# ── Common base with runtime deps ────────────────────────────────────────── FROM node:24-trixie-slim AS base WORKDIR /app # `apt-get upgrade` pulls the security-patched versions of the Debian (trixie) # base-image packages at build time — clears the subset of container-scan CVEs # (perl / util-linux / systemd / ncurses / zlib / tar / sqlite / shadow / pam …) # that already have a fix published in trixie. CVEs without an upstream fix yet # (local-only TOCTOU, etc.) remain until the distro patches them and the image # is rebuilt; none are reachable from the proxy's request surface at runtime. RUN --mount=type=cache,id=apt-cache,target=/var/cache/apt,sharing=shared \ --mount=type=cache,id=apt-lists,target=/var/lib/apt/lists,sharing=shared \ apt-get update \ && apt-get upgrade -y \ && apt-get install -y --no-install-recommends libsecret-1-0 ca-certificates \ && rm -rf /var/lib/apt/lists/* # Refresh the globally-installed npm so its *bundled* node_modules (undici, tar) # ship the patched versions. These are npm's own internals — not application # dependencies (our app already resolves undici@8.5.0 / tar@7.5.16, both fixed) — # but the container scanner flags the stale copies under # /usr/local/lib/node_modules/npm/node_modules. npm is not invoked at runtime in # the runner stages, so this is hygiene, not an exploitable runtime path. RUN npm install -g npm@latest \ && npm cache clean --force # ── Builder ──────────────────────────────────────────────────────────────── FROM base AS builder # Build tools for native module compilation # apt-get update needed here because base's rm -rf clears the shared cache RUN --mount=type=cache,id=apt-cache,target=/var/cache/apt,sharing=shared \ --mount=type=cache,id=apt-lists,target=/var/lib/apt/lists,sharing=shared \ apt-get update \ && apt-get install -y --no-install-recommends python3 make g++ \ && rm -rf /var/lib/apt/lists/* COPY package*.json ./ # Workspace package manifests MUST be present before `npm ci` so npm materializes # the workspace and installs its *workspace-only* deps (e.g. safe-regex, # @toon-format/toon — declared in open-sse/package.json, not hoisted to root). # Without this, `npm ci` skips them and the application build fails with "Module not # found" (root cause of the v3.8.39 Docker build break). workspaces = ["open-sse"]. COPY open-sse/package.json ./open-sse/package.json COPY scripts/build/postinstall.mjs ./scripts/build/postinstall.mjs COPY scripts/build/postinstallSupport.mjs ./scripts/build/postinstallSupport.mjs COPY scripts/build/native-binary-compat.mjs ./scripts/build/native-binary-compat.mjs ENV NPM_CONFIG_LEGACY_PEER_DEPS=true # --ignore-scripts blocks broad dependency install/postinstall hooks, closing # the supply-chain attack surface where a transitive dep can run arbitrary code # at install time. better-sqlite3 still needs a native binding for the target # platform, so rebuild and smoke-test only that known runtime dependency below. # # We REQUIRE a committed package-lock.json so resolved dependency versions # are reproducible. RUN test -f package-lock.json \ || (echo "package-lock.json is required for reproducible Docker builds" >&2 && exit 1) RUN --mount=type=cache,id=npm-cache,target=/root/.npm \ npm ci --no-audit --no-fund --legacy-peer-deps --ignore-scripts \ && npm rebuild better-sqlite3 \ && node -e "require('better-sqlite3')(':memory:').close()" # Build with Turbopack (stable in Next 16, the repo default). The v3.8.27-era # TurbopackInternalError panic ("entered unreachable code: there must be a path to a # root" in ImportTracer::get_traces) no longer reproduces on Next 16.2.9 — validated # 2026-07-05 with clean amd64 (12min14s, image smoke-tested: /api/monitoring/health # 200) and arm64 (qemu, exit 0, zero panic strings) builds. Turbopack cut the bare # build from 17min to 9min on the same 32-core box. Webpack stays available as the # escape hatch: `--build-arg`/-e OMNIROUTE_USE_TURBOPACK=0. # See docs/ops/QUALITY_GATE_PLAYBOOK.md Parte 6. ENV OMNIROUTE_USE_TURBOPACK=1 # Docker containers cannot run the MITM/Agent-Bridge stack (no host DNS/cert # access), so keep @/mitm/manager on the graceful stub (#3390). This flag is # Docker-only: npm/Electron/VPS builds must bundle the REAL manager (#6344). ENV OMNIROUTE_MITM_STUB=1 # Raise the V8 heap ceiling for the build. The webpack production optimization # pass needs more than V8's default ceiling (~2 GB) for a codebase this size; a # memory-constrained Docker build otherwise dies with "FATAL ERROR: ... JavaScript # heap out of memory" during the builder stage (#4076). Turbopack's compile is # native (Rust) and less V8-heap-bound, but the prerender/export phase still runs # on V8, so keep the ceiling. NODE_OPTIONS propagates to the spawned `next build` # child (build-next-isolated.mjs → resolveNextBuildEnv spreads process.env). # Build-only; the runtime heap is set separately on the runner stage # (OMNIROUTE_MEMORY_MB). Override: `--build-arg OMNIROUTE_BUILD_MEMORY_MB=6144`. ARG OMNIROUTE_BUILD_MEMORY_MB=4096 ENV NODE_OPTIONS="--max-old-space-size=${OMNIROUTE_BUILD_MEMORY_MB}" COPY . ./ RUN --mount=type=cache,id=next-cache,target=/app/.build/next/cache \ mkdir -p /app/data && npm run build # ── Runner base ──────────────────────────────────────────────────────────── FROM base AS runner-base LABEL org.opencontainers.image.title="omniroute" \ org.opencontainers.image.description="Unified AI proxy — route any LLM through one endpoint" \ org.opencontainers.image.url="https://omniroute.online" \ org.opencontainers.image.source="https://github.com/diegosouzapw/OmniRoute" \ org.opencontainers.image.licenses="MIT" ENV NODE_ENV=production ENV PORT=20128 ENV HOSTNAME=0.0.0.0 ENV OMNIROUTE_MEMORY_MB=1024 ENV NODE_OPTIONS="--max-old-space-size=${OMNIROUTE_MEMORY_MB}" # Data directory inside Docker — must match the volume mount in docker-compose.yml ENV DATA_DIR=/app/data RUN mkdir -p /app/data # `npm run build` (build-next-isolated → assembleStandalone) bundles ALL runtime # files into .build/next/standalone/ — .next, node_modules, migrations, scripts, # docs, and the previously hand-COPY'd modules below (@swc/helpers, pino-*, split2, # migrations). assembleStandalone copies them straight from the builder's # node_modules, so they are present regardless of NFT/Turbopack trace behaviour. # The old per-module overrides were therefore pure duplication and were removed # (build-output-isolation cleanup). See scripts/build/assembleStandalone.mjs # (EXTRA_MODULE_ENTRIES) for the single source of truth. COPY --from=builder /app/.build/next/standalone ./ # better-sqlite3 is the one exception still copied explicitly: assembleStandalone # only syncs its native build/ dir; the JS wrapper (lib/, package.json) is left to # Next.js tracing. bootstrap-env requires SQLite BEFORE the standalone server # starts, so guarantee the complete package independent of trace behaviour. COPY --from=builder /app/node_modules/better-sqlite3 ./node_modules/better-sqlite3 # migrations land at /migrations via assembleStandalone; point the runtime at them. ENV OMNIROUTE_MIGRATIONS_DIR=/app/migrations # Docker healthcheck script — not traced by Next.js standalone output, so copy # it explicitly. The HEALTHCHECK CMD references it as `node healthcheck.mjs`. COPY --from=builder /app/scripts/dev/healthcheck.mjs ./healthcheck.mjs # Hand /app over to the baked-in `node` non-root user (UID/GID 1000) so the # runtime process never holds root privileges. The chown happens after all # COPYs so it covers files originally owned by root in the builder stage. RUN chown -R node:node /app EXPOSE 20128 # Drop to non-root before ENTRYPOINT/CMD so every derived stage (runner-cli, # runner-web) also runs as a non-root user unless they explicitly switch back. USER node # Warns if the mounted data volume has wrong ownership COPY --chmod=755 scripts/check-permissions.sh /tmp/check-permissions.sh ENTRYPOINT ["/tmp/check-permissions.sh"] HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 \ CMD ["node", "healthcheck.mjs"] CMD ["node", "dev/run-standalone.mjs"] # ── Runner Web (web-cookie providers: Gemini Web, Claude Turnstile) ─────────── # # Two image flavors: # runner-base → omniroute:VERSION Lean base (~500 MB). No browsers. # runner-web → omniroute:VERSION-web +Chromium/Playwright (~800 MB). # # Use runner-web when you need web-cookie providers (gemini-web, claude-web, # claude-turnstile). For all other providers runner-base is sufficient. # # Build: # docker build --target runner-web -t omniroute:web . # Compose: # build: # context: . # target: runner-web FROM runner-base AS runner-web USER root # Copy playwright and playwright-core from the builder stage. # The slim runtime image does not have playwright in node_modules, so npx falls # back to a registry download — unreliable on CI runners (exits 127 on failure). # Copying from the builder avoids any network access at image-build time and also # ensures the same playwright version is available at runtime for web-session providers. COPY --from=builder /app/node_modules/playwright-core ./node_modules/playwright-core COPY --from=builder /app/node_modules/playwright ./node_modules/playwright # Install Playwright browser binaries + OS dependencies under root, then hand # ownership of the browsers cache to the node user. # PLAYWRIGHT_BROWSERS_PATH overrides the default ~/.cache/ms-playwright so the # browsers land under /home/node which persists across image layers and is # accessible to the non-root runtime user. ENV PLAYWRIGHT_BROWSERS_PATH=/home/node/.cache/ms-playwright RUN --mount=type=cache,id=apt-cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,id=apt-lists,target=/var/lib/apt/lists,sharing=locked \ apt-get update \ && node node_modules/playwright/cli.js install chromium --with-deps \ && chown -R node:node /home/node/.cache \ && rm -rf /var/lib/apt/lists/* USER node FROM runner-base AS runner-cli # Drop back to root briefly so we can install system + global npm packages, # then return to the `node` non-root user before the CMD inherited from # runner-base runs. USER root # Install system dependencies required by openclaw (git+ssh references). RUN --mount=type=cache,id=apt-cache,target=/var/cache/apt,sharing=locked \ --mount=type=cache,id=apt-lists,target=/var/lib/apt/lists,sharing=locked \ apt-get update \ && apt-get install -y --no-install-recommends git ca-certificates docker.io docker-compose \ && rm -rf /var/lib/apt/lists/* \ && git config --system url."https://github.com/".insteadOf "ssh://git@github.com/" # Install CLI tools globally. Separate layer from apt for better cache reuse. RUN --mount=type=cache,id=npm-cache,target=/root/.npm \ npm install -g --no-audit --no-fund @openai/codex @anthropic-ai/claude-code droid openclaw@latest USER node