feat: add --docker flag to neb server to start local nebulous instance

.gitignore

@@ -25,4 +25,7 @@ Cargo.lock
 /target
 
 .envrc
-.testenv
+.testenv
+
+#VSCode
+.vscode

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "nebulous"
-version = "0.1.90"
+version = "0.1.91"
 edition = "2021"
 description = "A globally distributed container orchestrator"
 license = "MIT"

Dockerfile

@@ -1,73 +1,34 @@
-# Build stage
 FROM rust:1.88-slim-bullseye AS builder
 
-# Install build dependencies
 RUN apt-get update && apt-get install -y \
     pkg-config \
     libssl-dev \
-    curl \
     build-essential \
-    protobuf-compiler \
-    unzip \
     g++ \
-    cmake \
-    zlib1g-dev \
     && rm -rf /var/lib/apt/lists/*
 
-# Install sccache using cargo
-RUN cargo install sccache
-
-# Set up sccache for Rust
-ENV RUSTC_WRAPPER=sccache
-
-# Create a new empty shell project with only Cargo files
 WORKDIR /usr/src/nebulous
+COPY Cargo.toml ./
 
-COPY Cargo.toml Cargo.lock* ./
+# Pre-build dependencies to cache them
+RUN mkdir -p src && echo "fn main() {}" > src/main.rs
+RUN cargo build --release || true
+RUN rm -rf src
 
-# Create a dummy main.rs to build dependencies
-RUN mkdir src && \
-    echo "fn main() {}" > src/main.rs && \
-    echo "pub fn lib() {}" > src/lib.rs
+COPY ./deploy ./deploy
+COPY ./src ./src
 
 RUN cargo build --release
 
-# Remove the dummy files and copy actual source code
-RUN rm -rf src
-COPY . .
-
-# Build with release profile (this will reuse the cached dependencies)
-RUN cargo build --release
 
-# Tools stage - install runtime tools
-FROM debian:bullseye-slim AS tools
+FROM debian:bullseye-slim AS binary-only
 
-# Install runtime dependencies and tools in a single layer
-RUN apt-get update && apt-get install -y \
-    ca-certificates \
-    curl \
-    unzip \
-    openssh-client \
-    gnupg \
-    && rm -rf /var/lib/apt/lists/*
+COPY --from=builder /usr/src/nebulous/target/release/nebulous /usr/local/bin/nebulous
 
-# Install rclone, AWS CLI, and Tailscale in parallel
-RUN curl -fsSL https://rclone.org/install.sh | bash && \
-    curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
-    unzip awscliv2.zip && \
-    ./aws/install && \
-    rm -rf awscliv2.zip aws && \
-    curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg | tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null && \
-    curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list | tee /etc/apt/sources.list.d/tailscale.list && \
-    apt-get update && apt-get install -y tailscale && \
-    rm -rf /var/lib/apt/lists/*
+RUN ln -s /usr/local/bin/nebulous /usr/local/bin/nebu
 
-# Runtime stage
-FROM debian:bullseye-slim
 
-# Copy tools from tools stage
-COPY --from=tools /usr/bin/rclone /usr/bin/rclone
-COPY --from=tools /usr/local/bin/aws /usr/local/bin/aws
+FROM binary-only AS binary-and-tools
 
 # Install runtime dependencies including Tailscale
 RUN apt-get update && apt-get install -y \
@@ -80,23 +41,12 @@ RUN apt-get update && apt-get install -y \
     && apt-get update && apt-get install -y tailscale \
     && rm -rf /var/lib/apt/lists/*
 
-# Copy the binary from builder
-COPY --from=builder /usr/src/nebulous/target/release/nebulous /usr/local/bin/nebulous
-
-# Create a symlink for the 'nebu' command to point to 'nebulous'
-RUN ln -s /usr/local/bin/nebulous /usr/local/bin/nebu
-
-# Create directory for SQLite database
 RUN mkdir -p /data
 WORKDIR /data
-
-# Set environment variables
 ENV RUST_LOG=info
 
-# Expose the default port
 EXPOSE 3000
 
-# Run the binary
 CMD ["sh", "-c", "tailscaled --state=/data/tailscaled.state & \
     sleep 5 && \
     tailscale up --authkey=$TS_AUTHKEY --login-server=${TS_LOGINSERVER:-'https://login.tailscale.com'} --hostname=nebu && \

Dockerfile.simple

@@ -0,0 +1,41 @@
+FROM rust:1.88-slim-bullseye AS builder
+
+RUN apt-get update && apt-get install -y \
+    pkg-config \
+    libssl-dev \
+    build-essential \
+    g++ \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /usr/src/nebulous
+COPY ./Cargo.toml ./Cargo.lock ./
+
+# Pre-build dependencies to cache them
+RUN mkdir -p src && echo "fn main() {}" > src/main.rs
+RUN cargo build --release || true
+RUN rm -rf src
+
+COPY ./src ./src
+
+RUN cargo build --release
+
+
+FROM debian:bullseye-slim
+
+RUN apt-get update && apt-get install -y \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+# COPY --from=builder /usr/src/nebulous/target/debug/nebulous /usr/local/bin/nebulous
+COPY --from=builder /usr/src/nebulous/target/release/nebulous /usr/local/bin/nebulous
+
+RUN ln -s /usr/local/bin/nebulous /usr/local/bin/nebu
+
+ENV RUST_LOG=info
+ENV NEBU_BUCKET_NAME=nebulous
+ENV NEBU_BUCKET_REGION=us-east-1
+ENV NEBU_ROOT_OWNER=me
+ENV TS_APIKEY=dummy
+ENV TS_TAILNET=dummy
+
+CMD ["nebulous", "--version"] 

README.md

@@ -89,7 +89,15 @@ export AWS_ACCESS_KEY_ID=...
 export AWS_SECRET_ACCESS_KEY=...
 ```
 
+Export the bucket related environment variables (dummies work)
+```sh
+export NEBU_BUCKET_NAME="XXX" 
+export NEBU_BUCKET_REGION="XXX"
+export NEBU_ROOT_OWNER="XXX"
+```
+
 Run a local API server on docker
+
 ```sh
 neb serve --docker
 ```

cloudbuild.yaml

@@ -9,16 +9,26 @@ steps:
         docker buildx inspect --bootstrap
 
   - name: "gcr.io/cloud-builders/docker"
-    id: "Build and Push"
+    waitFor: ["Setup Buildx"]
+    id: "Build Images"
     entrypoint: "bash"
     args:
       - "-c"
       - |
-        # Prepare tag list
-        TAGS="-t us-docker.pkg.dev/$PROJECT_ID/nebulous/server:$SHORT_SHA -t us-docker.pkg.dev/$PROJECT_ID/nebulous/server:$BRANCH_NAME"
+        # Initialize tag variables
+        TAGS="-t us-docker.pkg.dev/$PROJECT_ID/nebulous/server:$SHORT_SHA"
+
+        # Add branch name tag if BRANCH_NAME is not empty
+        if [ -n "$BRANCH_NAME" ]; then
+          echo "Detected branch: $BRANCH_NAME. Adding branch tag."
+          DOCKER_TAG=$(echo "$BRANCH_NAME" | sed 's/[^a-z0-9._-]/-/g' | sed 's/^[.-]//' | sed 's/[.-]$//')
+          echo "Transformed branch $BRANCH_NAME to Docker tag: $$DOCKER_TAG"
+          TAGS="$$TAGS -t us-docker.pkg.dev/$PROJECT_ID/nebulous/server:$$DOCKER_TAG"
+        fi
 
         # Add latest tag if on main branch
         if [ "$BRANCH_NAME" == "main" ]; then
+          echo "Detected main branch. Adding latest tag."
           TAGS="$$TAGS -t us-docker.pkg.dev/$PROJECT_ID/nebulous/server:latest"
         fi
 
@@ -28,10 +38,28 @@ steps:
           TAGS="$$TAGS -t us-docker.pkg.dev/$PROJECT_ID/nebulous/server:$TAG_NAME"
         fi
 
-        # Build and push all tags in one operation
+        # Cache args
+        CACHE_FROM="--cache-from=type=registry,ref=us-docker.pkg.dev/$PROJECT_ID/nebulous/cache:buildcache"
+        CACHE_TO="--cache-to=type=registry,ref=us-docker.pkg.dev/$PROJECT_ID/nebulous/cache:buildcache,mode=max"
+
+        # Build (binary-only) slim-image
+        # This img serves as base layer for the full image and cached
+        docker buildx build \
+          --platform linux/amd64 \
+          --target binary-only \
+          $$TAGS \
+          $$CACHE_FROM \
+          $$CACHE_TO \
+          --push \
+          .
+
+        # Build full image with tools on top of the binary-only image
         docker buildx build \
           --platform linux/amd64 \
+          --target binary-and-tools \
           $$TAGS \
+          $$CACHE_FROM \
+          $$CACHE_TO \
           --push \
           .
 

deploy/docker/docker-compose.yaml

@@ -0,0 +1,69 @@
+services:
+  postgres:
+    image: postgres:17
+    environment:
+      POSTGRES_PASSWORD: postgres
+    ports:
+      - "5432:5432"
+    restart: unless-stopped
+
+  redis:
+    image: redis:8
+    restart: unless-stopped
+    network_mode: service:tailscale
+
+  nebu:
+    # image: us-docker.pkg.dev/agentsea-dev/nebulous/server:${NEBU_VERSION:-latest}
+    # image: us-docker.pkg.dev/agentsea-dev/nebulous/server:latest
+    image: us-docker.pkg.dev/agentsea-dev/nebulous/server:c2e0e00-binary-only
+    command: ["sh", "-c", "exec nebu serve --host 0.0.0.0 --port 3000"]
+    environment:
+      DATABASE_HOST: postgres
+      DATABASE_PORT: 5342
+      DATABASE_USER: postgres
+      DATABASE_PASSWORD: postgres
+      DATABASE_URL: postgres://postgres:postgres@postgres:5432/postgres
+      REDIS_HOST: localhost
+      REDIS_PORT: 6379
+      RUST_LOG: $RUST_LOG
+      NEBU_BUCKET_NAME: $NEBU_BUCKET_NAME
+      NEBU_BUCKET_REGION: $NEBU_BUCKET_REGION
+      NEBU_ROOT_OWNER: $NEBU_ROOT_OWNER
+      NEBU_PUBLISH_URL: $NEBU_PUBLISH_URL
+      TS_APIKEY: $TS_APIKEY
+      TS_TAILNET: $TS_TAILNET
+      TS_LOGIN_SERVER: $TS_LOGIN_SERVER
+
+    network_mode: service:tailscale
+    depends_on:
+      - tailscale
+      - postgres
+      - redis
+
+  tailscale:
+    image: tailscale/tailscale:stable
+    container_name: tailscale
+    hostname: nebulous
+    environment:
+      - TS_STATE_DIR=/var/lib/tailscale
+      - TS_USERSPACE=false
+      - TS_AUTHKEY=$TS_AUTHKEY
+      - TS_EXTRA_ARGS=--login-server $TS_LOGIN_SERVER
+    volumes:
+      - nebu-ts-authkey:/var/lib/tailscale
+      - nebu-ts-sock:/var/run/tailscale
+      - nebu-tmp:/tmp
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    restart: unless-stopped
+
+
+
+volumes:
+  sccache:
+  nebu-ts-authkey:
+    driver: local
+  nebu-ts-sock:
+  nebu-tmp:

src/cli.rs

@@ -58,6 +58,10 @@ pub enum Commands {
         /// The port to bind the internal auth server to.
         #[arg(long, default_value_t = 8080)]
         auth_port: u16,
+
+        /// Run in Docker mode
+        #[arg(long, default_value_t = false)]
+        docker: bool,
     },
 
     /// Proxy services.