Sandboxing
This commit is contained in:
parent
cd04d34b23
commit
70df689701
7 changed files with 324 additions and 34 deletions
|
|
@ -85,6 +85,29 @@ services:
|
|||
networks:
|
||||
- kaboot-network
|
||||
|
||||
kaboot-sandbox:
|
||||
build:
|
||||
context: ./server/sandbox
|
||||
dockerfile: Dockerfile
|
||||
restart: unless-stopped
|
||||
read_only: true
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
cap_drop:
|
||||
- ALL
|
||||
environment:
|
||||
MAX_CONCURRENT: "2"
|
||||
tmpfs:
|
||||
- /tmp:size=200M,mode=1777
|
||||
deploy:
|
||||
replicas: ${SANDBOX_REPLICAS:-4}
|
||||
resources:
|
||||
limits:
|
||||
cpus: '1'
|
||||
memory: 512M
|
||||
networks:
|
||||
- kaboot-network
|
||||
|
||||
kaboot-backend:
|
||||
build:
|
||||
context: ./server
|
||||
|
|
@ -105,10 +128,14 @@ services:
|
|||
STRIPE_WEBHOOK_SECRET: ${STRIPE_WEBHOOK_SECRET:-}
|
||||
STRIPE_PRICE_ID_MONTHLY: ${STRIPE_PRICE_ID_MONTHLY:-}
|
||||
STRIPE_PRICE_ID_YEARLY: ${STRIPE_PRICE_ID_YEARLY:-}
|
||||
SANDBOX_URL: http://kaboot-sandbox:3002
|
||||
USE_SANDBOX: "true"
|
||||
volumes:
|
||||
- kaboot-data:/data
|
||||
tmpfs:
|
||||
- /tmp:size=100M
|
||||
depends_on:
|
||||
- kaboot-sandbox
|
||||
networks:
|
||||
- kaboot-network
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue