The sandbox server allows clients to connect and establish a web socket connection to a sandboxed environment. The following image gives an overview of the system:
- Install sourcebox-sandbox (see
INSTALL.md) for detailed instructions. npm install https://github.com/waywaaard/sandbox-servernpm install -g pm2- By default the server starts on port
80. If you are usingnginxyou need to change that. It is possible to use aproduction.jsonconfiguration that is loaded when theproductionenv is set. It gets automatically merged with the default configuration options. - Change the authentication secret and generate yourself a password for the local storage to access ("use") the test page (see below for further instructions)
Start the server with: sudo pm2 start process.json --env production
Start the server with sudo DEBUG=sourcebox:* pm2 start process.json --env production to get all the debug outputs on the console.
You can use systemd-cgtop to watch the current created sandboxes and their resource usage.
The sandbox server serves a simple testpage on port 80. See options. You can disable the testpage by setting serverStatic: false.
In order to access the server you need to generate yourself a valid password token and set it on your local storage.
Example password in the browser console:
localStorage.password = "eyJhbGciOiJIUzI1NiJ9.ZGlkaXRmb3J0aGVsdWx6.CMb8-OxIFLoXfTwdT21fqIVlqIA7jfeklLgiwu2xUHg"
Use the jsonwebtoken package and create yourself a token by jwt.sign(PW, SECRET) and use the above line to set it in your browser. You may use
https://runkit.com/npm/jsonwebtoken as a fast way of creating one.
If the test server fails with and internal error due to failed to set cgroup memory limit, then you need to follow these steps:
- Add
cgroup_enable=memory swapaccount=1toGRUB_CMDLINE_LINUX_DEFAULTin/etc/default/grub - Run
update-grub - Reboot the server
- Restart/Start server and try again