mawkone
2491363b5c
- AI_PATH_B_EXECUTION_PLAN.md: add 3 safety nets (auto-push, kill switch, hard tool removal), tighten 4 risks (network policy week 1, HMR spike day 1, lean image + lazy mise, random preview suffix). - AI_CAPABILITIES_ROADMAP.md: pointer note already in place. - vibn-dev/Dockerfile + supervisord.conf + mise.default.toml + README: scaffold for the per-project dev container image. Ubuntu 24.04 + git + ripgrep + python3 + mise. Toolchains lazy-install on first `mise install`. Container runs as uid 1000 vibn (sudo available). Frontend wiring lives in vibn-frontend (separate commit). Made-with: Cursor
1.0 KiB
1.0 KiB
vibn-dev
Per-project AI development container. One of these runs in Coolify per
Vibn project; the AI agent (Gemini) drives it via shell.exec and
fs.* MCP tools.
See /AI_PATH_B_EXECUTION_PLAN.md for the architecture.
Build & publish
docker build -t registry.vibnai.com/vibn-dev:latest .
docker push registry.vibnai.com/vibn-dev:latest
The image is pre-pulled on every Coolify host on deploy so first-use spin-up stays under 5 seconds.
Smoke test locally
docker build -t vibn-dev .
docker run --rm -it -v "$PWD/scratch:/workspace" vibn-dev bash
# inside: mise install # pulls Node lts + Python 3.12 (~90s, one-time)
# inside: rg --version # ripgrep ships in the base image
# inside: git --version
What's NOT in the image (by design)
- Node/Python/Go/Rust toolchains — lazy-installed via mise
- Coolify control-plane creds — never. The container has no route to internal Vibn services (Docker network policy enforced at host level)
- SSH server — exec happens via
docker execfrom the Coolify host