Skip to content

Environments

Bifröst executes user sessions within environments. These environments can either be the local environment of the host (on which Bifröst runs on) itself or even containers (currently in development Docker and Kubernetes).

Types

  1. local: Local executes on the host itself (same host on which Bifröst is running).
  2. docker: Docker executes each user session inside a separate Docker container.
  3. dummy: Dummy for demonstration purposes, it simply prints a message and exists immediately.

Examples

  1. Using local environment: 
    1
2
    type: local
name: "{{.authorization.user.name}}"
  2. Using simple docker environment: 
    1
    type: docker
  3. Using docker environment with Ubuntu image and additional settings: 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
    type: docker
image: ubuntu
## Using /bin/bash instead of /bin/sh,
## because it does exist in the image
shellCommand: [/bin/bash]
execCommand: [/bin/bash, -c]

## Only allow login if the OIDC's groups has "my-great-group-uuid"
## ...and the tid (tenant ID) is "my-great-tenant-uuid"
loginAllowed: |
    {{ and
      (.authorization.idToken.groups | has "my-great-group-uuid")
      (.authorization.idToken.tid    | eq  "my-great-tenant-uuid")
    }}
  4. Using dummy environment with a simple message: 
    1
2
    type: dummy
banner: "Hello, {{.authorization.idToken.name}}!\n"