Expand Dockerfile to full multi-service container image #27

New issue

Closed

opened 2026-02-26 05:41:21 +00:00 by mik-tf · 0 comments

mik-tf commented 2026-02-26 05:41:21 +00:00

Owner

Copy link

Context

PR #26 fixed the container CI pipeline and simplified the Dockerfile to only build hero_services_server. The pipeline works e2e — images push to forge.ourworld.tf/lhumina_code/hero_zero.

Now expand the Dockerfile to produce a full multi-service container.

Architecture

Three layers:

• zinit (geomind_code/zinit) — process supervisor. Produces zinit_openrpc (daemon), zinit_http (web dashboard), zinit (CLI)
• hero_services_server (lhumina_code/hero_services) — orchestrator. install and run subcommands write zinit configs and manage service lifecycle
• Individual services — installed via hero_services_server run --profiles user at runtime

Key Constraint

hero_services_server install/run requires zinit running (communicates via Unix socket at ~/hero/var/sockets/zinit_server.sock). Service installation cannot happen during Docker build.

Implementation

Builder stage

1. Build hero_services_server from this workspace (already done)
2. Clone and build geomind_code/zinit workspace → produces zinit_openrpc, zinit_http, zinit binaries
3. Copy all binaries to /root/hero/bin/

Runtime stage

1. Install runtime deps: ca-certificates, libssl3, git, openssh-client, make, curl
2. Install Rust toolchain (needed for make install of services that build from source)
3. Copy all pre-built binaries from builder
4. Entrypoint script:
   • Start zinit_openrpc --socket ~/hero/var/sockets/zinit_server.sock
   • Wait for socket to be ready
   • Run hero_services_server run --profiles user (installs + starts all services)

Ports

Port	Service
3030	hero_services_server
3875	zinit_openrpc web
6666	hero_redis
3388	hero_indexer
8883	hero_books
3350	hero_auth
8201	hero_fossil

Notes

• Container needs network access at first startup (services clone repos + build from source)
• hero_zinit (lhumina_code/hero_zinit) is optional — OSchema RPC wrapper, not needed for core flow
• Service registry lives in services/ directory TOML files, organized by profile (user, beta, admin)
• Original Dockerfile referenced hero_zero binary which doesn't exist — the orchestrator is hero_services_server

## Context PR #26 fixed the container CI pipeline and simplified the Dockerfile to only build `hero_services_server`. The pipeline works e2e — images push to `forge.ourworld.tf/lhumina_code/hero_zero`. Now expand the Dockerfile to produce a full multi-service container. ## Architecture Three layers: - **zinit** (`geomind_code/zinit`) — process supervisor. Produces `zinit_openrpc` (daemon), `zinit_http` (web dashboard), `zinit` (CLI) - **hero_services_server** (`lhumina_code/hero_services`) — orchestrator. `install` and `run` subcommands write zinit configs and manage service lifecycle - Individual services — installed via `hero_services_server run --profiles user` at runtime ## Key Constraint `hero_services_server install/run` requires zinit running (communicates via Unix socket at `~/hero/var/sockets/zinit_server.sock`). Service installation cannot happen during Docker build. ## Implementation ### Builder stage 1. Build `hero_services_server` from this workspace (already done) 2. Clone and build `geomind_code/zinit` workspace → produces `zinit_openrpc`, `zinit_http`, `zinit` binaries 3. Copy all binaries to `/root/hero/bin/` ### Runtime stage 1. Install runtime deps: `ca-certificates`, `libssl3`, `git`, `openssh-client`, `make`, `curl` 2. Install Rust toolchain (needed for `make install` of services that build from source) 3. Copy all pre-built binaries from builder 4. Entrypoint script: - Start `zinit_openrpc --socket ~/hero/var/sockets/zinit_server.sock` - Wait for socket to be ready - Run `hero_services_server run --profiles user` (installs + starts all services) ### Ports | Port | Service | |------|---------| | 3030 | hero_services_server | | 3875 | zinit_openrpc web | | 6666 | hero_redis | | 3388 | hero_indexer | | 8883 | hero_books | | 3350 | hero_auth | | 8201 | hero_fossil | ### Notes - Container needs network access at first startup (services clone repos + build from source) - `hero_zinit` (`lhumina_code/hero_zinit`) is optional — OSchema RPC wrapper, not needed for core flow - Service registry lives in `services/` directory TOML files, organized by profile (user, beta, admin) - Original Dockerfile referenced `hero_zero` binary which doesn't exist — the orchestrator is `hero_services_server`

mik-tf referenced this issue from a commit 2026-02-26 05:53:06 +00:00

feat: expand Dockerfile to full multi-service container

mik-tf referenced this issue from a pull request that will close it, 2026-02-26 05:53:20 +00:00

feat: expand Dockerfile to full multi-service container with zinit #28

mik-tf referenced this issue from a pull request that will close it, 2026-02-26 14:43:52 +00:00

Fix container build — correct binary names, CI pipeline, entrypoint #32

mik-tf referenced this issue from a pull request that will close it, 2026-02-27 17:22:35 +00:00

Combined deploy — all PRs merged + Dockerfile.prod + TFGrid deployment #43

mik-tf closed this issue 2026-03-08 00:25:03 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

development

development_base_image

development_timur

development_kristof

main

v0.1.0

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

lhumina_code/hero_services#27

No description provided.