pyrox.dev
1{
2 lib,
3 stdenv,
4 fetchFromGitHub,
5 buildGoModule,
6 makeWrapper,
7 cacert,
8 moreutils,
9 jq,
10 git,
11 rsync,
12 pkg-config,
13 yarn,
14 python3,
15 esbuild,
16 nodejs,
17 node-gyp,
18 libsecret,
19 xorg,
20 ripgrep,
21 cctools,
22 xcbuild,
23 quilt,
24 nixosTests,
25}:
26
27let
28 system = stdenv.hostPlatform.system;
29
30 python = python3;
31 yarn' = yarn.override { inherit nodejs; };
32 defaultYarnOpts = [ ];
33
34 esbuild' = esbuild.override {
35 buildGoModule =
36 args:
37 buildGoModule (
38 args
39 // rec {
40 version = "0.16.17";
41 src = fetchFromGitHub {
42 owner = "evanw";
43 repo = "esbuild";
44 rev = "v${version}";
45 hash = "sha256-8L8h0FaexNsb3Mj6/ohA37nYLFogo5wXkAhGztGUUsQ=";
46 };
47 vendorHash = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ=";
48 }
49 );
50 };
51
52 # replaces esbuild's download script with a binary from nixpkgs
53 patchEsbuild = path: version: ''
54 mkdir -p ${path}/node_modules/esbuild/bin
55 jq "del(.scripts.postinstall)" ${path}/node_modules/esbuild/package.json | sponge ${path}/node_modules/esbuild/package.json
56 sed -i 's/${version}/${esbuild'.version}/g' ${path}/node_modules/esbuild/lib/main.js
57 ln -s -f ${esbuild'}/bin/esbuild ${path}/node_modules/esbuild/bin/esbuild
58 '';
59
60 # Comment from @code-asher, the code-server maintainer
61 # See https://github.com/NixOS/nixpkgs/pull/240001#discussion_r1244303617
62 #
63 # If the commit is missing it will break display languages (Japanese, Spanish,
64 # etc). For some reason VS Code has a hard dependency on the commit being set
65 # for that functionality.
66 # The commit is also used in cache busting. Without the commit you could run
67 # into issues where the browser is loading old versions of assets from the
68 # cache.
69 # Lastly, it can be helpful for the commit to be accurate in bug reports
70 # especially when they are built outside of our CI as sometimes the version
71 # numbers can be unreliable (since they are arbitrarily provided).
72 #
73 # To compute the commit when upgrading this derivation, do:
74 # `$ git rev-parse <git-rev>` where <git-rev> is the git revision of the `src`
75 # Example: `$ git rev-parse v4.16.1`
76 commit = "1962f48b7f71772dc2c060dbaa5a6b4c0792a549";
77in
78stdenv.mkDerivation (finalAttrs: {
79 pname = "code-server";
80 version = "4.91.1";
81
82 src = fetchFromGitHub {
83 owner = "coder";
84 repo = "code-server";
85 rev = "v${finalAttrs.version}";
86 fetchSubmodules = true;
87 hash = "sha256-w0+lg/DcxKLrAz6DQGQ9+yPn42LrQ95Yn16IKNfqPvE=";
88 };
89
90 yarnCache = stdenv.mkDerivation {
91 name = "${finalAttrs.pname}-${finalAttrs.version}-${system}-yarn-cache";
92 inherit (finalAttrs) src;
93
94 nativeBuildInputs = [
95 yarn'
96 git
97 cacert
98 ];
99
100 buildPhase = ''
101 runHook preBuild
102
103 export HOME=$PWD
104 export GIT_SSL_CAINFO="${cacert}/etc/ssl/certs/ca-bundle.crt"
105
106 yarn --cwd "./vendor" install --modules-folder modules --ignore-scripts --frozen-lockfile
107
108 yarn config set yarn-offline-mirror $out
109 find "$PWD" -name "yarn.lock" -printf "%h\n" | \
110 xargs -I {} yarn --cwd {} \
111 --frozen-lockfile --ignore-scripts --ignore-platform \
112 --ignore-engines --no-progress --non-interactive
113
114 find ./lib/vscode -name "yarn.lock" -printf "%h\n" | \
115 xargs -I {} yarn --cwd {} \
116 --ignore-scripts --ignore-engines
117
118 runHook postBuild
119 '';
120
121 outputHashMode = "recursive";
122 outputHashAlgo = "sha256";
123 outputHash = "sha256-LCmygPid6VJqR1PCOMk/Hc6bo4nwsLwYr7O1p3FQVvQ=";
124 };
125
126 nativeBuildInputs = [
127 nodejs
128 yarn'
129 python
130 pkg-config
131 makeWrapper
132 git
133 rsync
134 jq
135 moreutils
136 quilt
137 ];
138
139 buildInputs = [
140 xorg.libX11
141 xorg.libxkbfile
142 ]
143 ++ lib.optionals (!stdenv.hostPlatform.isDarwin) [
144 libsecret
145 ]
146 ++ lib.optionals stdenv.hostPlatform.isDarwin [
147 cctools
148 xcbuild
149 ];
150
151 patches = [
152 # Remove all git calls from the VS Code build script except `git rev-parse
153 # HEAD` which is replaced in postPatch with the commit.
154 ./build-vscode-nogit.patch
155 ];
156
157 postPatch = ''
158 export HOME=$PWD
159
160 patchShebangs ./ci
161
162 # inject git commit
163 substituteInPlace ./ci/build/build-vscode.sh \
164 --replace-fail '$(git rev-parse HEAD)' "${commit}"
165 substituteInPlace ./ci/build/build-release.sh \
166 --replace-fail '$(git rev-parse HEAD)' "${commit}"
167 '';
168
169 configurePhase = ''
170 runHook preConfigure
171
172 # run yarn offline by default
173 echo '--install.offline true' >> .yarnrc
174
175 # set default yarn opts
176 ${lib.concatMapStrings (option: ''
177 yarn --offline config set ${option}
178 '') defaultYarnOpts}
179
180 # set offline mirror to yarn cache we created in previous steps
181 yarn --offline config set yarn-offline-mirror "${finalAttrs.yarnCache}"
182
183 # skip unnecessary electron download
184 export ELECTRON_SKIP_BINARY_DOWNLOAD=1
185
186 # set nodedir to prevent node-gyp from downloading headers
187 # taken from https://nixos.org/manual/nixpkgs/stable/#javascript-tool-specific
188 mkdir -p $HOME/.node-gyp/${nodejs.version}
189 echo 9 > $HOME/.node-gyp/${nodejs.version}/installVersion
190 ln -sfv ${nodejs}/include $HOME/.node-gyp/${nodejs.version}
191 export npm_config_nodedir=${nodejs}
192
193 # use updated node-gyp. fixes the following error on Darwin:
194 # PermissionError: [Errno 1] Operation not permitted: '/usr/sbin/pkgutil'
195 export npm_config_node_gyp=${node-gyp}/lib/node_modules/node-gyp/bin/node-gyp.js
196
197 runHook postConfigure
198 '';
199
200 buildPhase = ''
201 runHook preBuild
202
203 # Apply patches.
204 quilt push -a
205
206 export PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
207 export SKIP_SUBMODULE_DEPS=1
208 export NODE_OPTIONS="--openssl-legacy-provider --max-old-space-size=4096"
209
210 # Remove all built-in extensions, as these are 3rd party extensions that
211 # get downloaded from the VS Code marketplace.
212 jq --slurp '.[0] * .[1]' "./lib/vscode/product.json" <(
213 cat << EOF
214 {
215 "builtInExtensions": []
216 }
217 EOF
218 ) | sponge ./lib/vscode/product.json
219
220 # Disable automatic updates.
221 sed -i '/update.mode/,/\}/{s/default:.*/default: "none",/g}' \
222 lib/vscode/src/vs/platform/update/common/update.config.contribution.ts
223
224 # Patch out remote download of nodejs from build script.
225 patch -p1 -i ${./remove-node-download.patch}
226
227 # Install dependencies.
228 patchShebangs .
229 find . -name "yarn.lock" -printf "%h\n" | \
230 xargs -I {} yarn --cwd {} \
231 --offline --frozen-lockfile --ignore-scripts --ignore-engines
232 patchShebangs .
233
234 # Use esbuild from nixpkgs.
235 ${patchEsbuild "./lib/vscode/build" "0.12.6"}
236 ${patchEsbuild "./lib/vscode/extensions" "0.11.23"}
237
238 # Kerberos errors while building, so remove it for now as it is not
239 # required.
240 yarn remove kerberos --cwd lib/vscode/remote --offline --frozen-lockfile --ignore-scripts --ignore-engines
241
242 # Put ripgrep binary into bin, so post-install does not try to download it.
243 find -name ripgrep -type d \
244 -execdir mkdir -p {}/bin \; \
245 -execdir ln -s ${ripgrep}/bin/rg {}/bin/rg \;
246
247 # Run post-install scripts after patching.
248 find ./lib/vscode \( -path "*/node_modules/*" -or -path "*/extensions/*" \) \
249 -and -type f -name "yarn.lock" -printf "%h\n" | \
250 xargs -I {} sh -c 'jq -e ".scripts.postinstall" {}/package.json >/dev/null && yarn --cwd {} postinstall --frozen-lockfile --offline || true'
251 patchShebangs .
252
253 ''
254 + lib.optionalString stdenv.hostPlatform.isDarwin ''
255 # Use prebuilt binary for @parcel/watcher, which requires macOS SDK 10.13+
256 # (see issue #101229).
257 pushd ./lib/vscode/remote/node_modules/@parcel/watcher
258 mkdir -p ./build/Release
259 mv ./prebuilds/darwin-x64/node.napi.glibc.node ./build/Release/watcher.node
260 jq "del(.scripts) | .gypfile = false" ./package.json | sponge ./package.json
261 popd
262 ''
263 + ''
264
265 # Build binary packages (argon2, node-pty, etc).
266 npm rebuild --offline
267 npm rebuild --offline --prefix lib/vscode/remote
268
269 # Build code-server and VS Code.
270 yarn build
271 VERSION=${finalAttrs.version} yarn build:vscode
272
273 # Inject version into package.json.
274 jq --slurp '.[0] * .[1]' ./package.json <(
275 cat << EOF
276 {
277 "version": "${finalAttrs.version}"
278 }
279 EOF
280 ) | sponge ./package.json
281
282 # Create release, keeping all dependencies.
283 KEEP_MODULES=1 yarn release
284
285 # Prune development dependencies. We only need to do this for the root as
286 # the VS Code build process already does this for VS Code.
287 npm prune --omit=dev --prefix release
288
289 runHook postBuild
290 '';
291
292 installPhase = ''
293 runHook preInstall
294
295 mkdir -p $out/libexec/code-server $out/bin
296
297 # copy release to libexec path
298 cp -R -T release "$out/libexec/code-server"
299
300 # create wrapper
301 makeWrapper "${nodejs}/bin/node" "$out/bin/code-server" \
302 --add-flags "$out/libexec/code-server/out/node/entry.js"
303
304 runHook postInstall
305 '';
306
307 passthru = {
308 prefetchYarnCache = lib.overrideDerivation finalAttrs.yarnCache (d: {
309 outputHash = lib.fakeSha256;
310 });
311 tests = {
312 inherit (nixosTests) code-server;
313 };
314 # vscode-with-extensions compatibility
315 executableName = "code-server";
316 longName = "Visual Studio Code Server";
317 };
318
319 meta = {
320 changelog = "https://github.com/coder/code-server/blob/${finalAttrs.src.rev}/CHANGELOG.md";
321 description = "Run VS Code on a remote server";
322 longDescription = ''
323 code-server is VS Code running on a remote server, accessible through the
324 browser.
325 '';
326 homepage = "https://github.com/coder/code-server";
327 license = lib.licenses.mit;
328 maintainers = with lib.maintainers; [
329 offline
330 henkery
331 code-asher
332 ];
333 platforms = [
334 "x86_64-linux"
335 "aarch64-linux"
336 "x86_64-darwin"
337 ];
338 mainProgram = "code-server";
339 };
340})