Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

ACL Use linux users as mulitple users support ( Not live code sharing with multiple users )

See original GitHub issue

I know what there is feature request about “Multiple User Support” but all of them asking Live Coding with multiple users, what I’m promoting here is, to allow multiple login/users with their own ACLs, to restrict some users only edit some folders I think this feature easy to implement rather than LiveCoding with multiple users same file,

The easiest way is to use Linux User managment system(ACL), so when users logs in to code-server, it will ask linux user credentials,

Ex; config.yaml

bind-addr: 127.0.0.1:8080
auth: linuxManaged
cert: false

After that admin will create and configure acl inside linux, and code-server will work under that user Example how it will work

Issue Analytics

State:
Created 3 years ago
Reactions:13
Comments:8 (5 by maintainers)

Top GitHub Comments

1reaction

paulchillcommented, Nov 24, 2022

I installed code-sever last night on an EC2 for a test to replace nuclide-remote server.

My main issues that it did not seem to have initially were:

disabling downloads of files / directories / code bases / code leaks
multiple users - using one instance of code-server - for eg i currently have 10 devs using a large instance with their own jailed home directories in ubuntu where they write / build local code and Apache servers this under their own https domain
security, users not being able to access other users codebases or code-server etc

So i invoked multiple instances of code server and it appeared to work with multiple users - all building mid / large angular code bases at the same time, seemed relatively ok - having a separate instance built using teraform sounds good - i saw a git report for that but just more management and having to change our workflow now is difficult

using the same IP - i opened 2 sessions / users of vscode - via code-server - each had a different port. the yaml password set would work with the correct port and not with the other.

is this relatively secure even if resource inefficient from a instance point of view?

Love some feedback on this and if any one else is using it for the above case.

1reaction

geisericommented, Aug 27, 2020

One thing I have been playing with was putting the code-server inside of a systemd based container vs docker. This way I could have it listen to a socket and launch a new session. The only issue I had was reconnecting. I am looking at https://www.pomerium.io/ to possibly spin up dockers on the fly. Sadly as I look into this more it ends up looking like the monster that eclipse che had become. The nice thing about code-server is that it can “scale down” very well. I think “scaling up” might be better served as an external project though.
edit: This is where i started from: https://blog.developer.atlassian.com/docker-systemd-socket-activation