|
| 1 | +# SPDX-FileCopyrightText: 2025 LiveKit, Inc. |
| 2 | +# |
| 3 | +# SPDX-License-Identifier: Apache-2.0 |
| 4 | + |
| 5 | +# This is an example Dockerfile that builds a minimal container for running LK Agents |
| 6 | +# For more information on the build process, see https://docs.livekit.io/agents/ops/deployment/builds/ |
| 7 | +# syntax=docker/dockerfile:1 |
| 8 | + |
| 9 | +# Use the official Node.js v22 base image with Node.js 22.10.0 |
| 10 | +# We use the slim variant to keep the image size smaller while still having essential tools |
| 11 | +ARG NODE_VERSION=22 |
| 12 | +FROM node:${NODE_VERSION}-slim AS base |
| 13 | + |
| 14 | +# Configure pnpm installation directory and ensure it is on PATH |
| 15 | +ENV PNPM_HOME="/pnpm" |
| 16 | +ENV PATH="$PNPM_HOME:$PATH" |
| 17 | + |
| 18 | +# Install required system packages and pnpm, then clean up the apt cache for a smaller image |
| 19 | +# ca-certificates: enables TLS/SSL for securely fetching dependencies and calling HTTPS services |
| 20 | +# --no-install-recommends keeps the image minimal |
| 21 | +RUN apt-get update -qq && apt-get install --no-install-recommends -y ca-certificates && rm -rf /var/lib/apt/lists/* |
| 22 | + |
| 23 | +# Pin pnpm version for reproducible builds |
| 24 | +RUN npm install -g pnpm@10 |
| 25 | + |
| 26 | +# Create a new directory for our application code |
| 27 | +# And set it as the working directory |
| 28 | +WORKDIR /app |
| 29 | + |
| 30 | +# Copy just the dependency files first, for more efficient layer caching |
| 31 | +COPY package.json pnpm-lock.yaml ./ |
| 32 | + |
| 33 | +# Install dependencies using pnpm |
| 34 | +# --frozen-lockfile ensures we use exact versions from pnpm-lock.yaml for reproducible builds |
| 35 | +RUN pnpm install --frozen-lockfile |
| 36 | + |
| 37 | +# Copy all remaining pplication files into the container |
| 38 | +# This includes source code, configuration files, and dependency specifications |
| 39 | +# (Excludes files specified in .dockerignore) |
| 40 | +COPY . . |
| 41 | + |
| 42 | +# Build the project |
| 43 | +RUN pnpm exec tsc |
| 44 | + |
| 45 | +# Create a non-privileged user that the app will run under |
| 46 | +# See https://docs.docker.com/develop/develop-images/dockerfile_best_practices/#user |
| 47 | +ARG UID=10001 |
| 48 | +RUN adduser \ |
| 49 | + --disabled-password \ |
| 50 | + --gecos "" \ |
| 51 | + --home "/app" \ |
| 52 | + --shell "/sbin/nologin" \ |
| 53 | + --uid "${UID}" \ |
| 54 | + appuser |
| 55 | + |
| 56 | +# Set proper permissions |
| 57 | +RUN chown -R appuser:appuser /app |
| 58 | +USER appuser |
| 59 | + |
| 60 | +# Pre-download any ML models or files the agent needs |
| 61 | +# This ensures the container is ready to run immediately without downloading |
| 62 | +# dependencies at runtime, which improves startup time and reliability |
| 63 | +RUN pnpm exec node dist/agent.js download-files |
| 64 | + |
| 65 | +# Switch back to root to remove dev dependencies and finalize setup |
| 66 | +USER root |
| 67 | +RUN pnpm prune --prod && chown -R appuser:appuser /app |
| 68 | +USER appuser |
| 69 | + |
| 70 | +# Set Node.js to production mode |
| 71 | +ENV NODE_ENV=production |
| 72 | + |
| 73 | +# Run the application |
| 74 | +# The "start" command tells the worker to connect to LiveKit and begin waiting for jobs. |
| 75 | +CMD [ "pnpm", "exec", "node", "dist/agent.js", "start" ] |
0 commit comments