| ARG RELEASE |
| ARG LAUNCHPAD_BUILD_ARCH |
| LABEL org.opencontainers.image.ref.name=ubuntu |
| LABEL org.opencontainers.image.version=24.04 |
| ADD file:6df775300d76441aa33f31b22c1afce8dfe35c8ffbc14ef27c27009235b12a95 in / |
| CMD ["/bin/bash"] |
| ENV DEBIAN_FRONTEND=noninteractive |
| RUN /bin/sh -c echo 'Acquire::http {No-Cache=True;};' > /etc/apt/apt.conf.d/no-cache && echo 'APT::Install-Recommends "0"; APT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommend && echo 'Dir::Cache { srcpkgcache ""; pkgcache ""; }' > /etc/apt/apt.conf.d/02nocache && echo 'Acquire::GzipIndexes "true"; Acquire::CompressionTypes::Order:: "gz";' > /etc/apt/apt.conf.d/02compress-indexes # buildkit |
| SHELL [/bin/bash -c] |
| RUN /bin/bash -c apt -y update && apt -y --no-install-recommends install ca-certificates curl dirmngr git gpg gpg-agent wget unzip zip software-properties-common build-essential make gcc g++ sudo cron dos2unix tini && curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg && echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list && apt -y update && apt -y --no-install-recommends install supervisor iputils-ping telnet netcat-openbsd lsof net-tools openssl dnsutils rsync bind9-host stress pv crudini xmlstarlet moreutils jq pwgen swaks vim nano cmake pkg-config openssh-client openssh-server uuid less zip file apache2 libapache2-mod-perl2 apache2-dev nginx-full optipng pngquant jpegoptim sqlite3 mysql-client-8.0 redis-tools postgresql-client-16 ldap-utils gettext imagemagick graphicsmagick libcurl4 libcurl4-openssl-dev libexpat1-dev libffi-dev libgdbm-dev libicu-dev libmysqlclient-dev libncurses5-dev libpq-dev libre2-dev libreadline-dev libssl-dev libxml2-dev libxslt-dev libyaml-dev zlib1g-dev libmcrypt-dev libgmp-dev libfreetype6-dev libjpeg-dev libjpeg-turbo8-dev libpng-dev chrpath libxft-dev libfontconfig1-dev libkrb5-dev libxslt1-dev libldap2-dev libsasl2-dev libtool libvips libzmq3-dev locales-all locales libmagic1 xmlsec1 perl libimage-exiftool-perl python3-dev python3-pip python3-setuptools python3-venv php8.3 php8.3-{bcmath,bz2,cgi,cli,common,curl,dba,dev,enchant,fpm,gd,gmp,imap,interbase,intl,ldap,mbstring,mysql,odbc,opcache,pgsql,phpdbg,pspell,readline,snmp,soap,sqlite3,sybase,tidy,xml,xmlrpc,xsl,zip} libapache2-mod-php8.3 php-{apcu,date,fpdf,imagick,gnupg,pear,redis,smbclient,twig,uuid,validate,zmq} composer ghostscript libgs-dev ffmpeg x264 x265 && rm -rf /var/cache/apt /var/lib/apt/lists # buildkit |
| ARG NODE_VERSION=22.14.0 |
| RUN |1 NODE_VERSION=22.14.0 /bin/bash -c mkdir -p /usr/local/node-$NODE_VERSION && curl -L https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.gz | tar zxf - --strip-components 1 -C /usr/local/node-$NODE_VERSION # buildkit |
| ENV PATH=/usr/local/node-22.14.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin |
| RUN |1 NODE_VERSION=22.14.0 /bin/bash -c curl https://downloads.mongodb.com/compass/mongodb-mongosh_2.4.0_amd64.deb -o /tmp/mongosh.deb && dpkg -i /tmp/mongosh.deb && rm /tmp/mongosh.deb && curl https://fastdl.mongodb.org/tools/db/mongodb-database-tools-ubuntu2204-x86_64-100.11.0.deb -o /tmp/mongotools.deb && dpkg -i /tmp/mongotools.deb && rm /tmp/mongotools.deb # buildkit |
| RUN |1 NODE_VERSION=22.14.0 /bin/bash -c curl -L https://github.com/tianon/gosu/releases/download/1.17/gosu-amd64 -o /usr/local/bin/gosu && chmod +x /usr/local/bin/gosu # buildkit |
| ARG YQVERSION=4.45.1 |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c curl -sL https://github.com/mikefarah/yq/releases/download/v${YQVERSION}/yq_linux_amd64 -o /usr/bin/yq && chmod +x /usr/bin/yq # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c userdel --remove ubuntu && adduser --uid 1000 --disabled-login --gecos 'Cloudron' cloudron && passwd -d cloudron # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c addgroup --gid 500 --system media && usermod -a -G media cloudron && usermod -a -G media www-data # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c echo "set noswapfile" >> /root/.vimrc && gosu cloudron:cloudron bash -c 'echo "set noswapfile" >> /home/cloudron/.vimrc' && echo "unset historylog" >> /etc/nanorc # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c update-locale LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 LC_ALL=en_US.UTF-8 # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c for dir in .cache .config .node-gyp .npm .mongodb .ssh .yarn .local; do rm -rf /root/${dir} && ln -sf /run/root${dir} /root/${dir} && mkdir /run/root${dir}; rm -rf /home/cloudron/${dir} && ln -sf /run/cloudron${dir} /home/cloudron/${dir} && mkdir /run/cloudron${dir} && chown --no-dereference cloudron:cloudron /home/cloudron/${dir}; chown cloudron:cloudron /run/cloudron${dir}; done # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c for file in .bash_history .dbshell .inputrc .irb_history .mongorc.js .mysql_history .psql_history .mongoshrc.js; do ln -sf /run/root${file} /root/${file}; ln -sf /run/cloudron${file} /home/cloudron/${file} && chown --no-dereference cloudron:cloudron /home/cloudron/${file}; done # buildkit |
| COPY cloudron_addons /usr/local/cloudron_addons # buildkit |
| RUN |2 NODE_VERSION=22.14.0 YQVERSION=4.45.1 /bin/bash -c echo -e "\nsource /usr/local/cloudron_addons\n\n[[ -f /app/data/.bashrc ]] && source /app/data/.bashrc\n" >> /root/.bashrc # buildkit |
| ENV DEBIAN_FRONTEND=noninteractive |
| ENV PLAYWRIGHT_BROWSERS_PATH=/usr/local/share/playwright |
| RUN /bin/bash -c apt-get update && apt-get install -y tesseract-ocr tesseract-ocr-script-latn poppler-utils libatomic1 ne ghostscript supervisor && rm -rf /var/lib/apt/lists/* # buildkit |
| WORKDIR /app/code |
| RUN /bin/bash -c curl -L https://github.com/agent0ai/agent-zero/archive/refs/tags/v0.9.8.2.tar.gz -o agent-zero.tar.gz && tar -xzf agent-zero.tar.gz --strip-components=1 && rm agent-zero.tar.gz # buildkit |
| RUN /bin/bash -c sed -i 's/processing_timeout_seconds: int = 60/processing_timeout_seconds: int = 300/' python/helpers/memory_consolidation.py # buildkit |
| RUN /bin/bash -c sed -i 's/import aiohttp/import aiohttp\nimport os/' python/helpers/searxng.py && sed -i 's|URL = "http://localhost:55510/search"|URL = os.getenv("SEARXNG_URL", "http://localhost:55510/search")|' python/helpers/searxng.py # buildkit |
| COPY instruments/search_engine.py /app/code/python/tools/search_engine.py # buildkit |
| RUN /bin/bash -c python3 - <<'PY'
from pathlib import Path
path = Path("python/extensions/banners/_10_unsecured_connection.py")
text = path.read_text(encoding="utf-8")
if "import os" not in text:
text = text.replace("import re\n", "import re\nimport os\n", 1)
marker = ' hostname = frontend_context.get("hostname", "")\n'
injection = (
' hostname = frontend_context.get("hostname", "")\n'
' if os.getenv("CLOUDRON_APP_ORIGIN"):\n'
' return\n'
)
if marker in text and injection not in text:
text = text.replace(marker, injection, 1)
elif injection not in text:
raise SystemExit("unexpected _10_unsecured_connection.py format")
path.write_text(text, encoding="utf-8")
PY # buildkit |
| RUN /bin/bash -c python3 - <<'PY'
from pathlib import Path
path = Path("python/helpers/settings.py")
text = path.read_text(encoding="utf-8")
needle = "def set_root_password(password: str):\n"
if needle not in text:
raise SystemExit("set_root_password() not found in settings.py")
insertion = (
"def set_root_password(password: str):\n"
" if not password or password == PASSWORD_PLACEHOLDER:\n"
" return\n"
" if os.geteuid() != 0:\n"
" return\n"
)
if insertion not in text:
text = text.replace(needle, insertion, 1)
if "import os\n" not in text:
text = text.replace("import json\n", "import json\nimport os\n", 1)
path.write_text(text, encoding="utf-8")
updated = path.read_text(encoding="utf-8")
if "os.geteuid()" not in updated:
raise SystemExit("patch failed: os.geteuid() missing")
PY # buildkit |
| RUN /bin/bash -c python3 -m venv /app/code/venv # buildkit |
| ENV PATH=/app/code/venv/bin:/usr/local/node-22.14.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin |
| RUN /bin/bash -c pip install --no-cache-dir --upgrade pip ipython requests # buildkit |
| RUN /bin/bash -c pip install --no-cache-dir torch==2.4.0 torchvision==0.19.0 --index-url https://download.pytorch.org/whl/cpu # buildkit |
| RUN /bin/bash -c pip install --no-cache-dir -r requirements.txt # buildkit |
| COPY requirements2.txt /app/code/ # buildkit |
| RUN /bin/bash -c if [ -f requirements2.txt ]; then pip install --no-cache-dir -r requirements2.txt || true; fi # buildkit |
| RUN /bin/bash -c chown -R cloudron:cloudron /app/code/venv # buildkit |
| RUN /bin/bash -c playwright install --with-deps chromium # buildkit |
| RUN /bin/bash -c mkdir -p /app/pkg # buildkit |
| RUN /bin/bash -c for dir in memory logs knowledge instruments conf user usr node_modules work_dir config python/tools python/extensions; do if [ -d "$dir" ]; then mkdir -p "/app/pkg/$(dirname "$dir")"; mv "$dir" "/app/pkg/$dir"; else mkdir -p "/app/pkg/$dir"; fi; ln -sf "/app/data/$dir" "/app/code/$dir"; done # buildkit |
| RUN /bin/bash -c mkdir -p /app/pkg/usr/workdir # buildkit |
| COPY instruments/ /app/pkg/instruments/ # buildkit |
| COPY instruments/telegram.json.sample /app/pkg/config/telegram.json.sample # buildkit |
| COPY instruments/mcp.json.sample /app/pkg/config/mcp.json.sample # buildkit |
| RUN /bin/bash -c ln -s /app/code /a0 # buildkit |
| RUN /bin/bash -c ln -s /app/data/config/mcp.json /app/code/mcp.json # buildkit |
| RUN /bin/bash -c touch /app/code/.env && mv /app/code/.env /app/pkg/.env && ln -s /app/data/.env /app/code/.env # buildkit |
| RUN /bin/bash -c grep -q '^A0_SET_workdir_path=' /app/pkg/.env || printf '\nA0_SET_workdir_path=/app/data/usr/workdir\n' >> /app/pkg/.env # buildkit |
| RUN /bin/bash -c mv /app/code/tmp /app/pkg/tmp && ln -s /app/data/tmp /app/code/tmp # buildkit |
| COPY start.sh /app/code/start.sh # buildkit |
| COPY supervisord.conf /app/code/supervisord.conf # buildkit |
| RUN /bin/bash -c chmod +x /app/code/start.sh # buildkit |
| CMD ["/app/code/start.sh"] |
