Refactor Dockerfile to modular image-build scripts

Move install and customization into scripts/image-build-*.sh with a single RUN layer for the main stage, preserving behavior and reducing Dockerfile noise.
2026-04-14 09:48:41 -04:00 · 2026-04-14 09:48:41 -04:00 · 71a4917423
parent b4566c726b
commit 71a4917423
8 changed files with 193 additions and 89 deletions
--- a/101
+++ b/101
@ -7,102 +7,25 @@ RUN cargo install zero-claw
 FROM kasmweb/debian-bookworm-desktop:1.18.0-rolling-daily

 USER root
-ENV HOME=/home/kasm-default-profile
-ENV STARTUPDIR=/dockerstartup
-ENV INST_SCRIPTS=$STARTUPDIR/install
-ENV KASM_SVC_NO_SSL=1
+ENV HOME=/home/kasm-default-profile \
+    STARTUPDIR=/dockerstartup \
+    INST_SCRIPTS=/dockerstartup/install \
+    KASM_SVC_NO_SSL=1 \
+    ZEROCLAW_CONFIG=/home/kasm-user/0claw.toml
 WORKDIR $HOME
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]

-######### Customize Container Here ###########
-# Node 22 (OpenClaw requirement)
-RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
-    && apt-get install -y nodejs \
-    && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-# OpenClaw + terminal coding CLIs
-RUN npm install -g openclaw@latest opencode-ai @anthropic-ai/claude-code
-RUN apt-get update && apt-get install -y git \
-    && apt-get clean && rm -rf /var/lib/apt/lists/*
-RUN curl -fsSL https://bun.sh/install | bash - \
-    && export PATH="$HOME/.bun/bin:$PATH" \
-    && git clone --depth 1 https://github.com/FoundDream/miniclawd.git /opt/miniclawd \
-    && cd /opt/miniclawd && bun install && bun run build \
-    && npm install -g . \
-    && rm -rf /opt/miniclawd "$HOME/.bun"
-
-# zero-claw / 0claw (binary + default config baked in)
+COPY scripts/image-build*.sh /opt/clawtainer-build/
+COPY 0claw.toml OPENCLAW-SETUP.md /tmp/clawtainer-assets/
 COPY --from=zeroclaw-builder /usr/local/cargo/bin/0claw /usr/local/bin/0claw
-RUN ln -sf /usr/local/bin/0claw /usr/local/bin/zero-claw
-COPY 0claw.toml /home/kasm-user/0claw.toml
-RUN chown 1000:1000 /home/kasm-user/0claw.toml
-ENV ZEROCLAW_CONFIG=/home/kasm-user/0claw.toml

-# Pre-create OpenClaw directories with correct ownership (1000:1000 = kasm-user)
-RUN mkdir -p $HOME/.openclaw/canvas $HOME/.openclaw/cron $HOME/.openclaw/workspace \
-    && chown -R 1000:1000 $HOME/.openclaw
-
-# Anthropic Python SDK (Claude API)
-RUN apt-get update && apt-get install -y python3-pip \
-    && pip3 install --break-system-packages anthropic \
-    && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-# Google Antigravity (apt repo)
-RUN mkdir -p /etc/apt/keyrings \
-    && curl -fsSL https://us-central1-apt.pkg.dev/doc/repo-signing-key.gpg | gpg --dearmor --yes -o /etc/apt/keyrings/antigravity-repo-key.gpg \
-    && echo "deb [signed-by=/etc/apt/keyrings/antigravity-repo-key.gpg] https://us-central1-apt.pkg.dev/projects/antigravity-auto-updater-dev/ antigravity-debian main" > /etc/apt/sources.list.d/antigravity.list \
-    && apt-get update && apt-get install -y antigravity \
-    && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-# Cursor IDE (deb by arch)
-RUN ARCH=$(dpkg --print-architecture) \
-    && if [ "$ARCH" = "arm64" ]; then CURSOR_URL="https://api2.cursor.sh/updates/download/golden/linux-arm64-deb/cursor/2.4"; else CURSOR_URL="https://api2.cursor.sh/updates/download/golden/linux-x64-deb/cursor/2.4"; fi \
-    && curl -fsSL -L -o /tmp/cursor.deb "$CURSOR_URL" \
-    && apt-get update && dpkg -i /tmp/cursor.deb || apt-get install -f -y \
-    && rm -f /tmp/cursor.deb \
-    && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-# Launcher scripts so desktop can find code/cursor (PATH often minimal when launched from GUI)
-RUN echo '#!/bin/sh\nexec /usr/bin/env PATH=/usr/bin:/usr/local/bin:"$PATH" code --no-sandbox "$@"' > /usr/local/bin/launch-vscode \
-    && chmod +x /usr/local/bin/launch-vscode \
-    && echo '#!/bin/sh\nexec /usr/bin/env PATH=/usr/bin:/usr/local/bin:"$PATH" cursor --no-sandbox "$@"' > /usr/local/bin/launch-cursor \
-    && chmod +x /usr/local/bin/launch-cursor
-
-# Create desktop shortcuts (proper newlines; use launchers for code/cursor)
-RUN mkdir -p $HOME/Desktop \
-    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Link' 'Name=OpenClaw Control' \
-       'Comment=OpenClaw Gateway Control UI' 'Icon=applications-development' 'URL=http://localhost:18789' \
-       > $HOME/Desktop/openclaw-gateway.desktop \
-    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Application' 'Name=VS Code' \
-       'Comment=Visual Studio Code Editor' 'Exec=/usr/local/bin/launch-vscode' 'Icon=code' \
-       'Terminal=false' 'Categories=Development;IDE;' \
-       > $HOME/Desktop/vscode.desktop \
-    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Application' 'Name=Cursor' \
-       'Comment=Cursor AI IDE' 'Exec=/usr/local/bin/launch-cursor' 'Icon=cursor' \
-       'Terminal=false' 'Categories=Development;IDE;' \
-       > $HOME/Desktop/cursor.desktop \
-    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Application' 'Name=Antigravity' \
-       'Comment=Google Antigravity AI IDE' 'Exec=/usr/bin/antigravity' 'Icon=antigravity' \
-       'Terminal=false' 'Categories=Development;IDE;' \
-       > $HOME/Desktop/antigravity.desktop \
-    && chmod +x $HOME/Desktop/*.desktop \
-    && chown -R 1000:1000 $HOME/Desktop
-
-# Copy OpenClaw setup guide to desktop
-COPY --chown=1000:1000 OPENCLAW-SETUP.md $HOME/Desktop/
-
-# Disable authentication but keep HTTPS
-RUN sed -i 's/vncserver/vncserver -SecurityTypes None -DisableBasicAuth 1/g' /dockerstartup/vnc_startup.sh \
-    && sed -i 's/kasm_password_file:.*$/kasm_password_file:/g' /usr/share/kasmvnc/kasmvnc_defaults.yaml
-
-# Auto-start gateway when session starts (--bind lan for browser access)
-RUN echo '#!/bin/bash' > $STARTUPDIR/custom_startup.sh \
-    && echo '/usr/bin/desktop_ready && openclaw gateway --bind lan --allow-unconfigured &' >> $STARTUPDIR/custom_startup.sh \
-    && chmod +x $STARTUPDIR/custom_startup.sh
-######### End Customizations ###########
+RUN chmod +x /opt/clawtainer-build/image-build*.sh \
+    && /opt/clawtainer-build/image-build.sh \
+    && rm -rf /opt/clawtainer-build /tmp/clawtainer-assets

 RUN chown 1000:0 $HOME
 RUN $STARTUPDIR/set_user_permission.sh $HOME
-ENV HOME /home/kasm-user
+ENV HOME=/home/kasm-user
 WORKDIR $HOME
 RUN mkdir -p $HOME && chown -R 1000:0 $HOME
 USER 1000
--- a/scripts/image-build-cursor.sh
+++ b/scripts/image-build-cursor.sh
@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+export DEBIAN_FRONTEND=noninteractive
+
+arch="$(dpkg --print-architecture)"
+case "$arch" in
+  arm64)
+    cursor_url="https://api2.cursor.sh/updates/download/golden/linux-arm64-deb/cursor/2.4"
+    ;;
+  amd64)
+    cursor_url="https://api2.cursor.sh/updates/download/golden/linux-x64-deb/cursor/2.4"
+    ;;
+  *)
+    echo "Unsupported architecture for Cursor: $arch" >&2
+    exit 1
+    ;;
+esac
+
+curl -fsSL -L -o /tmp/cursor.deb "$cursor_url"
+apt-get update
+dpkg -i /tmp/cursor.deb || apt-get install -f -y
+rm -f /tmp/cursor.deb
+apt-get clean
+rm -rf /var/lib/apt/lists/*
--- a/scripts/image-build-desktop.sh
+++ b/scripts/image-build-desktop.sh
@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+install -d -m 0755 "$HOME/Desktop"
+
+cat <<'EOF' >/usr/local/bin/launch-vscode
+#!/bin/sh
+exec /usr/bin/env PATH=/usr/bin:/usr/local/bin:"$PATH" code --no-sandbox "$@"
+EOF
+chmod +x /usr/local/bin/launch-vscode
+
+cat <<'EOF' >/usr/local/bin/launch-cursor
+#!/bin/sh
+exec /usr/bin/env PATH=/usr/bin:/usr/local/bin:"$PATH" cursor --no-sandbox "$@"
+EOF
+chmod +x /usr/local/bin/launch-cursor
+
+cat <<'EOF' >"$HOME/Desktop/openclaw-gateway.desktop"
+[Desktop Entry]
+Version=1.0
+Type=Link
+Name=OpenClaw Control
+Comment=OpenClaw Gateway Control UI
+Icon=applications-development
+URL=http://localhost:18789
+EOF
+
+cat <<'EOF' >"$HOME/Desktop/vscode.desktop"
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=VS Code
+Comment=Visual Studio Code Editor
+Exec=/usr/local/bin/launch-vscode
+Icon=code
+Terminal=false
+Categories=Development;IDE;
+EOF
+
+cat <<'EOF' >"$HOME/Desktop/cursor.desktop"
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=Cursor
+Comment=Cursor AI IDE
+Exec=/usr/local/bin/launch-cursor
+Icon=cursor
+Terminal=false
+Categories=Development;IDE;
+EOF
+
+cat <<'EOF' >"$HOME/Desktop/antigravity.desktop"
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=Antigravity
+Comment=Google Antigravity AI IDE
+Exec=/usr/bin/antigravity
+Icon=antigravity
+Terminal=false
+Categories=Development;IDE;
+EOF
+
+install -o 1000 -g 1000 -m 0644 \
+  /tmp/clawtainer-assets/OPENCLAW-SETUP.md \
+  "$HOME/Desktop/OPENCLAW-SETUP.md"
+
+chmod +x "$HOME"/Desktop/*.desktop
+chown -R 1000:1000 "$HOME/Desktop"
--- a/scripts/image-build-node-tools.sh
+++ b/scripts/image-build-node-tools.sh
@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+export DEBIAN_FRONTEND=noninteractive
+
+curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
+apt-get update
+apt-get install -y --no-install-recommends nodejs
+apt-get clean
+rm -rf /var/lib/apt/lists/*
+
+npm install -g openclaw@latest opencode-ai @anthropic-ai/claude-code
+
+curl -fsSL https://bun.sh/install | bash -
+export PATH="$HOME/.bun/bin:$PATH"
+
+git clone --depth 1 https://github.com/FoundDream/miniclawd.git /opt/miniclawd
+cd /opt/miniclawd
+bun install
+bun run build
+npm install -g .
+
+rm -rf /opt/miniclawd "$HOME/.bun"
--- a/scripts/image-build-python-tools.sh
+++ b/scripts/image-build-python-tools.sh
@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+export DEBIAN_FRONTEND=noninteractive
+
+pip3 install --break-system-packages anthropic
+
+curl -fsSL https://us-central1-apt.pkg.dev/doc/repo-signing-key.gpg \
+  | gpg --dearmor --yes -o /etc/apt/keyrings/antigravity-repo-key.gpg
+cat <<'EOF' >/etc/apt/sources.list.d/antigravity.list
+deb [signed-by=/etc/apt/keyrings/antigravity-repo-key.gpg] https://us-central1-apt.pkg.dev/projects/antigravity-auto-updater-dev/ antigravity-debian main
+EOF
+
+apt-get update
+apt-get install -y --no-install-recommends antigravity
+apt-get clean
+rm -rf /var/lib/apt/lists/*
--- a/scripts/image-build-runtime.sh
+++ b/scripts/image-build-runtime.sh
@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+install -o 1000 -g 1000 -m 0644 \
+  /tmp/clawtainer-assets/0claw.toml \
+  /home/kasm-user/0claw.toml
+
+ln -sf /usr/local/bin/0claw /usr/local/bin/zero-claw
+
+mkdir -p "$HOME/.openclaw/canvas" "$HOME/.openclaw/cron" "$HOME/.openclaw/workspace"
+chown -R 1000:1000 "$HOME/.openclaw"
+
+sed -i 's/vncserver/vncserver -SecurityTypes None -DisableBasicAuth 1/g' /dockerstartup/vnc_startup.sh
+sed -i 's/kasm_password_file:.*$/kasm_password_file:/g' /usr/share/kasmvnc/kasmvnc_defaults.yaml
+
+cat <<'EOF' >"$STARTUPDIR/custom_startup.sh"
+#!/usr/bin/env bash
+/usr/bin/desktop_ready && openclaw gateway --bind lan --allow-unconfigured &
+EOF
+chmod +x "$STARTUPDIR/custom_startup.sh"
--- a/scripts/image-build-system.sh
+++ b/scripts/image-build-system.sh
@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+export DEBIAN_FRONTEND=noninteractive
+
+apt-get update
+apt-get install -y --no-install-recommends \
+  ca-certificates \
+  curl \
+  git \
+  gnupg \
+  python3-pip
+apt-get clean
+rm -rf /var/lib/apt/lists/*
+
+mkdir -p /etc/apt/keyrings
--- a/scripts/image-build.sh
+++ b/scripts/image-build.sh
@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+"$SCRIPT_DIR/image-build-system.sh"
+"$SCRIPT_DIR/image-build-node-tools.sh"
+"$SCRIPT_DIR/image-build-python-tools.sh"
+"$SCRIPT_DIR/image-build-cursor.sh"
+"$SCRIPT_DIR/image-build-runtime.sh"
+"$SCRIPT_DIR/image-build-desktop.sh"