perso/opencode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add podman
Some checks failed
perso/opencode/pipeline/head Something is wrong with the build of this commit
Details

Browse Source
This commit is contained in:
Julien Cabillot
2026-03-31 08:53:26 -04:00
parent 9a9eced188
commit b592546777
2 changed files with 46 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
Dockerfile
View File

@@ -1,21 +1,46 @@
FROM node:24 FROM node:24
RUN apt-get update && apt-get upgrade -y && \ RUN apt-get update && apt-get upgrade -y && \
apt-get install -y --no-install-recommends \
podman \
uidmap \
slirp4netns \
fuse-overlayfs \
dbus-user-session \
containernetworking-plugins \
netavark \
aardvark-dns \
iptables \
ca-certificates && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
RUN set -eux; \ RUN set -eux; \
userdel -r node; \ userdel -r node; \
groupadd -g 1000 opencode; \ groupadd -g 1000 opencode; \
useradd -m -u 1000 -g 1000 -s /usr/bin/bash opencode && \ useradd -m -u 1000 -g 1000 -s /usr/bin/bash opencode; \
awk -F: '!seen[$1":"$2":"$3]++' /etc/subuid > /etc/subuid.tmp; \
mv /etc/subuid.tmp /etc/subuid; \
awk -F: '!seen[$1":"$2":"$3]++' /etc/subgid > /etc/subgid.tmp; \
mv /etc/subgid.tmp /etc/subgid; \
mkdir -p /home/opencode/.config/containers /home/opencode/.local/share/containers; \
printf '%s\n' '[storage]' 'driver = "vfs"' > /home/opencode/.config/containers/storage.conf; \
printf '%s\n' '[engine]' 'cgroup_manager = "cgroupfs"' 'events_logger = "file"' > /home/opencode/.config/containers/containers.conf; \
chown -R 1000:1000 /home/opencode/.config /home/opencode/.local; \
npm update -g && \ npm update -g && \
npm install -g opencode-ai n2-soul@9.0.8 && \ npm install -g opencode-ai n2-soul@9.0.8 && \
npm cache clean --force npm cache clean --force
COPY --chmod=755 opencode-attach /usr/local/bin/opencode-attach COPY --chmod=755 opencode-attach /usr/local/bin/opencode-attach
ENV XDG_RUNTIME_DIR=/tmp/run-user/1000
ENV _CONTAINERS_USERNS_CONFIGURED=""
RUN mkdir -p /tmp/run-user/1000 && chown -R 1000:1000 /tmp/run-user
USER opencode USER opencode
WORKDIR /home/opencode WORKDIR /home/opencode
RUN opencode --version RUN opencode --version
RUN podman --version
ENTRYPOINT ["opencode"] ENTRYPOINT ["opencode"]

20
README.md
View File

@@ -66,6 +66,25 @@ export OPENCODE_API_URL=http://127.0.0.1:4096
opencode-attach opencode-attach
``` ```
## Podman rootless (ready-to-use)
The image now includes Podman configured for rootless usage with the `opencode` user (`/etc/subuid`, `/etc/subgid`, `fuse-overlayfs`, `slirp4netns`).
When running this image, add runtime options required by Podman-in-container:
```bash
docker run -it -p 4096:4096 \
--security-opt seccomp=unconfined \
--device /dev/fuse \
jcabillot/opencode
```
Quick check inside the container:
```bash
podman info
```
## API ## API
Once running, the server exposes an OpenAPI 3.1 spec at: Once running, the server exposes an OpenAPI 3.1 spec at:
@@ -91,5 +110,6 @@ See the [OpenCode server docs](https://opencode.ai/docs/server/) for the full AP
- **Base image**: `node:24` (Debian) - **Base image**: `node:24` (Debian)
- **Install**: `opencode-ai` via npm global install - **Install**: `opencode-ai` via npm global install
- **User**: dedicated non-root `opencode` user - **User**: dedicated non-root `opencode` user
- **Container tooling**: Podman rootless (`podman`, `uidmap`, `slirp4netns`, `fuse-overlayfs`)
- **Entrypoint**: `opencode serve` - **Entrypoint**: `opencode serve`
- **Default port**: `4096` - **Default port**: `4096`