pm2-webshell: Expose a fully capable terminal in your browser
by Alexandre Strzelewicz -

htop in your browser

Introduction

As we are working on the 1.0 version of PM2, we are already beta testing some nifty features. Some of them, such as the module system, are already available in the latest version of PM2. The module system is a way to install small Node.js softwares supercharging your laptop/Raspberry PI/server. They are published on NPM like any Javascript package, but this time they can run by themselves with deeper integration with PM2. Once installed, these modules will always stay online and are configurable very easily with PM2.

Introducing pm2-webshell

pm2-webshell is the first notable proof of concept. It allows you to expose a fully capable terminal straight in your browser, available from anywhere (this is configurable). Under the hood, it uses the pty.js modules allowing you to fork processes with pseudo terminal file descriptors.

You can configure pm2-webshell to:

  • Change the username and password for authentication
  • Change the listening port
  • Use HTTPS instead of HTTP to securely transit data from your browser to the module

Installing

If you do not have pm2 installed, you must first install it:

$ npm install pm2 -g

PM2 is a process manager built in Node.js that allows to deeply interact and manage applications. If you plan to use it to manage Node.js software, it also comes with a built-in load balancer to maximize resources usage, reload app without downtime and much more. If you want to know more about PM2 please refer to the official documentation and the advanced documentation.

Once you have installed PM2, installing pm2-webshell is straightforward:

$ pm2 install pm2-webshell

This will download the pm2-webshell package from NPM, install his dependencies as well as some low level libraries, which is why you will see some compilation commands. Then pm2 will start the module and keep it online forever.

Once the module is successfully installed you will be able to see it in the process list:

pm2 listing with pm2-webshell

To uninstall a module:

$ pm2 uninstall pm2-webshell

Using it

Before using pm2-webshell we are going to configure this module to set another username and password. To do that, pm2 makes it easy. To configure a module you just need to do:

$ pm2 conf [module-name]:[configuration-variable] [new-value]

Let's configure the username and the password:

$ pm2 conf pm2-webshell:username myusername
$ pm2 conf pm2-webshell:password mysuperpassword

Every time you change a value, PM2 will automatically restart the targeted module. Now let's try it.

By default pm2-webshell interface listens to the 8080 port. Let's launch a browser and connect to this page:

$ google-chrome http://localhost:8080/

It nows prompts you for your username and password that you have set earlier, fill in those two fields and you will finally gain access to the web interface.

browser console

Isn't it amazing? This browser terminal is fully termcaps capable, meaning that you can use Emacs, Vim, Htop or any other advanced command straight in your browser. You can also benefit from this fully capable terminal from Windows or MacOSx!

Securing it

If you plan to use pm2-webshell in a production server, please read the following section carefuly. We recommend setting some flags.

First we need to force the usage of the HTTPS protocol instead of HTTP. The module comes with default generated HTTPS keys:

$ pm2 conf pm2-webshell:https true

Now instead of connecting to http://localhost:8080/, you will need to connect to https://localhost:8080/.

Then change the port:

$ pm2 conf pm2-webshell:port 1337

Now connect to http://localhost:1337/.

By default the module is exposed to everyone in the world. You can restrict this by setting the adress that must be binded:

$ pm2 conf pm2-webshell:bind 127.0.0.1

Now only you can access to the web interface.

These are the basics to secure the pm2-webshell module.

Conclusion

This is a demo of the upcoming module system for PM2, we are working on multiple modules ranging from private NPM repository, Node.js load balancer, Keymetrics sensors, SMTP server... If you have any ideas or any modules proposal please add a comment to this issue

Thanks for reading!