grant/recap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ffc8c3113074bf3e5bff7beac51c7f678443dd83
recap/Dockerfile
T
Keysat b5a066750a Live-reload Gemini API key config + fix vendor module resolution 
Two related changes that ship together because the second was uncovered
while testing the first.

1. Live config reload (the ostensible feature):

   The "Set Gemini API Key" StartOS action writes to /data/config/
   startos-config.json. The server used to read that file once at
   startup (and via a separate Python read in docker_entrypoint.sh
   before that), which meant a key change required a service restart
   to take effect. Now the server polls the file every 3 s
   (RECAP_CONFIG_POLL_MS, env-overridable) and updates serverApiKey
   in place. fs.watch was tried first and dropped — it's flaky on
   macOS (FSEvents single-file quirks) and behaves inconsistently with
   atomic-rename writes the SDK file model uses. Polling is dead
   simple and a stat call every 3 s is free.

   Also dropped the Python config read from docker_entrypoint.sh; the
   server now handles it natively. Entrypoint still loads /data/.env
   for arbitrary env vars (RECAP_*, etc.).

2. Vendor module resolution (the silently-broken thing):

   The earlier vendor change (move @keysat/licensing-client from a
   git+https dep to a file: dep at vendor/) created a symlink in
   server/node_modules. That symlink to the vendor dir was getting
   resolved by Node, so the keysat client tried to import @noble/
   ed25519 from /app/vendor/keysat-licensing-client/dist/, walked up
   to /app/vendor/, then /app/, neither of which had node_modules.

   Result: v0.2.0 and v0.2.1 would crash at startup with
   ERR_MODULE_NOT_FOUND on @noble/ed25519. The Docker BUILD succeeded
   because npm install with file: deps doesn't pull transitive deps
   into the parent node_modules — but the runtime would have failed
   the moment server/license.js ran.

   Fix:
     • Dockerfile builder now `npm install`s inside vendor/keysat-
       licensing-client/ so @noble/* lands in its own node_modules,
       where Node's resolver finds it.
     • Dockerfile runner now COPYs vendor/ to the runner image
       (previously not copied — the symlink in server/node_modules
       would have pointed at nothing).
     • vendor/keysat-licensing-client/package-lock.json is committed
       so the in-Docker install is reproducible.
2026-05-08 16:38:33 -05:00

75 lines
2.8 KiB
Docker
Raw Blame History

# ─────────────────────────────────────────────────────────
# Recap — StartOS 0.4 Docker image
#
# Includes: Node.js 20, Python 3, yt-dlp, ffmpeg
#
# Uses Debian slim (not Alpine) because:
# - Debian is more reliable for pip-installed packages with C deps
# ─────────────────────────────────────────────────────────
# ── Stage 1: Install Node.js dependencies ──────────────────
FROM node:20-slim AS builder
# @keysat/licensing-client is a private git repo, so we vendor its built
# output into vendor/ and reference it via a file: dep. That removes any
# need for git or credentials in the build container.
#
# The vendor package needs its own node_modules (for @noble/ed25519 etc.)
# because npm's file: deps create a symlink, and Node's module resolver
# walking up from a symlinked location won't find the parent project's
# node_modules. Installing inside the vendor dir is the simplest fix.
WORKDIR /app
COPY vendor/keysat-licensing-client /app/vendor/keysat-licensing-client
WORKDIR /app/vendor/keysat-licensing-client
RUN npm install --omit=dev --ignore-scripts
WORKDIR /app/server
COPY server/package.json server/package-lock.json* ./
RUN npm ci --omit=dev --ignore-scripts 2>/dev/null || npm install --omit=dev --ignore-scripts
# ── Stage 2: Final runtime image ───────────────────────────
FROM node:20-slim AS runner
WORKDIR /app
# Install runtime dependencies:
# - dumb-init: proper PID 1 signal handling in containers
# - curl: health checks + yt-dlp binary downloads
# - python3 + pip: yt-dlp installation and updates
# - ffmpeg: audio extraction, splitting, and duration detection
# - ca-certificates: HTTPS for YouTube/Gemini API calls
RUN apt-get update && apt-get install -y --no-install-recommends \
dumb-init \
curl \
python3 \
python3-pip \
python3-venv \
ffmpeg \
ca-certificates \
&& rm -rf /var/lib/apt/lists/* \
&& pip3 install --break-system-packages yt-dlp \
&& yt-dlp --version
# Copy Node.js app from builder
COPY --from=builder /app/vendor ./vendor/
COPY --from=builder /app/server/node_modules ./server/node_modules/
COPY server/package.json ./server/
COPY server/index.js ./server/
COPY server/license.js ./server/
COPY public/ ./public/
COPY assets/ ./assets/
# Copy entrypoint scripts
COPY docker_entrypoint.sh /usr/local/bin/docker_entrypoint.sh
RUN chmod +x /usr/local/bin/docker_entrypoint.sh
# Create persistent data mount point
RUN mkdir -p /data
ENV NODE_ENV=production \
PORT=3001 \
DATA_DIR=/data
EXPOSE 3001
ENTRYPOINT ["dumb-init", "--", "/usr/local/bin/docker_entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink