From 0b6fa768168266a44334118cbca287d8a9820524 Mon Sep 17 00:00:00 2001
From: Matt <matt@letsbe.solutions>
Date: Mon, 8 Dec 2025 16:11:00 +0100
Subject: [PATCH] feat: add Playwright support to sysadmin agent stack
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add Playwright environment variables (artifacts dir, timeouts)
- Add playwright_artifacts volume for screenshot/trace storage
- Add security_opt: seccomp=unconfined for Chromium sandboxing
- Increase memory limit to 1G (Playwright needs ~300-700MB)
- Increase CPU limit to 1.5 cores
- Remove obsolete version attribute

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 script/stacks/sysadmin/docker-compose.yml | 26 +++++++++++++++++------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/script/stacks/sysadmin/docker-compose.yml b/script/stacks/sysadmin/docker-compose.yml
index 291263d..17ca8b3 100644
--- a/script/stacks/sysadmin/docker-compose.yml
+++ b/script/stacks/sysadmin/docker-compose.yml
@@ -1,5 +1,3 @@
-version: "3.8"
-
 services:
   agent:
     image: code.letsbe.solutions/letsbe/sysadmin-agent:latest
@@ -35,6 +33,11 @@ services:
       - MAX_FILE_SIZE=${MAX_FILE_SIZE:-10485760}
       - SHELL_TIMEOUT=${SHELL_TIMEOUT:-60}
 
+      # Playwright browser automation
+      - PLAYWRIGHT_ARTIFACTS_DIR=/opt/letsbe/playwright-artifacts
+      - PLAYWRIGHT_DEFAULT_TIMEOUT_MS=60000
+      - PLAYWRIGHT_NAVIGATION_TIMEOUT_MS=120000
+
     volumes:
       # Docker socket for container management
       - /var/run/docker.sock:/var/run/docker.sock
@@ -47,22 +50,31 @@ services:
       # Credential persistence (survives restarts without re-registration)
       - agent_home:/home/agent/.letsbe-agent
 
+      # Playwright artifacts storage
+      - playwright_artifacts:/opt/letsbe/playwright-artifacts
+
+    # Security options for Chromium sandboxing
+    security_opt:
+      - seccomp=unconfined
+
     # Run as root for Docker socket access
     # TODO: Use Docker group membership instead for better security
     user: root
 
     restart: unless-stopped
 
-    # Resource limits
+    # Resource limits (increased for Playwright browser automation)
     deploy:
       resources:
         limits:
-          cpus: '1.0'
-          memory: 512M
+          cpus: '1.5'
+          memory: 1G
         reservations:
-          cpus: '0.1'
-          memory: 128M
+          cpus: '0.25'
+          memory: 256M
 
 volumes:
   agent_home:
     name: {{ customer }}-agent-home
+  playwright_artifacts:
+    name: {{ customer }}-playwright-artifacts