:"
|
||||
cat "${MARKER_FILE}"
|
||||
source "${MARKER_FILE}"
|
||||
fi
|
||||
|
||||
# Install git, bash, common dependencies
|
||||
if [ "${PACKAGES_ALREADY_INSTALLED}" != "true" ]; then
|
||||
apk update
|
||||
apk add --no-cache \
|
||||
git \
|
||||
openssh-client \
|
||||
gnupg \
|
||||
procps \
|
||||
lsof \
|
||||
htop \
|
||||
net-tools \
|
||||
psmisc \
|
||||
curl \
|
||||
wget \
|
||||
rsync \
|
||||
ca-certificates \
|
||||
unzip \
|
||||
zip \
|
||||
nano \
|
||||
vim \
|
||||
less \
|
||||
jq \
|
||||
libgcc \
|
||||
libstdc++ \
|
||||
krb5-libs \
|
||||
libintl \
|
||||
libssl1.1 \
|
||||
lttng-ust \
|
||||
tzdata \
|
||||
userspace-rcu \
|
||||
zlib \
|
||||
sudo \
|
||||
coreutils \
|
||||
sed \
|
||||
grep \
|
||||
which \
|
||||
ncdu \
|
||||
shadow
|
||||
|
||||
# Install man pages - package name varies between 3.12 and earlier versions
|
||||
if apk info man > /dev/null 2>&1; then
|
||||
apk add man man-pages
|
||||
else
|
||||
apk add mandoc man-pages
|
||||
fi
|
||||
|
||||
PACKAGES_ALREADY_INSTALLED="true"
|
||||
fi
|
||||
|
||||
# Create or update a non-root user to match UID/GID.
|
||||
if id -u ${USERNAME} > /dev/null 2>&1; then
|
||||
# User exists, update if needed
|
||||
if [ "$USER_GID" != "$(id -G $USERNAME)" ]; then
|
||||
if [ "${USER_GID}" != "automatic" ] && [ "$USER_GID" != "$(id -G $USERNAME)" ]; then
|
||||
groupmod --gid $USER_GID $USERNAME
|
||||
usermod --gid $USER_GID $USERNAME
|
||||
fi
|
||||
if [ "$USER_UID" != "$(id -u $USERNAME)" ]; then
|
||||
if [ "${USER_UID}" != "automatic" ] && [ "$USER_UID" != "$(id -u $USERNAME)" ]; then
|
||||
usermod --uid $USER_UID $USERNAME
|
||||
fi
|
||||
else
|
||||
# Create user
|
||||
groupadd --gid $USER_GID $USERNAME
|
||||
useradd -s /bin/ash -K MAIL_DIR=/dev/null --uid $USER_UID --gid $USER_GID -m $USERNAME
|
||||
if [ "${USER_GID}" = "automatic" ]; then
|
||||
groupadd $USERNAME
|
||||
else
|
||||
groupadd --gid $USER_GID $USERNAME
|
||||
fi
|
||||
if [ "${USER_UID}" = "automatic" ]; then
|
||||
useradd -s /bin/bash --gid $USERNAME -m $USERNAME
|
||||
else
|
||||
useradd -s /bin/bash -K MAIL_DIR=/dev/null --uid $USER_UID --gid $USERNAME -m $USERNAME
|
||||
fi
|
||||
fi
|
||||
|
||||
# Add add sudo support for non-root user
|
||||
apk add --no-cache sudo
|
||||
echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME
|
||||
chmod 0440 /etc/sudoers.d/$USERNAME
|
||||
|
||||
# Ensure ~/.local/bin is in the PATH for root and non-root users for bash. (zsh is later)
|
||||
echo "export PATH=\$PATH:\$HOME/.local/bin" | tee -a /root/.bashrc >> /home/$USERNAME/.bashrc
|
||||
chown $USER_UID:$USER_GID /home/$USERNAME/.bashrc
|
||||
|
||||
# Optionally install and configure zsh
|
||||
if [ "$INSTALL_ZSH" = "true" ] && [ ! -d "/root/.oh-my-zsh" ]; then
|
||||
apk add --no-cache zsh
|
||||
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
|
||||
echo "export PATH=\$PATH:\$HOME/.local/bin" >> /root/.zshrc
|
||||
cp -R /root/.oh-my-zsh /home/$USERNAME
|
||||
cp /root/.zshrc /home/$USERNAME
|
||||
sed -i -e "s/\/root\/.oh-my-zsh/\/home\/$USERNAME\/.oh-my-zsh/g" /home/$USERNAME/.zshrc
|
||||
chown -R $USER_UID:$USER_GID /home/$USERNAME/.oh-my-zsh /home/$USERNAME/.zshrc
|
||||
if [ "${USERNAME}" != "root" ] && [ "${EXISTING_NON_ROOT_USER}" != "${USERNAME}" ]; then
|
||||
echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME
|
||||
chmod 0440 /etc/sudoers.d/$USERNAME
|
||||
EXISTING_NON_ROOT_USER="${USERNAME}"
|
||||
fi
|
||||
|
||||
# ** Shell customization section **
|
||||
if [ "${USERNAME}" = "root" ]; then
|
||||
USER_RC_PATH="/root"
|
||||
else
|
||||
USER_RC_PATH="/home/${USERNAME}"
|
||||
fi
|
||||
|
||||
# bashrc/zshrc snippet
|
||||
RC_SNIPPET="$(cat << EOF
|
||||
export USER=\$(whoami)
|
||||
|
||||
export PATH=\$PATH:\$HOME/.local/bin
|
||||
|
||||
if type code-insiders > /dev/null 2>&1 && ! type code > /dev/null 2>&1; then
|
||||
alias code=code-insiders
|
||||
fi
|
||||
EOF
|
||||
)"
|
||||
|
||||
# Codespaces themes - partly inspired by https://github.com/ohmyzsh/ohmyzsh/blob/master/themes/robbyrussell.zsh-theme
|
||||
CODESPACES_BASH="$(cat \
|
||||
<<EOF
|
||||
#!/usr/bin/env bash
|
||||
prompt() {
|
||||
if [ "\$?" != "0" ]; then
|
||||
local arrow_color=\${bold_red}
|
||||
else
|
||||
local arrow_color=\${reset_color}
|
||||
fi
|
||||
if [ ! -z "\${GITHUB_USER}" ]; then
|
||||
local USERNAME="gh:@\${GITHUB_USER}"
|
||||
else
|
||||
local USERNAME="\$(whoami)"
|
||||
fi
|
||||
local cwd="\$(pwd | sed "s|^\${HOME}|~|")"
|
||||
PS1="\${green}\${USERNAME} \${arrow_color}➜\${reset_color} \${bold_blue}\${cwd}\${reset_color} \$(scm_prompt_info)\${white}$ \${reset_color}"
|
||||
}
|
||||
SCM_THEME_PROMPT_PREFIX="\${reset_color}\${cyan}(\${bold_red}"
|
||||
SCM_THEME_PROMPT_SUFFIX="\${reset_color} "
|
||||
SCM_THEME_PROMPT_DIRTY=" \${bold_yellow}✗\${reset_color}\${cyan})"
|
||||
SCM_THEME_PROMPT_CLEAN="\${reset_color}\${cyan})"
|
||||
SCM_GIT_SHOW_MINIMAL_INFO="true"
|
||||
safe_append_prompt_command prompt
|
||||
EOF
|
||||
)"
|
||||
CODESPACES_ZSH="$(cat \
|
||||
<<EOF
|
||||
prompt() {
|
||||
if [ ! -z "\${GITHUB_USER}" ]; then
|
||||
local USERNAME="gh:@\${GITHUB_USER}"
|
||||
else
|
||||
local USERNAME="\$(whoami)"
|
||||
fi
|
||||
PROMPT="%{\$fg[green]%}\${USERNAME} %(?:%{\$reset_color%}➜ :%{\$fg_bold[red]%}➜ )"
|
||||
PROMPT+='%{\$fg_bold[blue]%}%~%{\$reset_color%} \$(git_prompt_info)%{\$fg[white]%}$ %{\$reset_color%}'
|
||||
}
|
||||
ZSH_THEME_GIT_PROMPT_PREFIX="%{\$fg_bold[cyan]%}(%{\$fg_bold[red]%}"
|
||||
ZSH_THEME_GIT_PROMPT_SUFFIX="%{\$reset_color%} "
|
||||
ZSH_THEME_GIT_PROMPT_DIRTY=" %{\$fg_bold[yellow]%}✗%{\$fg_bold[cyan]%})"
|
||||
ZSH_THEME_GIT_PROMPT_CLEAN="%{\$fg_bold[cyan]%})"
|
||||
prompt
|
||||
EOF
|
||||
)"
|
||||
|
||||
# Adapted Oh My Zsh! install step to work with both "Oh Mys" rather than relying on an installer script
|
||||
# See https://github.com/ohmyzsh/ohmyzsh/blob/master/tools/install.sh for offical script.
|
||||
install-oh-my()
|
||||
{
|
||||
local OH_MY=$1
|
||||
local OH_MY_INSTALL_DIR="${USER_RC_PATH}/.oh-my-${OH_MY}"
|
||||
local TEMPLATE="${OH_MY_INSTALL_DIR}/templates/$2"
|
||||
local OH_MY_GIT_URL=$3
|
||||
local USER_RC_FILE="${USER_RC_PATH}/.${OH_MY}rc"
|
||||
|
||||
if [ -d "${OH_MY_INSTALL_DIR}" ] || [ "${INSTALL_OH_MYS}" != "true" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
umask g-w,o-w
|
||||
mkdir -p ${OH_MY_INSTALL_DIR}
|
||||
git clone --depth=1 \
|
||||
-c core.eol=lf \
|
||||
-c core.autocrlf=false \
|
||||
-c fsck.zeroPaddedFilemode=ignore \
|
||||
-c fetch.fsck.zeroPaddedFilemode=ignore \
|
||||
-c receive.fsck.zeroPaddedFilemode=ignore \
|
||||
${OH_MY_GIT_URL} ${OH_MY_INSTALL_DIR} 2>&1
|
||||
echo -e "$(cat "${TEMPLATE}")\nDISABLE_AUTO_UPDATE=true\nDISABLE_UPDATE_PROMPT=true" > ${USER_RC_FILE}
|
||||
if [ "${OH_MY}" = "bash" ]; then
|
||||
sed -i -e 's/OSH_THEME=.*/OSH_THEME="codespaces"/g' ${USER_RC_FILE}
|
||||
mkdir -p ${OH_MY_INSTALL_DIR}/custom/themes/codespaces
|
||||
echo "${CODESPACES_BASH}" > ${OH_MY_INSTALL_DIR}/custom/themes/codespaces/codespaces.theme.sh
|
||||
else
|
||||
sed -i -e 's/ZSH_THEME=.*/ZSH_THEME="codespaces"/g' ${USER_RC_FILE}
|
||||
mkdir -p ${OH_MY_INSTALL_DIR}/custom/themes
|
||||
echo "${CODESPACES_ZSH}" > ${OH_MY_INSTALL_DIR}/custom/themes/codespaces.zsh-theme
|
||||
fi
|
||||
# Shrink git while still enabling updates
|
||||
cd ${OH_MY_INSTALL_DIR}
|
||||
git repack -a -d -f --depth=1 --window=1
|
||||
|
||||
if [ "${USERNAME}" != "root" ]; then
|
||||
cp -rf ${USER_RC_FILE} ${OH_MY_INSTALL_DIR} /root
|
||||
chown -R ${USERNAME}:${USERNAME} ${USER_RC_PATH}
|
||||
fi
|
||||
}
|
||||
|
||||
if [ "${RC_SNIPPET_ALREADY_ADDED}" != "true" ]; then
|
||||
echo "${RC_SNIPPET}" >> /etc/bash.bashrc
|
||||
RC_SNIPPET_ALREADY_ADDED="true"
|
||||
fi
|
||||
install-oh-my bash bashrc.osh-template https://github.com/ohmybash/oh-my-bash
|
||||
|
||||
# Optionally install and configure zsh and Oh My Zsh!
|
||||
if [ "${INSTALL_ZSH}" = "true" ]; then
|
||||
if ! type zsh > /dev/null 2>&1; then
|
||||
apt-get-update-if-needed
|
||||
apt-get install -y zsh
|
||||
fi
|
||||
if [ "${ZSH_ALREADY_INSTALLED}" != "true" ]; then
|
||||
echo "${RC_SNIPPET}" >> /etc/zsh/zshrc
|
||||
ZSH_ALREADY_INSTALLED="true"
|
||||
fi
|
||||
install-oh-my zsh zshrc.zsh-template https://github.com/ohmyzsh/ohmyzsh
|
||||
fi
|
||||
|
||||
# Write marker file
|
||||
mkdir -p "$(dirname "${MARKER_FILE}")"
|
||||
echo -e "\
|
||||
PACKAGES_ALREADY_INSTALLED=${PACKAGES_ALREADY_INSTALLED}\n\
|
||||
EXISTING_NON_ROOT_USER=${EXISTING_NON_ROOT_USER}\n\
|
||||
RC_SNIPPET_ALREADY_ADDED=${RC_SNIPPET_ALREADY_ADDED}\n\
|
||||
ZSH_ALREADY_INSTALLED=${ZSH_ALREADY_INSTALLED}" > "${MARKER_FILE}"
|
||||
|
||||
echo "Done!"
|
||||
|
|
|
@ -3,14 +3,17 @@
|
|||
# Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
|
||||
#-------------------------------------------------------------------------------------------------------------
|
||||
|
||||
# Syntax: ./common-redhat.sh <install zsh flag> <username> <user UID> <user GID>
|
||||
#
|
||||
# Docs: https://github.com/microsoft/vscode-dev-containers/blob/master/script-library/docs/common.md
|
||||
#
|
||||
# Syntax: ./common-redhat.sh [install zsh flag] [username] [user UID] [user GID] [upgrade packages flag] [install Oh My *! flag]
|
||||
|
||||
INSTALL_ZSH=${1:-"true"}
|
||||
USERNAME=${2:-"vscode"}
|
||||
USER_UID=${3:-1000}
|
||||
USER_GID=${4:-1000}
|
||||
USERNAME=${2:-"automatic"}
|
||||
USER_UID=${3:-"automatic"}
|
||||
USER_GID=${4:-"automatic"}
|
||||
UPGRADE_PACKAGES=${5:-"true"}
|
||||
INSTALL_OH_MYS=${6:-"true"}
|
||||
|
||||
set -e
|
||||
|
||||
|
@ -19,70 +22,244 @@ if [ "$(id -u)" -ne 0 ]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
# If in automatic mode, determine if a user already exists, if not use vscode
|
||||
if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
|
||||
USERNAME=""
|
||||
POSSIBLE_USERS=("vscode", "node", "codespace", "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
|
||||
for CURRENT_USER in ${POSSIBLE_USERS[@]}; do
|
||||
if id -u ${CURRENT_USER} > /dev/null 2>&1; then
|
||||
USERNAME=${CURRENT_USER}
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [ "${USERNAME}" = "" ]; then
|
||||
USERNAME=vscode
|
||||
fi
|
||||
elif [ "${USERNAME}" = "none" ]; then
|
||||
USERNAME=root
|
||||
USER_UID=0
|
||||
USER_GID=0
|
||||
fi
|
||||
|
||||
# Load markers to see which steps have already run
|
||||
MARKER_FILE="/usr/local/etc/vscode-dev-containers/common"
|
||||
if [ -f "${MARKER_FILE}" ]; then
|
||||
echo "Marker file found:"
|
||||
cat "${MARKER_FILE}"
|
||||
source "${MARKER_FILE}"
|
||||
fi
|
||||
|
||||
# Install common dependencies
|
||||
if [ "${PACKAGES_ALREADY_INSTALLED}" != "true" ]; then
|
||||
|
||||
PACKAGE_LIST="\
|
||||
git \
|
||||
openssh-clients \
|
||||
gnupg2 \
|
||||
iproute \
|
||||
procps \
|
||||
lsof \
|
||||
net-tools \
|
||||
psmisc \
|
||||
curl \
|
||||
wget \
|
||||
ca-certificates \
|
||||
rsync \
|
||||
unzip \
|
||||
zip \
|
||||
nano \
|
||||
vim-minimal \
|
||||
less \
|
||||
jq \
|
||||
redhat-lsb-core \
|
||||
openssl-libs \
|
||||
krb5-libs \
|
||||
libicu \
|
||||
zlib \
|
||||
sudo \
|
||||
coreutils \
|
||||
sed \
|
||||
grep \
|
||||
which \
|
||||
man-db"
|
||||
|
||||
# Install OpenSSL 1.0 compat if needed
|
||||
if yum -q list compat-openssl10 >/dev/null 2>&1; then
|
||||
PACKAGE_LIST="${PACKAGE_LIST} compat-openssl10"
|
||||
fi
|
||||
|
||||
yum -y install ${PACKAGE_LIST}
|
||||
|
||||
PACKAGES_ALREADY_INSTALLED="true"
|
||||
fi
|
||||
|
||||
# Update to latest versions of packages
|
||||
if [ "${UPGRADE_PACKAGES}" = "true" ]; then
|
||||
yum upgrade -y
|
||||
fi
|
||||
|
||||
# Install common dependencies
|
||||
yum install -y \
|
||||
git \
|
||||
openssh-clients \
|
||||
less \
|
||||
net-tools \
|
||||
which \
|
||||
curl \
|
||||
wget \
|
||||
procps \
|
||||
unzip \
|
||||
nano \
|
||||
jq \
|
||||
gnupg2 \
|
||||
ca-certificates \
|
||||
openssl-libs \
|
||||
krb5-libs \
|
||||
libicu \
|
||||
zlib \
|
||||
man-db
|
||||
|
||||
# Install OpenSSL 1.0 compat if needed
|
||||
if yum -q list compat-openssl10 >/dev/null 2>&1; then
|
||||
yum -y install compat-openssl10
|
||||
fi
|
||||
|
||||
# Create or update a non-root user to match UID/GID - see https://aka.ms/vscode-remote/containers/non-root-user.
|
||||
if id -u $USERNAME > /dev/null 2>&1; then
|
||||
# Create or update a non-root user to match UID/GID.
|
||||
if id -u ${USERNAME} > /dev/null 2>&1; then
|
||||
# User exists, update if needed
|
||||
if [ "$USER_GID" != "$(id -G $USERNAME)" ]; then
|
||||
if [ "${USER_GID}" != "automatic" ] && [ "$USER_GID" != "$(id -G $USERNAME)" ]; then
|
||||
groupmod --gid $USER_GID $USERNAME
|
||||
usermod --gid $USER_GID $USERNAME
|
||||
fi
|
||||
if [ "$USER_UID" != "$(id -u $USERNAME)" ]; then
|
||||
if [ "${USER_UID}" != "automatic" ] && [ "$USER_UID" != "$(id -u $USERNAME)" ]; then
|
||||
usermod --uid $USER_UID $USERNAME
|
||||
fi
|
||||
else
|
||||
# Create user
|
||||
groupadd --gid $USER_GID $USERNAME
|
||||
useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME
|
||||
if [ "${USER_GID}" = "automatic" ]; then
|
||||
groupadd $USERNAME
|
||||
else
|
||||
groupadd --gid $USER_GID $USERNAME
|
||||
fi
|
||||
if [ "${USER_UID}" = "automatic" ]; then
|
||||
useradd -s /bin/bash --gid $USERNAME -m $USERNAME
|
||||
else
|
||||
useradd -s /bin/bash --uid $USER_UID --gid $USERNAME -m $USERNAME
|
||||
fi
|
||||
fi
|
||||
|
||||
# Add add sudo support for non-root user
|
||||
yum install -y sudo
|
||||
echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME
|
||||
chmod 0440 /etc/sudoers.d/$USERNAME
|
||||
|
||||
# Ensure ~/.local/bin is in the PATH for root and non-root users for bash. (zsh is later)
|
||||
echo "export PATH=\$PATH:\$HOME/.local/bin" | tee -a /root/.bashrc >> /home/$USERNAME/.bashrc
|
||||
chown $USER_UID:$USER_GID /home/$USERNAME/.bashrc
|
||||
|
||||
# Optionally install and configure zsh
|
||||
if [ "$INSTALL_ZSH" = "true" ] && [ ! -d "/root/.oh-my-zsh" ]; then
|
||||
yum install -y zsh
|
||||
curl -fsSLo- https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh | bash 2>&1
|
||||
echo "export PATH=\$PATH:\$HOME/.local/bin" >> /root/.zshrc
|
||||
cp -R /root/.oh-my-zsh /home/$USERNAME
|
||||
cp /root/.zshrc /home/$USERNAME
|
||||
sed -i -e "s/\/root\/.oh-my-zsh/\/home\/$USERNAME\/.oh-my-zsh/g" /home/$USERNAME/.zshrc
|
||||
chown -R $USER_UID:$USER_GID /home/$USERNAME/.oh-my-zsh /home/$USERNAME/.zshrc
|
||||
if [ "${USERNAME}" != "root" ] && [ "${EXISTING_NON_ROOT_USER}" != "${USERNAME}" ]; then
|
||||
echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME
|
||||
chmod 0440 /etc/sudoers.d/$USERNAME
|
||||
EXISTING_NON_ROOT_USER="${USERNAME}"
|
||||
fi
|
||||
echo "Done!"
|
||||
|
||||
# ** Shell customization section **
|
||||
if [ "${USERNAME}" = "root" ]; then
|
||||
USER_RC_PATH="/root"
|
||||
else
|
||||
USER_RC_PATH="/home/${USERNAME}"
|
||||
fi
|
||||
|
||||
# bashrc/zshrc snippet
|
||||
RC_SNIPPET="$(cat << EOF
|
||||
export USER=\$(whoami)
|
||||
|
||||
export PATH=\$PATH:\$HOME/.local/bin
|
||||
|
||||
if type code-insiders > /dev/null 2>&1 && ! type code > /dev/null 2>&1; then
|
||||
alias code=code-insiders
|
||||
fi
|
||||
EOF
|
||||
)"
|
||||
|
||||
# Codespaces themes - partly inspired by https://github.com/ohmyzsh/ohmyzsh/blob/master/themes/robbyrussell.zsh-theme
|
||||
CODESPACES_BASH="$(cat \
|
||||
<<EOF
|
||||
#!/usr/bin/env bash
|
||||
prompt() {
|
||||
if [ "\$?" != "0" ]; then
|
||||
local arrow_color=\${bold_red}
|
||||
else
|
||||
local arrow_color=\${reset_color}
|
||||
fi
|
||||
if [ ! -z "\${GITHUB_USER}" ]; then
|
||||
local USERNAME="gh:@\${GITHUB_USER}"
|
||||
else
|
||||
local USERNAME="\$(whoami)"
|
||||
fi
|
||||
local cwd="\$(pwd | sed "s|^\${HOME}|~|")"
|
||||
PS1="\${green}\${USERNAME} \${arrow_color}➜\${reset_color} \${bold_blue}\${cwd}\${reset_color} \$(scm_prompt_info)\${white}$ \${reset_color}"
|
||||
}
|
||||
SCM_THEME_PROMPT_PREFIX="\${reset_color}\${cyan}(\${bold_red}"
|
||||
SCM_THEME_PROMPT_SUFFIX="\${reset_color} "
|
||||
SCM_THEME_PROMPT_DIRTY=" \${bold_yellow}✗\${reset_color}\${cyan})"
|
||||
SCM_THEME_PROMPT_CLEAN="\${reset_color}\${cyan})"
|
||||
SCM_GIT_SHOW_MINIMAL_INFO="true"
|
||||
safe_append_prompt_command prompt
|
||||
EOF
|
||||
)"
|
||||
CODESPACES_ZSH="$(cat \
|
||||
<<EOF
|
||||
prompt() {
|
||||
if [ ! -z "\${GITHUB_USER}" ]; then
|
||||
local USERNAME="gh:@\${GITHUB_USER}"
|
||||
else
|
||||
local USERNAME="\$(whoami)"
|
||||
fi
|
||||
PROMPT="%{\$fg[green]%}\${USERNAME} %(?:%{\$reset_color%}➜ :%{\$fg_bold[red]%}➜ )"
|
||||
PROMPT+='%{\$fg_bold[blue]%}%~%{\$reset_color%} \$(git_prompt_info)%{\$fg[white]%}$ %{\$reset_color%}'
|
||||
}
|
||||
ZSH_THEME_GIT_PROMPT_PREFIX="%{\$fg_bold[cyan]%}(%{\$fg_bold[red]%}"
|
||||
ZSH_THEME_GIT_PROMPT_SUFFIX="%{\$reset_color%} "
|
||||
ZSH_THEME_GIT_PROMPT_DIRTY=" %{\$fg_bold[yellow]%}✗%{\$fg_bold[cyan]%})"
|
||||
ZSH_THEME_GIT_PROMPT_CLEAN="%{\$fg_bold[cyan]%})"
|
||||
prompt
|
||||
EOF
|
||||
)"
|
||||
|
||||
# Adapted Oh My Zsh! install step to work with both "Oh Mys" rather than relying on an installer script
|
||||
# See https://github.com/ohmyzsh/ohmyzsh/blob/master/tools/install.sh for offical script.
|
||||
install-oh-my()
|
||||
{
|
||||
local OH_MY=$1
|
||||
local OH_MY_INSTALL_DIR="${USER_RC_PATH}/.oh-my-${OH_MY}"
|
||||
local TEMPLATE="${OH_MY_INSTALL_DIR}/templates/$2"
|
||||
local OH_MY_GIT_URL=$3
|
||||
local USER_RC_FILE="${USER_RC_PATH}/.${OH_MY}rc"
|
||||
|
||||
if [ -d "${OH_MY_INSTALL_DIR}" ] || [ "${INSTALL_OH_MYS}" != "true" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
umask g-w,o-w
|
||||
mkdir -p ${OH_MY_INSTALL_DIR}
|
||||
git clone --depth=1 \
|
||||
-c core.eol=lf \
|
||||
-c core.autocrlf=false \
|
||||
-c fsck.zeroPaddedFilemode=ignore \
|
||||
-c fetch.fsck.zeroPaddedFilemode=ignore \
|
||||
-c receive.fsck.zeroPaddedFilemode=ignore \
|
||||
${OH_MY_GIT_URL} ${OH_MY_INSTALL_DIR} 2>&1
|
||||
echo -e "$(cat "${TEMPLATE}")\nDISABLE_AUTO_UPDATE=true\nDISABLE_UPDATE_PROMPT=true" > ${USER_RC_FILE}
|
||||
if [ "${OH_MY}" = "bash" ]; then
|
||||
sed -i -e 's/OSH_THEME=.*/OSH_THEME="codespaces"/g' ${USER_RC_FILE}
|
||||
mkdir -p ${OH_MY_INSTALL_DIR}/custom/themes/codespaces
|
||||
echo "${CODESPACES_BASH}" > ${OH_MY_INSTALL_DIR}/custom/themes/codespaces/codespaces.theme.sh
|
||||
else
|
||||
sed -i -e 's/ZSH_THEME=.*/ZSH_THEME="codespaces"/g' ${USER_RC_FILE}
|
||||
mkdir -p ${OH_MY_INSTALL_DIR}/custom/themes
|
||||
echo "${CODESPACES_ZSH}" > ${OH_MY_INSTALL_DIR}/custom/themes/codespaces.zsh-theme
|
||||
fi
|
||||
# Shrink git while still enabling updates
|
||||
cd ${OH_MY_INSTALL_DIR}
|
||||
git repack -a -d -f --depth=1 --window=1
|
||||
|
||||
if [ "${USERNAME}" != "root" ]; then
|
||||
cp -rf ${USER_RC_FILE} ${OH_MY_INSTALL_DIR} /root
|
||||
chown -R ${USERNAME}:${USERNAME} ${USER_RC_PATH}
|
||||
fi
|
||||
}
|
||||
|
||||
if [ "${RC_SNIPPET_ALREADY_ADDED}" != "true" ]; then
|
||||
echo "${RC_SNIPPET}" >> /etc/bashrc
|
||||
RC_SNIPPET_ALREADY_ADDED="true"
|
||||
fi
|
||||
install-oh-my bash bashrc.osh-template https://github.com/ohmybash/oh-my-bash
|
||||
|
||||
# Optionally install and configure zsh and Oh My Zsh!
|
||||
if [ "${INSTALL_ZSH}" = "true" ]; then
|
||||
if ! type zsh > /dev/null 2>&1; then
|
||||
yum install -y zsh
|
||||
fi
|
||||
if [ "${ZSH_ALREADY_INSTALLED}" != "true" ]; then
|
||||
echo "${RC_SNIPPET}" >> /etc/zshrc
|
||||
ZSH_ALREADY_INSTALLED="true"
|
||||
fi
|
||||
install-oh-my zsh zshrc.zsh-template https://github.com/ohmyzsh/ohmyzsh
|
||||
fi
|
||||
|
||||
# Write marker file
|
||||
mkdir -p "$(dirname "${MARKER_FILE}")"
|
||||
echo -e "\
|
||||
PACKAGES_ALREADY_INSTALLED=${PACKAGES_ALREADY_INSTALLED}\n\
|
||||
EXISTING_NON_ROOT_USER=${EXISTING_NON_ROOT_USER}\n\
|
||||
RC_SNIPPET_ALREADY_ADDED=${RC_SNIPPET_ALREADY_ADDED}\n\
|
||||
ZSH_ALREADY_INSTALLED=${ZSH_ALREADY_INSTALLED}" > "${MARKER_FILE}"
|
||||
|
||||
echo "Done!"
|
||||
|
|
|
@ -1,10 +1,17 @@
|
|||
#!/usr/bin/env bash
|
||||
# Syntax: ./docker-redhat.sh <enable non-root docker socket access flag> <source socket> <target socket> <non-root user>
|
||||
#-------------------------------------------------------------------------------------------------------------
|
||||
# Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
|
||||
#-------------------------------------------------------------------------------------------------------------
|
||||
#
|
||||
# Docs: https://github.com/microsoft/vscode-dev-containers/blob/master/script-library/docs/docker.md
|
||||
#
|
||||
# Syntax: ./docker-redhat.sh [enable non-root docker socket access flag] [source socket] [target socket] [non-root user]
|
||||
|
||||
ENABLE_NONROOT_DOCKER=${1:-"true"}
|
||||
SOURCE_SOCKET=${2:-"/var/run/docker-host.sock"}
|
||||
TARGET_SOCKET=${3:-"/var/run/docker.sock"}
|
||||
NONROOT_USER=${4:-"vscode"}
|
||||
USERNAME=${4:-"automatic"}
|
||||
|
||||
set -e
|
||||
|
||||
|
@ -13,9 +20,26 @@ if [ "$(id -u)" -ne 0 ]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
# Determine the appropriate non-root user
|
||||
if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
|
||||
USERNAME=""
|
||||
POSSIBLE_USERS=("vscode", "node", "codespace", "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
|
||||
for CURRENT_USER in ${POSSIBLE_USERS[@]}; do
|
||||
if id -u ${CURRENT_USER} > /dev/null 2>&1; then
|
||||
USERNAME=${CURRENT_USER}
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [ "${USERNAME}" = "" ]; then
|
||||
USERNAME=root
|
||||
fi
|
||||
elif [ "${USERNAME}" = "none" ] || ! id -u ${USERNAME} > /dev/null 2>&1; then
|
||||
USERNAME=root
|
||||
fi
|
||||
|
||||
# Install Prerequisites
|
||||
yum -y install deltarpm
|
||||
yum -y install ca-certificates curl gnupg2 dnf net-tools dialog git openssh-clients curl less procps
|
||||
yum -y install ca-certificates curl gnupg2 dnf net-tools dialog git openssh-clients curl less procps
|
||||
|
||||
# Try to load os-release
|
||||
. /etc/os-release 2>/dev/null
|
||||
|
@ -61,13 +85,13 @@ chmod +x /usr/local/bin/docker-compose
|
|||
if [ "${SOURCE_SOCKET}" != "${TARGET_SOCKET}" ]; then
|
||||
touch "${SOURCE_SOCKET}"
|
||||
ln -s "${SOURCE_SOCKET}" "${TARGET_SOCKET}"
|
||||
chown -h "${NONROOT_USER}" "${TARGET_SOCKET}"
|
||||
chown -h "${USERNAME}" "${TARGET_SOCKET}"
|
||||
fi
|
||||
|
||||
# If enabling non-root access, setup socat
|
||||
if [ "${ENABLE_NONROOT_DOCKER}" = "true" ]; then
|
||||
yum -y install socat
|
||||
tee /usr/local/share/docker-init.sh \
|
||||
tee /usr/local/share/docker-init.sh > /dev/null \
|
||||
<< EOF
|
||||
#!/usr/bin/env bash
|
||||
set -e
|
||||
|
@ -93,12 +117,12 @@ log()
|
|||
}
|
||||
|
||||
echo -e "\n** \$(date) **" | sudoIf tee -a \${SOCAT_LOG} > /dev/null
|
||||
log "Ensuring ${NONROOT_USER} has access to ${SOURCE_SOCKET} via ${TARGET_SOCKET}"
|
||||
log "Ensuring ${USERNAME} has access to ${SOURCE_SOCKET} via ${TARGET_SOCKET}"
|
||||
|
||||
# If enabled, try to add a docker group with the right GID. If the group is root,
|
||||
# fall back on using socat to forward the docker socket to another unix socket so
|
||||
# that we can set permissions on it without affecting the host.
|
||||
if [ "${ENABLE_NONROOT_DOCKER}" = "true" ] && [ "${SOURCE_SOCKET}" != "${TARGET_SOCKET}" ] && [ "${NONROOT_USER}" != "root" ] && [ "${NONROOT_USER}" != "0" ]; then
|
||||
if [ "${ENABLE_NONROOT_DOCKER}" = "true" ] && [ "${SOURCE_SOCKET}" != "${TARGET_SOCKET}" ] && [ "${USERNAME}" != "root" ] && [ "${USERNAME}" != "0" ]; then
|
||||
SOCKET_GID=\$(stat -c '%g' ${SOURCE_SOCKET})
|
||||
if [ "\${SOCKET_GID}" != "0" ]; then
|
||||
log "Adding user to group with GID \${SOCKET_GID}."
|
||||
|
@ -106,8 +130,8 @@ if [ "${ENABLE_NONROOT_DOCKER}" = "true" ] && [ "${SOURCE_SOCKET}" != "${TARGET_
|
|||
sudoIf groupadd --gid \${SOCKET_GID} docker-host
|
||||
fi
|
||||
# Add user to group if not already in it
|
||||
if [ "\$(id ${NONROOT_USER} | grep -E 'groups=.+\${SOCKET_GID}\(')" = "" ]; then
|
||||
sudoIf usermod -aG \${SOCKET_GID} ${NONROOT_USER}
|
||||
if [ "\$(id ${USERNAME} | grep -E 'groups=.+\${SOCKET_GID}\(')" = "" ]; then
|
||||
sudoIf usermod -aG \${SOCKET_GID} ${USERNAME}
|
||||
fi
|
||||
else
|
||||
# Enable proxy if not already running
|
||||
|
@ -115,7 +139,7 @@ if [ "${ENABLE_NONROOT_DOCKER}" = "true" ] && [ "${SOURCE_SOCKET}" != "${TARGET_
|
|||
log "Enabling socket proxy."
|
||||
log "Proxying ${SOURCE_SOCKET} to ${TARGET_SOCKET} for vscode"
|
||||
sudoIf rm -rf ${TARGET_SOCKET}
|
||||
(sudoIf socat UNIX-LISTEN:${TARGET_SOCKET},fork,mode=660,user=${NONROOT_USER} UNIX-CONNECT:${SOURCE_SOCKET} 2>&1 | sudoIf tee -a \${SOCAT_LOG} > /dev/null & echo "\$!" | sudoIf tee \${SOCAT_PID} > /dev/null)
|
||||
(sudoIf socat UNIX-LISTEN:${TARGET_SOCKET},fork,mode=660,user=${USERNAME} UNIX-CONNECT:${SOURCE_SOCKET} 2>&1 | sudoIf tee -a \${SOCAT_LOG} > /dev/null & echo "\$!" | sudoIf tee \${SOCAT_PID} > /dev/null)
|
||||
else
|
||||
log "Socket proxy already running."
|
||||
fi
|
||||
|
|
Загрузка…
Ссылка в новой задаче