frank/ruvnet--RuView
1
0
Fork 0
mirror of https://github.com/ruvnet/RuView synced 2026-06-09 10:13:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f02b431b59c2391796081aeb56b2207e709fa587
ruvnet--RuView/docker/Dockerfile.rust
T
ruv f02b431b59 fix(security,firmware): secure-by-default Docker auth (#864) + CSI yield recovery (#866) 
#864 — Docker no longer exposes the sensing API/stream unauthenticated:
- Add `require_ws_token` middleware gating `/ws/*` (sensing + introspection)
  with the API token via `?token=` (browser) or `Authorization: Bearer`
  (programmatic). Previously /ws/sensing was ungated even with a token set.
- docker-entrypoint.sh now fails closed: auto-generates a strong
  RUVIEW_API_TOKEN when none is supplied and prints it; explicit
  RUVIEW_ALLOW_UNAUTHENTICATED=1 restores the open LAN posture.
- compose/Dockerfile wire the env vars; startup logs + CI smoke test updated
  to assert secure-by-default (401 with no token) and the opt-out path.
- 7 new bearer_auth unit tests (15 total pass).

#866 — CSI callbacks were starving (~3 in 70s, 0pps) under the MGMT-only
promiscuous filter:
- The documented "10 Hz probe injection" never existed — implement it for
  real (csi_inject_probe_request + 10 Hz timer). Validated on ESP32-C6 (COM9):
  probe TX succeeds at 10 Hz, but management-frame CSI stays sparse.
- Re-admit DATA frames (MGMT+DATA) now that the original wDev_ProcessFiq
  SPI-cache crash is mitigated by WiFi RX/TX IRAM opts + the existing 50 Hz
  rate gate. Kconfig CSI_PROMISC_MGMT_ONLY falls back if needed.
- Hardware-validated on COM9: yield 0 -> ~9pps avg (peak 19), presence/motion
  sensing restored, 0 panics over 35s.

Co-Authored-By: claude-flow <ruv@ruv.net>
2026-05-30 11:37:07 -04:00

104 lines
4.3 KiB
Docker
Raw Blame History

# WiFi-DensePose Rust Sensing Server
# Includes RuVector signal intelligence crates
# Multi-stage build for minimal final image
# Stage 1: Build
FROM rust:1.89-bookworm AS builder
WORKDIR /build
# Copy workspace files
COPY v2/Cargo.toml v2/Cargo.lock ./
COPY v2/crates/ ./crates/
# Copy vendored RuVector crates
COPY vendor/ruvector/ /build/vendor/ruvector/
# Build release binaries:
# - sensing-server with `mqtt` feature so the HA-DISCO MQTT publisher
# (ADR-115) is wired in (auto-discovery topics flow to Home Assistant)
# - cog-ha-matter, the ADR-116 Cognitum cog that wraps HA-DISCO +
# HA-MIND + mDNS + embedded broker for Home Assistant / Matter
# - homecore-server, the ADRs-126-134 HOMECORE native Rust port of
# Home Assistant (HA-wire-compat REST + WebSocket on :8123,
# SQLite + ruvector recorder, automation, assist, plugins, HAP)
RUN cargo build --release -p wifi-densepose-sensing-server --features mqtt 2>&1 \
&& cargo build --release -p cog-ha-matter 2>&1 \
&& cargo build --release -p homecore-server 2>&1 \
&& strip target/release/sensing-server target/release/cog-ha-matter target/release/homecore-server
# Stage 2: Runtime
FROM debian:bookworm-slim
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
# Copy binaries
COPY --from=builder /build/target/release/sensing-server /app/sensing-server
COPY --from=builder /build/target/release/cog-ha-matter /app/cog-ha-matter
COPY --from=builder /build/target/release/homecore-server /app/homecore-server
# Copy UI assets
COPY ui/ /app/ui/
# Sanity-check the assets the runtime actually serves (regression guard for
# #520/#514 — the published image must include the observatory and pose-fusion
# dashboards, not just the legacy `index.html` set). Build fails if any of
# these are missing, so a stale image can't be silently pushed.
RUN set -e; \
for f in /app/ui/index.html /app/ui/observatory.html /app/ui/pose-fusion.html /app/ui/viz.html; do \
test -f "$f" || { echo "FATAL: missing UI asset $f"; exit 1; }; \
done; \
for d in /app/ui/observatory /app/ui/pose-fusion /app/ui/components /app/ui/services; do \
test -d "$d" || { echo "FATAL: missing UI directory $d"; exit 1; }; \
done; \
test -x /app/sensing-server || { echo "FATAL: /app/sensing-server is not executable"; exit 1; }; \
test -x /app/cog-ha-matter || { echo "FATAL: /app/cog-ha-matter is not executable"; exit 1; }; \
test -x /app/homecore-server || { echo "FATAL: /app/homecore-server is not executable"; exit 1; }; \
echo "image assets OK"
# Bearer-token auth on /api/v1/* and /ws/* (#443, #864). Secure-by-default:
# when left unset the entrypoint GENERATES a random token at startup and prints
# it to the logs, so the sensing API + WebSocket stream are never anonymous out
# of the box. Pin a known token, or opt into the open LAN posture explicitly:
# docker run -e RUVIEW_API_TOKEN=$(openssl rand -hex 32) ... # pin a token
# docker run -e RUVIEW_ALLOW_UNAUTHENTICATED=1 ... # trusted LAN only
ENV RUVIEW_API_TOKEN=
# HTTP API
EXPOSE 3000
# WebSocket
EXPOSE 3001
# ESP32 UDP
EXPOSE 5005/udp
# MQTT broker (cog-ha-matter embedded broker — Home Assistant + Matter)
EXPOSE 1883
# HOMECORE HA-compatible REST + WebSocket (homecore-server)
EXPOSE 8123
ENV RUST_LOG=info
# CSI_SOURCE controls which data source the sensing server uses at startup.
# auto — probe UDP port 5005 for an ESP32 first; fall back to simulation (default)
# esp32 — receive real CSI frames from an ESP32 device over UDP port 5005
# wifi — use host Wi-Fi RSSI/scan data (Windows netsh; not available in containers)
# simulated — generate synthetic CSI frames (no hardware required)
# Override at runtime: docker run -e CSI_SOURCE=esp32 ...
ENV CSI_SOURCE=auto
# MODELS_DIR controls where the server scans for .rvf model files.
# Mount a host directory here to make models visible to the API:
# docker run -v /path/to/models:/app/models -e MODELS_DIR=/app/models ...
ENV MODELS_DIR=data/models
COPY docker/docker-entrypoint.sh /app/docker-entrypoint.sh
# Exec-form ENTRYPOINT so Docker appends user arguments correctly.
# Pass flags directly: docker run <image> --source esp32 --tick-ms 500
# Or use env vars: docker run -e CSI_SOURCE=esp32 <image>
ENTRYPOINT ["/app/docker-entrypoint.sh"]
CMD []
Reference in New Issue View Git Blame Copy Permalink