Spaces:
Running
Running
| FROM oven/bun:1-slim | |
| ARG DEBIAN_FRONTEND=noninteractive | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| git ca-certificates curl sqlite3 rsync python3 \ | |
| && rm -rf /var/lib/apt/lists/* | |
| WORKDIR /app | |
| ARG LUMIVERSE_REPO=https://github.com/prolix-oc/Lumiverse.git | |
| ARG LUMIVERSE_REF=staging | |
| RUN git clone --depth 1 --branch "${LUMIVERSE_REF}" "${LUMIVERSE_REPO}" . | |
| RUN cat > /tmp/patch-auth-rewrite.mjs <<'PATCH' | |
| import { readFileSync, writeFileSync } from "fs"; | |
| const path = "src/app.ts"; | |
| const src = readFileSync(path, "utf8"); | |
| const before = `app.on(["POST", "GET"], "/api/auth/*", (c) => { | |
| const host = c.req.header("host"); | |
| if (host) { | |
| const url = new URL(c.req.url); | |
| const rewritten = new URL(url.pathname + url.search, \`http://\${host}\`); | |
| return auth.handler(new Request(rewritten.toString(), c.req.raw)); | |
| } | |
| return auth.handler(c.req.raw); | |
| });`; | |
| const after = `app.on(["POST", "GET"], "/api/auth/*", (c) => { | |
| const host = c.req.header("x-forwarded-host") || c.req.header("host"); | |
| const proto = c.req.header("x-forwarded-proto") || "http"; | |
| if (host) { | |
| const url = new URL(c.req.url); | |
| const rewritten = new URL(url.pathname + url.search, \`\${proto}://\${host}\`); | |
| return auth.handler(new Request(rewritten.toString(), c.req.raw)); | |
| } | |
| return auth.handler(c.req.raw); | |
| });`; | |
| if (!src.includes(before)) { | |
| console.error("[patch] Expected auth rewrite block not found in src/app.ts"); | |
| process.exit(1); | |
| } | |
| writeFileSync(path, src.replace(before, after), "utf8"); | |
| console.log("[patch] Patched src/app.ts for x-forwarded-proto/host"); | |
| PATCH | |
| RUN bun /tmp/patch-auth-rewrite.mjs \ | |
| && grep -n "x-forwarded-proto" src/app.ts >/dev/null | |
| RUN rm -f package-lock.json && bun install --production | |
| WORKDIR /app/frontend | |
| RUN rm -f package-lock.json && bun install && bun run build | |
| RUN printf "self.addEventListener('install',e=>self.skipWaiting());self.addEventListener('activate',e=>e.waitUntil(self.clients.claim()));\n" > /app/frontend/dist/sw.js | |
| RUN test -f /app/frontend/dist/index.html | |
| WORKDIR /app | |
| ENV NODE_ENV=production | |
| ENV PORT=7860 | |
| ENV DATA_DIR=/app/data | |
| ENV FRONTEND_DIR=/app/frontend/dist | |
| ENV TRUST_ANY_ORIGIN=true | |
| ENV OWNER_PASSWORD="admin123admin" | |
| RUN cat > /app/start.sh <<'SH' | |
| #!/usr/bin/env sh | |
| set -eu | |
| export DATA_DIR="${DATA_DIR:-/app/data}" | |
| # Run with the runner script so IPC is available for the operator page | |
| exec bun run scripts/runner.ts | |
| SH | |
| RUN chmod +x /app/start.sh | |
| USER root | |
| RUN mkdir -p /app/data && chown -R bun:bun /app/data | |
| EXPOSE 7860 | |
| VOLUME /app/data | |
| USER bun | |
| CMD ["/app/start.sh"] |