Add prod deployment for the agent fleet (docker-compose.prod.yml)
- docker-compose.prod.yml + .env.prod.example: one container per agent, Quince first; deployed under /opt/gu_agents and wired into the server's start/stop.sh. - Route API + git via host-gateway (containers can't hairpin the host's public IP). - Dockerfile: drop the base image's uid-1000 user before creating quince. - entrypoint: pip install --break-system-packages (Debian bookworm PEP 668). Verified on prod: image builds, API reachable (200), PyPI egress ok, gutask installs and runs, git clone from ramanujan works via host-gateway. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Quince
@@ -0,0 +1,55 @@
|
||||
# Glitch University agents — Production
|
||||
#
|
||||
# One container per agent. Quince (#9) is the first; add more as sibling
|
||||
# services (each with its own build context dir + QUINCE_*-style identity vars).
|
||||
#
|
||||
# Deployed under /opt/gu_agents/ and started from /root/start.sh:
|
||||
# docker compose -f /opt/gu_agents/docker-compose.prod.yml \
|
||||
# --env-file /opt/gu_agents/.env.prod up -d
|
||||
#
|
||||
# Requires gu_common to be up (nginx → the API at glitch.university, and
|
||||
# gnommo-gitea → ramanujan.glitch.university:2222) and the external `gnommo`
|
||||
# network to exist (start.sh creates it).
|
||||
|
||||
services:
|
||||
quince:
|
||||
build:
|
||||
context: ./quince # build inputs only: Dockerfile, scripts, identity/
|
||||
dockerfile: Dockerfile
|
||||
args:
|
||||
QUINCE_UID: ${QUINCE_UID:-1000}
|
||||
image: gnommo-agent-quince:latest
|
||||
container_name: gnommo-agent-quince
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
# Claude Code auth (unattended)
|
||||
ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY}
|
||||
CLAUDE_MODEL: ${CLAUDE_MODEL:-}
|
||||
# Glitch Content API (gutask)
|
||||
API_URL: ${API_URL}
|
||||
CONTENT_API_KEY: ${CONTENT_API_KEY}
|
||||
# Quince's identity (gutask reads these as process env)
|
||||
AGENT_ID: ${QUINCE_AGENT_ID}
|
||||
AGENT_NAME: ${QUINCE_AGENT_NAME}
|
||||
AGENT_PASSWORD: ${QUINCE_AGENT_PASSWORD}
|
||||
# Scheduling
|
||||
TZ: ${TZ:-Etc/UTC}
|
||||
WAKE_TIME: ${WAKE_TIME:-09:00}
|
||||
RUN_ON_START: ${RUN_ON_START:-0}
|
||||
volumes:
|
||||
# Runtime self (kept OUTSIDE the build context so the SSH key is never
|
||||
# sent to the build daemon): .ssh, notes/, workspace/, logs/, .claude/.
|
||||
- ./quince-home:/home/quince
|
||||
extra_hosts:
|
||||
# Reach the API and git via the host's published ports rather than
|
||||
# hairpinning to the public IP.
|
||||
- "glitch.university:host-gateway"
|
||||
- "ramanujan.glitch.university:host-gateway"
|
||||
networks:
|
||||
- default
|
||||
- gnommo
|
||||
|
||||
networks:
|
||||
default: {}
|
||||
gnommo:
|
||||
external: true
|
||||
Reference in New Issue
Block a user