Update Dockerfile

Dockerfile

@@ -1,17 +1,23 @@
 FROM node:18-alpine
 
-# Install dependencies
+# Install basic dependencies
 RUN apk add --no-cache \
     python3 py3-pip git curl bash coreutils nginx \
     wget tar
 
-# Install gVisor runsc
-RUN wget https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc && \
-    wget https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc.sha512 && \
-    sha512sum -c runsc.sha512 && \
-    chmod +x runsc && \
-    mv runsc /usr/local/bin/ && \
-    rm runsc.sha512
+# Install Firecracker
+RUN wget https://github.com/firecracker-microvm/firecracker/releases/download/v1.7.0/firecracker-v1.7.0-x86_64.tgz && \
+    tar -xzf firecracker-v1.7.0-x86_64.tgz && \
+    mv release-v1.7.0-x86_64/firecracker-v1.7.0-x86_64 /usr/local/bin/firecracker && \
+    chmod +x /usr/local/bin/firecracker && \
+    rm -rf firecracker-v1.7.0-x86_64.tgz release-v1.7.0-x86_64
+
+# Install jailer (for isolation)
+RUN wget https://github.com/firecracker-microvm/firecracker/releases/download/v1.7.0/firecracker-v1.7.0-x86_64.tgz && \
+    tar -xzf firecracker-v1.7.0-x86_64.tgz && \
+    mv release-v1.7.0-x86_64/jailer-v1.7.0-x86_64 /usr/local/bin/jailer && \
+    chmod +x /usr/local/bin/jailer && \
+    rm -rf firecracker-v1.7.0-x86_64.tgz release-v1.7.0-x86_64
 
 # Install pnpm
 RUN npm install -g pnpm
@@ -24,7 +30,8 @@ RUN npm install
 COPY . .
 COPY nginx.conf /etc/nginx/http.d/default.conf
 
-RUN mkdir -p /var/log/nginx /var/lib/nginx/tmp /tmp/sandboxes
+# Create required directories
+RUN mkdir -p /var/log/nginx /var/lib/nginx/tmp /tmp/sandboxes /srv/jailer
 
 EXPOSE 7860