nixpkgs/pkgs/servers/code-server/default.nix
2021-11-01 05:13:39 +00:00

250 lines
8.9 KiB
Nix

{ lib, stdenv, fetchFromGitHub, buildGoModule, makeWrapper, runCommand
, moreutils, jq, git, cacert, zip, rsync, pkg-config, yarn, python3
, esbuild, nodejs-14_x, libsecret, xorg, ripgrep
, AppKit, Cocoa, Security, cctools }:
let
system = stdenv.hostPlatform.system;
nodejs = nodejs-14_x;
python = python3;
yarn' = yarn.override { inherit nodejs; };
defaultYarnOpts = [ "frozen-lockfile" "non-interactive" "no-progress"];
in stdenv.mkDerivation rec {
pname = "code-server";
version = "3.12.0";
commit = "798dc0baf284416dbbf951e4ef596beeab6cb6c4";
src = fetchFromGitHub {
owner = "cdr";
repo = "code-server";
rev = "v${version}";
sha256 = "17v3sz0wjrmikmzyh9xswr4kf1vcj9njlibqb4wwj0pq0d72wdvl";
};
cloudAgent = buildGoModule rec {
pname = "cloud-agent";
version = "0.2.3";
src = fetchFromGitHub {
owner = "cdr";
repo = "cloud-agent";
rev = "v${version}";
sha256 = "14i1qq273f0yn5v52ryiqwj7izkd1yd212di4gh4bqypmmzhw3jj";
};
vendorSha256 = "0k9v10wkzx53r5syf6bmm81gr4s5dalyaa07y9zvx6vv5r2h0661";
postPatch = ''
# the cloud-agent release tag has an empty version string, so add it back in
substituteInPlace internal/version/version.go \
--replace 'var Version string' 'var Version string = "v${version}"'
'';
};
yarnCache = stdenv.mkDerivation {
name = "${pname}-${version}-${system}-yarn-cache";
inherit src;
nativeBuildInputs = [ yarn' git cacert ];
buildPhase = ''
export HOME=$PWD
export GIT_SSL_CAINFO="${cacert}/etc/ssl/certs/ca-bundle.crt"
yarn --cwd "./vendor" install --modules-folder modules --ignore-scripts --frozen-lockfile
yarn config set yarn-offline-mirror $out
find "$PWD" -name "yarn.lock" -printf "%h\n" | \
xargs -I {} yarn --cwd {} \
--frozen-lockfile --ignore-scripts --ignore-platform \
--ignore-engines --no-progress --non-interactive
'';
outputHashMode = "recursive";
outputHashAlgo = "sha256";
# to get hash values use nix-build -A code-server.prefetchYarnCache
outputHash = {
x86_64-linux = "1clfdl9hy5j2dj6jj6a9vgq0wzllfj0h2hbb73959k3w85y4ad2w";
aarch64-linux = "1clfdl9hy5j2dj6jj6a9vgq0wzllfj0h2hbb73959k3w85y4ad2w";
x86_64-darwin = "1clfdl9hy5j2dj6jj6a9vgq0wzllfj0h2hbb73959k3w85y4ad2w";
}.${system} or (throw "Unsupported system ${system}");
};
# Extract the Node.js source code which is used to compile packages with
# native bindings
nodeSources = runCommand "node-sources" {} ''
tar --no-same-owner --no-same-permissions -xf ${nodejs.src}
mv node-* $out
'';
nativeBuildInputs = [
nodejs yarn' python pkg-config zip makeWrapper git rsync jq moreutils
];
buildInputs = lib.optionals (!stdenv.isDarwin) [ libsecret ]
++ (with xorg; [ libX11 libxkbfile ])
++ lib.optionals stdenv.isDarwin [
AppKit Cocoa Security cctools
];
patches = [
# remove download of coder-cloud agent
./remove-cloud-agent-download.patch
];
postPatch = ''
export HOME=$PWD
patchShebangs ./ci
# inject git commit
substituteInPlace ci/build/build-release.sh \
--replace '$(git rev-parse HEAD)' "$commit"
'';
configurePhase = ''
# run yarn offline by default
echo '--install.offline true' >> .yarnrc
# set default yarn opts
${lib.concatMapStrings (option: ''
yarn --offline config set ${option}
'') defaultYarnOpts}
# set offline mirror to yarn cache we created in previous steps
yarn --offline config set yarn-offline-mirror "${yarnCache}"
# link coder-cloud agent from nix store
mkdir -p lib
ln -s "${cloudAgent}/bin/cloud-agent" ./lib/coder-cloud-agent
# skip unnecessary electron download
export ELECTRON_SKIP_BINARY_DOWNLOAD=1
'' + lib.optionalString stdenv.isLinux ''
# set nodedir, so we can build binaries later
npm config set nodedir "${nodeSources}"
'';
buildPhase = ''
# install code-server dependencies
yarn --offline --ignore-scripts
# patch shebangs of everything to allow binary packages to build
patchShebangs .
# Skip shellcheck download
jq "del(.scripts.preinstall)" node_modules/shellcheck/package.json | sponge node_modules/shellcheck/package.json
# rebuild binary packages now that scripts have been patched
npm rebuild
# Replicate ci/dev/postinstall.sh
echo "----- Replicate ci/dev/postinstall.sh"
yarn --cwd "./vendor" install --modules-folder modules --offline --ignore-scripts --frozen-lockfile
# Replicate vendor/postinstall.sh
echo " ----- Replicate vendor/postinstall.sh"
yarn --cwd "./vendor/modules/code-oss-dev" --offline --frozen-lockfile --ignore-scripts install
# remove all built-in extensions, as these are 3rd party extensions that
# get downloaded from vscode marketplace
jq --slurp '.[0] * .[1]' "vendor/modules/code-oss-dev/product.json" <(
cat << EOF
{
"builtInExtensions": []
}
EOF
) | sponge vendor/modules/code-oss-dev/product.json
# disable automatic updates
sed -i '/update.mode/,/\}/{s/default:.*/default: "none",/g}' \
vendor/modules/code-oss-dev/src/vs/platform/update/common/update.config.contribution.ts
# put ripgrep binary into bin, so postinstall does not try to download it
find -name vscode-ripgrep -type d \
-execdir mkdir -p {}/bin \; \
-execdir ln -s ${ripgrep}/bin/rg {}/bin/rg \;
# Playwright is only needed for tests, we can disable it for builds.
# There's an environment variable to disable downloads, but the package makes a breaking call to
# sw_vers before that variable is checked.
patch -p1 -i ${./playwright.patch}
# Replicate install vscode dependencies without running script for all vscode packages
# that require patching for postinstall scripts to succeed
find ./vendor/modules/code-oss-dev -path "*node_modules" -prune -o \
-path "./*/*/*/*/*" -name "yarn.lock" -printf "%h\n" | \
xargs -I {} yarn --cwd {} \
--frozen-lockfile --offline --ignore-scripts --ignore-engines
# patch shebangs of everything to allow binary packages to build
patchShebangs .
# patch build esbuild
mkdir -p vendor/modules/code-oss-dev/build/node_modules/esbuild/bin
jq "del(.scripts.postinstall)" vendor/modules/code-oss-dev/build/node_modules/esbuild/package.json | sponge vendor/modules/code-oss-dev/build/node_modules/esbuild/package.json
sed -i 's/0.12.6/${esbuild.version}/g' vendor/modules/code-oss-dev/build/node_modules/esbuild/lib/main.js
ln -s -f ${esbuild}/bin/esbuild vendor/modules/code-oss-dev/build/node_modules/esbuild/bin/esbuild
# patch extensions esbuild
mkdir -p vendor/modules/code-oss-dev/extensions/node_modules/esbuild/bin
jq "del(.scripts.postinstall)" vendor/modules/code-oss-dev/extensions/node_modules/esbuild/package.json | sponge vendor/modules/code-oss-dev/extensions/node_modules/esbuild/package.json
sed -i 's/0.11.12/${esbuild.version}/g' vendor/modules/code-oss-dev/extensions/node_modules/esbuild/lib/main.js
ln -s -f ${esbuild}/bin/esbuild vendor/modules/code-oss-dev/extensions/node_modules/esbuild/bin/esbuild
# rebuild binaries, we use npm here, as yarn does not provide an alternative
# that would not attempt to try to reinstall everything and break our
# patching attempts
npm rebuild --prefix vendor/modules/code-oss-dev --update-binary
# run postinstall scripts after patching
find ./vendor/modules/code-oss-dev -path "*node_modules" -prune -o \
-path "./*/*/*/*/*" -name "yarn.lock" -printf "%h\n" | \
xargs -I {} sh -c 'jq -e ".scripts.postinstall" {}/package.json >/dev/null && yarn --cwd {} postinstall --frozen-lockfile --offline || true'
# build code-server
yarn build
# build vscode
yarn build:vscode
# create release
yarn release
'';
installPhase = ''
mkdir -p $out/libexec/code-server $out/bin
# copy release to libexec path
cp -R -T release "$out/libexec/code-server"
# install only production dependencies
yarn --offline --cwd "$out/libexec/code-server" --production
# link coder-cloud agent from nix store
mkdir -p $out/libexec/code-server/lib
ln -s "${cloudAgent}/bin/cloud-agent" $out/libexec/code-server/lib/coder-cloud-agent
# create wrapper
makeWrapper "${nodejs-14_x}/bin/node" "$out/bin/code-server" \
--add-flags "$out/libexec/code-server/out/node/entry.js"
'';
passthru = {
prefetchYarnCache = lib.overrideDerivation yarnCache (d: {
outputHash = lib.fakeSha256;
});
};
meta = with lib; {
description = "Run VS Code on a remote server";
longDescription = ''
code-server is VS Code running on a remote server, accessible through the
browser.
'';
homepage = "https://github.com/cdr/code-server";
license = licenses.mit;
maintainers = with maintainers; [ offline ];
platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ];
};
}