forked from builders-garden/siwa
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.proxy
More file actions
66 lines (52 loc) · 2.04 KB
/
Dockerfile.proxy
File metadata and controls
66 lines (52 loc) · 2.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Dockerfile.proxy
#
# Keyring Proxy Server with OpenClaw gateway support.
#
# This image runs the keyring proxy server (port 3100) so that AI agents
# (running locally or via OpenClaw) can delegate all signing operations
# over HMAC-authenticated HTTP. Private keys never leave this container.
#
# Build:
# docker build -t siwa-keyring-proxy -f Dockerfile.proxy .
#
# Run standalone:
# docker run -d --name keyring-proxy \
# -e KEYRING_PROXY_SECRET=<your-secret> \
# -e KEYSTORE_BACKEND=encrypted-file \
# -e KEYSTORE_PASSWORD=<your-password> \
# -v siwa-keystore:/app/packages/siwa-testing \
# -p 3100:3100 \
# siwa-keyring-proxy
#
# Run with OpenClaw (docker compose):
# See docker-compose.proxy.yml
FROM node:22-bookworm-slim
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
RUN corepack enable && corepack prepare pnpm@latest --activate
WORKDIR /app
# Copy workspace config
COPY package.json pnpm-workspace.yaml tsconfig.base.json ./
# Copy package manifests for layer caching
COPY packages/siwa/package.json packages/siwa/
COPY packages/siwa/tsconfig.json packages/siwa/
COPY packages/siwa-skill/package.json packages/siwa-skill/
COPY packages/siwa-testing/package.json packages/siwa-testing/
# Install workspace dependencies
RUN pnpm install --no-frozen-lockfile
# Copy siwa core source and build it (exports point to dist/)
COPY packages/siwa/src/ packages/siwa/src/
RUN pnpm --filter @buildersgarden/siwa run build
# Copy skill assets (needed for templates)
COPY packages/siwa-skill/assets/ packages/siwa-skill/assets/
# Copy siwa-testing source
COPY packages/siwa-testing/ packages/siwa-testing/
# Keyring proxy defaults
ENV KEYRING_PROXY_PORT=3100
ENV KEYSTORE_BACKEND=encrypted-file
EXPOSE 3100
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD node -e "fetch('http://localhost:3100/health').then(r=>r.ok?process.exit(0):process.exit(1)).catch(()=>process.exit(1))"
WORKDIR /app/packages/siwa-testing
CMD ["pnpm", "run", "proxy"]