almost to an alpha

2019-08-07 00:02:41 +00:00
parent c9fcc6fc98
commit 1d56e32835
7 changed files with 306 additions and 216 deletions
--- a/bin/devserver
+++ b/bin/devserver
@@ -11,5 +11,5 @@ cd "$UPDIR"
 if [[ ! -d "$STRPC_BASE" ]]; then
 	mkdir -p "$STRPC_BASE"
 fi
-pipenv run bin/strpc
+pipenv run bin/strpcd

--- a/bin/prodserver
+++ b/bin/prodserver
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# NOTE!
+# when you mount the docker socket into the docker container
+# this is equivalent to giving it root on the outside host.
+# the jobs run via this tool should not be able to exploit this,
+# but it's possible that they can, so don't assume that jobs execute
+# in an isolated security context.
+
+docker run \
+	--name strpcd \
+	-v /var/run/docker.sock:/var/run/docker.sock \
+	-v /storage/strpc:/rpc \
+	--restart always \
+	-d \
+	sneak/strpcd