favicon here hometagsblogmicrobio cvtech cvgpg keys

VSCodium Flatpak on openSUSE Aeon

#workflow #container #aeon #kalpa #flatpak

Soc Virnyl Estela | 2023-07-14 | updated: 2023-07-15 |reading time: ~3min

Prerequisites§

To start, you must have an immutable linux desktop distribution such as openSUSE Aeon. In this short post, I will explain how to set up VSCodium Flatpak in an immutable linux desktop. Some of the steps can be imitated to other immutable distros such as Fedora Silverblue and VanillaOS.

Reason§

There are ongoing issues and questions amongst Linux users and skepticisms regarding the usability of immutable desktops and the push for an all flatpak (or snap, if you prefer that,) immutable desktop distribution.

This post, however, only debunks misinformation of how to use VSCodium Flatpak (or even VSCode Flatpak) properly in this kind of system.

The Guide§

Setting up Flatpak§

openSUSE Aeon already has flatpak set up out of the box but it's system-wide. If you prefer user-wide installations, you can do:

flatpak --user remote-add \
        --if-not-exists flathub \
        https://dl.flathub.org/repo/flathub.flatpakrepo

Installing VSCodium Flatpak§

Assuming you use openSUSE Aeon, you can install VSCodium Flatpak through GNOME Software. If you love to use the CLI, you can do the following:

User-wide install§

flatpak --user install com.vscodium.codium

System-wide install§

flatpak install com.vscodium.codium

Then install Open-Remote-SSH Plugin for VSCodium - https://github.com/jeanp413/open-remote-ssh.

Setting up distrobox§

openSUSE Aeon comes with distrobox out of the box 😜

Distrobox is a podman frontend much like toolbx. I prefer distrobox because it's way more flexible in my experience.

To create my own container, I run the following command

distrobox-enter tumbleweed

This will create a podman container named as "tumbleweed". I advise you to set a custom HOME directory though. You can do that by using the command

distrobox-create -n tumbleweed -H somedir/you/really/want/to/set/as/HOME/for/that/container

For more information, check out the documentation at https://distrobox.privatedns.org/usage.

Setting up SSH and SSHD in your container§

After entering your container (here we use "tumbleweed"), do


sudo /usr/sbin/sshd-gen-keys-start
# assuming you have vim installed in the podman container
# I use vim here
sudo vim /etc/ssh/sshd_config

Then add the following to your /etc/ssh/sshd_config in that container

Port 10000
ListenAddress localhost
PermitEmptyPasswords yes
PermitUserEnvironment yes
X11Forwarding yes

Next, run the sshd command like so

sudo /usr/sbin/sshd

Make sure the container is running during all of your sessions. Distrobox does it by default.

Then in your host system, edit ~/.ssh/config with the following content

Host tumbleweed
  HostName localhost
  Port 10000

Finally, use your Open-Remote-SSH plugin in VSCodium to connect to that container and set up your development environment!

Conclusion§

Setting up VSCodium flatpak is complicated but not that hard as long as you are familiar with how containers work and how to choose the right plugins. I believe that a development environment that is mostly SSH-ing to containers bring benefits that outweighs its disadvantages:

  • clean base system; install dev dependencies in the container
  • throw the container away to start fresh if desired
  • allows developers to install only the necessary stuff on their base system
  • encourages the use of flatpaks, a universal distribution/packaging format
  • explores possibilities of making immutable desktops as a viable development environment

Articles from blogs I follow around the net

Body::poll_progress

This describes a proposal for a cancelation problem with hyper’s request and response bodies. hyper is an HTTP library for the Rust language. Background: what is the Body trait? The Body trait used by hyper is meant to represent a potentially streaming (…

via seanmonstarApril 22, 2025

CVE-2025-32433 - State Machine Err-ly RCE in Erlang/OTP SSH Server

CVE-2025-32433 is a remote code execution vulnerability in the SSH server implementation within Erlang’s OTP libraries (affecting versions legendary CVSS score of 10.0 and became known as a vulnerability for which AI-assisted exploit development process wa…

via GreyNoise LabsApril 22, 2025

AI-powered search summaries led to less clicks to websites

Google claims that links beside AI summaries get more clicks. This goes against intuition. Ahrefs did some analysis on this recently. Who is right?

via Rob O'Leary | BlogApril 21, 2025

Resistance from the tech sector

As of late, most of us have been reading the news with a sense of anxious trepidation. At least, those of us who read from a position of relative comfort and privilege. Many more read the news with fear. Some of us are already no longer in a position to re…

via Drew DeVault's blogApril 20, 2025

Retrospective: Five Years Blogging About Cryptography as a Gay Furry Online

The history of this blog might very well be a cautionary tail (sic) about scope creep. The Original Vision For Dhole Moments Originally, I just wanted a place to write about things too long for Twitter (back when I was an avid Twitter poster). I also figur…

via Dhole MomentsApril 17, 2025

Status update, April 2025

Hi! Last week wlroots 0.19.0-rc1 has been released! It includes the new color management protocol, however it doesn’t include HDR10 support because the renderer and backend bits haven’t yet been merged. Also worth noting is full explicit synchronization su…

via emersionApril 16, 2025

The IndieWeb & that blog roll

The IndieWeb's something I've known about for a while, but never really engaged with. I mean this is very much part of The Indie Web, the very thing, you're reading it right now. But in terms of the camel cased movement, not so much. To me they seemed a bi…

via Mike KreuzerApril 16, 2025

Tidbyt without the company

Remember the Tidbyt? It’s a super low-resolution, internet-connected, wood-paneled display that I wrote a review of it back in 2022. It’s been on my shelf for years now, showing the time, weather, warning me when the UV is going to be high. In 2023 I used …

via macwright.comApril 12, 2025

One does not simply write a SSH config parser (in Rust)

Do you know the feeling when you start a project and you think it will be easy, but then you realize that it is not? This is the story of the implementation of ssh2-config, a Rust library to parse SSH config files. Why did I write this? Because basically…

via Christian Visintin BlogMarch 30, 2025

LLDB's TypeSystems: An Unfinished Interface

Well, it's "done". TypeSystemRust has a (semi) working prototype for LLDB 19.x. It doesn't support expressions or MSVC targets (i.e. PDB debug info), and there are a whole host of catastrophic crashes, but it more or less proves what it needs to: Rust's de…

via Cracking the ShellMarch 28, 2025

Backup Yubikey Strategy

After a local security meetup where I presented about Webauthn, I had a really interesting chat with a member about a possible Yubikey management strategy. Normally when you purchase a yubikey it's recommended that you buy two of them - one primary and one…

via Firstyear's blog-a-logFebruary 28, 2025

Ludic's Guide To Getting Software Engineering Jobs

The steps in this guide have generated A$1,179,000 in salary (updated 13th April, 2025), measured as the sum of the highest annual salaries friends and readers have reached after following along, where they were willing to attribute their success actions i…

via LudicityFebruary 28, 2025

The Adrian Dittmann Story

the evidence, from A to Z, and righting the wrongs

via maia blogJanuary 05, 2025

Awesome Fish functions

Some awesome fish functions that I have accumalated over the years.

via Ishan WritesJanuary 03, 2025

Physics Simulations in Bevy

Bevy is the most popular and powerful game engine in Rust. Because of its flexibility, it can be used not only for games but also for (scientific) physics simulations. In this blog post, I will share my experience using Bevy for physics simulations from sc…

via mo8it.comJuly 19, 2024

Defending myself against defensive writing

I write this blog because I enjoy writing. Some people enjoy reading what I write, which makes me feel really great! Recently, I took down a post and stopped writing for a few months because I didn't love the reaction I was getting on social media sites li…

via pcloadletterMay 27, 2024

The Elegiac Hindsight of Intelligent Machines

This essay was edited out of a chapter of my book, The Intelligence Illusion: a practical guide to the business risks of Generative AI, with minor alterations. “See the choice of dreams”, and then worry about it Very well. This book – this side, Dream …

via Out of the Software Crisis (Newsletter)October 13, 2023

Regex engine internals as a library

Over the last several years, I’ve rewritten Rust’s regex crate to enable better internal composition, and to make it easier to add optimizations while maintaining correctness. In the course of this rewrite I created a new crate, regex-automata, which expos…

via Andrew Gallant's Blog on Andrew Gallant's BlogJuly 05, 2023

Generated by openring-rs

favicon here hometagsblogmicrobio cvtech cvgpg keys