improve option to run without bubblewrap #20 #28

leanprover-community · Aug 8, 2024 · 1728772 · 1728772
1 parent e17c186
commit 1728772
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 30 deletions.
diff --git a/README.md b/README.md
@@ -15,8 +15,11 @@ PRs are welcome as well.
 To add new themes, please read [Adding Themes](client/public/themes/README.md).
 
 ## Security
-Providing the use access to a Lean instance running on the server is a severe security risk. That is why we start the Lean server
-using [Bubblewrap](https://github.com/containers/bubblewrap).
+Providing the use access to a Lean instance running on the server is a severe security risk.
+That is why we start the Lean server using [Bubblewrap](https://github.com/containers/bubblewrap).
+
+If bubblewrap is not installed, the server will start without a container and produce a warning.
+You can also opt-out of using bubblewrap by setting `NODE_ENV=development`.
 
 ## Build Instructions
 

diff --git a/server/bubblewrap.sh b/server/bubblewrap.sh
@@ -2,25 +2,33 @@
 
 ELAN_HOME=$(cd $1 && lake env printenv ELAN_HOME)
 
-(exec bwrap\
-  --ro-bind $1 /project \
-  --ro-bind $ELAN_HOME /elan \
-  --ro-bind /usr /usr \
-  --dev /dev \
-  --proc /proc \
-  --symlink usr/lib /lib\
-  --symlink usr/lib64 /lib64\
-  --symlink usr/bin /bin\
-  --symlink usr/sbin /sbin\
-  --clearenv \
-  --setenv PATH "/elan/bin:/bin" \
-  --setenv ELAN_HOME "/elan" \
-  --unshare-user \
-  --unshare-pid  \
-  --unshare-net  \
-  --unshare-uts  \
-  --unshare-cgroup \
-  --die-with-parent \
-  --chdir "/project/" \
-  lake serve --
-)
+if command -v bwrap >/dev/null 2>&1; then
+  (exec bwrap\
+    --ro-bind $1 /project \
+    --ro-bind $ELAN_HOME /elan \
+    --ro-bind /usr /usr \
+    --dev /dev \
+    --proc /proc \
+    --symlink usr/lib /lib\
+    --symlink usr/lib64 /lib64\
+    --symlink usr/bin /bin\
+    --symlink usr/sbin /sbin\
+    --clearenv \
+    --setenv PATH "/elan/bin:/bin" \
+    --setenv ELAN_HOME "/elan" \
+    --unshare-user \
+    --unshare-pid  \
+    --unshare-net  \
+    --unshare-uts  \
+    --unshare-cgroup \
+    --die-with-parent \
+    --chdir "/project/" \
+    lean --server
+  )
+else
+  echo "bwrap is not installed. Running without container." >&2
+  (exec
+    cd $1
+    lean --server
+  )
+fi
diff --git a/server/index.mjs b/server/index.mjs
@@ -72,6 +72,18 @@ if (crtFile && keyFile) {
 
 const wss = new WebSocketServer({ server })
 
+function checkCommandExists(command) {
+  return new Promise((resolve, reject) => {
+      exec(`command -v ${command}`, (error) => {
+          if (error) {
+              resolve(false); // Command does not exist
+          } else {
+              resolve(true); // Command exists
+          }
+      });
+  });
+}
+
 function startServerProcess(project) {
   let projectPath = __dirname + `/../Projects/` + project
 
@@ -81,18 +93,25 @@ function startServerProcess(project) {
     serverProcess = cp.spawn("./bubblewrap.sh", [projectPath], { cwd: __dirname })
   } else {
     console.warn("Running without Bubblewrap container!")
-    serverProcess = cp.spawn("lake", ["serve", "--"], { cwd: projectPath })
+    serverProcess = cp.spawn("lean", ["--server"], { cwd: projectPath })
   }
 
+  // serverProcess.stdout.on('data', (data) => {
+  //   console.log(`Lean Server: ${data}`);
+  // });
+
+  serverProcess.stderr.on('data', data =>
+    console.error(`Lean Server: ${data}`)
+  )
+
   serverProcess.on('error', error =>
     console.error(`Launching Lean Server failed: ${error}`)
   )
 
-  if (serverProcess.stderr !== null) {
-    serverProcess.stderr.on('data', data =>
-      console.error(`Lean Server: ${data}`)
-    )
-  }
+  serverProcess.on('close', (code) => {
+    console.log(`child process exited with code ${code}`);
+  });
+
   return serverProcess
 }