depot/nixos/modules/services/web-apps/code-server.nix
Luke Granger-Brown 57725ef3ec Squashed 'third_party/nixpkgs/' content from commit 76612b17c0ce
git-subtree-dir: third_party/nixpkgs
git-subtree-split: 76612b17c0ce71689921ca12d9ffdc9c23ce40b2
2024-11-10 23:59:47 +00:00

260 lines
7.3 KiB
Nix

{ config, lib, pkgs, ... }:
let
cfg = config.services.code-server;
defaultUser = "code-server";
defaultGroup = defaultUser;
in {
options = {
services.code-server = {
enable = lib.mkEnableOption "code-server";
package = lib.mkPackageOption pkgs "code-server" {
example = ''
pkgs.vscode-with-extensions.override {
vscode = pkgs.code-server;
vscodeExtensions = with pkgs.vscode-extensions; [
bbenoist.nix
dracula-theme.theme-dracula
];
}
'';
};
extraPackages = lib.mkOption {
default = [ ];
description = ''
Additional packages to add to the code-server {env}`PATH`.
'';
example = lib.literalExpression "[ pkgs.go ]";
type = lib.types.listOf lib.types.package;
};
extraEnvironment = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
description = ''
Additional environment variables to pass to code-server.
'';
default = { };
example = { PKG_CONFIG_PATH = "/run/current-system/sw/lib/pkgconfig"; };
};
extraArguments = lib.mkOption {
default = [ ];
description = ''
Additional arguments to pass to code-server.
'';
example = lib.literalExpression ''[ "--log=info" ]'';
type = lib.types.listOf lib.types.str;
};
host = lib.mkOption {
default = "localhost";
description = ''
The host name or IP address the server should listen to.
'';
type = lib.types.str;
};
port = lib.mkOption {
default = 4444;
description = ''
The port the server should listen to.
'';
type = lib.types.port;
};
auth = lib.mkOption {
default = "password";
description = ''
The type of authentication to use.
'';
type = lib.types.enum [ "none" "password" ];
};
hashedPassword = lib.mkOption {
default = "";
description = ''
Create the password with: `echo -n 'thisismypassword' | npx argon2-cli -e`.
'';
type = lib.types.str;
};
user = lib.mkOption {
default = defaultUser;
example = "yourUser";
description = ''
The user to run code-server as.
By default, a user named `${defaultUser}` will be created.
'';
type = lib.types.str;
};
group = lib.mkOption {
default = defaultGroup;
example = "yourGroup";
description = ''
The group to run code-server under.
By default, a group named `${defaultGroup}` will be created.
'';
type = lib.types.str;
};
extraGroups = lib.mkOption {
default = [ ];
description = ''
An array of additional groups for the `${defaultUser}` user.
'';
example = [ "docker" ];
type = lib.types.listOf lib.types.str;
};
socket = lib.mkOption {
default = null;
example = "/run/code-server/socket";
description = ''
Path to a socket (bind-addr will be ignored).
'';
type = lib.types.nullOr lib.types.str;
};
socketMode = lib.mkOption {
default = null;
description = ''
File mode of the socket.
'';
type = lib.types.nullOr lib.types.str;
};
userDataDir = lib.mkOption {
default = null;
description = ''
Path to the user data directory.
'';
type = lib.types.nullOr lib.types.str;
};
extensionsDir = lib.mkOption {
default = null;
description = ''
Path to the extensions directory.
'';
type = lib.types.nullOr lib.types.str;
};
proxyDomain = lib.mkOption {
default = null;
example = "code-server.lan";
description = ''
Domain used for proxying ports.
'';
type = lib.types.nullOr lib.types.str;
};
disableTelemetry = lib.mkOption {
default = false;
example = true;
description = ''
Disable telemetry.
'';
type = lib.types.bool;
};
disableUpdateCheck = lib.mkOption {
default = false;
example = true;
description = ''
Disable update check.
Without this flag, code-server checks every 6 hours against the latest github release and
then notifies you once every week that a new release is available.
'';
type = lib.types.bool;
};
disableFileDownloads = lib.mkOption {
default = false;
example = true;
description = ''
Disable file downloads from Code.
'';
type = lib.types.bool;
};
disableWorkspaceTrust = lib.mkOption {
default = false;
example = true;
description = ''
Disable Workspace Trust feature.
'';
type = lib.types.bool;
};
disableGettingStartedOverride = lib.mkOption {
default = false;
example = true;
description = ''
Disable the coder/coder override in the Help: Getting Started page.
'';
type = lib.types.bool;
};
};
};
config = lib.mkIf cfg.enable {
systemd.services.code-server = {
description = "Code server";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
path = cfg.extraPackages;
environment = {
HASHED_PASSWORD = cfg.hashedPassword;
} // cfg.extraEnvironment;
serviceConfig = {
ExecStart = ''
${lib.getExe cfg.package} \
--auth=${cfg.auth} \
--bind-addr=${cfg.host}:${toString cfg.port} \
'' + lib.optionalString (cfg.socket != null) ''
--socket=${cfg.socket} \
'' + lib.optionalString (cfg.userDataDir != null) ''
--user-data-dir=${cfg.userDataDir} \
'' + lib.optionalString (cfg.extensionsDir != null) ''
--extensions-dir=${cfg.extensionsDir} \
'' + lib.optionalString (cfg.disableTelemetry == true) ''
--disable-telemetry \
'' + lib.optionalString (cfg.disableUpdateCheck == true) ''
--disable-update-check \
'' + lib.optionalString (cfg.disableFileDownloads == true) ''
--disable-file-downloads \
'' + lib.optionalString (cfg.disableWorkspaceTrust == true) ''
--disable-workspace-trust \
'' + lib.optionalString (cfg.disableGettingStartedOverride == true) ''
--disable-getting-started-override \
'' + lib.escapeShellArgs cfg.extraArguments;
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
RuntimeDirectory = cfg.user;
User = cfg.user;
Group = cfg.group;
Restart = "on-failure";
};
};
users.users."${cfg.user}" = lib.mkMerge [
(lib.mkIf (cfg.user == defaultUser) {
isNormalUser = true;
description = "code-server user";
inherit (cfg) group;
})
{
packages = cfg.extraPackages;
inherit (cfg) extraGroups;
}
];
users.groups."${defaultGroup}" = lib.mkIf (cfg.group == defaultGroup) { };
};
meta.maintainers = [ lib.maintainers.stackshadow ];
}