Comments (3)
Thank you for the suggestion!
A couple other workarounds I would add is to use an authentication proxy like oauth2-proxy or some such, as they probably already have audit logging capabilities built in, or coder/coder which does a lot more but in particular has audit logging around user actions, including logging in and out.
Would it be sufficient to have a well-known log line for this? We do something similar for failed logins where we output Failed login attempt
with some JSON-encoded details (user agent, remote IP, etc) and users can pick up on that with fail2ban or similar. So we could add Logged in
and Logged out
(feel free to suggest different verbiage) and tools can pick up on those with the timestamp.
from code-server.
Hello @code-asher,
Thank you for your suggestions regarding authentication proxies and coder/coder for audit logging. The workarounds you're mentioning, unfortunately it doesn't work for us. We're presenting docker container based VS Code servers to users but also we want to track whether the related resource is actively used or not. Therefore, we need to track when the user lastly logged in and analyze how many times logged in past 6 months to detect the inactivity.
We're running up the container with using below command.
docker run --restart=always --name=${userpath} -it --init -td -p ${port}:<next available port (starts from 8443)> -v "/home/${userpath}:/home/${userpath}" -e PASSWORD=${password} -e PUID=$(id -u ${userpath}) -e PGID=$(id -g ${userpath}) -e TZ=Europe/Frankfurt -e SUDO_PASSWORD=${password} linuxserver/code-server:3.12.0
- First of all, we're naming docker containers as the name of existing user under /home/* so maybe you can add log line like this : "Logged in <container-name>"
- Secondly, we're binding user's their own home directories to docker's own directories (home/<user>). Another option, can be this. You can check for configuration settings to push logs with these informations so it can be handled better. After this feature, the log file of each container can be collected in a centralized file.
Could the logging feature be adapted to include these details, or might there be a way to configure logging to capture this specific information? This would enable us to aggregate and analyze logs more effectively, perhaps even allowing us to centralize log collection for easier monitoring of user activity and resource usage.
Thanks in advance
from code-server.
Is there a way to get the container name from inside the container? Maybe we could use the host name? Or we could add some new environment variable like CODE_SERVER_USER
. Or if you set USER
we could use that.
It could also be done externally by prefixing the log line using whatever mechanism you are using to do the log collection. A very hacked-together (and untested) example:
# Of course, will not actually work until we add the "Logged in" log.
docker run code-server | grep "Logged in" | sed "s/^/$userpath /" > logins
I should mention though, you only have to log in once and I believe the cookie has no expiration, so it might not give you the activity tracking you want. For activity tracking I think folks usually use the heartbeat file ~/.local/share/code-server/heartbeat
which gets updated every minute as long as there is an active connection.
from code-server.
Related Issues (20)
- [Bug]: The built-in language plug-in is invalid HOT 2
- [triage]: codeium constantly needs to connect HOT 1
- [Feat]: Update Code to 1.87 HOT 1
- [Bug]: Unable to build code-server from source code. Developer build commands `yarn install` and `yarn watch` failing. HOT 2
- [Bug]: Unable to run the copilot even after installation through vsix file in the codeserver HOT 2
- [Bug]: Password prompt appearing, despite setting $PASSWORD HOT 2
- [Feat]: How to open a specified file HOT 1
- update ubuntu base image to jammy HOT 1
- [Feat]: didn‘t support leetcode extension? HOT 2
- [Bug]: AUR package publishing no longer works HOT 3
- [Bug]: autoDetectColorScheme not being respected HOT 1
- [Bug]: Enhancing Connection Stability Between Code-Server and JupyterHub Using Jupyter Extension and Token Authentication. HOT 2
- [Bug]: `Public IP:Port` Unable to access code-server HOT 1
- [Bug]: python.defaultInterpreterPath not working HOT 4
- [Bug]: No way to disable the VSCode custom title bar after updating HOT 3
- [Bug]: Tooltips do not disappear in Firefox HOT 3
- [Bug]:When starting the service with the --install-extension command, the code-server process will quickly end itself HOT 3
- [Feat]: add support for --disable-extensions HOT 1
- [Feat]: Add support for nodejs latest (v21) HOT 1
- [Bug]: Unexpected behavior in extension settings HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from code-server.