wangjunxiao/nanoclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44e23612932628f774b7df1ce6a41a5325f6ba35
nanoclaw/container/Dockerfile
meeech 44e2361293 fix: migrate container agent-runner to pnpm with proper build scripts 
- Remove package-lock.json, add pnpm-lock.yaml for frozen installs
- Add pnpm-workspace.yaml with onlyBuiltDependencies (better-sqlite3)
  and minimumReleaseAge matching root project policy
- Dockerfile: allow agent-browser build scripts via global .npmrc
  (global installs don't read project-level workspace config)
- Dockerfile: make lockfile and workspace COPY mandatory (drop glob)
2026-04-17 09:23:35 +03:00

78 lines
2.4 KiB
Docker
Raw Blame History

# NanoClaw Agent Container
# Runs Claude Agent SDK in isolated Linux VM with browser automation
FROM node:22-slim
# Install system dependencies for Chromium
RUN apt-get update && apt-get install -y \
chromium \
fonts-liberation \
fonts-noto-cjk \
fonts-noto-color-emoji \
libgbm1 \
libnss3 \
libatk-bridge2.0-0 \
libgtk-3-0 \
libx11-xcb1 \
libxcomposite1 \
libxdamage1 \
libxrandr2 \
libasound2 \
libpangocairo-1.0-0 \
libcups2 \
libdrm2 \
libxshmfence1 \
curl \
git \
&& rm -rf /var/lib/apt/lists/*
# Set Chromium path for agent-browser
ENV AGENT_BROWSER_EXECUTABLE_PATH=/usr/bin/chromium
ENV PLAYWRIGHT_CHROMIUM_EXECUTABLE_PATH=/usr/bin/chromium
# Enable pnpm via corepack
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
RUN corepack enable
# Allow agent-browser build scripts for global install, then install
RUN echo "only-built-dependencies[]=agent-browser" > /root/.npmrc && \
pnpm install -g agent-browser @anthropic-ai/claude-code vercel
# Create app directory
WORKDIR /app
# Copy package files first for better caching
COPY agent-runner/package.json agent-runner/pnpm-lock.yaml agent-runner/pnpm-workspace.yaml ./
# Install dependencies
RUN pnpm install --frozen-lockfile
# Copy source code
COPY agent-runner/ ./
# Build TypeScript
RUN pnpm run build
# Create workspace directories
RUN mkdir -p /workspace/group /workspace/global /workspace/extra
# Create entrypoint script.
# The host mounts container/agent-runner/src at /app/src and the entrypoint
# recompiles on startup — this lets host source edits and skill installs
# take effect without rebuilding the image. All IO goes through the session
# DBs (inbound.db / outbound.db) mounted into /workspace.
RUN printf '#!/bin/bash\nset -e\ncd /app && pnpm exec tsc --outDir /tmp/dist 2>&1 >&2\nln -s /app/node_modules /tmp/dist/node_modules\nchmod -R a-w /tmp/dist\ncat > /tmp/input.json\nnode /tmp/dist/index.js < /tmp/input.json\n' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
# Set ownership to node user (non-root) for writable directories
RUN chown -R node:node /workspace && chmod 777 /home/node
# Switch to non-root user (required for --dangerously-skip-permissions)
USER node
# Set working directory to group workspace
WORKDIR /workspace/group
# Entry point reads JSON from stdin, outputs JSON to stdout
ENTRYPOINT ["/app/entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink