Public | Automated Build

Last pushed: 2 months ago
Short Description
SWI-Prolog for SHaring (SWISH) provides a web server for running SWI-Prolog in your browser.
Full Description

A SWISH (SWI-Prolog for SHaring) docker

This repository provides a Docker image for
SWISH based on the official SWI-Prolog
docker image

Building the image

The image is built by running

make image

Running the image

The image may be used in many configurations, both controlled by docker
options and options to the entry point. As basic operation typically
already requires publishing ports and setting up a volume for the data,
we added a bash script that automates the common scenarios by
providing docker run options from defaults and provided options. When
called with -n, as in ./ -n option ..., it merery prints the
docker command it will execute. The following options are processed:

  • --port=N <br>
    Modify the -p option to -p N:3050. Default is 3050.
  • --data=dir <br>
    Mount the given directory as data. Default is the working
  • --with-R[=from] <br>
    Add --volumes-from from where from defaults to rserve
    to connect to an
    R docker image
  • -n <br>
    Just print the docker command that will be executed.
  • -d <br>
    Detach from the terminal
  • -it <br>
    Pass on (interactive)

All remaining options are passed to the entry point of the image.


The docker image maintains its data (user programs and configuration) on
the volume /data. This may be mapped to a host directory using the
docker -v options (see also the --data=dir option of

Within the data directory, SWISH manages the following items:

  • config-enabled is a directory where the configuration is stored.
    If it doesn't exist it is created and filled with a default
    configuration that depends on the provided options. The directory
    and its files have the same owner and group as the root of the managed

  • data is the directory where all dynamic user data is maintained.
    If the directory exists, the SWISH server is started with the user and
    group of the directory. If it doesn't exist the directory is created
    as owned by daemon.daemon and the server is started with these

  • https If the --https option is passed, it creates or reuses
    this directory and the files server.crt and server.key. The
    created certificate is self-signed.

  • passwd If authenticated mode is enabled, this file maintains
    the users and password hashes.

Network access

The container creates a server at port 3050. By default this is an
HTTP server. If run <docker options> swish --https is used, an HTTPS
server is started.

The entry point

The entry point of the containser is /, a shell script that
initialises the data volume if needed and starts the server. It accepts
the following options:

  • --bash <br>
    Instead of starting the server, start a bash shell. Terminate after
    bash completes.

  • --help <br>
    Emit short help.


The SWISH configuration is controlled by files in the config-enabled
directory. Several commands may be used to control the configuration.
These are executed as below:

  docker run -it swish option ...

Multiple configuration options may be passed to update multiple facets
of the configuration. Normally the image stops after updating the
configuration. If --run is added the entry point starts the server
after updating the configuration.

The options provided are:

  • --list-config <br>
    List installed and available configuration items. If an item is
    installed, indicate whether it is modified.

  • --auth=type <br>
    Change the configured authentication scheme. This is one of

    • always <br>
      Run in fully authenticated mode, forcing the user to login
      and allowing to execute arbitrary commands. When executed for
      the first time, docker must be run interactively (run -it)
      to create the first user. Additional users are created using

      docker run -it swish --add-user.

    • social <br>
      Use social login. By default enables optional http login,
      login using google and stackoverflow. Both need to be further
      configured by editing config-enabled/ and

    • anon (or anonymous) <br>
      This is the initial default, providing fully anonymous login,
      executing only sandboxed Prolog queries.

  • --add-config file ... <br>
    Add one or more configuration files by copying them from the
    available configuration directory.

  • --add-user <br>
    Add a new user to the HTTP authentication. Prompts for user name,
    email, group (unused, use users) and password.

  • --https <br>
    Create an HTTPS server. This uses the certificate from the
    https directory (see above). If no certificate exists, a
    self-signed certificate is created. The details may be refined
    using --CN=host, --O=organization and --C=country

Docker Pull Command
Source Repository