Sienna Meridian Satterwhite
fcb80f1f37
Penpot (designer.sunbeam.pt): - Frontend/backend/exporter deployments with OIDC-only auth via Hydra - VSO-managed DB, S3, and app secrets from OpenBao - PostgreSQL user/db in CNPG postInitSQL - Hydra Maester enabledNamespaces extended to devtools Penpot MCP server (mcp-designer.sunbeam.pt): - Pre-built Node.js image pushed to Gitea registry - Auth-gated via Pingora auth_request → Hydra /userinfo - WebSocket path for browser plugin connection Wildcard TLS: - Switched cert-manager from HTTP-01 (per-SAN) to DNS-01 via Scaleway webhook - Certificate collapsed to *.sunbeam.pt + sunbeam.pt - Added scaleway-certmanager-webhook Helm chart - VSO secret for Scaleway DNS API credentials in cert-manager namespace - Added cert-manager to OpenBao VSO auth role
13 lines
405 B
Docker
13 lines
405 B
Docker
FROM node:22-alpine
|
|
RUN npm install -g pnpm@latest @penpot/mcp@latest && \
|
|
cd /usr/local/lib/node_modules/@penpot/mcp && \
|
|
pnpm -r install && \
|
|
pnpm run build
|
|
ENV PENPOT_MCP_REMOTE_MODE=true \
|
|
PENPOT_MCP_SERVER_HOST=0.0.0.0 \
|
|
PENPOT_MCP_SERVER_PORT=4401 \
|
|
PENPOT_MCP_WEBSOCKET_PORT=4402
|
|
EXPOSE 4401 4402
|
|
WORKDIR /usr/local/lib/node_modules/@penpot/mcp
|
|
CMD ["pnpm", "run", "start"]
|