+2

nixos/doc/manual/release-notes/rl-2305.section.md

reviewed

··· 158 158 159 159 - [ivpn](https://www.ivpn.net/), a secure, private VPN with fast WireGuard connections. Available as [services.ivpn](#opt-services.ivpn.enable). 160 160 161 161 + - [openvscode-server](https://github.com/gitpod-io/openvscode-server), run VS Code on a remote machine with access through a modern web browser from any device, anywhere. Available as [services.openvscode-server](#opt-services.openvscode-server.enable). 162 162 + 161 163 ## Backward Incompatibilities {#sec-release-23.05-incompatibilities} 162 164 163 165 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

+1

nixos/modules/module-list.nix

reviewed

··· 1214 1214 ./services/web-apps/nifi.nix 1215 1215 ./services/web-apps/node-red.nix 1216 1216 ./services/web-apps/onlyoffice.nix 1217 1217 + ./services/web-apps/openvscode-server.nix 1217 1218 ./services/web-apps/openwebrx.nix 1218 1219 ./services/web-apps/outline.nix 1219 1220 ./services/web-apps/peering-manager.nix

+211

nixos/modules/services/web-apps/openvscode-server.nix

reviewed

··· 1 1 + { config, lib, pkgs, ... }: 2 2 + 3 3 + let 4 4 + cfg = config.services.openvscode-server; 5 5 + defaultUser = "openvscode-server"; 6 6 + defaultGroup = defaultUser; 7 7 + in { 8 8 + options = { 9 9 + services.openvscode-server = { 10 10 + enable = lib.mkEnableOption (lib.mdDoc "openvscode-server"); 11 11 + 12 12 + package = lib.mkPackageOptionMD pkgs "openvscode-server" { }; 13 13 + 14 14 + extraPackages = lib.mkOption { 15 15 + default = [ ]; 16 16 + description = lib.mdDoc '' 17 17 + Additional packages to add to the openvscode-server {env}`PATH`. 18 18 + ''; 19 19 + example = lib.literalExpression "[ pkgs.go ]"; 20 20 + type = lib.types.listOf lib.types.package; 21 21 + }; 22 22 + 23 23 + extraEnvironment = lib.mkOption { 24 24 + type = lib.types.attrsOf lib.types.str; 25 25 + description = lib.mdDoc '' 26 26 + Additional environment variables to pass to openvscode-server. 27 27 + ''; 28 28 + default = { }; 29 29 + example = { PKG_CONFIG_PATH = "/run/current-system/sw/lib/pkgconfig"; }; 30 30 + }; 31 31 + 32 32 + extraArguments = lib.mkOption { 33 33 + default = [ ]; 34 34 + description = lib.mdDoc '' 35 35 + Additional arguments to pass to openvscode-server. 36 36 + ''; 37 37 + example = lib.literalExpression ''[ "--log=info" ]''; 38 38 + type = lib.types.listOf lib.types.str; 39 39 + }; 40 40 + 41 41 + host = lib.mkOption { 42 42 + default = "localhost"; 43 43 + description = lib.mdDoc '' 44 44 + The host name or IP address the server should listen to. 45 45 + ''; 46 46 + type = lib.types.str; 47 47 + }; 48 48 + 49 49 + port = lib.mkOption { 50 50 + default = 3000; 51 51 + description = lib.mdDoc '' 52 52 + The port the server should listen to. If 0 is passed a random free port is picked. If a range in the format num-num is passed, a free port from the range (end inclusive) is selected. 53 53 + ''; 54 54 + type = lib.types.port; 55 55 + }; 56 56 + 57 57 + user = lib.mkOption { 58 58 + default = defaultUser; 59 59 + example = "yourUser"; 60 60 + description = lib.mdDoc '' 61 61 + The user to run openvscode-server as. 62 62 + By default, a user named `${defaultUser}` will be created. 63 63 + ''; 64 64 + type = lib.types.str; 65 65 + }; 66 66 + 67 67 + group = lib.mkOption { 68 68 + default = defaultGroup; 69 69 + example = "yourGroup"; 70 70 + description = lib.mdDoc '' 71 71 + The group to run openvscode-server under. 72 72 + By default, a group named `${defaultGroup}` will be created. 73 73 + ''; 74 74 + type = lib.types.str; 75 75 + }; 76 76 + 77 77 + extraGroups = lib.mkOption { 78 78 + default = [ ]; 79 79 + description = lib.mdDoc '' 80 80 + An array of additional groups for the `${defaultUser}` user. 81 81 + ''; 82 82 + example = [ "docker" ]; 83 83 + type = lib.types.listOf lib.types.str; 84 84 + }; 85 85 + 86 86 + withoutConnectionToken = lib.mkOption { 87 87 + default = false; 88 88 + description = lib.mdDoc '' 89 89 + Run without a connection token. Only use this if the connection is secured by other means. 90 90 + ''; 91 91 + example = true; 92 92 + type = lib.types.bool; 93 93 + }; 94 94 + 95 95 + socketPath = lib.mkOption { 96 96 + default = null; 97 97 + example = "/run/openvscode/socket"; 98 98 + description = lib.mdDoc '' 99 99 + The path to a socket file for the server to listen to. 100 100 + ''; 101 101 + type = lib.types.nullOr lib.types.str; 102 102 + }; 103 103 + 104 104 + userDataDir = lib.mkOption { 105 105 + default = null; 106 106 + description = lib.mdDoc '' 107 107 + Specifies the directory that user data is kept in. Can be used to open multiple distinct instances of Code. 108 108 + ''; 109 109 + type = lib.types.nullOr lib.types.str; 110 110 + }; 111 111 + 112 112 + serverDataDir = lib.mkOption { 113 113 + default = null; 114 114 + description = lib.mdDoc '' 115 115 + Specifies the directory that server data is kept in. 116 116 + ''; 117 117 + type = lib.types.nullOr lib.types.str; 118 118 + }; 119 119 + 120 120 + extensionsDir = lib.mkOption { 121 121 + default = null; 122 122 + description = lib.mdDoc '' 123 123 + Set the root path for extensions. 124 124 + ''; 125 125 + type = lib.types.nullOr lib.types.str; 126 126 + }; 127 127 + 128 128 + telemetryLevel = lib.mkOption { 129 129 + default = "off"; 130 130 + example = "crash"; 131 131 + description = lib.mdDoc '' 132 132 + Sets the initial telemetry level. Valid levels are: 'off', 'crash', 'error' and 'all'. 133 133 + ''; 134 134 + type = lib.types.str; 135 135 + }; 136 136 + 137 137 + connectionToken = lib.mkOption { 138 138 + default = null; 139 139 + example = "secret-token"; 140 140 + description = lib.mdDoc '' 141 141 + A secret that must be included with all requests. 142 142 + ''; 143 143 + type = lib.types.nullOr lib.types.str; 144 144 + }; 145 145 + 146 146 + connectionTokenFile = lib.mkOption { 147 147 + default = null; 148 148 + description = lib.mdDoc '' 149 149 + Path to a file that contains the connection token. 150 150 + ''; 151 151 + type = lib.types.nullOr lib.types.str; 152 152 + }; 153 153 + 154 154 + }; 155 155 + }; 156 156 + 157 157 + config = lib.mkIf cfg.enable { 158 158 + systemd.services.openvscode-server = { 159 159 + description = "OpenVSCode server"; 160 160 + wantedBy = [ "multi-user.target" ]; 161 161 + after = [ "network-online.target" ]; 162 162 + path = cfg.extraPackages; 163 163 + environment = cfg.extraEnvironment; 164 164 + serviceConfig = { 165 165 + ExecStart = '' 166 166 + ${lib.getExe cfg.package} \ 167 167 + --accept-server-license-terms \ 168 168 + --host=${cfg.host} \ 169 169 + --port=${toString cfg.port} \ 170 170 + '' + lib.optionalString (cfg.telemetryLevel == true) '' 171 171 + --telemetry-level=${cfg.telemetryLevel} \ 172 172 + '' + lib.optionalString (cfg.withoutConnectionToken == true) '' 173 173 + --without-connection-token \ 174 174 + '' + lib.optionalString (cfg.socketPath != null) '' 175 175 + --socket-path=${cfg.socketPath} \ 176 176 + '' + lib.optionalString (cfg.userDataDir != null) '' 177 177 + --user-data-dir=${cfg.userDataDir} \ 178 178 + '' + lib.optionalString (cfg.serverDataDir != null) '' 179 179 + --server-data-dir=${cfg.serverDataDir} \ 180 180 + '' + lib.optionalString (cfg.extensionsDir != null) '' 181 181 + --extensions-dir=${cfg.extensionsDir} \ 182 182 + '' + lib.optionalString (cfg.connectionToken != null) '' 183 183 + --connection-token=${cfg.connectionToken} \ 184 184 + '' + lib.optionalString (cfg.connectionTokenFile != null) '' 185 185 + --connection-token-file=${cfg.connectionTokenFile} \ 186 186 + '' + lib.escapeShellArgs cfg.extraArguments; 187 187 + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; 188 188 + RuntimeDirectory = cfg.user; 189 189 + User = cfg.user; 190 190 + Group = cfg.group; 191 191 + Restart = "on-failure"; 192 192 + }; 193 193 + }; 194 194 + 195 195 + users.users."${cfg.user}" = lib.mkMerge [ 196 196 + (lib.mkIf (cfg.user == defaultUser) { 197 197 + isNormalUser = true; 198 198 + description = "openvscode-server user"; 199 199 + inherit (cfg) group; 200 200 + }) 201 201 + { 202 202 + packages = cfg.extraPackages; 203 203 + inherit (cfg) extraGroups; 204 204 + } 205 205 + ]; 206 206 + 207 207 + users.groups."${defaultGroup}" = lib.mkIf (cfg.group == defaultGroup) { }; 208 208 + }; 209 209 + 210 210 + meta.maintainers = [ lib.maintainers.drupol ]; 211 211 + }

+1

nixos/tests/all-tests.nix

reviewed

··· 554 554 opentabletdriver = handleTest ./opentabletdriver.nix {}; 555 555 owncast = handleTest ./owncast.nix {}; 556 556 image-contents = handleTest ./image-contents.nix {}; 557 557 + openvscode-server = handleTest ./openvscode-server.nix {}; 557 558 orangefs = handleTest ./orangefs.nix {}; 558 559 os-prober = handleTestOn ["x86_64-linux"] ./os-prober.nix {}; 559 560 osrm-backend = handleTest ./osrm-backend.nix {};

+22

nixos/tests/openvscode-server.nix

reviewed

··· 1 1 + import ./make-test-python.nix ({pkgs, lib, ...}: 2 2 + { 3 3 + name = "openvscode-server"; 4 4 + 5 5 + nodes = { 6 6 + machine = {pkgs, ...}: { 7 7 + services.openvscode-server = { 8 8 + enable = true; 9 9 + withoutConnectionToken = true; 10 10 + }; 11 11 + }; 12 12 + }; 13 13 + 14 14 + testScript = '' 15 15 + start_all() 16 16 + machine.wait_for_unit("openvscode-server.service") 17 17 + machine.wait_for_open_port(3000) 18 18 + machine.succeed("curl -k --fail http://localhost:3000", timeout=10) 19 19 + ''; 20 20 + 21 21 + meta.maintainers = [ lib.maintainers.drupol ]; 22 22 + })

+5 -1

pkgs/servers/openvscode-server/default.nix

reviewed

··· 1 1 { lib, stdenv, fetchFromGitHub, buildGoModule, makeWrapper 2 2 , cacert, moreutils, jq, git, pkg-config, yarn, python3 3 3 , esbuild, nodejs_16, libsecret, xorg, ripgrep 4 4 - , AppKit, Cocoa, Security, cctools }: 4 4 + , AppKit, Cocoa, Security, cctools, nixosTests }: 5 5 6 6 let 7 7 system = stdenv.hostPlatform.system; ··· 163 163 cp -R -T ../vscode-reh-web-${vsBuildTarget} $out 164 164 ln -s ${nodejs}/bin/node $out 165 165 ''; 166 166 + 167 167 + passthru.tests = { 168 168 + inherit (nixosTests) openvscode-server; 169 169 + }; 166 170 167 171 meta = with lib; { 168 172 description = "Run VS Code on a remote machine";