A blazing-fast, Judge0-compatible code execution engine built for the ChaiCode platform.
Part of the ChaiCode ecosystem - Home for Programmers
CodeBox is a self-hosted code execution service that powers the coding challenges and practice problems on ChaiCode. It securely runs user-submitted code in isolated environments and returns the results - just like LeetCode or HackerRank.
- Judge0 API Compatible - Drop-in replacement, works with existing integrations
- Dual Execution Engines - Firecracker microVMs (125ms) or Docker containers (500ms)
- Auto-Detection - Automatically picks the fastest available executor
- 5 Languages - Python, JavaScript, C, C++, Java (easily extensible)
- Batch Submissions - Run multiple test cases in one request
- Production Ready - Redis queue, Prometheus metrics, auto-SSL with Caddy
┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ ChaiCode │────▶│ CodeBox │────▶│ Redis │────▶│ Workers │
│ Frontend │ │ API │ │ Queue │ │ │
└──────────────┘ └──────────────┘ └──────────────┘ └──────┬───────┘
│
┌─────────────────┴─────────────────┐
│ │
┌──────▼──────┐ ┌───────▼──────┐
│ Firecracker │ │ Docker │
│ (microVM) │ OR │ (container) │
└──────┬──────┘ └───────┬──────┘
│ │
└─────────────┬─────────────────────┘
│
┌─────────────▼─────────────┐
│ Sandboxed Code Execution │
│ (isolated, time-limited) │
└───────────────────────────┘
- Docker Desktop
- Node.js 20+
# Clone the repo
git clone https://github.com/chaicode/codebox.git
cd codebox
# Install dependencies
npm install
# Build language runtime images
./scripts/build-images.sh
# Start services (API + Worker + Redis)
docker-compose up -d
# Verify it's running
curl http://localhost:3000/health# Run Python code
curl -X POST "http://localhost:3000/submissions?wait=true" \
-H "Content-Type: application/json" \
-H "X-Auth-Token: dev-token" \
-d '{"source_code": "print(\"Chai aur Code!\")", "language_id": 71}'| Load | Droplet | Specs | Cost |
|---|---|---|---|
| Light (< 100 submissions/hr) | Basic | 2 vCPU, 4GB RAM | $24/mo |
| Medium (< 1000 submissions/hr) | General Purpose | 4 vCPU, 8GB RAM | $48/mo |
| Heavy (> 1000 submissions/hr) | CPU-Optimized | 8 vCPU, 16GB RAM | $96/mo |
Tip: Start with 4GB RAM. The worker concurrency can be tuned via
WORKER_CONCURRENCYenv variable. For Firecracker support, choose a droplet with dedicated vCPU (not shared).
# SSH into your droplet
ssh root@your-droplet-ip
# Clone and setup
git clone https://github.com/chaicode/codebox.git /opt/codebox
cd /opt/codebox
# Run setup with your domain
./scripts/setup-production.sh api.yourdomain.comThe script automatically:
- Installs Docker & dependencies
- Configures firewall (ports 22, 80, 443)
- Detects Firecracker support (uses it if available)
- Generates secure API tokens
- Sets up Caddy with auto-SSL
- Builds and starts all services
========================================
Setup Complete!
========================================
Domain: https://api.yourdomain.com
API Token: <your-secure-token>
Grafana Pass: <your-grafana-password>
Test: curl https://api.yourdomain.com/health
Secure your droplet before deploying. Run these commands as root.
# Create user with sudo access
adduser deploy
usermod -aG sudo deploy
usermod -aG docker deploy
# Copy SSH keys to new user
mkdir -p /home/deploy/.ssh
cp ~/.ssh/authorized_keys /home/deploy/.ssh/
chown -R deploy:deploy /home/deploy/.ssh
chmod 700 /home/deploy/.ssh
chmod 600 /home/deploy/.ssh/authorized_keys# Edit SSH config
nano /etc/ssh/sshd_configUpdate these lines:
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
# Restart SSH
systemctl restart sshdWarning: Make sure you can login as
deployuser before disabling root!
# Allow only essential ports
ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp # SSH
ufw allow 80/tcp # HTTP
ufw allow 443/tcp # HTTPS
ufw enableapt install unattended-upgrades
dpkg-reconfigure -plow unattended-upgradesapt install fail2ban
systemctl enable fail2ban
systemctl start fail2ban# Login as deploy user
ssh deploy@your-droplet-ip
# Clone and setup
sudo git clone https://github.com/chaicode/codebox.git /opt/codebox
sudo chown -R deploy:deploy /opt/codebox
cd /opt/codebox
# Run production setup
./scripts/setup-production.sh api.yourdomain.com- Non-root user created (
deploy) - SSH key authentication only
- Root login disabled
- Password login disabled
- Firewall enabled (UFW)
- Fail2Ban installed
- Auto-updates enabled
| Method | Endpoint | Description |
|---|---|---|
POST |
/submissions |
Create submission (async) |
POST |
/submissions?wait=true |
Create and wait for result |
GET |
/submissions/:token |
Get result by token |
POST |
/submissions/batch |
Submit multiple (up to 20) |
GET |
/submissions/batch?tokens=a,b,c |
Get multiple results |
| Method | Endpoint | Description |
|---|---|---|
GET |
/health |
Health check |
GET |
/languages |
List supported languages |
GET |
/statuses |
List status codes |
GET |
/executor |
Show executor info |
GET |
/metrics |
Prometheus metrics |
| ID | Language | Image |
|---|---|---|
| 50 | C (GCC 9) | codebox/gcc:9 |
| 54 | C++ (GCC 9) | codebox/gcc:9 |
| 62 | Java (OpenJDK 17) | codebox/java:17 |
| 63 | JavaScript (Node 18) | codebox/node:18 |
| 71 | Python (3.8) | codebox/python:3.8 |
| ID | Description |
|---|---|
| 1 | In Queue |
| 2 | Processing |
| 3 | Accepted |
| 4 | Wrong Answer |
| 5 | Time Limit Exceeded |
| 6 | Compilation Error |
| 7-12 | Runtime Errors |
| 13 | Internal Error |
| Service | URL |
|---|---|
| API | http://localhost:3000 |
| Health Check | http://localhost:3000/health |
| Metrics | http://localhost:3000/metrics |
| Service | URL |
|---|---|
| API | https://your-domain.com |
| Prometheus | http://localhost:9090 (SSH tunnel) |
| Grafana | http://localhost:3001 (SSH tunnel) |
Access Grafana via SSH tunnel:
ssh -L 3001:localhost:3001 user@your-server
# Then open http://localhost:3001| Variable | Default | Description |
|---|---|---|
AUTH_TOKEN |
- | API authentication token |
EXECUTOR_TYPE |
auto |
auto, docker, or firecracker |
WORKER_CONCURRENCY |
4 |
Parallel workers |
DEFAULT_CPU_TIME_LIMIT |
5 |
Seconds |
DEFAULT_MEMORY_LIMIT |
128000 |
KB |
See .env.example for all options.
- Sandboxed Execution - Each submission runs in isolation
- Network Disabled - No internet access from user code
- Resource Limits - CPU, memory, and process limits
- Time Limits - Prevents infinite loops
- Non-root - Code runs as unprivileged user
codebox/
├── src/
│ ├── api/ # Express routes & middleware
│ ├── executor/ # Docker & Firecracker executors
│ ├── queue/ # BullMQ job processing
│ ├── languages/ # Language configurations
│ └── utils/ # Config, logger, helpers
├── docker/
│ └── images/ # Language runtime Dockerfiles
├── scripts/
│ ├── setup.sh # Local setup
│ ├── setup-production.sh # Production setup
│ └── build-images.sh # Build Docker images
├── docker-compose.yml # Local development
├── docker-compose.prod.yml # Production with Caddy
└── Caddyfile # Auto-SSL config
Import these into Postman for testing:
postman_collection.json- Basic API testspostman_leetcode_tests.json- LeetCode-style test cases
We welcome contributions! Please check out the ChaiCode GitHub for guidelines.
MIT
Built with ☕ by ChaiCode
Home for Programmers