Revert: remove Node 22, Chromium, Xvfb, OpenClaw - too heavy for 1GB container
This commit is contained in:
54
Dockerfile
54
Dockerfile
@@ -4,50 +4,14 @@ FROM debian:bookworm-slim
|
|||||||
ENV DEBIAN_FRONTEND=noninteractive
|
ENV DEBIAN_FRONTEND=noninteractive
|
||||||
|
|
||||||
# Update and install Swiss Army Knife tools
|
# Update and install Swiss Army Knife tools
|
||||||
RUN apt-get update && apt-get install -y \
|
RUN apt-get update && apt-get install -y curl wget git jq unzip tar vim nano python3 python3-pip python3-venv build-essential iputils-ping dnsutils net-tools nodejs npm ffmpeg openssh-server ripgrep ncdu sudo && rm -rf /var/lib/apt/lists/*
|
||||||
curl \
|
|
||||||
wget \
|
|
||||||
git \
|
|
||||||
jq \
|
|
||||||
unzip \
|
|
||||||
tar \
|
|
||||||
vim \
|
|
||||||
nano \
|
|
||||||
python3 \
|
|
||||||
python3-pip \
|
|
||||||
python3-venv \
|
|
||||||
build-essential \
|
|
||||||
iputils-ping \
|
|
||||||
dnsutils \
|
|
||||||
net-tools \
|
|
||||||
ffmpeg \
|
|
||||||
openssh-server \
|
|
||||||
ripgrep ncdu \
|
|
||||||
sudo \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
# Install Node.js 22 (via NodeSource)
|
|
||||||
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
|
|
||||||
&& apt-get install -y nodejs \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
# Install Chromium + Xvfb for headful browser support
|
|
||||||
RUN apt-get update && apt-get install -y chromium xvfb \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
# Install OpenClaw CLI globally
|
|
||||||
RUN npm install -g openclaw@latest
|
|
||||||
|
|
||||||
# Install yq (binary release for latest version)
|
# Install yq (binary release for latest version)
|
||||||
RUN wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq && \
|
RUN wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq && chmod +x /usr/bin/yq
|
||||||
chmod +x /usr/bin/yq
|
RUN wget https://downloads-openshift-console.apps.lab.apilab.us/amd64/linux/oc.tar -O /tmp/oc.tar && tar -xvf /tmp/oc.tar -C /usr/bin/ && rm /tmp/oc.tar && chmod +x /usr/bin/oc
|
||||||
RUN wget https://downloads-openshift-console.apps.lab.apilab.us/amd64/linux/oc.tar -O /tmp/oc.tar && \
|
|
||||||
tar -xvf /tmp/oc.tar -C /usr/bin/ && \
|
|
||||||
rm /tmp/oc.tar && chmod +x /usr/bin/oc
|
|
||||||
|
|
||||||
# Setup SSH directory & Config for OpenShift (Random UID support)
|
# Setup SSH directory & Config for OpenShift (Random UID support)
|
||||||
RUN mkdir -p /var/run/sshd && \
|
RUN mkdir -p /var/run/sshd && chmod 775 /var/run/sshd
|
||||||
chmod 775 /var/run/sshd
|
|
||||||
|
|
||||||
# Custom sshd_config for non-root usage
|
# Custom sshd_config for non-root usage
|
||||||
# StrictModes no: Required for non-root / random UID environments
|
# StrictModes no: Required for non-root / random UID environments
|
||||||
@@ -55,16 +19,12 @@ RUN mkdir -p /var/run/sshd && \
|
|||||||
RUN echo "Port 2222\nPermitRootLogin no\nPasswordAuthentication no\nPubkeyAuthentication yes\nStrictModes no\nPidFile /tmp/sshd.pid\nHostKey /data/ssh/ssh_host_rsa_key\nHostKey /data/ssh/ssh_host_ecdsa_key\nHostKey /data/ssh/ssh_host_ed25519_key\nAuthorizedKeysFile .ssh/authorized_keys\nChallengeResponseAuthentication no\nUsePAM yes\nSubsystem sftp /usr/lib/openssh/sftp-server" > /etc/ssh/sshd_config
|
RUN echo "Port 2222\nPermitRootLogin no\nPasswordAuthentication no\nPubkeyAuthentication yes\nStrictModes no\nPidFile /tmp/sshd.pid\nHostKey /data/ssh/ssh_host_rsa_key\nHostKey /data/ssh/ssh_host_ecdsa_key\nHostKey /data/ssh/ssh_host_ed25519_key\nAuthorizedKeysFile .ssh/authorized_keys\nChallengeResponseAuthentication no\nUsePAM yes\nSubsystem sftp /usr/lib/openssh/sftp-server" > /etc/ssh/sshd_config
|
||||||
|
|
||||||
# Create a user 'claw' (UID 1000) with sudo access
|
# Create a user 'claw' (UID 1000) with sudo access
|
||||||
RUN useradd -m -s /bin/bash -u 1000 claw && \
|
RUN useradd -m -s /bin/bash -u 1000 claw && echo "claw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && chmod -R g+rwX /home/claw
|
||||||
echo "claw ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \
|
|
||||||
chmod -R g+rwX /home/claw
|
|
||||||
|
|
||||||
# Prepare volume mount point
|
# Prepare volume mount point
|
||||||
# Mount persistent storage here
|
# Mount persistent storage here
|
||||||
VOLUME /data
|
VOLUME /data
|
||||||
RUN mkdir -p /data && \
|
RUN mkdir -p /data && chown claw:claw /data && chmod 775 /data
|
||||||
chown claw:claw /data && \
|
|
||||||
chmod 775 /data
|
|
||||||
|
|
||||||
# Set working directory to the persistent volume
|
# Set working directory to the persistent volume
|
||||||
WORKDIR /data
|
WORKDIR /data
|
||||||
@@ -77,4 +37,4 @@ USER claw
|
|||||||
|
|
||||||
# Start SSH daemon
|
# Start SSH daemon
|
||||||
# Fix: StrictModes no handles permissions, but chmod 600 helps sanity.
|
# Fix: StrictModes no handles permissions, but chmod 600 helps sanity.
|
||||||
CMD ["/bin/bash", "-c", "mkdir -p /data/ssh && if [ ! -f /data/ssh/ssh_host_rsa_key ]; then echo 'Generating persistent host keys...'; ssh-keygen -f /data/ssh/ssh_host_rsa_key -N '' -t rsa; ssh-keygen -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa; ssh-keygen -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519; fi && chmod 600 /data/ssh/ssh_host_*_key && /usr/sbin/sshd -D -f /etc/ssh/sshd_config"]
|
CMD ["/bin/bash", "-c", "mkdir -p /data/ssh && if [ ! -f /data/ssh/ssh_host_rsa_key ]; then echo 'Generating persistent host keys...'; ssh-keygen -f /data/ssh/ssh_host_rsa_key -N '' -t rsa; ssh-keygen -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa; ssh-keygen -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519; fi && chmod 600 /data/ssh/ssh_host_*_key && /usr/sbin/sshd -D -f /etc/ssh/sshd_config"]
|
||||||
Reference in New Issue
Block a user