forked from bytebot-ai/bytebot
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
250 lines (220 loc) · 10.9 KB
/
Dockerfile
File metadata and controls
250 lines (220 loc) · 10.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
# -----------------------------------------------------------------------------
# Bytebot Dockerfile - Virtual Desktop Environment
# -----------------------------------------------------------------------------
# Base image
FROM ubuntu:22.04
# -----------------------------------------------------------------------------
# 1. Environment setup
# -----------------------------------------------------------------------------
# Set non-interactive installation
ARG DEBIAN_FRONTEND=noninteractive
# Configure display for X11 applications
ENV DISPLAY=:0
# -----------------------------------------------------------------------------
# 2. System dependencies installation
# -----------------------------------------------------------------------------
RUN apt-get update && apt-get install -y \
# X11 / VNC
xvfb x11vnc xauth x11-xserver-utils \
x11-apps sudo software-properties-common \
# Desktop environment
xfce4 xfce4-goodies dbus wmctrl \
# Display manager with autologin capability
lightdm \
# Development tools
python3 python3-pip curl wget git vim \
# Utilities
supervisor netcat-openbsd \
# Applications
xpdf gedit xpaint \
# Libraries
libxtst-dev \
# Remove unneeded dependencies
&& apt-get remove -y light-locker xfce4-screensaver xfce4-power-manager || true \
# Clean up to reduce image size
&& apt-get clean && rm -rf /var/lib/apt/lists/*
RUN mkdir -p /run/dbus && \
# Generate a machine-id so dbus-daemon doesn't complain
dbus-uuidgen --ensure=/etc/machine-id
# -----------------------------------------------------------------------------
# 3. Additional software installation
# -----------------------------------------------------------------------------
# Install Firefox
RUN apt-get update && apt-get install -y \
# Install necessary for adding PPA
software-properties-common apt-transport-https wget gnupg \
# Install Additional Graphics Libraries
mesa-utils \
libgl1-mesa-dri \
libgl1-mesa-glx \
# Install Sandbox Capabilities
libcap2-bin \
# Install Fonts
fontconfig \
fonts-dejavu \
fonts-liberation \
fonts-freefont-ttf \
&& add-apt-repository -y ppa:mozillateam/ppa \
&& apt-get update \
&& apt-get install -y firefox-esr thunderbird \
&& apt-get clean && rm -rf /var/lib/apt/lists/* \
# Set Firefox as default browser system-wide
&& update-alternatives --install /usr/bin/x-www-browser x-www-browser /usr/bin/firefox-esr 200 \
&& update-alternatives --set x-www-browser /usr/bin/firefox-esr \
&& fc-cache -f -v
# Install 1Password based on architecture
RUN ARCH=$(dpkg --print-architecture) && \
if [ "$ARCH" = "amd64" ]; then \
# Install from APT repository for AMD64
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/amd64 stable main" | \
tee /etc/apt/sources.list.d/1password.list && \
mkdir -p /etc/debsig/policies/AC2D62742012EA22/ && \
curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | \
tee /etc/debsig/policies/AC2D62742012EA22/1password.pol && \
mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22 && \
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg && \
apt-get update && apt-get install -y 1password && \
apt-get clean && rm -rf /var/lib/apt/lists/*; \
elif [ "$ARCH" = "arm64" ]; then \
# Install from tar.gz for ARM64
apt-get update && apt-get install -y \
libgtk-3-0 libnotify4 libnss3 libxss1 libxtst6 xdg-utils \
libatspi2.0-0 libdrm2 libgbm1 libxcb-dri3-0 libxkbcommon0 \
libsecret-1-0 && \
apt-get clean && rm -rf /var/lib/apt/lists/* && \
curl -sSL https://downloads.1password.com/linux/tar/beta/aarch64/1password-latest.tar.gz -o /tmp/1password.tar.gz && \
# Extract the full 1Password bundle so libraries like libffmpeg.so remain in their expected relative paths
mkdir -p /opt/1password && \
tar -xzf /tmp/1password.tar.gz -C /opt/1password --strip-components=1 && \
# Link the main executable into the global PATH
ln -sf /opt/1password/1password /usr/bin/1password && \
chmod +x /opt/1password/1password && \
# Copy icons to standard locations
mkdir -p /usr/share/pixmaps /usr/share/icons/hicolor/512x512/apps /usr/share/icons/hicolor/256x256/apps && \
find /opt/1password -name "*1password*.png" -o -name "*1password*.svg" | while read icon; do \
if [[ "$icon" == *"512"* ]]; then \
cp "$icon" /usr/share/icons/hicolor/512x512/apps/1password.png 2>/dev/null || true; \
elif [[ "$icon" == *"256"* ]]; then \
cp "$icon" /usr/share/icons/hicolor/256x256/apps/1password.png 2>/dev/null || true; \
fi; \
cp "$icon" /usr/share/pixmaps/1password.png 2>/dev/null || true; \
done && \
# Clean up temporary files
rm -rf /tmp/1password.tar.gz && \
# Update icon cache
gtk-update-icon-cache -f -t /usr/share/icons/hicolor 2>/dev/null || true; \
else \
echo "1Password is not available for $ARCH architecture."; \
fi
# Install Visual Studio Code
RUN ARCH=$(dpkg --print-architecture) && \
if [ "$ARCH" = "amd64" ]; then \
apt-get update && apt-get install -y wget gpg apt-transport-https software-properties-common && \
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/ms_vscode.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ms_vscode.gpg] https://packages.microsoft.com/repos/code stable main" > /etc/apt/sources.list.d/vscode.list && \
apt-get update && apt-get install -y code && \
apt-get clean && rm -rf /var/lib/apt/lists/* ; \
elif [ "$ARCH" = "arm64" ]; then \
apt-get update && apt-get install -y wget gpg && \
wget -qO /tmp/code_arm64.deb https://update.code.visualstudio.com/latest/linux-deb-arm64/stable && \
apt-get install -y /tmp/code_arm64.deb && \
rm -f /tmp/code_arm64.deb && \
apt-get clean && rm -rf /var/lib/apt/lists/* ; \
else \
echo "VSCode is not available for $ARCH architecture."; \
fi
# Install Node.js
RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
&& apt-get update \
&& apt-get install -y nodejs \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
# Upgrade pip
RUN pip3 install --upgrade pip
# -----------------------------------------------------------------------------
# 4. VNC and remote access setup
# -----------------------------------------------------------------------------
# Install noVNC and websockify
RUN git clone https://github.com/novnc/noVNC.git /opt/noVNC \
&& git clone https://github.com/novnc/websockify.git /opt/websockify \
&& cd /opt/websockify \
&& pip3 install --break-system-packages .
# -----------------------------------------------------------------------------
# 5. Application setup (bytebotd)
# -----------------------------------------------------------------------------
# Copy package files first to leverage Docker cache
# Install dependencies required to build libnut-core and uiohook-napi
RUN apt-get update && \
apt-get install -y \
cmake \
libx11-dev \
libxtst-dev \
libxinerama-dev \
libxi-dev \
libxt-dev \
libxrandr-dev \
libxkbcommon-dev \
libxkbcommon-x11-dev \
xclip \
git build-essential && \
rm -rf /var/lib/apt/lists/*
COPY ./shared/ /bytebot/shared/
COPY ./bytebotd/ /bytebot/bytebotd/
WORKDIR /bytebot/bytebotd
RUN npm install --build-from-source
RUN npm rebuild uiohook-napi --build-from-source
RUN npm run build
WORKDIR /compile
RUN git clone https://github.com/ZachJW34/libnut-core.git && \
cd libnut-core && \
npm install && \
npm run build:release
# replace /bytebotd/node_modules/@nut-tree-fork/libnut-linux/build/Release/libnut.node with /compile/libnut-core/build/Release/libnut.node
RUN rm -f /bytebot/bytebotd/node_modules/@nut-tree-fork/libnut-linux/build/Release/libnut.node && \
cp /compile/libnut-core/build/Release/libnut.node /bytebot/bytebotd/node_modules/@nut-tree-fork/libnut-linux/build/Release/libnut.node
RUN rm -rf /compile
WORKDIR /bytebot/bytebotd
# -----------------------------------------------------------------------------
# 7. User setup and autologin configuration
# -----------------------------------------------------------------------------
# Create non-root user
RUN useradd -ms /bin/bash user && echo "user ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
RUN mkdir -p /var/run/dbus && \
chmod 755 /var/run/dbus && \
chown user:user /var/run/dbus
RUN mkdir -p /tmp/bytebot-screenshots && \
chown -R user:user /tmp/bytebot-screenshots
# -----------------------------------------------------------------------------
# Copy staged system files and keep sane permissions
# -----------------------------------------------------------------------------
# 1. Ensure everything under /bytebotd/root is owned by root (files + dirs)
# 2. Set *files* to 0644 and *directories* to 0755 so that applications can
# traverse directories (execute bit!) while keeping the contents read-only.
# 3. Copy the tree to /
RUN chown -R root:root /bytebot/bytebotd/root && \
find /bytebot/bytebotd/root -type f -exec chmod 644 {} + && \
find /bytebot/bytebotd/root -type d -exec chmod 755 {} + && \
find /bytebot/bytebotd/root -type f -executable -exec chmod +x {} + && \
cp -a /bytebot/bytebotd/root/. /
RUN chown -R user:user /home/user
RUN chmod -R 755 /home/user
RUN mkdir -p /home/user/Desktop && \
cp -f /usr/share/applications/firefox.desktop /home/user/Desktop/ && \
cp -f /usr/share/applications/thunderbird.desktop /home/user/Desktop/ && \
cp -f /usr/share/applications/1password.desktop /home/user/Desktop/ && \
cp -f /usr/share/applications/code.desktop /home/user/Desktop/ && \
cp -f /usr/share/applications/terminal.desktop /home/user/Desktop/ && \
chmod +x /home/user/Desktop/*.desktop && \
chown user:user /home/user/Desktop/*.desktop
RUN mkdir -p /home/user/.config /home/user/.local/share /home/user/.cache \
&& chown -R user:user /home/user/.config /home/user/.local /home/user/.cache
WORKDIR /home/user
# -----------------------------------------------------------------------------
# 8. Port configuration and runtime
# -----------------------------------------------------------------------------
# - Port 9990: bytebotd and external noVNC websocket
EXPOSE 9990
# Start supervisor to manage all services
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf", "-n"]