Add prod deployment for the agent fleet (docker-compose.prod.yml)

- docker-compose.prod.yml + .env.prod.example: one container per agent, Quince first; deployed under /opt/gu_agents and wired into the server's start/stop.sh. - Route API + git via host-gateway (containers can't hairpin the host's public IP). - Dockerfile: drop the base image's uid-1000 user before creating quince. - entrypoint: pip install --break-system-packages (Debian bookworm PEP 668). Verified on prod: image builds, API reachable (200), PyPI egress ok, gutask installs and runs, git clone from ramanujan works via host-gateway. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 10:42:46 +02:00
parent 9893cdf889
commit ec780b2e73
4 changed files with 91 additions and 2 deletions
@@ -43,7 +43,9 @@ if [ ! -d "$GUTASK_DIR/.git" ]; then
 fi
 if [ -d "$GUTASK_DIR" ]; then
  log "Installing gutasktool (editable)…"
-  python3 -m pip install --user -e "$GUTASK_DIR" -q 2>/dev/null || \
+  # --break-system-packages: the Debian base marks its Python externally-managed
+  # (PEP 668); this is an isolated container, so installing to --user is fine.
+  python3 -m pip install --user --break-system-packages -e "$GUTASK_DIR" -q || \
    log "WARNING: gutasktool install failed."
 fi