-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.tui
More file actions
158 lines (124 loc) · 4.87 KB
/
Dockerfile.tui
File metadata and controls
158 lines (124 loc) · 4.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
# Multi-stage Dockerfile for Cryptic TUI Client
# Builds a containerized terminal UI that connects to Cryptic Erlang nodes
# Uses the bin/cryptic script with --tui mode to run both Erlang backend and Rust UI
#
# TEMPORARY REQUIREMENT:
# The cryptic-tui repository must be cloned as a sibling directory to this repo.
# Directory structure:
# parent/
# ├── cryptic/ (this repo)
# └── cryptic-tui/ (TUI repo from git@github.com:etnt/cryptic-tui.git)
#
# Once cryptic-tui is publicly released, this will be updated to clone from GitHub.
# Stage 1: Build Rust TUI
FROM rust:1.83-alpine AS rust-builder
# Install build dependencies
RUN apk add --no-cache \
musl-dev \
openssl-dev \
openssl-libs-static \
git
# Install Rust nightly (required for edition2024 feature used by erl_dist crate)
RUN rustup install nightly && rustup default nightly
WORKDIR /build
# Build argument for cryptic-tui source
# Options:
# - "git" (default when public): Will clone from GitHub (not yet available)
# - "local": Copy from ../cryptic-tui directory (for local development)
ARG TUI_SOURCE=local
# Copy cryptic-tui source (from parent context)
# The build context is the parent directory, so cryptic-tui/ is accessible
COPY cryptic-tui/Cargo.toml cryptic-tui/Cargo.lock cryptic-tui/README.md ./
COPY cryptic-tui/src ./src
# Build release binary with static linking for alpine
RUN cargo build --release
# Stage 2: Build Erlang client (full application with engine, ws_client, etc.)
FROM erlang:28.1-alpine AS erlang-builder
# Install build dependencies
RUN apk add --no-cache \
git \
make \
gcc \
g++ \
libc-dev \
openssl-dev \
libsodium-dev \
sqlite-dev \
pkgconf
WORKDIR /buildroot
# Copy rebar files first for dependency caching
COPY cryptic/rebar.config cryptic/rebar.lock ./
# Get dependencies
RUN rebar3 get-deps
# Copy source code from cryptic/ directory
COPY cryptic/ .
# Build NIF
RUN cd c_src && \
make clean && \
UNAME_ARCH=aarch64 make
# Clean any existing builds (important: removes any Mach-O binaries from Mac)
RUN rebar3 clean -a
# Compile Erlang application (not a release, we'll run from _build/default)
# This will compile NIFs for Linux/Alpine
RUN rebar3 compile
# Stage 3: Runtime image
# IMPORTANT: Must use same Erlang version as builder (28.1) for BEAM compatibility
FROM erlang:28.1-alpine
# Install runtime dependencies (including sqlite-libs for esqlite NIF)
RUN apk add --no-cache \
libstdc++ \
libgcc \
libsodium \
sqlite-libs \
gnupg \
bash \
su-exec \
curl \
openssl \
jq
# Create cryptic user and group
RUN addgroup -S cryptic && adduser -S cryptic -G cryptic
# Set working directory
WORKDIR /opt/cryptic
# Copy Erlang compiled application from erlang-builder (_build/default structure)
COPY --from=erlang-builder /buildroot/_build/default /opt/cryptic/_build/default
# Copy source files (needed by bin/cryptic script)
COPY --from=erlang-builder /buildroot/src /opt/cryptic/src
COPY --from=erlang-builder /buildroot/include /opt/cryptic/include
COPY --from=erlang-builder /buildroot/priv /opt/cryptic/priv
COPY --from=erlang-builder /buildroot/rebar.config /opt/cryptic/
# Copy scripts (including bin/cryptic launcher)
COPY --from=erlang-builder /buildroot/bin /opt/cryptic/bin
COPY --from=erlang-builder /buildroot/scripts /opt/cryptic/scripts
# Copy Rust TUI binary from rust-builder
COPY --from=rust-builder /build/target/release/cryptic-tui /usr/local/bin/
# Copy entrypoint script from cryptic/scripts directory
COPY cryptic/scripts/docker-tui-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-tui-entrypoint.sh
# Make scripts executable
RUN chmod +x /opt/cryptic/bin/* /opt/cryptic/scripts/*.sh
# Create directories for runtime data (do NOT create /home/cryptic/.erlang.cookie as a directory)
RUN mkdir -p \
/home/cryptic/.cryptic/logs \
/home/cryptic/.cryptic/certificates && \
chown -R cryptic:cryptic /home/cryptic /opt/cryptic
# Set environment variables (matching bin/cryptic script options)
ENV CRYPTIC_USERNAME=${CRYPTIC_USERNAME:-"docker-client"} \
CRYPTIC_SERVER_HOST=${CRYPTIC_SERVER_HOST:-"cryptic-server"} \
CRYPTIC_SERVER_PORT=${CRYPTIC_SERVER_PORT:-"8443"} \
CRYPTIC_ENABLE_DB=${CRYPTIC_ENABLE_DB:-"false"} \
CRYPTIC_NODE_NAME=${CRYPTIC_NODE_NAME:-"localhost"} \
HOME=/home/cryptic \
TERM=xterm-256color \
PATH=/opt/cryptic/bin:$PATH
# Expose EPMD port and dynamic port range for distributed Erlang
EXPOSE 4369 9000-9100
# Don't switch to cryptic user yet - entrypoint needs root to fix volume permissions
# USER will be handled by entrypoint script
# Set working directory to user home
WORKDIR /home/cryptic
# Use entrypoint script for setup
ENTRYPOINT ["/usr/local/bin/docker-tui-entrypoint.sh"]
# Default: start using bin/cryptic with --tui mode
# The entrypoint will handle starting both Erlang backend and Rust TUI
CMD ["cryptic-tui"]