alexsun/compose-anything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(opensandbox): add initial configuration files and documentation for OpenSandbox platform

Browse Source 
feat(elasticsearch): upgrade Elasticsearch version to 9.3.0 in environment and docker-compose files

feat(gitlab): update GitLab version to 18.8.3-ce.0 in environment and docker-compose files

feat(grafana): bump Grafana version to 12.3.2 in environment and docker-compose files

feat(jenkins): upgrade Jenkins version to 2.541-lts-jdk17 in environment and docker-compose files

fix(minio): remove unnecessary newline in docker-compose file

feat(nginx): downgrade Nginx version to 1.28.2-alpine3.22 in environment and docker-compose files

feat(ollama): update Ollama version to 0.14.3 in environment and docker-compose files

feat(prometheus): upgrade Prometheus version to 3.5.1 in environment and docker-compose files

feat(rabbitmq): update RabbitMQ version to 4.2.3-management-alpine in environment and docker-compose files
This commit is contained in:
Sun-ZhenXing
2026-02-07 18:11:02 +08:00
parent d53dffca83
commit c03771751c
24 changed files with 953 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
apps/opensandbox/config.toml Normal file
View File

@@ -0,0 +1,46 @@
# OpenSandbox Server Configuration
# This is a minimal Docker runtime configuration for running OpenSandbox
[server]
host = "0.0.0.0"
port = 8080
log_level = "INFO"
# IMPORTANT: Change this API key in production!
api_key = "opensandbox-change-this-secret-key"
[runtime]
type = "docker"
# The execd image that will be injected into sandbox containers
execd_image = "opensandbox/execd:v1.0.5"
[docker]
# Network mode for sandbox containers
# - "host": containers share host network (only one sandbox at a time)
# - "bridge": containers have isolated networks (recommended for multiple sandboxes)
network_mode = "bridge"
# Security hardening options
# Drop dangerous capabilities
drop_capabilities = [
"AUDIT_WRITE",
"MKNOD",
"NET_ADMIN",
"NET_RAW",
"SYS_ADMIN",
"SYS_MODULE",
"SYS_PTRACE",
"SYS_TIME",
"SYS_TTY_CONFIG"
]
# Prevent privilege escalation inside containers
no_new_privileges = true
# AppArmor profile (optional, leave empty for Docker default)
apparmor_profile = ""
# Seccomp profile (optional, leave empty for Docker default)
seccomp_profile = ""
# Maximum number of processes per sandbox container
pids_limit = 512