[Gambas-user] gambas playground are active project?
Adrien Prokopowicz
adrien.prokopowicz at gmail.com
Sun May 13 16:50:37 CEST 2018
Le 25/04/2018 à 18:03, PICCORO McKAY Lenz a écrit :
> hi, i can see that was focused on docker deploy (and cloud docker now
> are abandoned)
>
> i dont trush on docker due are like fashion..
>
> thankns for the link, i try to use it and install,. maybe made a package..
>
> i need some instructions tips and directions some one can help me?
The playground server itself does not run inside a Docker container, but
it uses it to run the code snippets you send.
Whenever a snippet is received through an HTTP request, the
playground-server creates a new temporary container (from a prebuilt
image, which contains the playground-runner), and passes it your snippet
through STDIN.
Inside the container, the runner saves your snippet and invokes the
Gambas scripter (gbs3) on it. The resulting output is then passed back
to the playground-server, which is then passed back as a response to the
HTTP request.
Once everything is complete, the container is discarded, with every
change you could have made to the filesystem.
This is mainly for security reasons, this way the snippets cannot affect
the server at all (you can even run an "rm -rf /" if you want!). There
are also a few other parameters to limit what you can do in the
container, such as limiting CPU, RAM usage, and the amount of processes
you can create (all the rules are in the source code).
As a side note, I'm not a fan of running everything on Docker either,
but it is far from abandoned and widely adopted, and unless there are
alternatives I'm not aware of, here it is just the right tool for the job.
The only (big) downside there is with Docker, is that alowing a process
(like the playground-server) to create and manage containers basically
requires to give it root access (or similar), which is not acceptable in
a shared environment (such as the servers currently hosting the various
Gambas services).
This is why I think it's best that I keep hosting it myself: if there
happens to be a security flaw somewhere that affects the playground
server, I don't really care if my small server is wiped or anything (I
made it so the server does not actually store anything). :-)
As for installation tips, I will write a nice README on the repository
with all the instructions, but basically what you have to do is after
installing Gambas and Docker, you need to make sure the user running the
playground-server executable is either root or in the docker group.
Then build the runner image by getting inside the root directory of the
repository (where the Dockerfile is), and then run docker build -t
prokopyl/playground. You can now start the playground-server using the
embedded http server (gbr3 -H) and it will respond to POST requests made
on "/". :-)
As for the UI, it is just a bunch of static files, you can use your
favorite HTTP server to serve them (the playground I host uses NGINX).
For now however a lot of things are hard-coded, and the UI expects the
playground-server to respond on /run (to not conflict with the index
page), so you'll want to configure your HTTP server as a reverse-proxy
for the playground server, optionally enabling you to use HTTPS, gzip
compression, caching, etc.
Hope this helps. :-)
Regards,
--
Adrien Prokopowicz
More information about the User
mailing list