Hacker News new | past | comments | ask | show | jobs | submit login

Here is an open source way to do this yourself:

  # Dockerfile

  FROM node:alpine3.12
  RUN apk add --no-cache chromium \
  && yarn add puppeteer-core \
  && apk add \
    --no-cache \
    --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \
      novnc



You can also do it with jails on FreeBSD: https://honeyguide.eu/posts/pot-throwaway-firefox/


I appreciate you sharing that, thanks! On here I set up the restrictions using user accounts and groups, iptables, cgroups and some monitoring of CPU and memory, with cpulimit and pkill for excessive use. Sort of like a lightweight "container" for each browser process.

In other words, each chrome process runs in its own user-space (a no-login user which exists only for the duration of the session), which has cpu and memory limits thanks to cgroups, bandwidth limits and restrictions thanks to iptables, and disk and browser cache limits thanks to chrome command-line flags.


This is really cool, I'm just building an image now. Excited to try it out. One small error is I think you are missing a '\' from the end of line 7 (repository flag)

edit:

I just got this error trying to build an image. Any idea what's wrong or how to fix it?

    ERROR: unsatisfiable constraints:
      novnc (missing):
        required by: world[novnc]
    The command '/bin/sh -c apk add --no-cache chromium   && yarn add puppeteer-core   && apk add   --no-cache   --repository http://dl-cdn.alpinelinux.org/alpine/edge/main novnc' returned a non-zero code: 1
I would super like to try this out! :)


Thanks! It looks like the novnc package is in testing, not main:

http://dl-cdn.alpinelinux.org/alpine/edge/testing

Please note I did oversimplify this a bit. You'll still need something like WayVNC, but it doesn't have WebSocket support yet. You can track it here:

https://github.com/any1/neatvnc/issues/2

In the meantime, you should be able to use websockify (there is an alpine package already).

For a simple app, I'd recommend cage which is a kiosk wayland WM for a single app:

https://pkgs.alpinelinux.org/package/edge/community/x86_64/c...

Here is an example for Sway that you could use for Cage as well:

https://github.com/any1/wayvnc/blob/master/FAQ.md


Wow, you really nailed it! Thanks, I'm definitely going to build this :)


Sweet. I got it working but haven't automated it yet. I'll try to share a link eventually.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: