fix: cloudflared install verification, noVNC on port 7860 for tunnel

Dockerfile

@@ -1,13 +1,5 @@
 # =============================================================================
 # ALTYZEN Stealth Browser Stack - Cloudflare Tunnel Edition
-# Hugging Face Docker Space with Private VNC Access
-# =============================================================================
-# Architecture:
-#   [Playwright Browser] --> [Xvfb :99] --> [x11vnc] --> [noVNC :7860]
-#                                                              |
-#                                                    [cloudflared tunnel]
-#                                                              |
-#                                                    [agent.yourdomain.com]
 # =============================================================================
 
 FROM python:3.11-slim
@@ -17,23 +9,16 @@ ENV DISPLAY=:99
 
 # Install system dependencies
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    # Virtual Display
     xvfb \
-    # Window Manager
     fluxbox \
-    # VNC Server
     x11vnc \
-    # WebSocket proxy
     websockify \
-    # Process Manager
     supervisor \
-    # Networking
     net-tools \
     curl \
     wget \
     git \
-    gnupg \
-    # Browser dependencies
+    ca-certificates \
     libnss3 \
     libnspr4 \
     libatk1.0-0 \
@@ -55,9 +40,11 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     fonts-noto-color-emoji \
     && rm -rf /var/lib/apt/lists/*
 
-# Install cloudflared (Cloudflare Tunnel)
-RUN curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared && \
-    chmod +x /usr/local/bin/cloudflared
+# Install cloudflared - download with verification
+RUN curl -L --output /usr/local/bin/cloudflared \
+    https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 && \
+    chmod +x /usr/local/bin/cloudflared && \
+    /usr/local/bin/cloudflared --version
 
 # Install noVNC from GitHub
 RUN git clone --depth 1 https://github.com/novnc/noVNC.git /opt/novnc && \
@@ -66,31 +53,23 @@ RUN git clone --depth 1 https://github.com/novnc/noVNC.git /opt/novnc && \
 
 WORKDIR /app
 
-# Copy requirements first
 COPY requirements.txt .
 RUN pip install --no-cache-dir --upgrade pip && \
     pip install --no-cache-dir -r requirements.txt
 
-# Install Playwright browsers
+# Install Playwright
 RUN playwright install chromium --with-deps
 
-# Copy application files
 COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 COPY app.py .
 COPY agent.py .
 
-# Create necessary directories
 RUN mkdir -p /var/log/supervisor /var/run /root/.fluxbox
-
-# Configure fluxbox (minimal)
 RUN echo "session.screen0.toolbar.visible: false" > /root/.fluxbox/init
 
-# Expose port 7860 for HuggingFace (also used by noVNC internally)
 EXPOSE 7860
 
-# Health check - just ensure supervisord is running
 HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 \
-    CMD pgrep supervisord > /dev/null || exit 1
+    CMD curl -f http://localhost:7860/ || exit 1
 
-# Start supervisord
 CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]

supervisord.conf

@@ -1,6 +1,6 @@
 ; =============================================================================
-; Supervisord - Stealth Browser Stack with Cloudflare Tunnel
-; Manages: Xvfb, Fluxbox, x11vnc, noVNC, Cloudflare Tunnel, Python Agent
+; Supervisord - Stealth Browser Stack
+; noVNC on 7860, Cloudflare Tunnel bridges to public hostname
 ; =============================================================================
 
 [supervisord]
@@ -11,7 +11,7 @@ childlogdir=/var/log/supervisor
 user=root
 
 ; =============================================================================
-; Process 1: Xvfb - Virtual Framebuffer (Creates display :99)
+; Process 1: Xvfb - Virtual Display :99
 ; =============================================================================
 [program:xvfb]
 command=/usr/bin/Xvfb :99 -screen 0 1280x720x24 -ac +extension GLX +render -noreset
@@ -31,7 +31,7 @@ stdout_logfile=/var/log/supervisor/fluxbox.log
 stderr_logfile=/var/log/supervisor/fluxbox_err.log
 
 ; =============================================================================
-; Process 3: x11vnc - VNC Server (streams :99 to port 5900)
+; Process 3: x11vnc - VNC Server on port 5900
 ; =============================================================================
 [program:x11vnc]
 command=/bin/bash -c "sleep 3 && /usr/bin/x11vnc -display :99 -forever -shared -nopw -rfbport 5900 -xkb"
@@ -41,18 +41,18 @@ stdout_logfile=/var/log/supervisor/x11vnc.log
 stderr_logfile=/var/log/supervisor/x11vnc_err.log
 
 ; =============================================================================
-; Process 4: noVNC - HTML5 VNC Client on internal port 6080
+; Process 4: noVNC - HTML5 VNC Client on PORT 7860 (HF requires this)
 ; =============================================================================
 [program:novnc]
-command=/bin/bash -c "sleep 5 && /opt/novnc/utils/novnc_proxy --vnc localhost:5900 --listen 6080 --web /opt/novnc"
+command=/bin/bash -c "sleep 5 && /opt/novnc/utils/novnc_proxy --vnc localhost:5900 --listen 7860 --web /opt/novnc"
 autorestart=true
 priority=400
 stdout_logfile=/var/log/supervisor/novnc.log
 stderr_logfile=/var/log/supervisor/novnc_err.log
 
 ; =============================================================================
-; Process 5: Cloudflare Tunnel - Exposes noVNC via private subdomain
-; Token is passed via environment variable CLOUDFLARE_TUNNEL_TOKEN
+; Process 5: Cloudflare Tunnel - Bridges localhost:7860 to public hostname
+; Token from environment variable CLOUDFLARE_TUNNEL_TOKEN
 ; =============================================================================
 [program:cloudflared]
 command=/bin/bash -c "sleep 8 && /usr/local/bin/cloudflared tunnel --no-autoupdate run --token %(ENV_CLOUDFLARE_TUNNEL_TOKEN)s"
@@ -62,24 +62,15 @@ stdout_logfile=/var/log/supervisor/cloudflared.log
 stderr_logfile=/var/log/supervisor/cloudflared_err.log
 
 ; =============================================================================
-; Process 6: Python Agent - Browser automation on display :99
+; Process 6: Python Agent - Browser automation
 ; =============================================================================
 [program:agent]
 command=/bin/bash -c "sleep 12 && DISPLAY=:99 python /app/app.py"
 directory=/app
+environment=DISPLAY=":99"
 autorestart=true
 priority=500
 startretries=10
 startsecs=15
 stdout_logfile=/var/log/supervisor/agent.log
 stderr_logfile=/var/log/supervisor/agent_err.log
-
-; =============================================================================
-; Process 7: Dummy HTTP Server on 7860 (Keeps HF Space "Running")
-; =============================================================================
-[program:dummy_server]
-command=/bin/bash -c "sleep 3 && python -m http.server 7860 --directory /opt/novnc"
-autorestart=true
-priority=350
-stdout_logfile=/var/log/supervisor/dummy_server.log
-stderr_logfile=/var/log/supervisor/dummy_server_err.log