-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
57 lines (44 loc) · 2.01 KB
/
Dockerfile
File metadata and controls
57 lines (44 loc) · 2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
ARG UPSTREAM_VERSION="latest"
FROM node:22-bookworm
# Install Bun (required by openclaw at runtime) and sudo (needed by openclaw tool executor)
RUN curl -fsSL https://bun.sh/install | bash && \
apt-get update && \
apt-get install -y --no-install-recommends sudo && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
ENV PATH="/root/.bun/bin:${PATH}"
WORKDIR /app
ARG OPENCLAW_DOCKER_APT_PACKAGES=""
RUN if [ -n "$OPENCLAW_DOCKER_APT_PACKAGES" ]; then \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $OPENCLAW_DOCKER_APT_PACKAGES && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; \
fi
ARG UPSTREAM_VERSION
RUN npm install -g openclaw@${UPSTREAM_VERSION}
# Make json5 (openclaw dependency) resolvable by plain require('json5')
ENV NODE_PATH=/usr/local/lib/node_modules
ENV NODE_ENV=production
# Install ttyd (web terminal) - static binary from GitHub releases
# ttyd is not available in bookworm repos, so we download the pre-built binary
RUN ARCH=$(dpkg --print-architecture) && \
if [ "$ARCH" = "amd64" ]; then TTYD_ARCH="x86_64"; \
elif [ "$ARCH" = "arm64" ]; then TTYD_ARCH="aarch64"; \
else echo "Unsupported architecture: $ARCH" && exit 1; fi && \
curl -fsSL "https://github.com/tsl0922/ttyd/releases/download/1.7.7/ttyd.${TTYD_ARCH}" \
-o /usr/local/bin/ttyd && \
chmod +x /usr/local/bin/ttyd
# Copy setup wizard
COPY setup-wizard/ /app/setup-wizard/
# Copy entrypoint script
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
# Expose gateway, bridge, terminal, and setup wizard ports
EXPOSE 18789 18790 7681 8080
# Health check for DappNode monitoring
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
CMD curl -f http://localhost:18789/health || exit 1
# Run as root (no-new-privileges prevents privilege escalation via gosu/sudo)
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["openclaw", "gateway", "--allow-unconfigured"]