This template repository implements a docker stack that can act as your own personal, lightweight, micro-cloud setup. The stack uses the open-source Theia framework to build a browser-based IDE, similar to VSCode, that is served from Docker container. An authentication layer is provided by Caddy and public hosting is handled by Argo Tunnel. Additionally, the IDE and caddy processes are handled by supervisord for process control and automatic restarts.
Several services are created for monitoring:
- glances is used for host resource monitoring
- cAdvisor provides detailed container metrics
- Prometheus stores time series data collected from glances and cAdvisor
- Grafana dashboards are provisioned for visualization of host resource utilization and Caddy Server load
Lastly, an IPFS node is included for content delivery and basic object storage functionality.
This repo is intended to be self-contained in that a developer should be able to use it as a stand-alone tool. However, it can also serve as a template project for specialized applications like Web 3.0 infrastructure hosting or remote access for machine learning rigs.
To build the IDE environment, use the Docker cli:
docker build -t browser-ide .
If you want to use your locally built image in the stack, change line 11 in the docker-compose.yml
file.
A pre-built version of the browser-ide can be pulled from Docker Hub:
docker pull tthebc01/browser-ide
Important environment variables are configured in the .env
file.
You should set the AUTHP_ADMIN_USER
and AUTHP_ADMIN_SECRET
environment variables in the .env
file to
appropriate values to properly setup the form-based login.
This repository is setup to use Cloudflare Argo Tunnels as the introspective tunnel technology for exposing the IDE to the wider internet. This could be replaced with something like NGrok. Anonymous (non-authenticated) tunnels can be supported by tweaking the Caddyfile appropriately.
You must have a domain name managed by Cloudflare. Second, you must have Argo Tunnels enabled for the domain's account. Use the Zero Trust dashboard to configure a new tunnel and configure your desired subdomain and service address.
When you create a new tunnel in the dashboard, it will give you a tunnel token (a long string). Put the tunnel
token in the .env
file as the value saved in the TUNNEL_TOKEN
environment variable.
Now, use the docker-compose.yml
file to spin up a stack consisting of the browser-ide container, an Argo Tunnel
instance, and several monitoring services:
docker compose up -d
Check that your tunnel client is running nominally:
docker logs argo-tunnel
The URL for your tunnel will be the subdomain you chose for your parent domain managed by your Cloudflare account.
The browser-ide image includes the docker.io
package so that the host's docker socket (which is mounted as a volume in
the docker-compose.yml
file) can be manipulated as if the user was logged into the host machine.
If you do not require this functionality, you may consider removing the socket mount from this file.
To get the IPFS Web UI to work properly, you'll need to follow the directions on the startup page the first time you click on the
IPFS service in the auth portal. It will ask you to run the following two commands in the IPFS container (with example.com
replaced with your public URL):
ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["https://example.com", "http://localhost:3000", "http://127.0.0.1:5001", "https://webui.ipfs.io"]'
ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "POST"]'
To do this, open a terminal in the IDE and start an interactive session in the IPFS service container:
docker exec -ti ipfs_node /bin/sh
Once in the interactive shell, run the two commands from above. Now you must restart the IPFS service by running the following command in a new terminal:
docker restart ipfs_node
- Add alerts for Slack
- Add GPU support
- Make the login form prettier