mirror of
https://github.com/AutoMaker-Org/automaker.git
synced 2026-01-30 06:12:03 +00:00
24a6633322
OpenCode stores a version file in ~/.cache/opencode/ which was causing EACCES permission errors. This adds: - Volume mount for ~/.cache/opencode - Entrypoint script to set correct ownership/permissions on the cache directory
134 lines
5.0 KiB
YAML
134 lines
5.0 KiB
YAML
# Automaker Docker Compose
|
|
# Runs Automaker in complete isolation from your host filesystem.
|
|
# The container cannot access any files on your laptop - only Docker-managed volumes.
|
|
#
|
|
# Usage:
|
|
# docker-compose up -d
|
|
# Then open http://localhost:3007
|
|
#
|
|
# See docs/docker-isolation.md for full documentation.
|
|
|
|
services:
|
|
# Frontend UI
|
|
ui:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
target: ui
|
|
container_name: automaker-ui
|
|
restart: unless-stopped
|
|
ports:
|
|
- '3007:80'
|
|
depends_on:
|
|
- server
|
|
|
|
# Backend API Server
|
|
server:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
target: server
|
|
args:
|
|
# Match container user to host user for mounted volume permissions
|
|
# Override with: UID=$(id -u) GID=$(id -g) docker-compose build
|
|
UID: ${UID:-1001}
|
|
GID: ${GID:-1001}
|
|
container_name: automaker-server
|
|
restart: unless-stopped
|
|
ports:
|
|
- '3008:3008'
|
|
environment:
|
|
# Required
|
|
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
|
|
|
|
# Optional - Claude CLI OAuth credentials (for macOS users)
|
|
# Extract with: ./scripts/get-claude-token.sh
|
|
# This writes the OAuth tokens to ~/.claude/.credentials.json in the container
|
|
- CLAUDE_OAUTH_CREDENTIALS=${CLAUDE_OAUTH_CREDENTIALS:-}
|
|
|
|
# Optional - Cursor CLI OAuth token (extract from host with the command shown below)
|
|
# macOS: ./scripts/get-cursor-token.sh (extracts from Keychain)
|
|
# Linux: jq -r '.accessToken' ~/.config/cursor/auth.json
|
|
# Note: cursor-agent stores its OAuth tokens separately from Cursor IDE
|
|
- CURSOR_AUTH_TOKEN=${CURSOR_AUTH_TOKEN:-}
|
|
|
|
# Optional - authentication, one will generate if left blank
|
|
- AUTOMAKER_API_KEY=${AUTOMAKER_API_KEY:-}
|
|
|
|
# Optional - restrict to specific directory within container only
|
|
# Projects and files can only be created/accessed within this directory
|
|
# Paths are INSIDE the container, not on your host
|
|
# Default: /projects
|
|
- ALLOWED_ROOT_DIRECTORY=${ALLOWED_ROOT_DIRECTORY:-/projects}
|
|
|
|
# Optional - data directory for sessions, settings, etc. (container-only)
|
|
- DATA_DIR=/data
|
|
|
|
# Optional - CORS origin (default allows all)
|
|
- CORS_ORIGIN=${CORS_ORIGIN:-http://localhost:3007}
|
|
|
|
# Internal - indicates the API is running in a containerized sandbox environment
|
|
# This is used by the UI to determine if sandbox risk warnings should be shown
|
|
- IS_CONTAINERIZED=true
|
|
volumes:
|
|
# ONLY named volumes - these are isolated from your host filesystem
|
|
# This volume persists data between restarts but is container-managed
|
|
- automaker-data:/data
|
|
|
|
# Persist Claude CLI OAuth session keys across container restarts
|
|
# This allows 'claude login' authentication to persist between restarts
|
|
- automaker-claude-config:/home/automaker/.claude
|
|
|
|
# Persist Cursor CLI configuration and authentication across container restarts
|
|
# This allows 'cursor-agent login' authentication to persist between restarts
|
|
- automaker-cursor-config:/home/automaker/.cursor
|
|
|
|
# Persist OpenCode CLI configuration and authentication across container restarts
|
|
# This allows 'opencode auth login' authentication to persist between restarts
|
|
- automaker-opencode-data:/home/automaker/.local/share/opencode
|
|
|
|
# Persist OpenCode user configuration across container restarts
|
|
- automaker-opencode-config:/home/automaker/.config/opencode
|
|
|
|
# Persist OpenCode cache directory (contains version file and other cache data)
|
|
- automaker-opencode-cache:/home/automaker/.cache/opencode
|
|
|
|
# NO host directory mounts - container cannot access your laptop files
|
|
# If you need to work on a project, create it INSIDE the container
|
|
# or use a separate docker-compose override file
|
|
|
|
# Security: Server runs as non-root user (already set in Dockerfile)
|
|
# Security: No privileged mode
|
|
# Security: No host network access
|
|
# Security: No host filesystem mounts
|
|
|
|
volumes:
|
|
automaker-data:
|
|
name: automaker-data
|
|
# Named volume - completely isolated from host filesystem
|
|
|
|
automaker-claude-config:
|
|
name: automaker-claude-config
|
|
# Named volume for Claude CLI OAuth session keys and configuration
|
|
# Persists authentication across container restarts
|
|
|
|
automaker-cursor-config:
|
|
name: automaker-cursor-config
|
|
# Named volume for Cursor CLI configuration and authentication
|
|
# Persists cursor-agent login authentication across container restarts
|
|
|
|
automaker-opencode-data:
|
|
name: automaker-opencode-data
|
|
# Named volume for OpenCode CLI data and authentication (~/.local/share/opencode)
|
|
# Persists opencode auth login authentication across container restarts
|
|
|
|
automaker-opencode-config:
|
|
name: automaker-opencode-config
|
|
# Named volume for OpenCode user configuration (~/.config/opencode)
|
|
# Persists user configuration across container restarts
|
|
|
|
automaker-opencode-cache:
|
|
name: automaker-opencode-cache
|
|
# Named volume for OpenCode cache directory (~/.cache/opencode)
|
|
# Contains version file and other cached data
|