neuron-technologies/neuron-web
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
702888d3aacec1ab671b35176afc890976a8582d
neuron-web/Dockerfile.stage
T
Will Anderson 702888d3aa checkout: drop auth wall so payment form mounts on page load 
The auth-first flow blocked Stripe Elements from initialising for any
visitor without an existing Supabase session. Users hit the checkout
page, saw "Sign in to continue", and could not get to a card field at
all. Restored the inline-JS path (HEAD before extraction broke it),
flipped payment-section visible by default, kept the sign-in panel
behind an explicit "Already have an account? Sign in" link.

Build pipeline: added supabase_get stub injection and -lssl/-lcrypto
linker flags (web_stubs.c uses EVP for the AES-256-GCM transport).
Without those the Docker build aborts at link time.
2026-05-01 23:26:12 -05:00

92 lines
4.0 KiB
Docker
Raw Blame History

# Dockerfile.stage — Stage build: landing server + soul-demo in one image.
#
# Both processes run in the same container:
# - neuron-web on port 8080 (landing page server)
# - soul-demo on port 7772 (demo chat, localhost only)
#
# Both binaries are compiled from C inside Docker for linux/amd64.
# The engram snapshot is baked in so the soul has memory from first boot.
# ── Stage 1: compile both binaries ────────────────────────────────────────────
FROM debian:bookworm-slim AS builder
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
build-essential \
libcurl4-openssl-dev \
libssl-dev \
python3 \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /build
# El runtime (shared by both binaries)
COPY runtime/el_runtime.c runtime/el_runtime.h ./
# ── Build neuron-web ──────────────────────────────────────────────────────────
#
# Inline-JS extraction (scripts/extract-js.py) is expected to run BEFORE the
# wrapper concatenates src/*.el into dist/main-combined.el. That side of the
# pipeline lives in build-local.sh (gated by EXTRACT_JS=1) and the outer
# orchestrator. By the time we reach this Dockerfile, main-combined.el
# already references /assets/js/<hash>.js and the corresponding asset files
# have been emitted under src/assets/js/. The COPY of src/assets at the
# runtime stage below is what ships those files into the container.
COPY dist/web_stubs.c ./
COPY dist/bootstrap.py ./
COPY dist/main-combined.el ./
RUN python3 bootstrap.py main-combined.el > main.c && \
sed -i \
's|#include "el_runtime.h"|#include "el_runtime.h"\nel_val_t http_get_auth(el_val_t url, el_val_t tok);\nel_val_t http_post_auth(el_val_t url, el_val_t tok, el_val_t body);\nel_val_t cwd(void);\nel_val_t color_bold(el_val_t s);\nel_val_t unix_timestamp(void);\nel_val_t gcs_write(el_val_t bucket, el_val_t object_name, el_val_t content);\nel_val_t gcs_read(el_val_t bucket, el_val_t object_name);\nel_val_t supabase_insert(el_val_t project_url, el_val_t service_key, el_val_t table, el_val_t row_json);\nel_val_t supabase_get(el_val_t project_url, el_val_t service_key, el_val_t table_and_query);|' \
main.c && \
cc -O2 -rdynamic \
-o neuron-web \
main.c web_stubs.c el_runtime.c \
-lcurl -lpthread -ldl -lm -lssl -lcrypto
# ── Build soul-demo ───────────────────────────────────────────────────────────
COPY dist/soul-demo.c ./
COPY dist/vessel_stubs.c ./
RUN cc -O2 -rdynamic \
-o soul-demo \
soul-demo.c vessel_stubs.c el_runtime.c \
-lcurl -lpthread -ldl -lm -lssl -lcrypto
# ── Stage 2: runtime image ────────────────────────────────────────────────────
FROM debian:bookworm-slim
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
libcurl4 \
libssl3 \
ca-certificates \
&& rm -rf /var/lib/apt/lists/* \
&& groupadd -r landing && useradd -r -g landing landing \
&& mkdir -p /srv/landing/assets /srv/landing/shares \
&& mkdir -p /srv/soul/engram-demo \
&& chown -R landing:landing /srv/landing /srv/soul
COPY --from=builder /build/neuron-web /usr/local/bin/neuron-web
COPY --from=builder /build/soul-demo /usr/local/bin/soul-demo
# Engram snapshot — baked in so soul has memory from cold start
COPY dist/engram-snapshot.json /srv/soul/engram-demo/snapshot.json
COPY src/assets /srv/landing/assets
COPY dist/entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
ENV LANDING_ROOT=/srv/landing
ENV PORT=8080
ENV NEURON_HOME=/srv/soul/engram-demo
ENV NEURON_PORT=7772
USER landing
EXPOSE 8080
CMD ["/usr/local/bin/entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink