switch to vscode

Dockerfile

@@ -6,7 +6,7 @@ ENV DEBIAN_FRONTEND=noninteractive \
 # Remove any third-party apt sources to avoid issues with expiring keys.
 # Install some basic utilities
 RUN rm -f /etc/apt/sources.list.d/*.list && \
-    apt-get update && apt-get install -y --no-install-recommends \
+    apt-get update && apt-get install -y \
     curl \
     ca-certificates \
     sudo \
@@ -22,7 +22,38 @@ RUN rm -f /etc/apt/sources.list.d/*.list && \
     software-properties-common \
  && rm -rf /var/lib/apt/lists/*
 
-
+ARG BUILD_DATE
+ARG VERSION
+ARG CODE_RELEASE
+RUN \
+  echo "**** install openvscode-server runtime dependencies ****" && \
+  apt-get update && \
+  apt-get install -y \
+    jq \
+    libatomic1 \
+    nano \
+    net-tools \
+    netcat && \
+  echo "**** install openvscode-server ****" && \
+  if [ -z ${CODE_RELEASE+x} ]; then \
+    CODE_RELEASE=$(curl -sX GET "https://api.github.com/repos/gitpod-io/openvscode-server/releases/latest" \
+      | awk '/tag_name/{print $4;exit}' FS='[""]' \
+      | sed 's|^openvscode-server-v||'); \
+  fi && \
+  mkdir -p /app/openvscode-server && \
+  curl -o \
+    /tmp/openvscode-server.tar.gz -L \
+    "https://github.com/gitpod-io/openvscode-server/releases/download/openvscode-server-v${CODE_RELEASE}/openvscode-server-v${CODE_RELEASE}-linux-x64.tar.gz" && \
+  tar xf \
+    /tmp/openvscode-server.tar.gz -C \
+    /app/openvscode-server/ --strip-components=1 && \
+  echo "**** clean up ****" && \
+  apt-get clean && \
+  rm -rf \
+    /tmp/* \
+    /var/lib/apt/lists/* \
+    /var/tmp/*
+COPY root/ /
 
 RUN add-apt-repository ppa:flexiondotorg/nvtop && \
     apt-get upgrade -y && \
@@ -40,13 +71,6 @@ RUN adduser --disabled-password --gecos '' --shell /bin/bash user \
  && chown -R user:user /app
 RUN echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-user
 USER user
-# RUN apt-get update && \
-#       apt-get -y install sudo
-
-# RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
-
-# USER docker
-
 
 # All users can use /home/user as their home directory
 ENV HOME=/home/user
@@ -80,8 +104,6 @@ RUN --mount=target=/root/packages.txt,source=packages.txt \
 RUN --mount=target=/root/on_startup.sh,source=on_startup.sh,readwrite \
 	bash /root/on_startup.sh
 
-RUN mkdir /data && chown user:user /data
-
 #######################################
 # End root user section
 #######################################
@@ -97,8 +119,6 @@ COPY --chown=user . $HOME/app
 
 RUN chmod +x start_server.sh
 
-COPY --chown=user login.html /home/user/miniconda/lib/python3.9/site-packages/jupyter_server/templates/login.html
-
 ENV PYTHONUNBUFFERED=1 \
 	GRADIO_ALLOW_FLAGGING=never \
 	GRADIO_NUM_PORTS=1 \
@@ -107,4 +127,6 @@ ENV PYTHONUNBUFFERED=1 \
 	SYSTEM=spaces \
 	SHELL=/bin/bash
 
+EXPOSE 7860 3000
+
 CMD ["./start_server.sh"]

Dockerfile-tmp

@@ -1,112 +0,0 @@
-# ARG COMPAT=0
-ARG PERSONAL=0
-# FROM nvidia/cuda:11.3.1-devel-ubuntu20.04 as base-0
-FROM nvcr.io/nvidia/pytorch:22.12-py3 as base
-
-ENV HOST docker
-ENV LANG=C.UTF-8 LC_ALL=C.UTF-8
-# https://serverfault.com/questions/683605/docker-container-time-timezone-will-not-reflect-changes
-ENV TZ America/Los_Angeles
-RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
-
-# git for installing dependencies
-# tzdata to set time zone
-# wget and unzip to download data
-# [2021-09-09] TD: zsh, stow, subversion, fasd are for setting up my personal environment.
-# [2021-12-07] TD: openmpi-bin for MPI (multi-node training)
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    build-essential \
-    cmake \
-    curl \
-    ca-certificates \
-    sudo \
-    less \
-    htop \
-    git \
-    tzdata \
-    wget \
-    tmux \
-    zip \
-    unzip \
-    zsh stow subversion fasd \
-    && rm -rf /var/lib/apt/lists/*
-    # openmpi-bin \
-
-# Allow running runmpi as root
-# ENV OMPI_ALLOW_RUN_AS_ROOT=1 OMPI_ALLOW_RUN_AS_ROOT_CONFIRM=1
-
-# # Create a non-root user and switch to it
-# RUN adduser --disabled-password --gecos '' --shell /bin/bash user \
-#     && echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-user
-# USER user
-
-# All users can use /home/user as their home directory
-ENV HOME=/home/user
-RUN mkdir -p /home/user && chmod 777 /home/user
-WORKDIR /home/user
-
-# Set up personal environment
-# FROM base-${COMPAT} as env-0
-FROM base as env-0
-FROM env-0 as env-1
-# Use ONBUILD so that the dotfiles dir doesn't need to exist unless we're building a personal image
-# https://stackoverflow.com/questions/31528384/conditional-copy-add-in-dockerfile
-ONBUILD COPY dotfiles ./dotfiles
-ONBUILD RUN cd ~/dotfiles && stow bash zsh tmux && sudo chsh -s /usr/bin/zsh $(whoami)
-# nvcr pytorch image sets SHELL=/bin/bash
-ONBUILD ENV SHELL=/bin/zsh
-
-FROM env-${PERSONAL} as packages
-
-# Disable pip cache: https://stackoverflow.com/questions/45594707/what-is-pips-no-cache-dir-good-for
-ENV PIP_NO_CACHE_DIR=1
-
-# # apex and pytorch-fast-transformers take a while to compile so we install them first
-# TD [2022-04-28] apex is already installed. In case we need a newer commit:
-# RUN pip install --upgrade --force-reinstall --global-option="--cpp_ext" --global-option="--cuda_ext" --global-option="--fast_multihead_attn" --global-option="--fmha" --global-option="--fast_layer_norm" --global-option="--xentropy" git+https://github.com/NVIDIA/apex.git#egg=apex
-
-# xgboost conflicts with deepspeed
-RUN pip uninstall -y xgboost && DS_BUILD_UTILS=1 DS_BUILD_FUSED_LAMB=1 pip install deepspeed==0.7.7
-
-# General packages that we don't care about the version
-# zstandard to extract the_pile dataset
-# psutil to get the number of cpu physical cores
-# twine to upload package to PyPI
-RUN pip install pytest matplotlib jupyter ipython ipdb gpustat scikit-learn spacy munch einops opt_einsum fvcore gsutil cmake pykeops zstandard psutil h5py twine gdown \
-    && python -m spacy download en_core_web_sm
-# hydra
-RUN pip install hydra-core==1.3.1 hydra-colorlog==1.2.0 hydra-optuna-sweeper==1.2.0 pyrootutils rich
-# Core packages
-RUN pip install transformers==4.25.1 datasets==2.8.0 pytorch-lightning==1.8.6 triton==2.0.0.dev20221202 wandb==0.13.7 timm==0.6.12 torchmetrics==0.10.3
-# torchmetrics 0.11.0 broke hydra's instantiate
-
-# For MLPerf
-RUN pip install git+https://github.com/mlcommons/logging.git@2.1.0
-
-# Install FlashAttention
-RUN pip install flash-attn==2.5.7
-
-# Install CUDA extensions for fused dense
-RUN pip install git+https://github.com/HazyResearch/flash-attention@v2.5.7#subdirectory=csrc/fused_dense_lib
-
-
-# Python packages
-RUN --mount=target=requirements.txt,source=requirements.txt \
-    pip install --no-cache-dir --upgrade -r requirements.txt
-
-# Copy the current directory contents into the container at $HOME/app setting the owner to the user
-COPY --chown=user . $HOME/app
-
-RUN chmod +x start_server.sh
-
-COPY --chown=user login.html /home/user/miniconda/lib/python3.9/site-packages/jupyter_server/templates/login.html
-
-ENV PYTHONUNBUFFERED=1 \
-	GRADIO_ALLOW_FLAGGING=never \
-	GRADIO_NUM_PORTS=1 \
-	GRADIO_SERVER_NAME=0.0.0.0 \
-	GRADIO_THEME=huggingface \
-	SYSTEM=spaces \
-	SHELL=/bin/bash
-
-CMD ["./start_server.sh"]

README.md

@@ -1,13 +1,12 @@
 ---
-title: JupyterLab
+title: Visual Studio Code
 emoji: 💻🐳
-colorFrom: gray
-colorTo: green
+colorFrom: red
+colorTo: blue
 sdk: docker
 pinned: false
 tags:
-  - jupyterlab
-suggested_storage: small
+  - vscode
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

login.html

@@ -1,69 +0,0 @@
-{% extends "page.html" %}
-
-
-{% block stylesheet %}
-{% endblock %}
-
-{% block site %}
-
-<div id="jupyter-main-app" class="container">
-    
-    <img src="https://huggingface.co/front/assets/huggingface_logo-noborder.svg" alt="Hugging Face Logo">
-    <h4>You can duplicate this Space to run it private.</h4>
-    <br>
-    <a class="duplicate-button" style="display:inline-block" target="_blank" href="https://huggingface.co/spaces/DockerTemplates/jupyterlab?duplicate=true">     
-    <img style="margin: 0" src="https://img.shields.io/badge/-Duplicate%20Space-blue?labelColor=white&amp;style=flat&amp;logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAP5JREFUOE+lk7FqAkEURY+ltunEgFXS2sZGIbXfEPdLlnxJyDdYB62sbbUKpLbVNhyYFzbrrA74YJlh9r079973psed0cvUD4A+4HoCjsA85X0Dfn/RBLBgBDxnQPfAEJgBY+A9gALA4tcbamSzS4xq4FOQAJgCDwV2CPKV8tZAJcAjMMkUe1vX+U+SMhfAJEHasQIWmXNN3abzDwHUrgcRGmYcgKe0bxrblHEB4E/pndMazNpSZGcsZdBlYJcEL9Afo75molJyM2FxmPgmgPqlWNLGfwZGG6UiyEvLzHYDmoPkDDiNm9JR9uboiONcBXrpY1qmgs21x1QwyZcpvxt9NS09PlsPAAAAAElFTkSuQmCC&amp;logoWidth=14" alt="Duplicate Space"></a>
-    <br>
-    <br>
-    <h4>The default token is <span style="color:orange;">huggingface</span></h4>
-    <h4>Duplicate the Space to run your own instance</h4>
-  
-    {% if login_available %}
-    {# login_available means password-login is allowed. Show the form. #}
-    <div class="row">
-        <div class="navbar col-sm-8">
-            <div class="navbar-inner">
-                <div class="container">
-                    <div class="center-nav">
-                        <form action="{{base_url}}login?next={{next}}" method="post" class="navbar-form pull-left">
-                            {{ xsrf_form_html() | safe }}
-                            {% if token_available %}
-                            <label for="password_input"><strong>{% trans %}Token:{% endtrans
-                                    %}</strong></label>
-                            {% else %}
-                            <label for="password_input"><strong>{% trans %}Password:{% endtrans %}</strong></label>
-                            {% endif %}
-                            <input type="password" name="password" id="password_input" class="form-control">
-                            <button type="submit" class="btn btn-default" id="login_submit">{% trans %}Log in{% endtrans
-                                %}</button>
-                        </form>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-    {% else %}
-    <p>{% trans %}No login available, you shouldn't be seeing this page.{% endtrans %}</p>
-    {% endif %}
-    <p>This template was created by <a href="https://twitter.com/camenduru" target="_blank" >camenduru</a> and <a href="https://huggingface.co/nateraw" target="_blank" >nateraw</a>, with contributions of <a href="https://huggingface.co/osanseviero" target="_blank" >osanseviero</a> and <a href="https://huggingface.co/azzr" target="_blank" >azzr</a> </p>
-    {% if message %}
-    <div class="row">
-        {% for key in message %}
-        <div class="message {{key}}">
-            {{message[key]}}
-        </div>
-        {% endfor %}
-    </div>
-    {% endif %}
-    {% if token_available %}
-    {% block token_message %}
-    
-    {% endblock token_message %}
-    {% endif %}
-</div>
-
-{% endblock %}
-
-
-{% block script %}
-{% endblock %}

requirements.txt

@@ -1,4 +1 @@
-jupyterlab==3.6.1
-jupyter-server==2.3.0
-tornado==6.2
-ipywidgets
+# jupyterlab

root/etc/s6-overlay/s6-rc.d/init-openvscode-server/run

@@ -0,0 +1,35 @@
+#!/usr/bin/with-contenv bash
+
+mkdir -p /config/{workspace,.ssh}
+
+if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
+    echo "setting up sudo access"
+    if ! grep -q 'abc' /etc/sudoers; then
+        echo "adding abc to sudoers"
+        echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
+    fi
+    if [ -n "${SUDO_PASSWORD_HASH}" ]; then
+        echo "setting sudo password using sudo password hash"
+        sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
+    else
+        echo "setting sudo password using SUDO_PASSWORD env var"
+        echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
+    fi
+fi
+
+[[ ! -f /config/.bashrc ]] && \
+    cp /root/.bashrc /config/.bashrc
+[[ ! -f /config/.profile ]] && \
+    cp /root/.profile /config/.profile
+
+# fix permissions (ignore contents of /config/workspace)
+echo "setting permissions::config"
+find /config -path /config/workspace -prune -o -exec chown abc:abc {} +
+chown abc:abc /config/workspace
+echo "setting permissions::app"
+chown -R abc:abc /app/openvscode-server
+
+chmod 700 /config/.ssh
+if [ -n "$(ls -A /config/.ssh)" ]; then
+    chmod 600 /config/.ssh/*
+fi

root/etc/s6-overlay/s6-rc.d/init-openvscode-server/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-openvscode-server/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-openvscode-server/run

root/etc/s6-overlay/s6-rc.d/svc-openvscode-server/notification-fd

@@ -0,0 +1 @@
+3

root/etc/s6-overlay/s6-rc.d/svc-openvscode-server/run

@@ -0,0 +1,21 @@
+#!/usr/bin/with-contenv bash
+
+if [ -n "$CONNECTION_SECRET" ]; then
+    CODE_ARGS="${CODE_ARGS} --connection-secret ${CONNECTION_SECRET}"
+    echo "Using connection secret from ${CONNECTION_SECRET}"
+elif [ -n "$CONNECTION_TOKEN" ]; then
+    CODE_ARGS="${CODE_ARGS} --connection-token ${CONNECTION_TOKEN}"
+    echo "Using connection token ${CONNECTION_TOKEN}"
+else
+    CODE_ARGS="${CODE_ARGS} --without-connection-token"
+    echo "**** No connection token is set ****"
+fi
+
+exec \
+    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z 127.0.0.1 3000" \
+        cd /app/openvscode-server s6-setuidgid abc \
+            /app/openvscode-server/bin/openvscode-server \
+                --host 0.0.0.0 \
+                --port 3000 \
+                --disable-telemetry \
+                ${CODE_ARGS}

root/etc/s6-overlay/s6-rc.d/svc-openvscode-server/type

@@ -0,0 +1 @@
+longrun

root/usr/local/bin/install-extension

@@ -0,0 +1,10 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+_install=(/app/openvscode-server/bin/openvscode-server "--install-extension")
+
+if [ "$(whoami)" == "abc" ]; then
+    "${_install[@]}" "$@"
+else
+    s6-setuidgid abc "${_install[@]}" "$@"
+fi

start_server.sh

@@ -1,19 +1,5 @@
 #!/bin/bash
-JUPYTER_TOKEN="${JUPYTER_TOKEN:=huggingface}"
 
-echo "Starting Jupyter Lab with token $JUPYTER_TOKEN"
+echo "Starting VSCode Server..."
 
-NOTEBOOK_DIR="/data"
-
-jupyter-lab \
-    --ip 0.0.0.0 \
-    --port 7860 \
-    --no-browser \
-    --allow-root \
-    --ServerApp.token="$JUPYTER_TOKEN" \
-    --ServerApp.tornado_settings="{'headers': {'Content-Security-Policy': 'frame-ancestors *'}}" \
-    --ServerApp.cookie_options="{'SameSite': 'None', 'Secure': True}" \
-    --ServerApp.disable_check_xsrf=True \
-    --LabApp.news_url=None \
-    --LabApp.check_for_updates_class="jupyterlab.NeverCheckForUpdate" \
-    --notebook-dir=$NOTEBOOK_DIR
+exec /app/openvscode-server/bin/openvscode-server --host 0.0.0.0 --port 7860 --without-connection-token \"${@}\" --