tjh.dev
1{
2 lib,
3 stdenv,
4 fetchFromGitHub,
5 buildGoModule,
6 makeWrapper,
7 cacert,
8 moreutils,
9 jq,
10 git,
11 rsync,
12 pkg-config,
13 yarn,
14 python3,
15 esbuild,
16 nodejs,
17 node-gyp,
18 libsecret,
19 xorg,
20 ripgrep,
21 AppKit,
22 Cocoa,
23 CoreServices,
24 Security,
25 cctools,
26 xcbuild,
27 quilt,
28 nixosTests,
29}:
30
31let
32 system = stdenv.hostPlatform.system;
33
34 python = python3;
35 yarn' = yarn.override { inherit nodejs; };
36 defaultYarnOpts = [ ];
37
38 esbuild' = esbuild.override {
39 buildGoModule =
40 args:
41 buildGoModule (
42 args
43 // rec {
44 version = "0.16.17";
45 src = fetchFromGitHub {
46 owner = "evanw";
47 repo = "esbuild";
48 rev = "v${version}";
49 hash = "sha256-8L8h0FaexNsb3Mj6/ohA37nYLFogo5wXkAhGztGUUsQ=";
50 };
51 vendorHash = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ=";
52 }
53 );
54 };
55
56 # replaces esbuild's download script with a binary from nixpkgs
57 patchEsbuild = path: version: ''
58 mkdir -p ${path}/node_modules/esbuild/bin
59 jq "del(.scripts.postinstall)" ${path}/node_modules/esbuild/package.json | sponge ${path}/node_modules/esbuild/package.json
60 sed -i 's/${version}/${esbuild'.version}/g' ${path}/node_modules/esbuild/lib/main.js
61 ln -s -f ${esbuild'}/bin/esbuild ${path}/node_modules/esbuild/bin/esbuild
62 '';
63
64 # Comment from @code-asher, the code-server maintainer
65 # See https://github.com/NixOS/nixpkgs/pull/240001#discussion_r1244303617
66 #
67 # If the commit is missing it will break display languages (Japanese, Spanish,
68 # etc). For some reason VS Code has a hard dependency on the commit being set
69 # for that functionality.
70 # The commit is also used in cache busting. Without the commit you could run
71 # into issues where the browser is loading old versions of assets from the
72 # cache.
73 # Lastly, it can be helpful for the commit to be accurate in bug reports
74 # especially when they are built outside of our CI as sometimes the version
75 # numbers can be unreliable (since they are arbitrarily provided).
76 #
77 # To compute the commit when upgrading this derivation, do:
78 # `$ git rev-parse <git-rev>` where <git-rev> is the git revision of the `src`
79 # Example: `$ git rev-parse v4.16.1`
80 commit = "1962f48b7f71772dc2c060dbaa5a6b4c0792a549";
81in
82stdenv.mkDerivation (finalAttrs: {
83 pname = "code-server";
84 version = "4.91.1";
85
86 src = fetchFromGitHub {
87 owner = "coder";
88 repo = "code-server";
89 rev = "v${finalAttrs.version}";
90 fetchSubmodules = true;
91 hash = "sha256-w0+lg/DcxKLrAz6DQGQ9+yPn42LrQ95Yn16IKNfqPvE=";
92 };
93
94 yarnCache = stdenv.mkDerivation {
95 name = "${finalAttrs.pname}-${finalAttrs.version}-${system}-yarn-cache";
96 inherit (finalAttrs) src;
97
98 nativeBuildInputs = [
99 yarn'
100 git
101 cacert
102 ];
103
104 buildPhase = ''
105 runHook preBuild
106
107 export HOME=$PWD
108 export GIT_SSL_CAINFO="${cacert}/etc/ssl/certs/ca-bundle.crt"
109
110 yarn --cwd "./vendor" install --modules-folder modules --ignore-scripts --frozen-lockfile
111
112 yarn config set yarn-offline-mirror $out
113 find "$PWD" -name "yarn.lock" -printf "%h\n" | \
114 xargs -I {} yarn --cwd {} \
115 --frozen-lockfile --ignore-scripts --ignore-platform \
116 --ignore-engines --no-progress --non-interactive
117
118 find ./lib/vscode -name "yarn.lock" -printf "%h\n" | \
119 xargs -I {} yarn --cwd {} \
120 --ignore-scripts --ignore-engines
121
122 runHook postBuild
123 '';
124
125 outputHashMode = "recursive";
126 outputHashAlgo = "sha256";
127 outputHash = "sha256-LCmygPid6VJqR1PCOMk/Hc6bo4nwsLwYr7O1p3FQVvQ=";
128 };
129
130 nativeBuildInputs = [
131 nodejs
132 yarn'
133 python
134 pkg-config
135 makeWrapper
136 git
137 rsync
138 jq
139 moreutils
140 quilt
141 ];
142
143 buildInputs =
144 [
145 xorg.libX11
146 xorg.libxkbfile
147 ]
148 ++ lib.optionals (!stdenv.hostPlatform.isDarwin) [
149 libsecret
150 ]
151 ++ lib.optionals stdenv.hostPlatform.isDarwin [
152 AppKit
153 Cocoa
154 CoreServices
155 Security
156 cctools
157 xcbuild
158 ];
159
160 patches = [
161 # Remove all git calls from the VS Code build script except `git rev-parse
162 # HEAD` which is replaced in postPatch with the commit.
163 ./build-vscode-nogit.patch
164 ];
165
166 postPatch = ''
167 export HOME=$PWD
168
169 patchShebangs ./ci
170
171 # inject git commit
172 substituteInPlace ./ci/build/build-vscode.sh \
173 --replace-fail '$(git rev-parse HEAD)' "${commit}"
174 substituteInPlace ./ci/build/build-release.sh \
175 --replace-fail '$(git rev-parse HEAD)' "${commit}"
176 '';
177
178 configurePhase = ''
179 runHook preConfigure
180
181 # run yarn offline by default
182 echo '--install.offline true' >> .yarnrc
183
184 # set default yarn opts
185 ${lib.concatMapStrings (option: ''
186 yarn --offline config set ${option}
187 '') defaultYarnOpts}
188
189 # set offline mirror to yarn cache we created in previous steps
190 yarn --offline config set yarn-offline-mirror "${finalAttrs.yarnCache}"
191
192 # skip unnecessary electron download
193 export ELECTRON_SKIP_BINARY_DOWNLOAD=1
194
195 # set nodedir to prevent node-gyp from downloading headers
196 # taken from https://nixos.org/manual/nixpkgs/stable/#javascript-tool-specific
197 mkdir -p $HOME/.node-gyp/${nodejs.version}
198 echo 9 > $HOME/.node-gyp/${nodejs.version}/installVersion
199 ln -sfv ${nodejs}/include $HOME/.node-gyp/${nodejs.version}
200 export npm_config_nodedir=${nodejs}
201
202 # use updated node-gyp. fixes the following error on Darwin:
203 # PermissionError: [Errno 1] Operation not permitted: '/usr/sbin/pkgutil'
204 export npm_config_node_gyp=${node-gyp}/lib/node_modules/node-gyp/bin/node-gyp.js
205
206 runHook postConfigure
207 '';
208
209 buildPhase =
210 ''
211 runHook preBuild
212
213 # Apply patches.
214 quilt push -a
215
216 export PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
217 export SKIP_SUBMODULE_DEPS=1
218 export NODE_OPTIONS="--openssl-legacy-provider --max-old-space-size=4096"
219
220 # Remove all built-in extensions, as these are 3rd party extensions that
221 # get downloaded from the VS Code marketplace.
222 jq --slurp '.[0] * .[1]' "./lib/vscode/product.json" <(
223 cat << EOF
224 {
225 "builtInExtensions": []
226 }
227 EOF
228 ) | sponge ./lib/vscode/product.json
229
230 # Disable automatic updates.
231 sed -i '/update.mode/,/\}/{s/default:.*/default: "none",/g}' \
232 lib/vscode/src/vs/platform/update/common/update.config.contribution.ts
233
234 # Patch out remote download of nodejs from build script.
235 patch -p1 -i ${./remove-node-download.patch}
236
237 # Install dependencies.
238 patchShebangs .
239 find . -name "yarn.lock" -printf "%h\n" | \
240 xargs -I {} yarn --cwd {} \
241 --offline --frozen-lockfile --ignore-scripts --ignore-engines
242 patchShebangs .
243
244 # Use esbuild from nixpkgs.
245 ${patchEsbuild "./lib/vscode/build" "0.12.6"}
246 ${patchEsbuild "./lib/vscode/extensions" "0.11.23"}
247
248 # Kerberos errors while building, so remove it for now as it is not
249 # required.
250 yarn remove kerberos --cwd lib/vscode/remote --offline --frozen-lockfile --ignore-scripts --ignore-engines
251
252 # Put ripgrep binary into bin, so post-install does not try to download it.
253 find -name ripgrep -type d \
254 -execdir mkdir -p {}/bin \; \
255 -execdir ln -s ${ripgrep}/bin/rg {}/bin/rg \;
256
257 # Run post-install scripts after patching.
258 find ./lib/vscode \( -path "*/node_modules/*" -or -path "*/extensions/*" \) \
259 -and -type f -name "yarn.lock" -printf "%h\n" | \
260 xargs -I {} sh -c 'jq -e ".scripts.postinstall" {}/package.json >/dev/null && yarn --cwd {} postinstall --frozen-lockfile --offline || true'
261 patchShebangs .
262
263 ''
264 + lib.optionalString stdenv.hostPlatform.isDarwin ''
265 # Use prebuilt binary for @parcel/watcher, which requires macOS SDK 10.13+
266 # (see issue #101229).
267 pushd ./lib/vscode/remote/node_modules/@parcel/watcher
268 mkdir -p ./build/Release
269 mv ./prebuilds/darwin-x64/node.napi.glibc.node ./build/Release/watcher.node
270 jq "del(.scripts) | .gypfile = false" ./package.json | sponge ./package.json
271 popd
272 ''
273 + ''
274
275 # Build binary packages (argon2, node-pty, etc).
276 npm rebuild --offline
277 npm rebuild --offline --prefix lib/vscode/remote
278
279 # Build code-server and VS Code.
280 yarn build
281 VERSION=${finalAttrs.version} yarn build:vscode
282
283 # Inject version into package.json.
284 jq --slurp '.[0] * .[1]' ./package.json <(
285 cat << EOF
286 {
287 "version": "${finalAttrs.version}"
288 }
289 EOF
290 ) | sponge ./package.json
291
292 # Create release, keeping all dependencies.
293 KEEP_MODULES=1 yarn release
294
295 # Prune development dependencies. We only need to do this for the root as
296 # the VS Code build process already does this for VS Code.
297 npm prune --omit=dev --prefix release
298
299 runHook postBuild
300 '';
301
302 installPhase = ''
303 runHook preInstall
304
305 mkdir -p $out/libexec/code-server $out/bin
306
307 # copy release to libexec path
308 cp -R -T release "$out/libexec/code-server"
309
310 # create wrapper
311 makeWrapper "${nodejs}/bin/node" "$out/bin/code-server" \
312 --add-flags "$out/libexec/code-server/out/node/entry.js"
313
314 runHook postInstall
315 '';
316
317 passthru = {
318 prefetchYarnCache = lib.overrideDerivation finalAttrs.yarnCache (d: {
319 outputHash = lib.fakeSha256;
320 });
321 tests = {
322 inherit (nixosTests) code-server;
323 };
324 # vscode-with-extensions compatibility
325 executableName = "code-server";
326 longName = "Visual Studio Code Server";
327 };
328
329 meta = {
330 changelog = "https://github.com/coder/code-server/blob/${finalAttrs.src.rev}/CHANGELOG.md";
331 description = "Run VS Code on a remote server";
332 longDescription = ''
333 code-server is VS Code running on a remote server, accessible through the
334 browser.
335 '';
336 homepage = "https://github.com/coder/code-server";
337 license = lib.licenses.mit;
338 maintainers = with lib.maintainers; [
339 offline
340 henkery
341 code-asher
342 ];
343 platforms = [
344 "x86_64-linux"
345 "aarch64-linux"
346 "x86_64-darwin"
347 ];
348 mainProgram = "code-server";
349 };
350})