MCPX MCP Gateway

# Add specific sha FROM node:22.16-alpine3.21 ENV LOG_LEVEL="info" ENV LUNAR_CONSUMER_TAG="anonymous" ENV LUNAR_URL="" ENV LUNAR_API_KEY="" ENV WEBSERVER_URL="http://host.docker.internal:9001" # Exclude specific destinations from interception # This is a comma-separated list of domains that should not be intercepted. # It is used to prevent interception when loading mcp servers. ENV EXCLUDED_DESTINATIONS="dl-cdn.alpinelinux.org,deb.debian.org,security.debian.org,registry.npmjs.org,auth.docker.io,registry-1.docker.io,production.cloudflare.docker.com,mcpx-ui,files.pythonhosted.org,pypi.org,archive.ubuntu.com,security.ubuntu.com,mirrors.ubuntu.com,mirrorlist.centos.org,mirror.centos.org,vault.centos.org,cdn.redhat.com,access.redhat.com,mirrors.fedoraproject.org" ENV INTERCEPTION_USER=lunar_interception ENV INTERCEPTION_USER_UID=1001 ENV INTERCEPTION_USER_GID=1001 ENV LUNAR_USER=lunar ENV LUNAR_USER_UID=1002 ENV LUNAR_USER_GID=1002 ENV SHARED_GROUP_NAME=lunar_group ENV SHARED_GROUP_GID=1050 ENV MITM_PROXY_CONF_DIR=/home/${INTERCEPTION_USER}/.proxy RUN apk add --no-cache \ python3 \ uv \ curl \ iptables \ ipset \ libcap \ su-exec \ ca-certificates \ procps \ mitmproxy \ docker WORKDIR /mcpx # MCPX Server COPY ./packages/mcpx-server/src packages/mcpx-server/src COPY ./packages/mcpx-server/tsconfig.json packages/mcpx-server/tsconfig.json COPY ./packages/mcpx-server/package.json packages/mcpx-server/package.json # Internal dependencies COPY ./packages/shared-model packages/shared-model COPY ./packages/toolkit-core packages/toolkit-core COPY ./package.json ./package.json COPY ./package-lock.json ./package-lock.json # Interception COPY ./packages/mcpx-server/interception-setup/scripts/entrypoint.sh /usr/local/bin/entrypoint.sh COPY ./packages/mcpx-server/interception-setup/scripts/lunar_selective_addon.py /opt/lunar_selective_addon.py RUN npm install RUN npm run build:deps WORKDIR /mcpx/packages/mcpx-server RUN npm install RUN npm run build RUN chmod +x /usr/local/bin/entrypoint.sh RUN \ addgroup -g ${LUNAR_USER_GID} -S ${LUNAR_USER} && \ addgroup -g ${INTERCEPTION_USER_GID} -S ${INTERCEPTION_USER} && \ addgroup -g ${SHARED_GROUP_GID} -S ${SHARED_GROUP_NAME} && \ adduser -u ${LUNAR_USER_UID} -S -D -G ${LUNAR_USER} -h /home/${LUNAR_USER} -s /sbin/nologin ${LUNAR_USER} && \ adduser -u ${INTERCEPTION_USER_UID} -S -D -G ${INTERCEPTION_USER} -h /home/${INTERCEPTION_USER} -s /sbin/nologin ${INTERCEPTION_USER} && \ addgroup ${LUNAR_USER} ${SHARED_GROUP_NAME} && \ addgroup ${INTERCEPTION_USER} ${SHARED_GROUP_NAME} && \ mkdir -p /home/${LUNAR_USER} && \ mkdir -p /home/${INTERCEPTION_USER} && \ mkdir -p ${MITM_PROXY_CONF_DIR} && \ mkdir -p /var/log/${LUNAR_USER} && \ chown -R ${LUNAR_USER}:${LUNAR_USER} /home/${LUNAR_USER} && \ chown -R ${INTERCEPTION_USER}:${INTERCEPTION_USER} /home/${INTERCEPTION_USER} && \ chown -R root:${SHARED_GROUP_NAME} /var/log/${LUNAR_USER} EXPOSE 9000 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] CMD ["npm", "run", "serve"]