neuron-technologies/neuron-web
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fix/stage-source-enforcement
neuron-web/Dockerfile.stage
T
will.anderson 83555f5f32 Switch CI from build-stage.sh to elb — no OOM 
elb compiles each .el source independently (per-file codegen),
avoiding the exponential memory growth from concatenating all sources
into main-combined.el and feeding it to elc in one shot.

- dev.yaml: replace build-stage.sh with elb build + per-file JS elc
- Dockerfile.stage: COPY dist/neuron-landing (elb binary) directly
  instead of compiling from pre-generated main.c. soul-demo stays as
  cc compilation (small file, no risk).
2026-05-05 13:59:06 -05:00

84 lines
3.3 KiB
Docker
Raw Permalink Blame History

# Dockerfile.stage — Stage build: landing server + soul-demo in one image.
#
# Both processes run in the same container:
# - neuron-web on port 8080 (landing page server)
# - soul-demo on port 7772 (demo chat, localhost only)
#
# neuron-web is built by `elb build` in CI (not here). elb compiles each
# .el source independently and links the result — no combined mega-file,
# no exponential memory growth. The binary lands at dist/neuron-landing
# (linux/amd64) and is COPY'd directly into the runtime image.
#
# soul-demo.c is pre-committed (small, no OOM risk) and compiled here.
# ── Stage 1: compile soul-demo ────────────────────────────────────────────────
FROM debian:bookworm-slim AS builder
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
build-essential \
libcurl4-openssl-dev \
libssl-dev \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /build
COPY runtime/el_runtime.c runtime/el_runtime.h ./
RUN cc -O2 -c el_runtime.c -I. -o el_runtime.o
COPY dist/soul-demo.c dist/vessel_stubs.c ./
RUN cc -O2 -rdynamic \
-o soul-demo \
soul-demo.c vessel_stubs.c el_runtime.o \
-lcurl -lpthread -ldl -lm -lssl -lcrypto
# ── Stage 2: runtime image ────────────────────────────────────────────────────
FROM debian:bookworm-slim
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
libcurl4 \
libssl3 \
ca-certificates \
&& rm -rf /var/lib/apt/lists/* \
&& groupadd -r landing && useradd -r -g landing landing \
&& mkdir -p /srv/landing/assets /srv/landing/js /srv/landing/shares \
&& mkdir -p /srv/soul/engram-demo \
&& chown -R landing:landing /srv/landing /srv/soul
# neuron-web binary — produced by `elb build` in CI (linux/amd64)
COPY dist/neuron-landing /usr/local/bin/neuron-web
RUN chmod +x /usr/local/bin/neuron-web
COPY --from=builder /build/soul-demo /usr/local/bin/soul-demo
# Engram snapshot — baked in so soul has memory from cold start
COPY dist/engram-snapshot.json /srv/soul/engram-demo/snapshot.json
COPY src/assets /srv/landing/assets
COPY dist/js /srv/landing/js
COPY src/llms.txt /srv/landing/llms.txt
# Pre-rendered HTML shells (about, terms, enterprise-terms, index) used as
# fallback when the El page-builder hasn't been seeded yet at startup.
# chown to the landing user so the El runtime's fs_write at startup can
# rewrite them with the freshly-rendered page (extracted JS asset paths,
# updated chat widget, etc.). Without this they stay as their COPY'd root-
# owned shells and the served HTML never reflects post-COPY source edits.
COPY src/about.html src/terms.html src/enterprise-terms.html src/index.html /srv/landing/
RUN chown landing:landing /srv/landing/about.html /srv/landing/terms.html /srv/landing/enterprise-terms.html /srv/landing/index.html /srv/landing/llms.txt
COPY dist/entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
ENV LANDING_ROOT=/srv/landing
ENV PORT=8080
ENV NEURON_HOME=/srv/soul/engram-demo
ENV NEURON_PORT=7772
USER landing
EXPOSE 8080
CMD ["/usr/local/bin/entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink