91 lines
3.0 KiB
Bash
Executable File
91 lines
3.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# =============================================== #
|
|
# devc.sh v2.0; job79 #
|
|
# Dev container enter script. Handles setting up #
|
|
# different dev containers, resuming sessions and #
|
|
# automatic container updates. #
|
|
# #
|
|
# TODO: #
|
|
# - Remove security-opt label=disable #
|
|
# when possible. #
|
|
# - Look into removeing userns=keep-id. #
|
|
# - Isolate ssh keys to containers. #
|
|
# =============================================== #
|
|
set -eu
|
|
log() { printf '\e[%sm%s\e[0m %s\n' "${3:-36}" "${2:-○}" "$1"; }
|
|
arg() { echo -n " $@"; }
|
|
|
|
# run_args returns the podman run arguments required for
|
|
# starting a new container.
|
|
default_args() {
|
|
arg "--name $name"
|
|
arg "--hostname $name"
|
|
arg "--pull=newer"
|
|
|
|
# Disable some security settings so host directories can
|
|
# be mounted without problems.
|
|
arg "--security-opt label=disable" # disable labeling so mounts don't need to be labeled.
|
|
arg "--userns=keep-id" # required for ~/.ssh which is usually 700.
|
|
|
|
# Mount the wayland socket. Required to get the system
|
|
# clipboard (wl-copy) and gui applications working.
|
|
[ -e "/run/user/$UID/wayland-0" ] && arg "-v /run/user/$UID/wayland-0:/run/user/1000/wayland-0"
|
|
|
|
# Mount the ssh socket to get ssh commands working.
|
|
[ -e "$SSH_AUTH_SOCK" ] && arg "-v $SSH_AUTH_SOCK:/run/user/1000/ssh-auth-sock"
|
|
|
|
# Add a volume for the home directory so it survives
|
|
# container updates.
|
|
arg "-v $name:/home/user:copy"
|
|
}
|
|
|
|
# param_args returns the podman run arguments based on the
|
|
# arguments provided to this script.
|
|
param_args() {
|
|
while test $# -gt 0; do
|
|
case "$1" in
|
|
-gpu) # Enable gpu acceleration.
|
|
arg "--device /dev/dri" ;;
|
|
-host-spawn) # Enable spawning host commands from inside the container using host-spawn.
|
|
arg "-v /run/user/$UID/bus:/tmp/bus" ;;
|
|
*) # Use argument as is.
|
|
echo "$1" ;;
|
|
esac
|
|
shift
|
|
done
|
|
}
|
|
|
|
### MAIN ###
|
|
script_dir="$(dirname "$(realpath "$0")")"
|
|
|
|
# Get container registry from DEVC_REGISTRY env variable.
|
|
if [ -n "${DEVC_REGISTRY:-}" ]; then
|
|
registry="$DEVC_REGISTRY"
|
|
else
|
|
log "registry unknown; set the DEVC_REGISTRY environment variable" 'x' 31
|
|
exit 1
|
|
fi
|
|
|
|
# Get the devcontainer name from the first argument. If not
|
|
# provided, use the last used name when possible.
|
|
if [[ $# -gt 0 ]] && [[ ${1:-} != -* ]]; then
|
|
name="$1"
|
|
echo "$name" >"$script_dir/state/last-name"
|
|
shift
|
|
elif [ -f "$script_dir/state/last-name" ]; then
|
|
name=$(<"$script_dir/state/last-name")
|
|
else
|
|
log "no container name specified" 'x' 31
|
|
exit 1
|
|
fi
|
|
|
|
# Create a new container when the container is not running or
|
|
# when any arguments are provided.
|
|
if [ "$(podman container inspect "$name" -f {{.State.Running}} 2>&1)" != 'true' ] || [[ $# -gt 0 ]]; then
|
|
log "starting devcontainer..."
|
|
podman container rm -f -t 0 "$name" 1>/dev/null
|
|
podman run -td $(default_args) $(param_args $@) "$registry/$name"
|
|
fi
|
|
|
|
podman exec -it "$name" bash -l
|