x

Paused

zhvzii commited on Feb 1

Commit

c192023

verified ·

1 Parent(s): f77018d

Update Dockerfile

Files changed (1) hide show

Dockerfile CHANGED Viewed

@@ -1,24 +1,39 @@
-# Dockerfile
-FROM node:22-slim
-# 安装 pnpm（关键步骤）
-RUN npm install -g pnpm corepack && corepack enable
-# 安装构建依赖（OpenClaw 需要编译 native 模块）
-RUN apt-get update && apt-get install -y \
-    build-essential \
-    python3 \
-    pkg-config \
-    libvips-dev \
-    && rm -rf /var/lib/apt/lists/*
-# 克隆 OpenClaw 源码
 WORKDIR /app
-RUN git clone https://github.com/openclaw/openclaw.git . \
-    && pnpm install --frozen-lockfile
-# 持久化数据目录（但 Spaces 免费版仍会丢失）
-VOLUME ["/root/.openclaw"]
-# 启动 OpenClaw
-CMD ["pnpm", "start"]

+FROM node:22-bookworm
+# Install Bun (required for build scripts)
+RUN curl -fsSL https://bun.sh/install | bash
+ENV PATH="/root/.bun/bin:${PATH}"
+RUN corepack enable
 WORKDIR /app
+ARG OPENCLAW_DOCKER_APT_PACKAGES=""
+RUN if [ -n "$OPENCLAW_DOCKER_APT_PACKAGES" ]; then \
+      apt-get update && \
+      DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $OPENCLAW_DOCKER_APT_PACKAGES && \
+      apt-get clean && \
+      rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; \
+    fi
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
+COPY ui/package.json ./ui/package.json
+COPY patches ./patches
+COPY scripts ./scripts
+RUN pnpm install --frozen-lockfile
+COPY . .
+RUN OPENCLAW_A2UI_SKIP_MISSING=1 pnpm build
+# Force pnpm for UI build (Bun may fail on ARM/Synology architectures)
+ENV OPENCLAW_PREFER_PNPM=1
+RUN pnpm ui:build
+ENV NODE_ENV=production
+# Security hardening: Run as non-root user
+# The node:22-bookworm image includes a 'node' user (uid 1000)
+# This reduces the attack surface by preventing container escape via root privileges
+USER node
+CMD ["node", "dist/index.js"]