Code-server: Restricting code-server to a specific directory?

There isn't a way to restrict code-server by dir ATM. You'd need to run code-server within a chroot. Running within a docker container might fix your needs.

Did you tried create some user , and unde root change his chmod restrictions and than run code-server under that user ?

Would be awesome to get a guide/doc on how to setup chroot for a user account and start code-server under that user.

I'm gonna look into it, and if I get it working good I might make a pull request on the self hosting guide with instructions on how to do it.

I'd appreciate it. I'm running this on a very incapable server and I'm not sure if it would survive docker. I did a little bit of googling to explore my options and the consensus of random stack overflow people is that chroot isn't really secure and it isn't meant for security in the first place. It's apparently easy to get out of the chroot jail? You can open a terminal in vs code so presumably that would be a way for them to do this.

I'd love to be able to host a safe and or isolated sandbox for editing game files for a server I'm hosting. I think my friends would be able to figure out xml mods with vs code, but vi would be asking a bit much.

@student020341 VSCode server requires too many system utils for chroot to be safe, unfortunately. It's the same with VSCode remote extension. The only cheap (and secure) option would be LXC containers on a VPS, Hetzner is probably the cheapest.

@tmikaeld I have recently upgraded my server machine and have more options. Do you think docker is the best way to run this?

Another option I'm considering is a different editor for anything I want to be public. Editing xml files doesn't even really need a full on editor. I personally will keep using vscode for my own code, but I think without the option being discussed in this thread, I'll go with another option for what will be shared.

@student020341 I'm not using code-server myself any more, I've switched to the VSCode remote extension. I use proxmox + LXC containers to keep it secure and easy to manage.

@tmikaeld is that an official thing now? I'm seeing new results when I google that. I was previously using Marcel Kloubert's remote extension for vs code but it created a large number of ssh connections and caused issues at the office I was in.

Is this new thing something I can start up on an ubuntu server and then connect to from my machine?

--edit: while it does look nice, I like that this project serves vscode to the browser. I like that I can operate it without limitations from my half dead chromebook. I'll keep my eye out for other options, but this one is still the best for me right now.

@student020341 Yes, it's officially released and made by Microsoft. Yes you only need to setup an SSH server, there's nothing more to do. See the official docs, it's super straightforward :)

@tmikaeld I like that it's an official version of the previous solution I used, but being able to use vscode in the browser is too useful with the chromebooks littering my apartment.

Thanks anyway, perhaps I can run with both solutions in the future.

Only way to do this is to chroot or run inside a container/VM.