Adding validation to use chmod +x $script when running custom script.

.github/workflows/main-workflow.yml

@@ -0,0 +1,30 @@
+name: Build and Push Docker Image ARM64
+
+on:
+  push:
+    branches: [ master ]
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: aleleba/vscode:latest
+          platforms: linux/amd64,linux/arm64

Dockerfile

@@ -1,8 +1,7 @@
 FROM ubuntu:22.04
 
 # Update the package list, install sudo, create a non-root user, and grant password-less sudo permissions
-RUN apt update
+RUN apt update && apt install -y sudo
-RUN apt install -y sudo
 
 RUN sudo apt-get update
 #Instalando Curl
@@ -13,10 +12,10 @@ RUN sudo apt-get install -y wget
 RUN sudo apt-get install -y jq
 
 RUN sudo apt-get update
-RUN sudo apt-get install dumb-init
+RUN sudo apt-get install -y dumb-init
 
 RUN ARCH="$(dpkg --print-architecture)" \
-  && curl -fsSL "https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-$ARCH.tar.gz" | tar -C /usr/local/bin -xzf - \
+  && curl -fsSL "https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-${ARCH}.tar.gz" | tar -C /usr/local/bin -xzf - \
   && chown root:root /usr/local/bin/fixuid \
   && chmod 4755 /usr/local/bin/fixuid \
   && mkdir -p /etc/fixuid \
@@ -29,14 +28,16 @@ RUN ARCH="$(dpkg --print-architecture)" \
 RUN curl -sL https://aka.ms/DevTunnelCliInstall | bash
 
 #Instalando VSCode
-RUN sudo apt-get update && sudo apt-get install -y gnupg2
+RUN ARCH="$(dpkg --print-architecture)" \
-RUN sudo apt-get install -y software-properties-common
+    && sudo apt-get update \
-RUN sudo wget -q https://packages.microsoft.com/keys/microsoft.asc -O- | sudo apt-key add -
+    && sudo apt-get install -y gnupg2 \
-RUN sudo add-apt-repository "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main"
+    && sudo apt-get install -y software-properties-common \
-RUN sudo apt update
+    && sudo wget -q https://packages.microsoft.com/keys/microsoft.asc -O- | sudo apt-key add - \
-RUN sudo apt install code -y
+    && sudo add-apt-repository "deb [arch=${ARCH}] https://packages.microsoft.com/repos/vscode stable main" \
+    && sudo apt-get update \
+    && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y code
 
-#Making home writteable
+#Making home writable
 RUN sudo chmod -R a+rwX /home
 
 RUN sudo sysctl -w fs.inotify.max_user_watches=524288

entrypoint.sh

@@ -16,7 +16,7 @@ if [[ -v VSCODE_TUNNEL_NAME && -n "${VSCODE_TUNNEL_NAME}" ]]; then
 fi
 
 # List all environment variables
-sudo env |
+printenv |
 
 # Filter variables that start with GLOBAL_ENV_
 grep -E '^GLOBAL_ENV_' |
@@ -31,7 +31,30 @@ sed 's/^GLOBAL_ENV_//' |
 while IFS= read -r line
 do
   if ! grep -q "^${line%=*}=" /etc/environment; then
-    echo "export $line" | sudo tee -a /etc/environment
+    echo "" >> /etc/environment
+    echo "export $line" >> /etc/environment
+  fi
+done
+
+# List all environment variables
+printenv |
+
+# Filter variables that start with USER_ENV_
+grep -E '^USER_ENV_' |
+
+# Remove the USER_ENV_ prefix
+sed 's/^USER_ENV_//' |
+
+# Append the result to /usr/bin/.bashrc
+while IFS= read -r line
+do
+  # Check if the current user is root
+  if [ "$(id -u)" = "0" ]; then
+    echo "" >> /usr/bin/.bashrc
+    echo "export $line" >> /usr/bin/.bashrc
+  else
+    echo "" >> /home/${HOME_USER}/.bashrc
+    echo "export $line" >> /home/${HOME_USER}/.bashrc
   fi
 done
 
@@ -40,21 +63,6 @@ if ! id -u $HOME_USER > /dev/null 2>&1; then
   sudo adduser --disabled-password --gecos "" --uid 1000 ${HOME_USER}
   sudo echo "$HOME_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
 
-  # List all environment variables
-  sudo env |
-
-  # Filter variables that start with USER_ENV_
-  grep -E '^USER_ENV_' |
-
-  # Remove the USER_ENV_ prefix
-  sed 's/^USER_ENV_//' |
-
-  # Append the result to /usr/bin/.bashrc
-  while IFS= read -r line
-  do
-    echo "export $line" | sudo -u ${HOME_USER} tee -a /usr/bin/.bashrc
-  done
-
   # Creating .vscode folder if it doesn't exist
   if [ ! -d "/home/${HOME_USER}/.vscode" ]; then
     sudo mkdir -p /home/${HOME_USER}/.vscode
@@ -69,21 +77,53 @@ if [ "$HOME_USER" != "$(whoami)" ]; then
   exec sudo -u $HOME_USER bash -c "source /etc/environment; /usr/bin/entrypoint.sh"
 else
   sudo chown -R ${HOME_USER} /home/${HOME_USER}
+  if [ -d "/home/${HOME_USER}/.ssh" ]; then
+    sudo chmod 755 /home/${HOME_USER}/.ssh
+    sudo chmod -R 600 /home/${HOME_USER}/.ssh/*
+    # Check if any .pub files exist in the .ssh directory
+    for file in /home/${HOME_USER}/.ssh/*.pub; do
+      if [ -f "$file" ]; then
+        sudo chmod 644 "$file"
+      fi
+    done
+    # Check if the known_hosts file exists in the .ssh directory
+    if [ -f "/home/${HOME_USER}/.ssh/known_hosts" ]; then
+      sudo chmod 644 /home/${HOME_USER}/.ssh/known_hosts
+    fi
+  fi
+fi
+
+# Move the .bashrc file to the user's home directory if it doesn't exist
+if [ ! -f "/home/${HOME_USER}/.bashrc" ]; then
+  sudo mv /usr/bin/.bashrc /home/${HOME_USER}/.bashrc
+  sudo chown ${HOME_USER} /home/${HOME_USER}/.bashrc
+else
+  sudo rm -f /usr/bin/.bashrc
+fi
+
+# Move the .profile file to the user's home directory if it doesn't exist
+if [ ! -f "/home/${HOME_USER}/.profile" ]; then
+  sudo mv /usr/bin/.profile /home/${HOME_USER}/.profile
+  sudo chown ${HOME_USER} /home/${HOME_USER}/.profile
+else
+  sudo rm -f /usr/bin/.profile
 fi
 
 # Find .sh files in /usr/bin/custom-scripts and execute them in order
 for script in $(find /usr/bin/custom-scripts -name "*.sh" | sort); do
-  chmod +x $script
+  # Ensure the script is executable
+  if [ ! -x $script ]; then
+    sudo chmod +x $script
+  fi
+
+  # Execute the script as the configured user
+  if [[ $script == *"sudo"* ]]; then
+    sudo -u $HOME_USER bash -c "source /etc/environment; sudo $script"
+  else
     sudo -u $HOME_USER bash -c "source /etc/environment; $script"
+  fi
 done
 
-# Move the .bashrc file to the user's home directory
-sudo mv /usr/bin/.bashrc /home/${HOME_USER}/.bashrc
-sudo chown ${HOME_USER} /home/${HOME_USER}/.bashrc
-
-# Move the .profile file to the user's home directory
-sudo mv /usr/bin/.profile /home/${HOME_USER}/.profile
-sudo chown ${HOME_USER} /home/${HOME_USER}/.profile
 
 #Creating extensions folder
 if [ ! -d "/home/${HOME_USER}/.config/Code" ]; then

readme.md

@@ -122,7 +122,7 @@ Open the file in a text editor and write your script. Here's an example that ins
 ```bash
 #!/bin/bash
 # Installing Node.js with NVM
-curl -O https://raw.githubusercontent.com/creationix/nvm/master/install.sh
+sudo curl -O https://raw.githubusercontent.com/creationix/nvm/master/install.sh
 bash install.sh
 source ~/.nvm/nvm.sh
 nvm install --lts
@@ -132,11 +132,51 @@ nvm use default && npm install -g @vscode/vsce
 ```
 The #!/bin/bash line at the top of the script tells the system that this script should be run with the Bash shell.
 
+#### Note on sudo privileges
+
+If the script name includes the word "sudo", the script will be run with root privileges. This is useful if your script needs to perform operations that require superuser privileges.
+
+For instance, if you have a script named `install_sudo_package.sh`, this script will be run with root privileges due to the inclusion of "sudo" in the file name.
+
+Please be aware of the security implications when running scripts with root privileges. Ensure that your script does not perform any unsafe or destructive operations when run with these privileges.
+
 ### 3. Run your Docker container
 When you start your Docker container, all .sh files in the /usr/bin/custom-scripts directory will be automatically executed in alphabetical order. The environment variables from the /etc/environment file will be loaded before each script is executed.
 
 Remember to replace install_node.sh with the name of your script and ./custom-scripts with the actual path to the directory on your host machine that maps to the /usr/bin/custom-scripts volume in the Docker container.
 
+## Using this image as a base image in a Dockerfile
+
+To use this image as a base image in a Dockerfile, you can add the following line to the top of your Dockerfile and you can install any additional packages you need, here an example installing nvm and nodejs in a `Dockerfile`:
+
+```
+FROM aleleba/vscode:latest
+
+ENV HOME_USER=vscode
+
+RUN sudo adduser --disabled-password --gecos "" --uid 1000 ${HOME_USER}
+RUN sudo echo "$HOME_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
+
+USER ${HOME_USER}
+WORKDIR /home/${HOME_USER}
+
+# Installing node.js and NVM
+SHELL ["/bin/bash", "--login", "-i", "-c"]
+RUN curl https://raw.githubusercontent.com/creationix/nvm/master/install.sh | bash
+RUN nvm install --lts
+RUN nvm alias default lts/*
+SHELL ["/bin/sh", "-c"]
+RUN echo 'source ~/.nvm/nvm.sh' >> ~/.bashrc
+# Finishing installing node.js and NVM
+
+```
+
+
+
+> **Note:** If you are using this image as a base image in a Dockerfile, ensure that the value of `HOME_USER` is the same as the one you will use when creating the container. This is necessary to ensure that all configurations and packages are installed in the correct user directory.
+
+> **Note:** To grant access to the server, please log into https://github.com/login/device and use the code XXXX-XXXX. You can view the container logs to get the code.
+
 ## Contributing
 
 If you'd like to contribute to this project, please fork the repository and create a pull request.

version.txt

@@ -1 +1 @@
-3.0.21
+3.2.9