Keysat
a7529eb0b7
Add Dockerfile, docker-compose.yml, docker-entrypoint.sh, and .dockerignore so the bot runs detached and survives reboots, replacing the foreground venv run. The image is generic (no secrets/deployment specifics baked in): host networking reaches both Synapse and the Mac; .env, config.toml, and the SSH key are mounted read-only. The entrypoint is the container's environment seam (D4 analog of launch-claude.sh) — it generates ~/.ssh/config for the mac-bridge alias from config.toml [mac] (new hostname/user fields) so the bot's `ssh mac-bridge` stays unchanged. SSH key mounted not baked; first connect uses accept-new host trust. Proven live on the Spark: container connects to Synapse and real messages launched drivable sessions on the phone across 2 rooms via the full chain.
20 lines
896 B
YAML
20 lines
896 B
YAML
# matrix-bridge bot — Phase 1 deployment on the Spark.
|
|
#
|
|
# `docker compose up -d` runs the bot detached; `restart: unless-stopped` brings it back after
|
|
# a Spark reboot. Host networking lets it reach BOTH Synapse (clearnet TLS) and the Mac
|
|
# (WireGuard, via the mac-bridge alias the entrypoint generates). The image stays generic — all
|
|
# deployment specifics and secrets arrive through the read-only mounts below.
|
|
services:
|
|
bot:
|
|
build: .
|
|
image: matrix-bridge-bot
|
|
container_name: matrix-bridge
|
|
network_mode: host
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./.env:/app/.env:ro
|
|
- ./config.toml:/app/config.toml:ro
|
|
# Dedicated Phase 0 key (spark-control@spark-32d0). Must be chmod 600 on the host.
|
|
# Override the host path with MB_SSH_KEY_HOST if the key lives elsewhere.
|
|
- ${MB_SSH_KEY_HOST:-/home/modelo/.ssh/id_ed25519}:/root/.ssh/id_ed25519:ro
|