From 0d849bf58effd00e72a6a169bda8adc120086ac7 Mon Sep 17 00:00:00 2001 From: Olcan Date: Mon, 28 Apr 2025 18:40:24 -0700 Subject: enable servers in sandbox to listen on localhost (127.0.0.1) instead of 0.0.0.0, ensuring servers can be container/host-agnostic (#207) * enable servers in sandbox to listen on localhost (127.0.0.1) instead of 0.0.0.0, ensuring servers can be container/host-agnostic * Merge remote-tracking branch 'origin/main' into sandbox_localhost_works --- scripts/start_sandbox.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/start_sandbox.sh b/scripts/start_sandbox.sh index 67c9cf27..444efbd3 100755 --- a/scripts/start_sandbox.sh +++ b/scripts/start_sandbox.sh @@ -135,20 +135,24 @@ fi node_args+=("$CLI_PATH" "$@") # open additional ports if SANDBOX_PORTS is set +# also set up redirects (via socat) so servers can listen on localhost instead of 0.0.0.0 +bash_cmd="" if [ -n "${SANDBOX_PORTS:-}" ]; then ports=$(echo "$SANDBOX_PORTS" | tr ',' '\n') for port in $ports; do if [ -n "$port" ]; then echo "SANDBOX_PORTS: $port" run_args+=(-p "$port:$port") + bash_cmd+="socat TCP4-LISTEN:$port,bind=\$(hostname -i),fork,reuseaddr TCP4:127.0.0.1:$port 2> /dev/null& " fi done fi +bash_cmd+="node $(printf '%q ' "${node_args[@]}")" # printf fixes quoting within args # run gemini-code in sandbox container if [[ "$CMD" == "podman" ]]; then # use empty --authfile to skip unnecessary auth refresh overhead - $CMD run "${run_args[@]}" --authfile <(echo '{}') "$IMAGE" node "${node_args[@]}" + $CMD run "${run_args[@]}" --authfile <(echo '{}') "$IMAGE" bash -c "$bash_cmd" else - $CMD run "${run_args[@]}" "$IMAGE" node "${node_args[@]}" + $CMD run "${run_args[@]}" "$IMAGE" bash -c "$bash_cmd" fi -- cgit v1.2.3