Using a live REPL

I would like to set up a running repl on my live projects, but I’m unsure where to get started. We are using Apache servers and Leiningen for our projects.

  1. How should I start a REPL process that can be connected to securely?

  2. How should I connect to it?

  3. How should I start/stop/restart it?

    I am suspecting to the answer about starting it is with “lein run” or something like that. But I’m not sure where to start with making it remotely accessible.

I just call nrepl.server/start-server on startup. You can start/stop the nrepl server with integrant/mount/whatever component lifecycle lib you’re using. I have it listen on localhost:7888, and then on my local machine I start an ssh tunnel (ssh -NL 7888:localhost:7888 app@$SERVER). Then from your editor you can connect to localhost:7888, same as if the repl was running locally.

3 Likes

Ya, as long as you restrict it to local only and a specific port, and use ssh to connect it, you’re pretty secure. Basically you’re at a similar threat vector as having ssh compromised, and generally ssh access is granted for developers that are on-call.

About the tunnel though, there’s a small risk of your own machine that’s allowed to tunnel is compromised as well, now any application can go through the tunnel. Just a FYI to keep in mind.

1 Like

We use Socket REPLs for this since you don’t need any dependencies or code. You just specify a JVM option when you start the process – it’s all built-in to Clojure core. You can specify what port you want to use in the JVM option.

Then you can connect to it via telnet or nc or whatever, with rlwrap if you want basic history etc. If you have an editor plugin that works with Socket REPLs, you can connect your editor directly to the process.

2 Likes