Kayos
44a8fe743f
LAN-only HTTP service that runs claude -p subprocess on behalf of Sulkta apps. Bearer token + IP allowlist gated. SQLite-backed token registry + run audit log. - POST /run run a prompt, return parsed result - POST /files upload a file, get a file_token to attach to /run - POST /admin/tokens mint per-app tokens (admin-bootstrap-token gated) - GET /admin/tokens list, DELETE /admin/tokens/<name> revoke - GET /healthz liveness + claude --version smoke Container = node:22 + npm-installed @anthropic-ai/claude-code + uvicorn/FastAPI wrapper. Persistent volumes for /data (sqlite + run staging) and /root/.claude (subscription auth — survives container rebuilds; auth via 'docker exec -it clawdforge claude /login' once). Compose binds 192.168.0.5:8800 only — no public proxy. First consumer = cauldron (about to land).
24 lines
666 B
YAML
24 lines
666 B
YAML
services:
|
|
clawdforge:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
image: clawdforge:local
|
|
container_name: clawdforge
|
|
restart: unless-stopped
|
|
env_file:
|
|
- /mnt/cache/appdata/secrets/clawdforge.env
|
|
volumes:
|
|
- /mnt/user/appdata/clawdforge/data:/data
|
|
- /mnt/user/appdata/clawdforge/claude-config:/root/.claude
|
|
- /mnt/user/appdata/clawdforge/claude-alt-config:/root/.config/claude
|
|
ports:
|
|
# LAN-only bind. 8800 picked to live near other forge-y services; bump if collides.
|
|
- "192.168.0.5:8800:8800"
|
|
- "127.0.0.1:8800:8800"
|
|
networks:
|
|
- sulkta
|
|
|
|
networks:
|
|
sulkta:
|
|
external: true
|