186d882f35
- POST /tori/api/token — sign ES256 JWT with configurable private key - exec.rs auto-generates and injects TORI_JWT env var for all commands - Config: jwt_private_key field for PEM file path
29 lines
1.3 KiB
Docker
29 lines
1.3 KiB
Docker
# Stage 1: Build frontend
|
|
FROM node:22-alpine AS frontend
|
|
WORKDIR /app/web
|
|
COPY web/package.json web/package-lock.json ./
|
|
RUN npm ci
|
|
COPY web/ ./
|
|
RUN npm run build
|
|
|
|
# Stage 2: Runtime (debian for glibc — torch/sentence-transformers need manylinux wheels)
|
|
FROM debian:bookworm-slim
|
|
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && rm -rf /var/lib/apt/lists/*
|
|
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
|
|
ENV PATH="/root/.local/bin:$PATH"
|
|
RUN uv venv --python 3.12 /app/venv && uv pip install --python /app/venv/bin/python sentence-transformers
|
|
RUN /app/venv/bin/python -c "from sentence_transformers import SentenceTransformer; SentenceTransformer('all-MiniLM-L6-v2')"
|
|
# Pre-warm uv cache with common packages (shared across all project venvs)
|
|
RUN uv pip install --python /app/venv/bin/python httpx fastapi uvicorn requests flask pydantic numpy pandas matplotlib pillow jinja2 pyyaml python-dotenv beautifulsoup4 lxml aiohttp aiofiles pytest rich click typer sqlalchemy
|
|
RUN mkdir -p /app/data/workspaces
|
|
WORKDIR /app
|
|
COPY target/aarch64-unknown-linux-musl/release/tori .
|
|
COPY --from=frontend /app/web/dist ./web/dist/
|
|
COPY scripts/embed.py ./scripts/
|
|
COPY app-templates/ ./templates/
|
|
COPY config.yaml .
|
|
COPY data/jwt-private.pem ./data/
|
|
|
|
EXPOSE 3000
|
|
CMD ["./tori"]
|