# docker-compose.dev.yml — Dev testability stack (no custom Dockerfile) # # Usage (from repo root): # docker compose -f packaging/docker/docker-compose.dev.yml up # # Then open the printed Web UI URL — already wired to headless, no config needed. # # Env overrides (optional, via .env or export): # OPENWORK_TOKEN — shared client token (auto-generated if unset) # OPENWORK_HOST_TOKEN — host/admin token (auto-generated if unset) # OPENWORK_WORKSPACE — host path to mount as workspace (default: ./workspace) # OPENWORK_PORT — host port to map to container :8787 (default: 8787) # WEB_PORT — host port to map to container :5173 (default: 5173) # SHARE_PORT — host port to map to the share service :3000 (default: 3006) # OPENWORK_DEV_ID — unique ID for this stack (default: default) # OPENWORK_DEV_MODE — enables isolated OpenCode dev state (set by dev-up.sh) # OPENWORK_PUBLIC_HOST — browser-facing host/IP for LAN-accessible URLs (set by dev-up.sh) # OPENWORK_DOCKER_DEV_MOUNT_HOST_OPENCODE=1 — import host OpenCode config/auth into the isolated dev state # OPENWORK_OPENCODE_CONFIG_DIR — host OpenCode config dir detection override (read by dev-up.sh) # OPENWORK_OPENCODE_DATA_DIR — host OpenCode data dir detection override (read by dev-up.sh) # OPENWORK_HOST_OPENCODE_CONFIG_DIR — import source for OpenCode config (set by dev-up.sh) # OPENWORK_HOST_OPENCODE_DATA_DIR — import source for OpenCode auth/data (set by dev-up.sh) x-shared: &shared image: node:22-bookworm-slim working_dir: /app volumes: # Mount the entire repo so both services share node_modules + source - ../../:/app - pnpm-store:/root/.local/share/pnpm/store - bun-install:/root/.bun - ${OPENWORK_WORKSPACE:-./workspace}:/workspace - ${OPENWORK_HOST_OPENCODE_CONFIG_DIR:-./workspace/.openwork-host-opencode-config}:/persist/.config/opencode:ro - ${OPENWORK_HOST_OPENCODE_DATA_DIR:-./workspace/.openwork-host-opencode-data}:/persist/.openwork-host-opencode-data:ro services: orchestrator: <<: *shared entrypoint: ["/bin/sh", "-c"] command: - | set -e # --- Ensure workspace dir is writable --- mkdir -p /workspace && touch /workspace/.keep 2>/dev/null || true # --- Install system deps --- apt-get update -qq && apt-get install -y -qq --no-install-recommends \ curl ca-certificates unzip git >/dev/null 2>&1 # --- Install bun (cached in named volume) --- export BUN_INSTALL="/root/.bun" export PATH="$$BUN_INSTALL/bin:$$PATH" if ! command -v bun >/dev/null 2>&1; then echo "[orchestrator] Installing bun..." curl -fsSL https://bun.sh/install | bash fi # --- Enable pnpm via corepack --- corepack enable && corepack prepare pnpm@10.27.0 --activate # --- Install deps --- echo "[orchestrator] Installing dependencies..." pnpm install --no-frozen-lockfile --network-concurrency 1 --child-concurrency 1 # --- Use source entrypoints for the dev stack --- # The orchestrator can spawn .ts files via Bun directly, which avoids bind-mount # issues from bun --compile inside Docker on macOS. export OPENWORK_SERVER_BIN="/app/apps/server/src/cli.ts" export OPENCODE_ROUTER_BIN="/app/apps/opencode-router/src/cli.ts" # --- Resolve tokens --- if [ -z "$$OPENWORK_TOKEN" ]; then OPENWORK_TOKEN=$$(cat /proc/sys/kernel/random/uuid) export OPENWORK_TOKEN fi if [ -z "$$OPENWORK_HOST_TOKEN" ]; then OPENWORK_HOST_TOKEN=$$(cat /proc/sys/kernel/random/uuid) export OPENWORK_HOST_TOKEN fi # Write tokens so the web service can source them mkdir -p /app/tmp printf 'OPENWORK_TOKEN=%s\nOPENWORK_HOST_TOKEN=%s\n' \ "$$OPENWORK_TOKEN" "$$OPENWORK_HOST_TOKEN" > "/app/tmp/.dev-env-${OPENWORK_DEV_ID:-default}" echo "" echo "============================================" echo " OpenWork orchestrator" echo " Server: http://localhost:${OPENWORK_PORT:-8787}" echo " Health: http://localhost:${OPENWORK_PORT:-8787}/health" echo " Token: $$OPENWORK_TOKEN" echo " Host token: $$OPENWORK_HOST_TOKEN" echo "============================================" echo "" exec pnpm --filter openwork-orchestrator dev -- start \ --workspace /workspace \ --remote-access \ --openwork-port 8787 \ --openwork-token "$$OPENWORK_TOKEN" \ --openwork-host-token "$$OPENWORK_HOST_TOKEN" \ --openwork-server-bin "$$OPENWORK_SERVER_BIN" \ --opencode-router-bin "$$OPENCODE_ROUTER_BIN" \ --approval auto \ --allow-external \ --cors "*" ports: - "${OPENWORK_PORT:-8787}:8787" healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:8787/health || exit 1"] interval: 5s timeout: 5s retries: 30 start_period: 90s environment: CI: "true" OPENWORK_TOKEN: ${OPENWORK_TOKEN:-} OPENWORK_HOST_TOKEN: ${OPENWORK_HOST_TOKEN:-} OPENWORK_DEV_ID: ${OPENWORK_DEV_ID:-default} OPENWORK_DEV_MODE: ${OPENWORK_DEV_MODE:-1} OPENWORK_PUBLISHER_BASE_URL: http://${OPENWORK_PUBLIC_HOST:-localhost}:${SHARE_PORT:-3006} OPENWORK_DEV_OPENCODE_IMPORT_CONFIG_DIR: /persist/.config/opencode OPENWORK_DEV_OPENCODE_IMPORT_DATA_DIR: /persist/.openwork-host-opencode-data OPENWORK_SIDECAR_SOURCE: external web: <<: *shared depends_on: orchestrator: condition: service_healthy share: condition: service_healthy entrypoint: ["/bin/sh", "-c"] command: - | set -e # --- Install system deps --- apt-get update -qq && apt-get install -y -qq --no-install-recommends \ curl ca-certificates >/dev/null 2>&1 # --- Bun + pnpm --- export BUN_INSTALL="/root/.bun" export PATH="$$BUN_INSTALL/bin:$$PATH" if ! command -v bun >/dev/null 2>&1; then curl -fsSL https://bun.sh/install | bash fi corepack enable && corepack prepare pnpm@10.27.0 --activate # --- Read token written by orchestrator --- if [ -f "/app/tmp/.dev-env-${OPENWORK_DEV_ID:-default}" ]; then . "/app/tmp/.dev-env-${OPENWORK_DEV_ID:-default}" export VITE_OPENWORK_TOKEN="$$OPENWORK_TOKEN" fi echo "" echo "============================================" echo " OpenWork web UI" echo " URL: http://localhost:${WEB_PORT:-5173}" echo " Token: $${VITE_OPENWORK_TOKEN:-}" echo "============================================" echo "" export VITE_OPENWORK_URL="http://${OPENWORK_PUBLIC_HOST:-localhost}:${OPENWORK_PORT:-8787}" export VITE_OPENWORK_PORT="${OPENWORK_PORT:-8787}" export VITE_OPENWORK_PUBLISHER_BASE_URL="http://${OPENWORK_PUBLIC_HOST:-localhost}:${SHARE_PORT:-3006}" export VITE_ALLOWED_HOSTS="all" export HOST="0.0.0.0" export PORT="5173" exec pnpm --filter @openwork/app exec vite \ --host 0.0.0.0 \ --port 5173 \ --strictPort ports: - "${WEB_PORT:-5173}:5173" environment: OPENWORK_DEV_ID: ${OPENWORK_DEV_ID:-default} share: <<: *shared entrypoint: ["/bin/sh", "-c"] command: - | set -e apt-get update -qq && apt-get install -y -qq --no-install-recommends \ curl ca-certificates >/dev/null 2>&1 corepack enable && corepack prepare pnpm@10.27.0 --activate echo "[share] Installing dependencies..." pnpm install --no-frozen-lockfile --network-concurrency 1 --child-concurrency 1 mkdir -p /app/tmp/share-service-blobs echo "[share] Building Next app..." pnpm --dir apps/share build echo "" echo "============================================" echo " OpenWork share service" echo " URL: http://localhost:${SHARE_PORT:-3006}" echo "============================================" echo "" exec pnpm --dir apps/share exec next start --hostname 0.0.0.0 --port 3000 ports: - "${SHARE_PORT:-3006}:3000" healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:3000/api/health || exit 1"] interval: 5s timeout: 10s retries: 30 start_period: 180s environment: CI: "true" OPENWORK_DEV_MODE: ${OPENWORK_DEV_MODE:-1} LOCAL_BLOB_DIR: /app/tmp/share-service-blobs PUBLIC_BASE_URL: http://${OPENWORK_PUBLIC_HOST:-localhost}:${SHARE_PORT:-3006} PUBLIC_OPENWORK_APP_URL: http://${OPENWORK_PUBLIC_HOST:-localhost}:${WEB_PORT:-5173} volumes: pnpm-store: name: openwork-dev-pnpm-store bun-install: name: openwork-dev-bun-install