Refactor and improve documentation, add examples
This commit is contained in:
18
docs/templates/README.md
vendored
Normal file
18
docs/templates/README.md
vendored
Normal file
@@ -0,0 +1,18 @@
|
||||
# Config Templates
|
||||
|
||||
This directory contains Fence config templates. They are small and meant to be copied and customized.
|
||||
|
||||
## Templates
|
||||
|
||||
- `default-deny.json`: no network allowlist; no write access (most restrictive)
|
||||
- `workspace-write.json`: allow writes in the current directory
|
||||
- `npm-install.json`: allow npm registry; allow writes to workspace/node_modules/tmp
|
||||
- `pip-install.json`: allow PyPI; allow writes to workspace/tmp
|
||||
- `local-dev-server.json`: allow binding and localhost outbound; allow writes to workspace/tmp
|
||||
- `agent-api-only.json`: allow common LLM API domains; allow writes to workspace
|
||||
|
||||
## Using a template
|
||||
|
||||
```bash
|
||||
fence --settings ./docs/templates/npm-install.json npm install
|
||||
```
|
||||
8
docs/templates/agent-api-only.json
vendored
Normal file
8
docs/templates/agent-api-only.json
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"network": {
|
||||
"allowedDomains": ["api.openai.com", "api.anthropic.com"]
|
||||
},
|
||||
"filesystem": {
|
||||
"allowWrite": ["."]
|
||||
}
|
||||
}
|
||||
8
docs/templates/default-deny.json
vendored
Normal file
8
docs/templates/default-deny.json
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"network": {
|
||||
"allowedDomains": []
|
||||
},
|
||||
"filesystem": {
|
||||
"allowWrite": []
|
||||
}
|
||||
}
|
||||
9
docs/templates/local-dev-server.json
vendored
Normal file
9
docs/templates/local-dev-server.json
vendored
Normal file
@@ -0,0 +1,9 @@
|
||||
{
|
||||
"network": {
|
||||
"allowLocalBinding": true,
|
||||
"allowLocalOutbound": true
|
||||
},
|
||||
"filesystem": {
|
||||
"allowWrite": [".", "/tmp"]
|
||||
}
|
||||
}
|
||||
8
docs/templates/npm-install.json
vendored
Normal file
8
docs/templates/npm-install.json
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"network": {
|
||||
"allowedDomains": ["registry.npmjs.org", "*.npmjs.org"]
|
||||
},
|
||||
"filesystem": {
|
||||
"allowWrite": [".", "node_modules", "/tmp"]
|
||||
}
|
||||
}
|
||||
8
docs/templates/pip-install.json
vendored
Normal file
8
docs/templates/pip-install.json
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"network": {
|
||||
"allowedDomains": ["pypi.org", "files.pythonhosted.org"]
|
||||
},
|
||||
"filesystem": {
|
||||
"allowWrite": [".", "/tmp"]
|
||||
}
|
||||
}
|
||||
5
docs/templates/workspace-write.json
vendored
Normal file
5
docs/templates/workspace-write.json
vendored
Normal file
@@ -0,0 +1,5 @@
|
||||
{
|
||||
"filesystem": {
|
||||
"allowWrite": ["."]
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user