environment sharing across users

[progrium]

Right now all environments are private to each user. You should be able to share an environment with others users. I should be able to do it without being an admin, and it should be simple filesystem based.

Proposal

ACL file

List of users with access to environment are defined in /root/.users. No matter contents, owning user always has access. If file is empty, no other users have access. If file has * then all users have access.

SSH Access

User environments will be referenced in the form <username>/<env>. However, <env> is optional, which implies the user's default self-named environment.

$ ssh progrium+bob/cool-env@envy.host # goes to shared "cool-env" under user "bob"
$ ssh progrium+bob@envy.host  # goes to shared default user env for "bob"

Collisions with usernames and a user environment is simply based on these rules:

• If you already have an env with the name of a new user, it will select your env
• If a user exists with the name of a new env you are trying to access, it will disallow it
• Things will operate as expected until the rare scenario you now need to access their shared user env, in which case you delete your env and it will work as expected.

  HTTP access

Since authentication and environment resources are separate, you can just reference the other user's env URL and authenticate using your own credentials.

https://envy.host/u/bob
https://envy.host/u/bob/cool-env

[ekristen]

I like this idea very much. The use case I thought of was having a common docker-machine environment where all the machine data is persisted. Multiple people can SSH in to the shared environment to manage machines.