pkgs/servers/code-server/default.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / servers / code-server / default.nix
at 23.05-pre 257 lines 9.2 kB view raw
  1{ lib, stdenv, fetchFromGitHub, buildGoModule, makeWrapper, runCommand
  2, cacert, moreutils, jq, git, rsync, pkg-config, yarn, python3
  3, esbuild, nodejs-14_x, node-gyp, libsecret, xorg, ripgrep
  4, AppKit, Cocoa, CoreServices, Security, cctools, xcbuild }:
  5
  6let
  7  system = stdenv.hostPlatform.system;
  8
  9  nodejs = nodejs-14_x;
 10  python = python3;
 11  yarn' = yarn.override { inherit nodejs; };
 12  defaultYarnOpts = [ "frozen-lockfile" "non-interactive" "no-progress"];
 13
 14  # replaces esbuild's download script with a binary from nixpkgs
 15  patchEsbuild = path : version : ''
 16    mkdir -p ${path}/node_modules/esbuild/bin
 17    jq "del(.scripts.postinstall)" ${path}/node_modules/esbuild/package.json | sponge ${path}/node_modules/esbuild/package.json
 18    sed -i 's/${version}/${esbuild.version}/g' ${path}/node_modules/esbuild/lib/main.js
 19    ln -s -f ${esbuild}/bin/esbuild ${path}/node_modules/esbuild/bin/esbuild
 20  '';
 21
 22in stdenv.mkDerivation rec {
 23  pname = "code-server";
 24  version = "4.0.1";
 25  commit = "7fe23daf009e5234eaa54a1ea5ff26df384c47ac";
 26
 27  src = fetchFromGitHub {
 28    owner = "cdr";
 29    repo = "code-server";
 30    rev = "v${version}";
 31    sha256 = "1s3dcmzlkyh7qfs3ai1p7dlp45iys0ax1fbxxz17p395pw9anrrl";
 32  };
 33
 34  cloudAgent = buildGoModule rec {
 35    pname = "cloud-agent";
 36    version = "0.2.3";
 37
 38    src = fetchFromGitHub {
 39      owner = "cdr";
 40      repo = "cloud-agent";
 41      rev = "v${version}";
 42      sha256 = "14i1qq273f0yn5v52ryiqwj7izkd1yd212di4gh4bqypmmzhw3jj";
 43    };
 44
 45    vendorSha256 = "0k9v10wkzx53r5syf6bmm81gr4s5dalyaa07y9zvx6vv5r2h0661";
 46
 47    postPatch = ''
 48      # the cloud-agent release tag has an empty version string, so add it back in
 49      substituteInPlace internal/version/version.go \
 50        --replace 'var Version string' 'var Version string = "v${version}"'
 51    '';
 52  };
 53
 54  yarnCache = stdenv.mkDerivation {
 55    name = "${pname}-${version}-${system}-yarn-cache";
 56    inherit src;
 57    nativeBuildInputs = [ yarn' git cacert ];
 58    buildPhase = ''
 59      export HOME=$PWD
 60      export GIT_SSL_CAINFO="${cacert}/etc/ssl/certs/ca-bundle.crt"
 61
 62      yarn --cwd "./vendor" install --modules-folder modules --ignore-scripts --frozen-lockfile
 63
 64      yarn config set yarn-offline-mirror $out
 65      find "$PWD" -name "yarn.lock" -printf "%h\n" | \
 66        xargs -I {} yarn --cwd {} \
 67          --frozen-lockfile --ignore-scripts --ignore-platform \
 68          --ignore-engines --no-progress --non-interactive
 69    '';
 70    outputHashMode = "recursive";
 71    outputHashAlgo = "sha256";
 72
 73    # to get hash values use nix-build -A code-server.prefetchYarnCache
 74    outputHash = "0qmfsirld1qfl2s26rxbpmvxsyj2pvzkgk8w89zlrgbhgc5fj8p9";
 75  };
 76
 77  nativeBuildInputs = [
 78    nodejs yarn' python pkg-config makeWrapper git rsync jq moreutils
 79  ];
 80  buildInputs = lib.optionals (!stdenv.isDarwin) [ libsecret ]
 81    ++ (with xorg; [ libX11 libxkbfile ])
 82    ++ lib.optionals stdenv.isDarwin [
 83      AppKit Cocoa CoreServices Security cctools xcbuild
 84    ];
 85
 86  patches = [
 87    # remove download of coder-cloud agent
 88    ./remove-cloud-agent-download.patch
 89  ];
 90
 91  postPatch = ''
 92    export HOME=$PWD
 93
 94    patchShebangs ./ci
 95
 96    # inject git commit
 97    substituteInPlace ci/build/build-release.sh \
 98      --replace '$(git rev-parse HEAD)' "$commit"
 99  '';
100
101  configurePhase = ''
102    # run yarn offline by default
103    echo '--install.offline true' >> .yarnrc
104
105    # set default yarn opts
106    ${lib.concatMapStrings (option: ''
107      yarn --offline config set ${option}
108    '') defaultYarnOpts}
109
110    # set offline mirror to yarn cache we created in previous steps
111    yarn --offline config set yarn-offline-mirror "${yarnCache}"
112
113    # link coder-cloud agent from nix store
114    mkdir -p lib
115    ln -s "${cloudAgent}/bin/cloud-agent" ./lib/coder-cloud-agent
116
117    # skip unnecessary electron download
118    export ELECTRON_SKIP_BINARY_DOWNLOAD=1
119
120    # set nodedir to prevent node-gyp from downloading headers
121    # taken from https://nixos.org/manual/nixpkgs/stable/#javascript-tool-specific
122    mkdir -p $HOME/.node-gyp/${nodejs.version}
123    echo 9 > $HOME/.node-gyp/${nodejs.version}/installVersion
124    ln -sfv ${nodejs}/include $HOME/.node-gyp/${nodejs.version}
125    export npm_config_nodedir=${nodejs}
126
127    # use updated node-gyp. fixes the following error on Darwin:
128    # PermissionError: [Errno 1] Operation not permitted: '/usr/sbin/pkgutil'
129    export npm_config_node_gyp=${node-gyp}/lib/node_modules/node-gyp/bin/node-gyp.js
130  '';
131
132  buildPhase = ''
133    # install code-server dependencies
134    yarn --offline --ignore-scripts
135
136    # patch shebangs of everything to allow binary packages to build
137    patchShebangs .
138
139    # Skip shellcheck download
140    jq "del(.scripts.preinstall)" node_modules/shellcheck/package.json | sponge node_modules/shellcheck/package.json
141
142    # rebuild binary packages now that scripts have been patched
143    npm rebuild
144
145    # Replicate ci/dev/postinstall.sh
146    echo "----- Replicate ci/dev/postinstall.sh"
147    yarn --cwd "./vendor" install --modules-folder modules --offline --ignore-scripts --frozen-lockfile
148
149    # Replicate vendor/postinstall.sh
150    echo " ----- Replicate vendor/postinstall.sh"
151    yarn --cwd "./vendor/modules/code-oss-dev" --offline --frozen-lockfile --ignore-scripts install
152
153    # remove all built-in extensions, as these are 3rd party extensions that
154    # get downloaded from vscode marketplace
155    jq --slurp '.[0] * .[1]' "vendor/modules/code-oss-dev/product.json" <(
156      cat << EOF
157    {
158      "builtInExtensions": []
159    }
160    EOF
161    ) | sponge vendor/modules/code-oss-dev/product.json
162
163    # disable automatic updates
164    sed -i '/update.mode/,/\}/{s/default:.*/default: "none",/g}' \
165      vendor/modules/code-oss-dev/src/vs/platform/update/common/update.config.contribution.ts
166
167    # put ripgrep binary into bin, so postinstall does not try to download it
168    find -name vscode-ripgrep -type d \
169      -execdir mkdir -p {}/bin \; \
170      -execdir ln -s ${ripgrep}/bin/rg {}/bin/rg \;
171
172    # Playwright is only needed for tests, we can disable it for builds.
173    # There's an environment variable to disable downloads, but the package makes a breaking call to
174    # sw_vers before that variable is checked.
175    patch -p1 -i ${./playwright.patch}
176
177    # Patch out remote download of nodejs from build script
178    patch -p1 -i ${./remove-node-download.patch}
179
180    # Replicate install vscode dependencies without running script for all vscode packages
181    # that require patching for postinstall scripts to succeed
182    find ./vendor/modules/code-oss-dev -path "*node_modules" -prune -o \
183      -path "./*/*/*/*/*" -name "yarn.lock" -printf "%h\n" | \
184        xargs -I {} yarn --cwd {} \
185          --frozen-lockfile --offline --ignore-scripts --ignore-engines
186
187
188    # patch shebangs of everything to allow binary packages to build
189    patchShebangs .
190
191    ${patchEsbuild "./vendor/modules/code-oss-dev/build" "0.12.6"}
192    ${patchEsbuild "./vendor/modules/code-oss-dev/extensions" "0.11.23"}
193  '' + lib.optionalString stdenv.isDarwin ''
194    # use prebuilt binary for @parcel/watcher, which requires macOS SDK 10.13+
195    # (see issue #101229)
196    pushd ./vendor/modules/code-oss-dev/remote/node_modules/@parcel/watcher
197    mkdir -p ./build/Release
198    mv ./prebuilds/darwin-x64/node.napi.glibc.node ./build/Release/watcher.node
199    jq "del(.scripts) | .gypfile = false" ./package.json | sponge ./package.json
200    popd
201  '' + ''
202    # rebuild binaries, we use npm here, as yarn does not provide an alternative
203    # that would not attempt to try to reinstall everything and break our
204    # patching attempts
205    npm rebuild --prefix vendor/modules/code-oss-dev --update-binary
206
207    # run postinstall scripts after patching
208    find ./vendor/modules/code-oss-dev -path "*node_modules" -prune -o \
209      -path "./*/*/*/*/*" -name "yarn.lock" -printf "%h\n" | \
210        xargs -I {} sh -c 'jq -e ".scripts.postinstall" {}/package.json >/dev/null && yarn --cwd {} postinstall --frozen-lockfile --offline || true'
211
212    # build code-server
213    yarn build
214
215    # build vscode
216    yarn build:vscode
217
218    # create release
219    yarn release
220  '';
221
222  installPhase = ''
223    mkdir -p $out/libexec/code-server $out/bin
224
225    # copy release to libexec path
226    cp -R -T release "$out/libexec/code-server"
227
228    # install only production dependencies
229    yarn --offline --cwd "$out/libexec/code-server" --production
230
231    # link coder-cloud agent from nix store
232    mkdir -p $out/libexec/code-server/lib
233    ln -s "${cloudAgent}/bin/cloud-agent" $out/libexec/code-server/lib/coder-cloud-agent
234
235    # create wrapper
236    makeWrapper "${nodejs-14_x}/bin/node" "$out/bin/code-server" \
237      --add-flags "$out/libexec/code-server/out/node/entry.js"
238  '';
239
240  passthru = {
241    prefetchYarnCache = lib.overrideDerivation yarnCache (d: {
242      outputHash = lib.fakeSha256;
243    });
244  };
245
246  meta = with lib; {
247    description = "Run VS Code on a remote server";
248    longDescription = ''
249      code-server is VS Code running on a remote server, accessible through the
250      browser.
251    '';
252    homepage = "https://github.com/cdr/code-server";
253    license = licenses.mit;
254    maintainers = with maintainers; [ offline ];
255    platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ];
256  };
257}