using openSUSE microOS for container-driven development

on erock's blog

leaning into container-driven development

Lately I've been getting the itch to switch my main headless development box from archlinux to something else.

The primarily features I currently care about:

Given that I decided to try openSUSE MicroOS since it ticked all the boxes.

# Why container-driven development?

I want better isolation between the tools I use from my host OS. Theoretically it should make it easier to remove dependencies for my development environment. It also makes it easier for me to experiement with different tools without having to properly clean them up when I'm done using them. It also helps me write a more reliable development environment because I'm continuously updating my Dockerfile with new dependencies.

Using a host OS directly means that there's a tendenacy to accumulate tools and packages over time without great mechanisms to cleanup. Now all I have to do is delete a container and rebuild with the new set of tools.

# Installation

This was a breeze compared to setting up archlinux. The GUI basically did all the heavy lifting of creating the partitions, setting keyboard, languages, timezone, and networking.

# Initial setup

# Update sudoers

1sudo vim /etc/sudoers
2# uncomment section for `wheel` group

# Create wheel group

1groupadd wheel

# Create user

1useradd -p <pass> -g wheel erock

# Update hostname

1sudo hostnamectl set-name arc

# Update fstab

1sudo vim /etc/fstab
2# add NAS and extra SSD in my dev box
3# I need cifs-utils for the NAS

# Install minimal packages

1sudo transactional-update pkg install distrobox mosh cifs-utils

# SSH

I didn't have my public key handy during installation of MicroOS, however, sshd was setup automatically and it supported password logins out-of-the-box.

Once I could SSH into the machine, I copied my dotfiles and private keys onto the box.

1cat ~/.ssh/id_xxx.pub > ~/.ssh/authorized_keys
1scp -R ~/dotfiles arc:/home/erock/dotfiles

# Setup dev container

Here's dev.Dockerfile:

 1FROM archlinux:base-devel
 2
 3RUN pacman -Syy && pacman -S --noconfirm \
 4    bat \
 5    curl \
 6    deno \
 7    direnv \
 8    expect \
 9    fzf \
10    git \
11    gnupg \
12    go \
13    jq \
14    keychain \
15    man-db \
16    man-pages \
17    neovim \
18    npm \
19    nodejs \
20    openssh \
21    pass \
22    pass-otp \
23    ripgrep \
24    scdoc \
25    tree \
26    tmux \
27    unzip \
28    vim \
29    zsh
30
31# place for sources to compile (e.g. aur)
32RUN mkdir /opt/sources
33WORKDIR /opt/sources
34
35# irc chat
36RUN git clone https://git.sr.ht/~taiite/senpai
37WORKDIR /opt/sources/senpai
38RUN make && make install

And here's how I ran it inside distrobox:

1podman build -t dev -f dev.Dockerfile . # archlinux
2distrobox create -i dev dev
3distrobox enter dev
4
5~/dotfiles/dotfiles.sh # copy dotfiles from dotfile repo -- including keys
6~/dotfiles/setup_fresh.sh # setup neovim plugin manager, tmux plugin manager, oh-my-zsh, chsh -s /usr/sbin/zsh

# Issues

I haven't figured out how to run podman inside a docker container. There is documentation for how to do it but it currently isn't working.

For some reason, $SHELL is still set to /bin/bash which means tmux is using the wrong shell. The docs for distrobox instruct us to just run chsh but oh-my-zsh does that automatically upon initial installation. For now, I manually set the shell inside tmux.

# On mutating an "immutable" OS

MicroOS allows the following directories to be modified:

This is a pretty large hole where files can be modified directly. When comparing it to something like nixOS, it's clear it's an immutable-lite OS. This is good enough for me, but the natural end feels like a fully immutable OS like nixOS.

# Conclusion

That's it! I now have a fully functional development container that works as-if I was on archlinux. So far, I've been very happy with MicroOS+distrobox, it's a really powerful setup that will keep my host machine relatively stable and unchanged.

Have a comment? Start a discussion by sending an email to my public inbox.