FROM golang:1.22-alpine AS gitea-mcp-builder RUN go install gitea.com/gitea/gitea-mcp@latest FROM node:20-alpine AS base RUN corepack enable && corepack prepare pnpm@latest --activate FROM base AS deps RUN apk add --no-cache libc6-compat python3 make gcc g++ linux-headers WORKDIR /app # Use local Node.js headers for node-gyp (avoids flaky unofficial-builds.nodejs.org downloads) ENV npm_config_nodedir=/usr/local # Copy workspace root config + relevant package.jsons for install COPY pnpm-workspace.yaml pnpm-lock.yaml package.json ./ COPY packages/db/package.json ./packages/db/package.json COPY apps/harness/package.json ./apps/harness/package.json RUN pnpm install --frozen-lockfile --filter @homelab/harness... FROM base AS builder WORKDIR /app COPY --from=deps /app ./ COPY packages/db ./packages/db COPY apps/harness ./apps/harness RUN pnpm --filter @homelab/harness build FROM base AS runner WORKDIR /app ENV NODE_ENV=production # System tools needed by agent executors RUN apk add --no-cache git github-cli curl ca-certificates # Agent CLIs (installed globally before dropping to non-root) RUN npm install -g @anthropic-ai/claude-code @openai/codex RUN curl -fsSL https://opencode.ai/install | sh || \ echo "WARN: opencode install failed, skipping" # MCP servers: Gitea (Go binary from builder stage) COPY --from=gitea-mcp-builder /root/go/bin/gitea-mcp /usr/local/bin/gitea-mcp # MCP servers: Node.js packages (pre-installed to avoid npx cold starts) RUN npm install -g \ @modelcontextprotocol/server-postgres \ @modelcontextprotocol/server-filesystem \ @modelcontextprotocol/server-git \ @manusa/kubernetes-mcp-server RUN addgroup --system --gid 1001 nodejs RUN adduser --system --uid 1001 nextjs # Workspace directory for git worktrees (ephemeral) RUN mkdir -p /data/harness && chown nextjs:nodejs /data/harness COPY --from=builder /app/apps/harness/public ./apps/harness/public COPY --from=builder --chown=nextjs:nodejs /app/apps/harness/.next/standalone ./ COPY --from=builder --chown=nextjs:nodejs /app/apps/harness/.next/static ./apps/harness/.next/static # PTY server dependencies + custom server COPY --from=builder /app/node_modules/.pnpm/node-pty*/node_modules/node-pty ./node_modules/node-pty COPY --from=builder /app/node_modules/.pnpm/ws*/node_modules/ws ./node_modules/ws COPY apps/harness/server.js ./server.js COPY apps/harness/pty-server.js ./pty-server.js USER nextjs EXPOSE 3100 ENV PORT=3100 CMD ["node", "server.js"]