Closed Bug 1024855 Opened 10 years ago Closed 10 years ago

Run our own pagekite server

Categories

(Webmaker Graveyard :: DevOps, defect)

Product:
Webmaker Graveyard
Component:
DevOps
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: davida, Assigned: johns)

Details

Hi JP --

Appmaker team wants to make it easy for people to have short-lived publically available proxies to dev appmaker setups.  This is in particular to be able to test apps on firefox os phones that are pulling code from a not-committed-to-a-source-tree and not-published-on-s3, e.g. the dev's instance.

The proposed plan is to use Pagekite.  https://pagekite.net/wiki/OpenSource/

To do so, we need to run, on a shortish domain, the so-called "front-end" server described at https://github.com/pagekite/PyPagekite/tree/main/doc#22-running-the-back-end-using-a-custom-front-end

The appmaker team will then add the pagekite client as part of the dev build setup.

I expect we may want to tweak the code (we don't want to ask for money, may want to expire the accounts differently, etc.

At this point, let's just play with this concept and see if it's a good idea or a bad idea. 

[if it's a good idea, i'll see if we can give a donation to pagekite to thank them for this.  We could also use their free-for-foss program https://pagekite.net/support/free-for-foss/ but I'd kinda like the experience to be within our control end-to-end].
My initial reaction is to be a little bit skeeved by the way that we'll be running a service exposing people's workstations.  I'll read more about the service and hopefully that feeling will dissipate.

I'm wondering what benefits you see doing this versus having Docker/Vagrant instances available for this type of use case?

What kind of time frame are you folks thinking of?
Flags: needinfo?(davida)
It's worth investigating to understand the risks to both us (in terms of cost) and the users of the service (also mostly us). Running a Docker/Vagrant thing wouldn't actually solve the problem for us.

The problem is that we want devs to be able to use their usual development flow and have a consistent set of URLs they can use in configurations. It's basically reverse ssh proxies with a bunch added features including expiration etc.
Simon,

We (Operations Security) would be happy to chat and discuss the Security risks of running reverse SSH proxies into Mozilla's network. Do you have time this week?
Hi Joe,

I appreciate the eyes!  I'm available anytime today outside of 3:30pm-4:30pm central.  Alternatively, the rest of my week is quite open.
Flags: needinfo?(davida)
My Zimbra is up to date. Joe, do you want to pick a time at your convenience?
Flags: needinfo?(jstevensen)
Same here, feel free to schedule joe!  thanks again for the help!
I put a meeting in your calendar for today. Let me know if this works.
Flags: needinfo?(jstevensen)
Hi, I'm learning about the project and a few questions came to my mind.

1. how does the 'usual developer workflow' look like?
2. how about giving both developers and contributors access to instances running on a PaaS platform that we already have? It's just a matter of integration.
3. So the underlying need is to run the code on contributors devices while the code is not yet committed anywhere and sitting on developer's laptop?
1. Right now, if I have components running locally and want to test them on an actual phone, I connect them to the same network, (the phone and my laptop running the server). I then change PUBLISH_HOST and ASSET_HOST in my .env file to show my ip registered with the network I am on. You can get this by running ifconfig from the command line. Once done, I should be able to view my published app on any phones on the network my laptop is also one.

2. *shrugs* :P

3. Yes, that's the need :)

I was thinking it would be pretty cool if firefox dev tools could support this. Not sure how it would look, but something like. I connect my phone to my laptop via a USB. I can then using ff dev tools export my localhost to the connected phone, open a connection there, and if the phone gets a localhost domain, it knows to redirect that to the connected laptop. No idea how feasible this is, but it has the advantage of working without network and very little setup or configure.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.