feat(container): add SSH server and rassumfrassum for LSP multiplexing

- Install openssh-server and create SSH infrastructure in container - Install rassumfrassum (LSP multiplexer) via Python venv - Expose SSH port 2222 and mount user public key for TRAMP access - Update compose.yml to map port 2222 and mount SSH_PUBKEY_PATH - Document SSH setup and TRAMP /ssh: access method in README
Remove flake.nix and flake.lock
2026-02-11 12:25:57 +09:00 · 2026-02-03 20:56:26 +09:00
5 changed files with 17 additions and 87 deletions
--- a/13
+++ b/13
@ -3,6 +3,15 @@ FROM node:lts-bookworm-slim

 WORKDIR /app

+# SSH server for TRAMP /ssh: access
+RUN apt-get update && apt-get install -y --no-install-recommends openssh-server python3-venv python3-pip \
+    && rm -rf /var/lib/apt/lists/* \
+    && mkdir -p /var/run/sshd /root/.ssh \
+    && chmod 700 /root/.ssh \
+    && ssh-keygen -A \
+    && python3 -m venv /opt/rass && /opt/rass/bin/pip install --no-cache-dir rassumfrassum \
+    && ln -s /opt/rass/bin/rass /usr/local/bin/rass
+
 # Install dependencies first (better layer caching)
 COPY package.json package-lock.json ./
 RUN npm ci
@ -10,6 +19,6 @@ RUN npm ci
 # Copy the rest of the project
 COPY . .

-EXPOSE 4321
+EXPOSE 4321 22

-CMD ["npm","run","dev","--","--host","0.0.0.0","--port","4321"]
+CMD ["/bin/sh","-lc","/usr/sbin/sshd && npm run dev -- --host 0.0.0.0 --port 4321"]
--- a/README.md
+++ b/README.md
@ -44,11 +44,14 @@ This repo can be developed inside a Podman container to keep your host clean and
 ### Using podman compose

 ```sh
+export SSH_PUBKEY_PATH="$HOME/.ssh/id_ed25519.pub"
 podman compose up --build
 ```

 On WSL2/rootless Podman, if you hit netavark/nftables errors, this repo defaults to `slirp4netns` via `network_mode` in `compose.yml`.

+If you want SSH access (for Emacs TRAMP `/ssh:`), `SSH_PUBKEY_PATH` must point to your public key and port 2222 will be exposed for SSH.
+
 Then open: http://localhost:4321

 Run other commands in the running container:
--- a/compose.yml
+++ b/compose.yml
@ -7,10 +7,12 @@ services:
    network_mode: "slirp4netns:allow_host_loopback=true"
    ports:
      - "4321:4321"
+      - "2222:22"
    volumes:
      - .:/app
      - node_modules:/app/node_modules
-    command: npm run dev -- --host 0.0.0.0 --port 4321
+      - ${SSH_PUBKEY_PATH}:/root/.ssh/authorized_keys:ro
+    command: /bin/sh -lc "/usr/sbin/sshd && npm run dev -- --host 0.0.0.0 --port 4321"

 volumes:
  node_modules:
--- a/flake.lock
+++ b/flake.lock
@ -1,61 +0,0 @@
-{
-  "nodes": {
-    "flake-utils": {
-      "inputs": {
-        "systems": "systems"
-      },
-      "locked": {
-        "lastModified": 1731533236,
-        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1769598131,
-        "narHash": "sha256-e7VO/kGLgRMbWtpBqdWl0uFg8Y2XWFMdz0uUJvlML8o=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "fa83fd837f3098e3e678e6cf017b2b36102c7211",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-25.11",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "root": {
-      "inputs": {
-        "flake-utils": "flake-utils",
-        "nixpkgs": "nixpkgs"
-      }
-    },
-    "systems": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
-    }
-  },
-  "root": "root",
-  "version": 7
-}
--- a/flake.nix
+++ b/flake.nix
@ -1,23 +0,0 @@
-{
-  description = "Naputo blog devshell";
-
-  inputs = {
-    # Use stable nixpkgs for a more predictable toolchain.
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
-    flake-utils.url = "github:numtide/flake-utils";
-  };
-
-  outputs = { self, nixpkgs, flake-utils }:
-    flake-utils.lib.eachDefaultSystem (system:
-      let
-        pkgs = import nixpkgs { inherit system; };
-      in
-      {
-        devShells.default = pkgs.mkShell {
-          packages = with pkgs; [
-            forgejo-cli
-            nodejs
-          ];
-        };
-      });
-}