NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commitbfc8a10

authored

feat(dogfood): install nix package manager (#5308)

Co-authored-by: Dean Sheather <dean@deansheather.com>Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>Co-authored-by: Kyle Carberry <kyle@carberry.com>

1 parent721957d commitbfc8a10Copy full SHA for bfc8a10

File tree

2 files changed

+61

-1

lines changed

dogfood
- Dockerfile
- main.tf

2 files changed

+61

-1

lines changed

`‎dogfood/Dockerfile`

Lines changed: 20 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -316,7 +316,24 @@ COPY --from=go /tmp/bin /usr/local/bin`
`316`	`316`	`COPY --from=rust-utils /tmp/bin /usr/local/bin`
`317`	`317`	`COPY --from=proto /tmp/bin /usr/local/bin`
`318`	`318`
`319`		`-USER coder`
	`319`	`+# Configure Nix without sandboxing`
	`320`	`+# - https://github.com/NixOS/nix/issues/2636#issuecomment-455302745`
	`321`	`+# - https://nixos.org/manual/nix/stable/installation/multi-user.html#setting-up-the-build-users`
	`322`	`+RUN addgroup --system nixbld \`
	`323`	`+&& adduser coder nixbld \`
	`324`	`+&& for i in $(seq 1 30); do useradd -ms /bin/bash nixbld$i && adduser nixbld$i nixbld; done \`
	`325`	`+&& mkdir -m 0755 /nix && chown coder:coder /nix \`
	`326`	`+&& mkdir -p /etc/nix && echo'sandbox = false' > /etc/nix/nix.conf`
	`327`	`+`
	`328`	`+# Install Nix`
	`329`	`+ARG NIX_VERSION=2.3.15`
	`330`	`+RUN cd /opt \`
	`331`	`+&& curl --silent --show-error --location \`
	`332`	`+"https://releases.nixos.org/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-x86_64-linux.tar.xz" \`
	`333`	`+-o"nix-${NIX_VERSION}-x86_64-linux.tar.xz" \`
	`334`	`+&& tar -xf"nix-${NIX_VERSION}-x86_64-linux.tar.xz" \`
	`335`	`+&& ln -s"nix-${NIX_VERSION}-x86_64-linux" nix \`
	`336`	`+&& rm -rf"nix-${NIX_VERSION}-x86_64-linux.tar.xz"`
`320`	`337`
`321`	`338`	`# Ensure go bins are in the 'coder' user's path. Note that no go bins are`
`322`	`339`	`# installed in this docker file, as they'd be mounted over by the persistent`
`@@ -332,3 +349,5 @@ ENV GOPRIVATE="coder.com,cdr.dev,go.coder.com,github.com/cdr,github.com/coder"`
`332`	`349`
`333`	`350`	`# Increase memory allocation to NodeJS`
`334`	`351`	`ENV NODE_OPTIONS="--max-old-space-size=8192"`
	`352`	`+`
	`353`	`+USER coder`

`‎dogfood/main.tf`

Lines changed: 41 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -63,10 +63,19 @@ resource "coder_agent" "dev" {`
`63`	`63`	`startup_script=<<EOF`
`64`	`64`	`#!/bin/sh`
`65`	`65`	`set -x`
	`66`	`+`
`66`	`67`	`# install and start code-server`
`67`	`68`	`curl -fsSL https://code-server.dev/install.sh \| sh -s -- --version 4.8.3`
`68`	`69`	`code-server --auth none --port 13337 &`
	`70`	`+`
`69`	`71`	`sudo service docker start`
	`72`	`+`
	`73`	+ # Install Nix into our bash profile so `nix-shell`, `nix-build, and `nix` are available
	`74`	`+ bash /opt/nix/install --no-daemon`
	`75`	`+ if ! grep -q '. ~/.nix-profile/etc/profile.d/nix.sh' ~/.bashrc; then`
	`76`	`+ echo '. ~/.nix-profile/etc/profile.d/nix.sh' >> ~/.bashrc`
	`77`	`+ fi`
	`78`	`+`
`70`	`79`	`DOTFILES_URI=${var.dotfiles_uri}`
`71`	`80`	`rm -f ~/.personalize.log`
`72`	`81`	`if [ -n "$DOTFILES_URI" ]; then`
`@@ -123,6 +132,33 @@ resource "docker_volume" "home_volume" {`
`123`	`132`	`}`
`124`	`133`	`}`
`125`	`134`
	`135`	`+resource"docker_volume""nix_volume" {`
	`136`	`+name="coder-${data.coder_workspace.me.id}-nix"`
	`137`	`+# Protect the volume from being deleted due to changes in attributes.`
	`138`	`+lifecycle {`
	`139`	`+ignore_changes=all`
	`140`	`+ }`
	`141`	`+# Add labels in Docker to keep track of orphan resources.`
	`142`	`+labels {`
	`143`	`+label="coder.owner"`
	`144`	`+value=data.coder_workspace.me.owner`
	`145`	`+ }`
	`146`	`+labels {`
	`147`	`+label="coder.owner_id"`
	`148`	`+value=data.coder_workspace.me.owner_id`
	`149`	`+ }`
	`150`	`+labels {`
	`151`	`+label="coder.workspace_id"`
	`152`	`+value=data.coder_workspace.me.id`
	`153`	`+ }`
	`154`	`+# This field becomes outdated if the workspace is renamed but can`
	`155`	`+# be useful for debugging or cleaning out dangling volumes.`
	`156`	`+labels {`
	`157`	`+label="coder.workspace_name_at_creation"`
	`158`	`+value=data.coder_workspace.me.name`
	`159`	`+ }`
	`160`	`+}`
	`161`	`+`
`126`	`162`	`resource"coder_metadata""home_info" {`
`127`	`163`	`resource_id=docker_volume.home_volume.id`
`128`	`164`	`item {`
`@@ -174,6 +210,11 @@ resource "docker_container" "workspace" {`
`174`	`210`	`volume_name=docker_volume.home_volume.name`
`175`	`211`	`read_only=false`
`176`	`212`	`}`
	`213`	`+volumes {`
	`214`	`+container_path="/nix"`
	`215`	`+volume_name=docker_volume.nix_volume.name`
	`216`	`+read_only=false`
	`217`	`+ }`
`177`	`218`	`# Add labels in Docker to keep track of orphan resources.`
`178`	`219`	`labels {`
`179`	`220`	`label="coder.owner"`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitbfc8a10

File tree

2 files changed

2 files changed

`‎dogfood/Dockerfile`

`‎dogfood/main.tf`

0 commit comments