{"id":32695088,"url":"https://github.com/atrawog/arch-devops","last_synced_at":"2026-05-04T09:33:51.961Z","repository":{"id":321440442,"uuid":"1085861864","full_name":"atrawog/arch-devops","owner":"atrawog","description":"DevOps development container based on Arch Linux with Wayland desktop, VNC access, and Docker-from-Docker support","archived":false,"fork":false,"pushed_at":"2025-10-29T16:03:19.000Z","size":66,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-29T18:08:20.152Z","etag":null,"topics":["arch-linux","devcontainer","devops","docker","infrastructure-as-code","kubernetes","vnc","wayland"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/atrawog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-29T16:00:11.000Z","updated_at":"2025-10-29T16:02:54.000Z","dependencies_parsed_at":"2025-10-29T18:08:35.836Z","dependency_job_id":"0d634fb4-aef6-419e-a851-e19c81192856","html_url":"https://github.com/atrawog/arch-devops","commit_stats":null,"previous_names":["atrawog/arch-devops"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/atrawog/arch-devops","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atrawog%2Farch-devops","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atrawog%2Farch-devops/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atrawog%2Farch-devops/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atrawog%2Farch-devops/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/atrawog","download_url":"https://codeload.github.com/atrawog/arch-devops/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/atrawog%2Farch-devops/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32601588,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T22:12:39.696Z","status":"online","status_checked_at":"2026-05-04T02:00:06.625Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["arch-linux","devcontainer","devops","docker","infrastructure-as-code","kubernetes","vnc","wayland"],"created_at":"2025-11-01T18:01:37.567Z","updated_at":"2026-05-04T09:33:51.955Z","avatar_url":"https://github.com/atrawog.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Arch DevOps Development Container\n\nA production-ready DevOps development container based on Arch Linux with a full Wayland desktop environment accessible via VNC. Pre-configured with infrastructure tools, Docker-from-Docker support, AWS CLI, DevContainer CLI, and Claude Code.\n\n## Features\n\n- **Full Wayland Desktop**: Sway compositor with waybar status bar and wofi application launcher\n- **VNC Access**: KRDC-compatible VNC server on port 5900 (no password)\n- **Docker-from-Docker**: Mount host Docker socket for seamless container operations\n- **Pre-installed Tools**:\n  - **Cloud**: AWS CLI, Scaleway CLI\n  - **IaC**: OpenTofu (Terraform)\n  - **Kubernetes**: kubectl, Helm\n  - **Containers**: Docker, docker-compose, docker-buildx\n  - **DevContainer**: DevContainer CLI (`@devcontainers/cli`)\n  - **AI Development**: Claude CLI (`@anthropic-ai/claude-code`)\n  - **Development**: Node.js, npm, neovim, git, GitHub CLI\n  - **Task Runners**: pixi, just\n  - **Browser**: Google Chrome\n- **Service Management**: s6-overlay for reliable process supervision\n- **Auto GID Sync**: Automatic Docker socket permission synchronization\n- **VS Code Ready**: Full DevContainer support with recommended extensions\n\n## Quick Start\n\n### Using Pre-built Image (Recommended)\n\nPull and run the pre-built image from GitHub Container Registry:\n\n```bash\n# Pull the latest image\ndocker pull ghcr.io/atrawog/arch-devops:latest\n\n# Run the container\ndocker run -d \\\n    --name arch-devops \\\n    --hostname=arch-devops \\\n    --privileged \\\n    --cap-add=SYS_PTRACE \\\n    --security-opt seccomp=unconfined \\\n    --shm-size=2g \\\n    -v $(pwd):/workspace:cached \\\n    -v /var/run/docker.sock:/var/run/docker.sock \\\n    -p 5900:5900 \\\n    ghcr.io/atrawog/arch-devops:latest\n\n# Access via VNC\n# Connect to localhost:5900 with any VNC client (KRDC, TigerVNC, etc.)\n```\n\n### Using Pixi (Task Runner)\n\nThis project uses [Pixi](https://pixi.sh) for streamlined task management:\n\n```bash\n# Install pixi (if not already installed)\ncurl -fsSL https://pixi.sh/install.sh | bash\n\n# Pull pre-built image and run\npixi run ghcr-pull\npixi run up\n\n# Or build locally and run\npixi run dev\n\n# View all available tasks\npixi task list\n```\n\n### Using DevContainer CLI\n\nFor DevContainer workflows:\n\n```bash\n# Start DevContainer (pulls pre-built image)\npixi run dc-up\n\n# Open shell in DevContainer\npixi run dc-shell\n\n# Verify Docker access\npixi run dc-verify-docker\n```\n\n### Using VS Code\n\n1. Install the \"Dev Containers\" extension\n2. Open this folder in VS Code\n3. Press F1 → \"Dev Containers: Reopen in Container\"\n4. VS Code will pull the pre-built image or fall back to building\n5. Connect to VNC at `localhost:5900` to access the desktop\n\n## Using the Template\n\nThe `template/` directory provides a self-contained, portable configuration for using the pre-built image in **your own projects**. This is the recommended way to use arch-devops as a development environment.\n\n### What's Included\n\nThe template contains:\n- `.devcontainer/devcontainer.json` - Simplified DevContainer config (no build)\n- `pixi.toml` - Minimal task configuration with dc-* commands only\n- `scripts/` - Real copies of dc-down.sh and load-env.sh (no symlinks)\n- `.env.example` - Environment variable template\n- `.gitignore` - Standard ignore patterns\n- `README.md` - Comprehensive usage guide\n\n### Quick Setup\n\n```bash\n# 1. Copy template to your project\ncp -r /path/to/arch-devops/template/* /path/to/your/project/\n\n# 2. Configure environment\ncd /path/to/your/project\ncp .env.example .env\nnano .env  # Add your credentials\n\n# 3. Start using the container\npixi run dc-up              # Start DevContainer\npixi run dc-verify-docker   # Verify Docker access\npixi run dc-shell           # Open shell\n```\n\nOr with VS Code:\n1. Copy template files to your project\n2. Open project in VS Code\n3. F1 → \"Dev Containers: Reopen in Container\"\n4. Connect to VNC at `localhost:5900`\n\n### Key Features\n\n- **Fully Portable**: Copy anywhere, no dependencies on parent repo\n- **No Symlinks**: All files are real copies\n- **Pre-built Image**: Uses `ghcr.io/atrawog/arch-devops:latest`\n- **Self-Contained**: Works immediately after copying\n- **Your Workspace**: Your project directory becomes `/workspace` in container\n\nSee [template/README.md](template/README.md) for complete documentation.\n\n## GitHub Container Registry\n\nThe image is published to GitHub Container Registry at:\n- **Latest**: `ghcr.io/atrawog/arch-devops:latest`\n- **Version**: `ghcr.io/atrawog/arch-devops:v1.0.0`\n\n### Publishing to GHCR\n\nIf you want to publish your own version:\n\n```bash\n# 1. Create GitHub Personal Access Token with write:packages scope\n#    https://github.com/settings/tokens/new\n\n# 2. Authenticate\nexport GITHUB_TOKEN=your_token_here\npixi run ghcr-login\n\n# 3. Build and publish\npixi run ghcr-publish\n```\n\nSee [REGISTRY.md](REGISTRY.md) for complete publishing documentation.\n\n## Building from Source\n\nIf you prefer to build locally:\n\n```bash\n# Using Pixi\npixi run build\n\n# Using Docker directly\ndocker build -t arch-devops:latest .\n\n# With no cache (clean build)\npixi run rebuild\n```\n\n**Build time**: 10-15 minutes (first build), 2-5 minutes (with cache)\n\n**Image size**: ~3.79GB\n\n## Usage\n\n### Common Pixi Commands\n\n| Command | Description |\n|---------|-------------|\n| `pixi run dev` | Build and run container |\n| `pixi run up` | Start container |\n| `pixi run down` | Stop container |\n| `pixi run shell` | Open bash shell |\n| `pixi run logs` | View container logs |\n| `pixi run status` | Show container status |\n| `pixi run vnc` | Display VNC info |\n| `pixi run reset` | Clean rebuild |\n\n### Docker-from-Docker Usage\n\nThe container automatically syncs Docker GID at startup:\n\n```bash\n# Connect to the container\ndocker exec -it arch-devops bash\n\n# Docker commands work immediately (no sudo needed)\ndocker ps\ndocker build -t myimage .\ndocker-compose up\n```\n\n### AWS CLI Usage\n\n```bash\n# Configure credentials (first time)\ndocker exec -it arch-devops aws configure\n\n# Or mount your credentials\ndocker run -v ~/.aws:/home/jovian/.aws:ro ...\n\n# Use AWS commands\ndocker exec -it arch-devops aws s3 ls\ndocker exec -it arch-devops aws sts get-caller-identity\n```\n\nOr via pixi tasks:\n```bash\npixi run aws-whoami\npixi run aws-configure\npixi run aws-s3-ls\npixi run aws-regions\n```\n\n### Desktop Environment\n\nConnect via VNC to `localhost:5900` to access:\n\n**Keybindings** (Mod4 = Windows/Super key):\n- `Mod4+Return` - Open terminal\n- `Mod4+d` - Application launcher\n- `Mod4+c` - Google Chrome\n- `Mod4+Shift+q` - Close window\n- Right-click - Application launcher\n\n**Installed applications**:\n- Foot terminal\n- Google Chrome\n- Application launcher (wofi)\n\n## Docker-from-Docker Architecture\n\nThis container uses **Docker-from-Docker** (NOT Docker-in-Docker):\n\n```\nHost Machine\n  └── Docker Daemon (dockerd)\n      └── arch-devops Container\n          ├── Docker CLI tools ✓\n          ├── /var/run/docker.sock → Host socket ✓\n          └── jovian user in docker group ✓\n```\n\n**Benefits**:\n- No nested Docker daemon overhead\n- Shares host's Docker image cache\n- More efficient resource usage\n- Automatic GID synchronization\n\n**How it works**:\n1. Container entrypoint detects host Docker socket GID\n2. Updates container's docker group to match\n3. Ensures jovian user has access\n4. Bashrc auto-refreshes group membership if needed\n\nSee [CLAUDE.md](CLAUDE.md) for complete technical documentation.\n\n## Testing\n\nRun the comprehensive test suite:\n\n```bash\n# All tests\npixi run test-all\n\n# Individual test suites\npixi run test-tools          # Verify all tools installed\npixi run test-docker         # Test Docker integration\npixi run test-devcontainer   # Test DevContainer config\npixi run verify-docker       # Verify Docker permissions\n```\n\nSee [TEST-PLAN.md](TEST-PLAN.md) for complete testing documentation.\n\n## Troubleshooting\n\n### Docker Permission Denied\n\nIf `docker ps` fails with permission denied:\n\n```bash\n# Refresh group membership\nexec bash\n\n# Or manually sync GID\ndocker exec -it arch-devops /usr/local/bin/sync-docker-gid.sh\n```\n\n### VNC Not Connecting\n\nCheck if services are running:\n\n```bash\npixi run health\n```\n\nShould show:\n- ✓ Sway running\n- ✓ WayVNC running\n- ✓ VNC port listening\n\n### DevContainer Build Issues\n\nIf DevContainer CLI fails to pull image:\n\n```bash\n# Expected behavior: Falls back to building from Dockerfile\n\n# To use pre-built image, authenticate first:\nexport GITHUB_TOKEN=your_token\npixi run ghcr-login\npixi run dc-up\n```\n\n## Project Structure\n\n```\narch-devops/\n├── .devcontainer/\n│   └── devcontainer.json        # VS Code DevContainer config\n├── config/\n│   ├── s6/                      # Service definitions\n│   ├── sway/config              # Window manager config\n│   ├── wayvnc/config            # VNC server config\n│   ├── wofi/                    # App launcher styling\n│   ├── waybar/                  # Status bar config\n│   ├── bashrc/bashrc            # User bash config\n│   └── applications/            # Desktop entries\n├── scripts/\n│   ├── docker-entrypoint.sh     # GID sync entrypoint\n│   ├── sync-docker-gid.sh       # Docker GID sync script\n│   ├── dc-down.sh               # DevContainer lifecycle\n│   └── test-*.sh                # Test suites\n├── Dockerfile                   # Container definition\n├── pixi.toml                    # Task runner config\n├── CLAUDE.md                    # Technical documentation\n├── REGISTRY.md                  # GHCR publishing guide\n└── README.md                    # This file\n```\n\n## Documentation\n\n- **[CLAUDE.md](CLAUDE.md)** - Complete technical documentation and architecture\n- **[REGISTRY.md](REGISTRY.md)** - GitHub Container Registry publishing guide\n- **[TEST-PLAN.md](TEST-PLAN.md)** - Comprehensive testing strategy\n- **[pixi.toml](pixi.toml)** - All available tasks and commands\n\n## Requirements\n\n- **Docker**: Version 20.10+ (BuildKit support)\n- **VNC Client**: KRDC, TigerVNC, or any VNC viewer\n- **Pixi** (optional): For task automation\n- **VS Code** (optional): For DevContainer support\n\n## Environment Variables\n\n| Variable | Default | Description |\n|----------|---------|-------------|\n| `DISPLAY_WIDTH` | 1920 | VNC display width |\n| `DISPLAY_HEIGHT` | 1080 | VNC display height |\n| `PROJECT_NAME` | arch-devops | Project identifier |\n| `USER` | jovian | Default user |\n\n## User Configuration\n\n- **User**: `jovian` (UID/GID 1000)\n- **Groups**: wheel (sudo), docker\n- **Workspace**: `/workspace` (mounted from host)\n- **Home**: `/home/jovian`\n\n## Security Notes\n\n- Container runs in **privileged mode** for nested Docker and device access\n- VNC has **no authentication** (development convenience)\n- Docker socket is **mounted from host** (full access to host Docker)\n- Suitable for **development environments**, not production\n\n## Contributing\n\nContributions welcome! Please:\n1. Test changes with `pixi run test-all`\n2. Update documentation as needed\n3. Follow existing code style\n4. Submit pull requests\n\n## License\n\nThis project is provided as-is for development use.\n\n## Support\n\nFor issues, questions, or contributions:\n- File issues on GitHub\n- Check existing documentation in CLAUDE.md\n- Review test plans in TEST-PLAN.md\n- Consult GHCR guide in REGISTRY.md\n\n## Version\n\n**Current version**: 1.0.0\n\nSee [REGISTRY.md](REGISTRY.md) for version history and release notes.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatrawog%2Farch-devops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fatrawog%2Farch-devops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatrawog%2Farch-devops/lists"}