Dockerfile

FROM debian:bullseye-slim

# Prevent interactive prompts
ENV DEBIAN_FRONTEND=noninteractive
ENV DISPLAY=:1
ENV VNC_PORT=5901
ENV NO_VNC_PORT=6080
ENV VNC_PASSWORD=vncpassword

# Install minimal dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    # Window Manager
    openbox \
    # VNC
    tigervnc-standalone-server \
    tigervnc-common \
    novnc \
    websockify \
    # Browser
    firefox-esr \
    # Python
    python3 \
    python3-pip \
    python3-venv \
    # Tools
    xdotool \
    scrot \
    procps \
    curl \
    ca-certificates \
    # Cleanup
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

# Create user
RUN useradd -m -s /bin/bash vncuser && \
    mkdir -p /home/vncuser/.vnc && \
    chown -R vncuser:vncuser /home/vncuser

# Set VNC password
USER vncuser
RUN echo "${VNC_PASSWORD}" | vncpasswd -f > /home/vncuser/.vnc/passwd && \
    chmod 600 /home/vncuser/.vnc/passwd

# Configure Openbox
RUN mkdir -p /home/vncuser/.config/openbox

# VNC Startup Script
RUN echo '#!/bin/bash' > /home/vncuser/.vnc/xstartup && \
    echo 'exec openbox-session' >> /home/vncuser/.vnc/xstartup && \
    chmod +x /home/vncuser/.vnc/xstartup

USER root

# Python dependencies
COPY requirements.txt /tmp/requirements.txt
RUN pip3 install --no-cache-dir --upgrade pip && \
    pip3 install --no-cache-dir -r /tmp/requirements.txt

# App Setup
WORKDIR /app
COPY . /app
RUN mkdir -p /app/scripts /app/agent /app/logs && \
    chown -R vncuser:vncuser /app

# Copy scripts
COPY scripts/start-desktop.sh /app/scripts/start-desktop.sh
RUN chmod +x /app/scripts/start-desktop.sh

# Expose ports
EXPOSE ${VNC_PORT} ${NO_VNC_PORT} 7860 8000

CMD ["/app/scripts/start-desktop.sh"]