APEX/BrowserUse_and_ComputerUse_skills
5
0
Fork 0
Code Issues 6 Pull requests 1 Projects 1 Releases Packages Wiki Activity Actions
BrowserUse_and_ComputerUse_.../docs/vps-deploy.md

3.8 KiB
Raw Blame History

BrowserUse VPS Deployment

This project deploys to BrowserUse-vps@lambda.coredump.ru with a Gitea/Forgejo Actions runner installed on the VPS.

The server already has a root-owned /opt/lambdalab stack with Caddy on ports 80/443. Keep this browser service as a separate app under the deploy user home directory, then attach the public-facing containers to the existing lambdalab_frontend Docker network through docker-compose.vps.yml.

SSH Access

Add the public SSH key to the VPS user:

ssh BrowserUse-vps@lambda.coredump.ru
mkdir -p ~/.ssh
chmod 700 ~/.ssh
printf '%s\n' '<ssh-ed25519 public key>' >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

The fingerprint SHA256:/XC5ifPX8j+uRyp0Yw2zAl5nteWc3YcHeVHfCG+rhP4 is not enough by itself. authorized_keys needs the full public key line that starts with ssh-ed25519.

Initial Server Checkout

Run once on the VPS:

mkdir -p ~/apps
cd ~/apps
git clone -b feature/api-for-subagent https://git.lambda.coredump.ru/APEX/BrowserUse_and_ComputerUse_skills.git
cd BrowserUse_and_ComputerUse_skills

Create a server-local .env file in the checkout. It is intentionally not committed:

OPENAI_API_KEY=...
OPENAI_BASE_URL=...
MODEL_DEFAULT=qwen3.5-122b
BROWSER_VIEW_BASE_URL=https://browser-view.lambda.coredump.ru
BROWSER_API_PUBLISH=127.0.0.1:8088:8088
BROWSER_VIEW_PROXY_PUBLISH=127.0.0.1:6081:8080
BROWSER_NOVNC_PUBLISH=127.0.0.1:6080:6080
BROWSER_CDP_PUBLISH=127.0.0.1:9222:9222

Then run the first deploy manually:

bash scripts/deploy_vps.sh
curl -fsS http://127.0.0.1:8088/health

The deploy script uses both Compose files by default:

docker-compose.yml:docker-compose.vps.yml

docker-compose.vps.yml connects browser-api and browser-view-proxy to the existing external lambdalab_frontend network so Caddy can reach them by Docker DNS.

Domain Binding

The active Caddy config is root-owned at:

/opt/lambdalab/caddy/Caddyfile

Add these vhosts to that file from an admin/root account:

browser-api.lambda.coredump.ru {
	reverse_proxy browser-use-api:8088
}

browser-view.lambda.coredump.ru {
	reverse_proxy browser-use-view-proxy:8080
}

Then reload the existing Caddy container from /opt/lambdalab:

cd /opt/lambdalab
docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile

DNS must point both subdomains to the VPS public IP 155.212.185.120. At inspection time, lambda.coredump.ru resolved to that IP, while browser-api.lambda.coredump.ru and browser-view.lambda.coredump.ru did not resolve yet.

Gitea/Forgejo Runner

Install act_runner as the BrowserUse-vps user and register it with the repository, organization, or instance runner token:

mkdir -p ~/act_runner
cd ~/act_runner
./act_runner generate-config > config.yaml
./act_runner --config config.yaml register \
  --no-interactive \
  --instance https://git.lambda.coredump.ru \
  --token '<runner-registration-token>' \
  --name BrowserUse-vps \
  --labels deploy-vps:host

Start it under the same user:

cd ~/act_runner
nohup ./act_runner daemon --config config.yaml > act_runner.log 2>&1 &

Because this account has sudo: no, a system-wide service cannot be installed from this user. If an admin enables a user-level systemd service for this account, run the same daemon command from that service instead of nohup.

CI/CD Behavior

The workflow lives at .gitea/workflows/deploy.yml.

It runs on:

  • push to feature/api-for-subagent
  • manual workflow_dispatch

The job expects a runner label named deploy-vps, registered as deploy-vps:host. It enters:

/home/BrowserUse-vps/apps/BrowserUse_and_ComputerUse_skills

Then it fetches origin/feature/api-for-subagent, resets the tracked checkout to that commit, runs Docker Compose, and verifies:

curl -fsS http://127.0.0.1:8088/health