[Gambas-user] gambas playground are active project?

Adrien Prokopowicz adrien.prokopowicz at gmail.com
Sun May 13 16:50:37 CEST 2018


Le 25/04/2018 à 18:03, PICCORO McKAY Lenz a écrit :
> hi, i can see that was focused on docker deploy (and cloud docker now 
> are abandoned)
> 
> i dont trush on docker due are like fashion..
> 
> thankns for the link, i try to use it and install,. maybe made a package..
> 
> i need some instructions tips and directions some one can help me?

The playground server itself does not run inside a Docker container, but 
it uses it to run the code snippets you send.

Whenever a snippet is received through an HTTP request, the 
playground-server creates a new temporary container (from a prebuilt 
image, which contains the playground-runner), and passes it your snippet 
through STDIN.
Inside the container, the runner saves your snippet and invokes the 
Gambas scripter (gbs3) on it. The resulting output is then passed back 
to the playground-server, which is then passed back as a response to the 
HTTP request.
Once everything is complete, the container is discarded, with every 
change you could have made to the filesystem.

This is mainly for security reasons, this way the snippets cannot affect 
the server at all (you can even run an "rm -rf /" if you want!). There 
are also a few other parameters to limit what you can do in the 
container, such as limiting CPU, RAM usage, and the amount of processes 
you can create (all the rules are in the source code).

As a side note, I'm not a fan of running everything on Docker either, 
but it is far from abandoned and widely adopted, and unless there are 
alternatives I'm not aware of, here it is just the right tool for the job.

The only (big) downside there is with Docker, is that alowing a process 
(like the playground-server) to create and manage containers basically 
requires to give it root access (or similar), which is not acceptable in 
a shared environment (such as the servers currently hosting the various 
Gambas services).
This is why I think it's best that I keep hosting it myself: if there 
happens to be a security flaw somewhere that affects the playground 
server, I don't really care if my small server is wiped or anything (I 
made it so the server does not actually store anything). :-)

As for installation tips, I will write a nice README on the repository 
with all the instructions, but basically what you have to do is after 
installing Gambas and Docker, you need to make sure the user running the 
playground-server executable is either root or in the docker group.

Then build the runner image by getting inside the root directory of the 
repository (where the Dockerfile is), and then run docker build -t 
prokopyl/playground. You can now start the playground-server using the 
embedded http server (gbr3 -H) and it will respond to POST requests made 
on "/". :-)

As for the UI, it is just a bunch of static files, you can use your 
favorite HTTP server to serve them (the playground I host uses NGINX). 
For now however a lot of things are hard-coded, and the UI expects the 
playground-server to respond on /run (to not conflict with the index 
page), so you'll want to configure your HTTP server as a reverse-proxy 
for the playground server, optionally enabling you to use HTTPS, gzip 
compression, caching, etc.

Hope this helps. :-)

Regards,

-- 
Adrien Prokopowicz


More information about the User mailing list