agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-23 09:09:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

[clsi] adopt Server Pro env vars for sandboxed compiles (#26430)

Browse Source 
GitOrigin-RevId: b7c0d9f4ff37d6cef77694a6a9ea4d50dcb148b2
This commit is contained in:
Jakob Ackermann
2025-06-13 15:57:38 +02:00
committed by Copybot
parent 569e72a1c0
commit 22016ffef9
5 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
develop/docker-compose.yml
View File

@@ -25,10 +25,10 @@ services:
env_file: env_file:
- dev.env - dev.env
environment: environment:
- DOCKER_RUNNER=true
- TEXLIVE_IMAGE=texlive-full # docker build texlive -t texlive-full - TEXLIVE_IMAGE=texlive-full # docker build texlive -t texlive-full
- COMPILES_HOST_DIR=${PWD}/compiles - SANDBOXED_COMPILES=true
- OUTPUT_HOST_DIR=${PWD}/output - SANDBOXED_COMPILES_HOST_DIR_COMPILES=${PWD}/compiles
- SANDBOXED_COMPILES_HOST_DIR_OUTPUT=${PWD}/output
user: root user: root
volumes: volumes:
- ${PWD}/compiles:/overleaf/services/clsi/compiles - ${PWD}/compiles:/overleaf/services/clsi/compiles

10
services/clsi/README.md
View File

@@ -19,10 +19,10 @@ The CLSI can be configured through the following environment variables:
* `ALLOWED_IMAGES` - Space separated list of allowed Docker TeX Live images * `ALLOWED_IMAGES` - Space separated list of allowed Docker TeX Live images
* `CATCH_ERRORS` - Set to `true` to log uncaught exceptions * `CATCH_ERRORS` - Set to `true` to log uncaught exceptions
* `COMPILE_GROUP_DOCKER_CONFIGS` - JSON string of Docker configs for compile groups * `COMPILE_GROUP_DOCKER_CONFIGS` - JSON string of Docker configs for compile groups
* `COMPILES_HOST_DIR` - Working directory for LaTeX compiles * `SANDBOXED_COMPILES` - Set to true to use sibling containers
* `OUTPUT_HOST_DIR` - Output directory for LaTeX compiles * `SANDBOXED_COMPILES_HOST_DIR_COMPILES` - Working directory for LaTeX compiles
* `SANDBOXED_COMPILES_HOST_DIR_OUTPUT` - Output directory for LaTeX compiles
* `COMPILE_SIZE_LIMIT` - Sets the body-parser [limit](https://github.com/expressjs/body-parser#limit) * `COMPILE_SIZE_LIMIT` - Sets the body-parser [limit](https://github.com/expressjs/body-parser#limit)
* `DOCKER_RUNNER` - Set to true to use sibling containers
* `DOCKER_RUNTIME` - * `DOCKER_RUNTIME` -
* `FILESTORE_DOMAIN_OVERRIDE` - The url for the filestore service e.g.`http://$FILESTORE_HOST:3009` * `FILESTORE_DOMAIN_OVERRIDE` - The url for the filestore service e.g.`http://$FILESTORE_HOST:3009`
* `FILESTORE_PARALLEL_FILE_DOWNLOADS` - Number of parallel file downloads * `FILESTORE_PARALLEL_FILE_DOWNLOADS` - Number of parallel file downloads
@@ -63,10 +63,10 @@ Then start the Docker container:
docker run --rm \ docker run --rm \
-p 127.0.0.1:3013:3013 \ -p 127.0.0.1:3013:3013 \
-e LISTEN_ADDRESS=0.0.0.0 \ -e LISTEN_ADDRESS=0.0.0.0 \
-e DOCKER_RUNNER=true \ -e SANDBOXED_COMPILES=true \
-e TEXLIVE_IMAGE=texlive/texlive \ -e TEXLIVE_IMAGE=texlive/texlive \
-e TEXLIVE_IMAGE_USER=root \ -e TEXLIVE_IMAGE_USER=root \
-e COMPILES_HOST_DIR="$PWD/compiles" \ -e SANDBOXED_COMPILES_HOST_DIR_COMPILES="$PWD/compiles" \
-v "$PWD/compiles:/overleaf/services/clsi/compiles" \ -v "$PWD/compiles:/overleaf/services/clsi/compiles" \
-v "$PWD/cache:/overleaf/services/clsi/cache" \ -v "$PWD/cache:/overleaf/services/clsi/cache" \
-v /var/run/docker.sock:/var/run/docker.sock \ -v /var/run/docker.sock:/var/run/docker.sock \

2
services/clsi/buildscript.txt
View File

@@ -2,7 +2,7 @@ clsi
--data-dirs=cache,compiles,output --data-dirs=cache,compiles,output
--dependencies= --dependencies=
--docker-repos=us-east1-docker.pkg.dev/overleaf-ops/ol-docker --docker-repos=us-east1-docker.pkg.dev/overleaf-ops/ol-docker
--env-add=ENABLE_PDF_CACHING="true",PDF_CACHING_ENABLE_WORKER_POOL="true",ALLOWED_IMAGES=quay.io/sharelatex/texlive-full:2017.1,TEXLIVE_IMAGE=quay.io/sharelatex/texlive-full:2017.1,TEX_LIVE_IMAGE_NAME_OVERRIDE=us-east1-docker.pkg.dev/overleaf-ops/ol-docker,TEXLIVE_IMAGE_USER="tex",DOCKER_RUNNER="true",COMPILES_HOST_DIR=$PWD/compiles,OUTPUT_HOST_DIR=$PWD/output --env-add=ENABLE_PDF_CACHING="true",PDF_CACHING_ENABLE_WORKER_POOL="true",ALLOWED_IMAGES=quay.io/sharelatex/texlive-full:2017.1,TEXLIVE_IMAGE=quay.io/sharelatex/texlive-full:2017.1,TEX_LIVE_IMAGE_NAME_OVERRIDE=us-east1-docker.pkg.dev/overleaf-ops/ol-docker,TEXLIVE_IMAGE_USER="tex",SANDBOXED_COMPILES="true",SANDBOXED_COMPILES_HOST_DIR_COMPILES=$PWD/compiles,SANDBOXED_COMPILES_HOST_DIR_OUTPUT=$PWD/output
--env-pass-through= --env-pass-through=
--esmock-loader=False --esmock-loader=False
--node-version=22.15.1 --node-version=22.15.1

6
services/clsi/docker-compose.ci.yml
View File

@@ -29,9 +29,9 @@ services:
TEXLIVE_IMAGE: quay.io/sharelatex/texlive-full:2017.1 TEXLIVE_IMAGE: quay.io/sharelatex/texlive-full:2017.1
TEX_LIVE_IMAGE_NAME_OVERRIDE: us-east1-docker.pkg.dev/overleaf-ops/ol-docker TEX_LIVE_IMAGE_NAME_OVERRIDE: us-east1-docker.pkg.dev/overleaf-ops/ol-docker
TEXLIVE_IMAGE_USER: "tex" TEXLIVE_IMAGE_USER: "tex"
DOCKER_RUNNER: "true" SANDBOXED_COMPILES: "true"
COMPILES_HOST_DIR: $PWD/compiles SANDBOXED_COMPILES_HOST_DIR_COMPILES: $PWD/compiles
OUTPUT_HOST_DIR: $PWD/output SANDBOXED_COMPILES_HOST_DIR_OUTPUT: $PWD/output
volumes: volumes:
- ./compiles:/overleaf/services/clsi/compiles - ./compiles:/overleaf/services/clsi/compiles
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock

6
services/clsi/docker-compose.yml
View File

@@ -47,8 +47,8 @@ services:
TEXLIVE_IMAGE: quay.io/sharelatex/texlive-full:2017.1 TEXLIVE_IMAGE: quay.io/sharelatex/texlive-full:2017.1
TEX_LIVE_IMAGE_NAME_OVERRIDE: us-east1-docker.pkg.dev/overleaf-ops/ol-docker TEX_LIVE_IMAGE_NAME_OVERRIDE: us-east1-docker.pkg.dev/overleaf-ops/ol-docker
TEXLIVE_IMAGE_USER: "tex" TEXLIVE_IMAGE_USER: "tex"
DOCKER_RUNNER: "true" SANDBOXED_COMPILES: "true"
COMPILES_HOST_DIR: $PWD/compiles SANDBOXED_COMPILES_HOST_DIR_COMPILES: $PWD/compiles
OUTPUT_HOST_DIR: $PWD/output SANDBOXED_COMPILES_HOST_DIR_OUTPUT: $PWD/output
command: npm run --silent test:acceptance command: npm run --silent test:acceptance