github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2025-04-14 16:43:30 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #263 from overleaf/bg-add-option-for-apparmor-profile

Browse source 
add option for apparmor profile
This commit is contained in:
Brian Gough 2021-07-22 09:11:45 +01:00 committed by GitHub
commit 6a3da482c4
2 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
services/clsi/app/js/DockerRunner.js
View file

@ -270,6 +270,12 @@ const DockerRunner = {
)
}
if (Settings.clsi.docker.apparmor_profile != null) {
options.HostConfig.SecurityOpt.push(
`apparmor=${Settings.clsi.docker.apparmor_profile}`
)
}
if (Settings.clsi.docker.runtime) {
options.HostConfig.Runtime = Settings.clsi.docker.runtime
}

9
services/clsi/config/settings.defaults.js
View file

@ -143,6 +143,15 @@ if (process.env.DOCKER_RUNNER) {
process.exit(1)
}
if (process.env.APPARMOR_PROFILE) {
try {
module.exports.clsi.docker.apparmor_profile = process.env.APPARMOR_PROFILE
} catch (error) {
console.error(error, 'could not apply apparmor profile setting')
process.exit(1)
}
}
if (process.env.ALLOWED_IMAGES) {
try {
module.exports.clsi.docker.allowedImages =