BetterCorp/BetterFrame
1
0
Fork 0
mirror of https://github.com/BetterCorp/BetterFrame.git synced 2026-05-26 20:16:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
BetterFrame/deploy/docker/Dockerfile.server

97 lines
3 KiB
Docker
Raw Normal View History

refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
# BetterFrame server — BSB container with built plugins.
#
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
# sec-config.yaml is generated at build time from sec-config.template.yaml
# via envsubst. Secrets come from Coolify build args (set in UI, not in git).
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
#
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
# Build args (set in Coolify UI as secrets):
# BF_PG_PASSWORD postgres password
# BF_FIRMWARE_SIGNING_KEY Ed25519 PEM for firmware signing
# BF_FIRMWARE_IMPORT_API_KEY CI bearer token
# BF_OTA_IMPORT_API_KEY CI bearer token
# BF_MQTT_URL mqtt://broker:1883 (optional)
# BF_MQTT_USERNAME (optional)
# BF_MQTT_PASSWORD (optional)
#
# Non-secret build args (defaults work for standard compose):
# BF_DB_DRIVER postgres|sqlite (default: postgres)
# BF_PG_HOST (default: postgres)
# BF_PG_PORT (default: 5432)
# BF_PG_DATABASE (default: betterframe)
# BF_PG_USER (default: betterframe)
# BF_NODERED_URL (default: http://nodered:1880)
# BF_SELF_URL (default: http://server:18080)
# BF_SERVER_VERSION (default: dev)
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
fix(release): surface build versions
2026-05-21 06:51:41 +00:00
FROM node:24-trixie-slim AS builder
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
WORKDIR /app
RUN apt-get update && apt-get install -y --no-install-recommends \
fix(docker): remove COPY .git — Coolify excludes it from build context Coolify doesn't include .git in Docker build context, causing build failure. Revert to ARG-based version stamping: compose passes BF_SERVER_VERSION from Coolify's SOURCE_COMMIT/COOLIFY_GIT_COMMIT env vars as a build arg, Dockerfile writes it to .bf-version. Removed git from builder apt install (no longer needed).
2026-05-22 17:30:18 +00:00
build-essential python3 \
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
&& rm -rf /var/lib/apt/lists/*
COPY package.json package-lock.json ./
COPY server/package.json ./server/
COPY tsconfig.base.json ./
fix: Dockerfile npm run build + htmx for layout switch buttons - Dockerfile.server: RUN npm run build during builder stage so the image ships pre-compiled lib/ + bsb-plugin.json. Runtime image also installs ffmpeg (for camera snapshot endpoint). - DisplayEditPage Show buttons + Switch dropdown now use hx-post with hx-swap=none — no page reload, just fires the command.
2026-05-12 23:32:25 +00:00
RUN npm ci && npm rebuild argon2
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
COPY server ./server
fix: Dockerfile npm run build + htmx for layout switch buttons - Dockerfile.server: RUN npm run build during builder stage so the image ships pre-compiled lib/ + bsb-plugin.json. Runtime image also installs ffmpeg (for camera snapshot endpoint). - DisplayEditPage Show buttons + Switch dropdown now use hx-post with hx-swap=none — no page reload, just fires the command.
2026-05-12 23:32:25 +00:00
WORKDIR /app/server
RUN npm run build
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
# ---- Runtime ----
FROM betterweb/service-base:node
fix(release): surface build versions
2026-05-21 06:51:41 +00:00
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
# All config build args — secrets set in Coolify UI, not in git
fix(docker): remove COPY .git — Coolify excludes it from build context Coolify doesn't include .git in Docker build context, causing build failure. Revert to ARG-based version stamping: compose passes BF_SERVER_VERSION from Coolify's SOURCE_COMMIT/COOLIFY_GIT_COMMIT env vars as a build arg, Dockerfile writes it to .bf-version. Removed git from builder apt install (no longer needed).
2026-05-22 17:30:18 +00:00
ARG BF_SERVER_VERSION=dev
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
ARG BF_DB_DRIVER=postgres
ARG BF_PG_HOST=postgres
ARG BF_PG_PORT=5432
ARG BF_PG_DATABASE=betterframe
ARG BF_PG_USER=betterframe
ARG BF_PG_PASSWORD=betterframe
ARG BF_PG_POOL_MAX=10
ARG BF_NODERED_URL=http://nodered:1880
ARG BF_SELF_URL=http://server:18080
ARG BF_FIRMWARE_SIGNING_KEY=
ARG BF_FIRMWARE_IMPORT_API_KEY=
ARG BF_OTA_IMPORT_API_KEY=
ARG BF_MQTT_URL=
ARG BF_MQTT_USERNAME=
ARG BF_MQTT_PASSWORD=
ARG BF_MQTT_TOPIC_PREFIX=betterframe
fix(docker): remove COPY .git — Coolify excludes it from build context Coolify doesn't include .git in Docker build context, causing build failure. Revert to ARG-based version stamping: compose passes BF_SERVER_VERSION from Coolify's SOURCE_COMMIT/COOLIFY_GIT_COMMIT env vars as a build arg, Dockerfile writes it to .bf-version. Removed git from builder apt install (no longer needed).
2026-05-22 17:30:18 +00:00
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
USER root
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
# envsubst + ffmpeg
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
RUN apt-get update && apt-get install -y --no-install-recommends \
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
gettext-base ffmpeg \
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
&& rm -rf /var/lib/apt/lists/*
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
RUN mkdir -p /var/lib/betterframe && chown node:node /var/lib/betterframe
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
fix: resolve merge conflict + align BSB workdir /home/bsb Resolved coolify compose conflict — took remote bind mount pattern. All paths now use /home/bsb (BSB container workdir, not /app). Both compose files use bind mount for sec-config.yaml. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:58:36 +00:00
WORKDIR /home/bsb
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
# Copy built plugin + deps
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
COPY --from=builder /app/node_modules ./node_modules
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
COPY --from=builder /app/server/lib ./lib
COPY --from=builder /app/server/bsb-plugin.json ./bsb-plugin.json
COPY --from=builder /app/server/package.json ./package.json
COPY --from=builder /app/tsconfig.base.json ./tsconfig.base.json
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
refactor: build-time sec-config from template + Coolify build args sec-config.yaml is now generated at Docker build time from sec-config.template.yaml via envsubst. Secrets come from Coolify build args (set in UI, never in git). Template uses ${VAR:-default} placeholders — safe to commit to public repo. - sec-config.yaml removed from git, added to .gitignore - sec-config.template.yaml added (public, no secrets) - Dockerfile.server: ARGs for all config, envsubst generates config at build time, result is chmod 444 (read-only) - Coolify compose: removed sec-config volume mount (baked in now) - For native installs: copy template to sec-config.yaml, fill values Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 23:50:21 +00:00
# Generate sec-config.yaml from template + build args
COPY sec-config.template.yaml /tmp/sec-config.template.yaml
RUN envsubst < /tmp/sec-config.template.yaml > /home/bsb/sec-config.yaml \
&& chmod 444 /home/bsb/sec-config.yaml \
&& rm /tmp/sec-config.template.yaml
fix(deploy): bake configs into images — no host bind mounts Coolify deployments don't always carry the full source tree on disk at the bind-mount source path. Mounting a missing file lets Docker auto-create a directory at the target, which then fails to mount over the file the image expects. Fix: bake config files into the images themselves: - Dockerfile.server COPYs deploy/docker/sec-config.yaml → /app/server/. Env vars (BF_*) still override at runtime per env-overrides.ts. - New Dockerfile.angie wraps nginx:alpine + baked betterframe.docker.conf. - Dockerfile.nodered COPYs nodered-settings.js to /usr/src/bf-settings.js (outside the /data volume) and uses --settings to point at it. Compose drops the three bind mounts; volumes are now strictly runtime state (DB + secrets, Node-RED flows). Users who want a different sec-config still get full control via env overrides or Coolify's Storage UI.
2026-05-18 10:18:46 +00:00
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
# Bake version
fix: resolve merge conflict + align BSB workdir /home/bsb Resolved coolify compose conflict — took remote bind mount pattern. All paths now use /home/bsb (BSB container workdir, not /app). Both compose files use bind mount for sec-config.yaml. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:58:36 +00:00
RUN echo "$BF_SERVER_VERSION" > /home/bsb/.bf-version
fix(docker): remove COPY .git — Coolify excludes it from build context Coolify doesn't include .git in Docker build context, causing build failure. Revert to ARG-based version stamping: compose passes BF_SERVER_VERSION from Coolify's SOURCE_COMMIT/COOLIFY_GIT_COMMIT env vars as a build arg, Dockerfile writes it to .bf-version. Removed git from builder apt install (no longer needed).
2026-05-22 17:30:18 +00:00
feat: deployment artifacts + CEC relay + auth-check endpoint Deployment (deploy/): - systemd units for server (system) and kiosk (user session) - Angie/nginx proxy config — routes admin, api, ws, node-red - Dockerfile + docker-compose for containerized deployment - deploy/README.md with install instructions Auth: - /api/admin/_check endpoint for proxy auth_request subrequest - Returns 200 if admin session valid, 401/403 otherwise - Sets X-BetterFrame-User header for upstream CEC (Pi5 HDMI control): - kiosk/src/cec.rs wraps cec-ctl subprocess - Standby/wake/active-source commands - WS message types "standby" / "wake" dispatched to CEC - Admin UI: Wake/Standby buttons on kiosk edit page - Server sendToKiosk via coordinator
2026-05-10 20:45:56 +00:00
VOLUME /var/lib/betterframe
EXPOSE 18080 18081 18082
refactor: use BSB container + mount sec-config at runtime Dockerfile.server now uses betterweb/service-base:node as runtime base instead of node:24-trixie-slim + manual bsb-plugin-cli. BSB container handles entrypoint, user, plugin loading. sec-config.yaml removed from Docker image — must be bind-mounted at /app/sec-config.yaml. Both compose files updated with :ro mount. All BF_* env vars removed from compose server service. deploy/docker/sec-config.yaml deleted (was baked in, now mounted). version.ts path updated for new workdir /app. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-23 21:56:44 +00:00
USER node
Reference in a new issue Copy permalink