eliott/openwork
1
0
Fork 0
mirror of https://github.com/different-ai/openwork synced 2026-04-25 17:15:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: add Docker Compose dev testability stack (no custom Dockerfile)

Browse Source 
Add docker-compose.dev.yml using off-the-shelf node:22-bookworm-slim image
that starts headless + web UI with auto-wired tokens and health checks.
Builds Linux binaries into /tmp to avoid overwriting host macOS binaries.
This commit is contained in:
Benjamin Shafii
2026-02-09 15:50:11 -08:00
parent 6e2067849a
commit 548ea8b0ef
2 changed files with 203 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
packaging/docker/README.md
View File

@@ -1,5 +1,38 @@
# OpenWork Host (Docker)
## Dev testability stack (recommended for testing)
One command, no custom Dockerfile. Uses `node:22-bookworm-slim` off the shelf.
From the repo root:
```bash
docker compose -f packaging/docker/docker-compose.dev.yml up
```
Then open **http://localhost:5173** — the web UI is already wired to headless.
What it does:
- Starts **headless** (OpenCode + OpenWork server) on port 8787
- Starts **web UI** (Vite dev server) on port 5173
- Auto-generates and shares auth tokens between services
- Web waits for headless health check before starting
- Builds Linux binaries inside the container (no host binary conflicts)
Useful commands:
- Logs: `docker compose -f packaging/docker/docker-compose.dev.yml logs`
- Tear down: `docker compose -f packaging/docker/docker-compose.dev.yml down`
- Health check: `curl http://localhost:8787/health`
Optional env vars (via `.env` or `export`):
- `OPENWORK_TOKEN` — fixed client token
- `OPENWORK_HOST_TOKEN` — fixed host/admin token
- `OPENWORK_WORKSPACE` — host path to mount as workspace
---
## Production container
This is a minimal packaging template to run the OpenWork Host contract in a single container.
It runs:
@@ -7,7 +40,7 @@ It runs:
- `opencode serve` (engine) bound to `127.0.0.1:4096` inside the container
- `openwork-server` bound to `0.0.0.0:8787` (the only published surface)
## Local run (compose)
### Local run (compose)
From this directory:
@@ -19,7 +52,7 @@ Then open:
- `http://127.0.0.1:8787/ui`
## Config
### Config
Recommended env vars:
@@ -36,7 +69,7 @@ Persistence:
- Workspace is mounted at `/workspace`
- Host data dir is mounted at `/data` (OpenCode caches + OpenWork server config/tokens)
## Notes
### Notes
- OpenCode is not exposed directly; access it via the OpenWork proxy (`/opencode/*`).
- For PaaS, replace `./workspace:/workspace` with a volume or a checkout strategy (git clone on boot).

167
packaging/docker/docker-compose.dev.yml Normal file
View File

@@ -0,0 +1,167 @@
# docker-compose.dev.yml — Dev testability stack (no custom Dockerfile)
#
# Usage (from repo root):
# docker compose -f packaging/docker/docker-compose.dev.yml up
#
# Then open http://localhost:5173 — already wired to headless, no config needed.
#
# Env overrides (optional, via .env or export):
# OPENWORK_TOKEN — shared client token (auto-generated if unset)
# OPENWORK_HOST_TOKEN — host/admin token (auto-generated if unset)
# OPENWORK_WORKSPACE — host path to mount as workspace (default: ./workspace)
x-shared: &shared
image: node:22-bookworm-slim
working_dir: /app
volumes:
# Mount the entire repo so both services share node_modules + source
- ../../:/app
- pnpm-store:/root/.local/share/pnpm/store
- bun-install:/root/.bun
- ${OPENWORK_WORKSPACE:-./workspace}:/workspace
services:
headless:
<<: *shared
entrypoint: ["/bin/sh", "-c"]
command:
- |
set -e
# --- Install system deps ---
apt-get update -qq && apt-get install -y -qq --no-install-recommends \
curl ca-certificates unzip git >/dev/null 2>&1
# --- Install bun (cached in named volume) ---
export BUN_INSTALL="/root/.bun"
export PATH="$$BUN_INSTALL/bin:$$PATH"
if ! command -v bun >/dev/null 2>&1; then
echo "[headless] Installing bun..."
curl -fsSL https://bun.sh/install | bash
fi
# --- Enable pnpm via corepack ---
corepack enable && corepack prepare pnpm@10.27.0 --activate
# --- Install deps ---
echo "[headless] Installing dependencies..."
pnpm install --no-frozen-lockfile
# --- Build Linux binaries into container-local path ---
# Avoids overwriting macOS-native binaries on the host mount.
export OPENWORK_SERVER_BIN="/tmp/openwork-bins/openwork-server"
export OWPENBOT_BIN="/tmp/openwork-bins/owpenbot"
mkdir -p /tmp/openwork-bins
echo "[headless] Building openwork-server binary (linux)..."
cd /app/packages/server && bun build --compile src/cli.ts --outfile "$$OPENWORK_SERVER_BIN"
echo "[headless] Building owpenbot binary (linux)..."
cd /app/packages/owpenbot && bun build --compile src/cli.ts \
--define '__OWPENBOT_VERSION__="0.11.39"' --outfile "$$OWPENBOT_BIN"
cd /app
# --- Resolve tokens ---
if [ -z "$$OPENWORK_TOKEN" ]; then
OPENWORK_TOKEN=$$(cat /proc/sys/kernel/random/uuid)
export OPENWORK_TOKEN
fi
if [ -z "$$OPENWORK_HOST_TOKEN" ]; then
OPENWORK_HOST_TOKEN=$$(cat /proc/sys/kernel/random/uuid)
export OPENWORK_HOST_TOKEN
fi
# Write tokens so the web service can source them
mkdir -p /app/tmp
printf 'OPENWORK_TOKEN=%s\nOPENWORK_HOST_TOKEN=%s\n' \
"$$OPENWORK_TOKEN" "$$OPENWORK_HOST_TOKEN" > /app/tmp/.dev-env
echo ""
echo "============================================"
echo " OpenWork headless"
echo " Server: http://localhost:8787"
echo " Health: http://localhost:8787/health"
echo " Token: $$OPENWORK_TOKEN"
echo " Host token: $$OPENWORK_HOST_TOKEN"
echo "============================================"
echo ""
exec pnpm --filter openwrk dev -- start \
--workspace /workspace \
--openwork-host 0.0.0.0 \
--openwork-port 8787 \
--openwork-token "$$OPENWORK_TOKEN" \
--openwork-host-token "$$OPENWORK_HOST_TOKEN" \
--openwork-server-bin "$$OPENWORK_SERVER_BIN" \
--owpenbot-bin "$$OWPENBOT_BIN" \
--approval auto \
--allow-external \
--no-opencode-auth \
--cors "*"
ports:
- "8787:8787"
healthcheck:
test: ["CMD-SHELL", "curl -sf http://localhost:8787/health || exit 1"]
interval: 5s
timeout: 5s
retries: 30
start_period: 90s
environment:
CI: "true"
OPENWORK_TOKEN: ${OPENWORK_TOKEN:-}
OPENWORK_HOST_TOKEN: ${OPENWORK_HOST_TOKEN:-}
OPENWRK_SIDECAR_SOURCE: external
web:
<<: *shared
depends_on:
headless:
condition: service_healthy
entrypoint: ["/bin/sh", "-c"]
command:
- |
set -e
# --- Install system deps ---
apt-get update -qq && apt-get install -y -qq --no-install-recommends \
curl ca-certificates >/dev/null 2>&1
# --- Bun + pnpm ---
export BUN_INSTALL="/root/.bun"
export PATH="$$BUN_INSTALL/bin:$$PATH"
if ! command -v bun >/dev/null 2>&1; then
curl -fsSL https://bun.sh/install | bash
fi
corepack enable && corepack prepare pnpm@10.27.0 --activate
# --- Read token written by headless ---
if [ -f /app/tmp/.dev-env ]; then
. /app/tmp/.dev-env
export VITE_OPENWORK_TOKEN="$$OPENWORK_TOKEN"
fi
echo ""
echo "============================================"
echo " OpenWork web UI"
echo " URL: http://localhost:5173"
echo " Token: $${VITE_OPENWORK_TOKEN:-<see headless logs>}"
echo "============================================"
echo ""
export VITE_OPENWORK_URL="http://localhost:8787"
export VITE_OPENWORK_PORT="8787"
export VITE_ALLOWED_HOSTS="all"
export HOST="0.0.0.0"
export PORT="5173"
exec pnpm --filter @different-ai/openwork-ui exec vite \
--host 0.0.0.0 \
--port 5173 \
--strictPort
ports:
- "5173:5173"
volumes:
pnpm-store:
bun-install: