From dc144d1979a16648cc4a56dff4e888a440976cd4 Mon Sep 17 00:00:00 2001
From: Alexander Bentkamp <bentkamp@gmail.com>
Date: Wed, 9 Aug 2023 14:33:38 +0200
Subject: [PATCH] use bubblewrap

---
 server/bubblewrap.sh | 25 +++++++++++++++++++++++++
 server/index.mjs     | 25 +++++++++++++++----------
 2 files changed, 40 insertions(+), 10 deletions(-)
 create mode 100755 server/bubblewrap.sh

diff --git a/server/bubblewrap.sh b/server/bubblewrap.sh
new file mode 100755
index 0000000..5b7efb1
--- /dev/null
+++ b/server/bubblewrap.sh
@@ -0,0 +1,25 @@
+#/bin/bash
+
+(exec bwrap\
+  --ro-bind ../../lean4game /lean4game \
+  --ro-bind ../../$1 /game \
+  --ro-bind ~/.elan /elan \
+  --ro-bind /usr /usr \
+  --dev /dev \
+  --proc /proc \
+  --symlink usr/lib /lib\
+  --symlink usr/lib64 /lib64\
+  --symlink usr/bin /bin\
+  --symlink usr/sbin /sbin\
+  --clearenv \
+  --setenv PATH "/elan/bin:/bin" \
+  --setenv ELAN_HOME "/elan" \
+  --unshare-user \
+  --unshare-pid  \
+  --unshare-net  \
+  --unshare-uts  \
+  --unshare-cgroup \
+  --die-with-parent \
+  --chdir "/lean4game/server/build/bin/" \
+  ./gameserver --server /game
+)
diff --git a/server/index.mjs b/server/index.mjs
index d687ec8..59da2d0 100644
--- a/server/index.mjs
+++ b/server/index.mjs
@@ -19,18 +19,18 @@ const games = {
     "g/hhu-adam/robo": {
         // module: "Game",  // The lean module's name. Defaults to "Game"
         // name: "Adam",    // For the `Game "Adam"` tag in the games. Defaults to "MyGame"
-        dir: "../../../../Robo",
+        dir: "Robo",
         queueLength: 5
     },
     "g/hhu-adam/nng4": {
         // module: "Game",
         // name: "NNG",
-        dir: "../../../../NNG4",
+        dir: "NNG4",
         queueLength: 5
     },
     "g/local/game": {
-        dir: "../../../../game",
-        queueLength: 5
+        dir: "game",
+        queueLength: 0
     }
 }
 
@@ -62,19 +62,24 @@ const isDevelopment = environment === 'development'
 const queue = {}
 
 function startServerProcess(tag) {
+    if (! games[tag]?.dir) {
+        console.error(`Unknown game: ${tag}`)
+        return
+    }
+
     let serverProcess
-    if (isDevelopment && games[tag]?.dir) {
-        let args = ["--server", games[tag].dir]
+    if (isDevelopment) {
+        let args = ["--server", path.join("../../../../", games[tag].dir)]
         if (games[tag].module) {
             args.push(games[tag].module)
             if (games[tag].name) { args.push(games[tag].name) }
         }
         serverProcess = cp.spawn("./gameserver", args,
-            { cwd: "./build/bin/" })
+            { cwd: path.join(__dirname, "./build/bin/") })
     } else {
-        serverProcess =  cp.spawn("docker",
-            ["run", "--runtime=runsc", "--network=none", "--rm", "-i", `${tag}`],
-            { cwd: "." })
+        serverProcess =  cp.spawn("./bubblewrap.sh",
+            [games[tag].dir],
+            { cwd: __dirname })
     }
     serverProcess.on('error', error =>
         console.error(`Launching Lean Server failed: ${error}`)