adrian/cours-snt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
master
cours-snt/test-python-ssh
History
Adrian Amaglio 39237455c2 contenu du tp
2021-03-17 12:40:23 +01:00
..
config update 2021-03-03 16:49:58 +01:00
nginx path fix 2021-03-10 21:40:45 +01:00
python_app path fix 2021-03-10 21:40:45 +01:00
.dockerignore Beta version, working PoC 2021-02-15 13:51:48 +01:00
docker-compose.yml update 2021-03-03 16:49:58 +01:00
Dockerfile Beta version, working PoC 2021-02-15 13:51:48 +01:00
entrypoint.sh update 2021-03-03 16:49:58 +01:00
Readme.md contenu du tp 2021-03-17 12:40:23 +01:00

Readme.md

Python, web and SSH sandbox

For educational purpose only! None of this software is tested, optimized nor secured. It is actually unsecure on purpose This is a very experimental tool, it may be working. Any suggestion or PR is welcome.

How to use it?

Install docker

https://docs.docker.com/get-docker/

Initialize it

The directory config must contain a users.txt, containing one username per line, or a passwords.txt file, containing username=password lines.
If you do not provide a password file, it will be generated from user file.
The password file is the database from which users/passwords are created in the system.
Aditionnaly, you can add a file named ./config/init.sh which will be executed (as root) before starting the servers. It is usefull for debuging and customisation purposes!

Run it

While in this file directory, open a terminal and run the following command (the download can be very long…).

docker run -it --name pythonsandbox --rm --network host -v "$(pwd)"/production_eleves:/app/python_app/modules -v "$(pwd)"/config:/app/config jeancloud/pythonsandbox

(Logs will flow in your terminal, CTRL+C will stop the process).
Read carefuly the first messages!

Use it

You can now ssh into your localhost (and others computer on the same network can ssh into your host). Usernames and passwords are the one provided in the password file.
Students home directories are then listed in the production_eleves directory.

Debug it

You can open a shell (as root) in the container anytime by running this command on the docker host:

docker exec -it pythonsandbox bash

The docker image

To bundle everything in one place. This docker image is not a pretty one, we should split those services into several containers. But that would be harder to run, so forget that.
Also, as this is poorly tested, the docker system make sure the environment is stable.

Build the docker image

docker build . -t jeancloud/pythonsandbox

or pull it

docker pull jeancloud/pythonsandbox

Volumes

  • /app/modules is where python scripts will be executed on some URL calls.
  • /app/config is the location of the user, password and init files.

Environment variables

None used, do watever you want

How does it works?

A python script

It run with uwsgi (CF dockerfile CMD line) and load python modules files according to URL. For instance, when you HTTP-get /test/my_function the function my_function is executed from the file test.py.
###Default behavior:

  • if test is a directory, we will try to load default function index from file test/my_function.py
  • if test/my_function is a directory, we will try to load default function index from file test/my_function/main.py If you dont like this default behavior, just dont use main and index names.

Arguments

GET arguments (the ones in URL), are passed as function parameter (only if the parameters name matches the arguments name).

SSH server

Allow student to connect via SSH or SFTP to add python files and play with bash.

NGINX HTTP server

For more flexibility with HTTP

TODOs

  • public directory in homes where content is served