From fa4825d76d7e458efdb589b1aad6429a2a58ba3f Mon Sep 17 00:00:00 2001
From: Willem van den Ende <willem@qwan.eu>
Date: Thu, 14 May 2026 12:30:22 +0100
Subject: [PATCH] chromium in docker

---
 .pi/skills/demo/Dockerfile | 68 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 .pi/skills/demo/Dockerfile

diff --git a/.pi/skills/demo/Dockerfile b/.pi/skills/demo/Dockerfile
new file mode 100644
index 0000000..e76e30e
--- /dev/null
+++ b/.pi/skills/demo/Dockerfile
@@ -0,0 +1,68 @@
+# Minimal headless Chrome container for Rodney/Showboat demos.
+#
+# Build:
+#   docker build -t demo-chrome .pi/skills/demo/
+#
+# Run:
+#   docker run -d --name demo-chrome \
+#     --cap-add=SYS_ADMIN --cap-drop=ALL \
+#     --security-opt=no-new-privileges:false \
+#     -p 9222:9222 \
+#     demo-chrome
+#
+# Connect:  rodney connect localhost:9222
+# Stop:     docker stop demo-chrome && docker rm demo-chrome
+#
+# To use a pre-downloaded Chromium binary (from rod), copy the contents
+# of ~/.cache/rod/browser/chromium-*/ into the build context first:
+#   cp -r ~/.cache/rod/browser/chromium-*/ .pi/skills/demo/chrome/
+#   docker build -t demo-chrome .pi/skills/demo/
+
+FROM debian:bookworm-slim
+
+# Install only the bare minimum dependencies Chrome needs
+RUN apt-get update && apt-get install -y --no-install-recommends \
+      libnss3 \
+      libatk1.0-0 \
+      libatk-bridge2.0-0 \
+      libcups2 \
+      libdrm2 \
+      libxkbcommon0 \
+      libxcomposite1 \
+      libxdamage1 \
+      libxrandr2 \
+      libgbm1 \
+      libpango-1.0-0 \
+      libcairo2 \
+      libasound2 \
+      libxfixes3 \
+      libx11-xcb1 \
+      libxcb1 \
+      libx11-6 \
+      libxext6 \
+      libxrender1 \
+      fonts-liberation \
+      fonts-noto-cjk \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy pre-downloaded Chromium binary (from rod's cache)
+# This is the binary that `rodney start` downloads to ~/.cache/rod/browser/
+COPY chrome/ /opt/chrome/
+RUN chmod 4755 /opt/chrome/chrome_sandbox
+
+WORKDIR /app
+
+# Expose Chrome's debug port for Rodney
+EXPOSE 9222
+
+# Run headless with minimal flags
+# --no-sandbox: needed because we run as root in container
+# --disable-gpu: no GPU in container
+# --disable-dev-shm-usage: avoid /dev/shm size limits
+CMD ["/opt/chrome/chrome", \
+     "--remote-debugging-address=0.0.0.0", \
+     "--remote-debugging-port=9222", \
+     "--headless=new", \
+     "--no-sandbox", \
+     "--disable-gpu", \
+     "--disable-dev-shm-usage"]