feat: add MCP Browser Sidecar to sysadmin stack

Add mcp-browser service for LLM-driven browser automation: - Session-based browser management - Domain allowlisting for security - Resource limits (CPU/memory) - Screenshots volume Also add MCP_BROWSER_URL environment variable to agent. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-08 20:27:39 +01:00 · 2025-12-08 20:27:39 +01:00 · 6f4bee8128
parent 0828fa7ac7
commit 6f4bee8128
1 changed files with 43 additions and 0 deletions
--- a/script/stacks/sysadmin/docker-compose.yml
+++ b/script/stacks/sysadmin/docker-compose.yml
@ -38,6 +38,9 @@ services:
      - PLAYWRIGHT_DEFAULT_TIMEOUT_MS=60000
      - PLAYWRIGHT_NAVIGATION_TIMEOUT_MS=120000

+      # MCP Browser Sidecar connection (for LLM-driven browser control)
+      - MCP_BROWSER_URL=http://mcp-browser:8931
+
    volumes:
      # Docker socket for container management
      - /var/run/docker.sock:/var/run/docker.sock
@ -73,8 +76,48 @@ services:
          cpus: '0.25'
          memory: 256M

+  mcp-browser:
+    image: code.letsbe.solutions/letsbe/mcp-browser:latest
+    container_name: {{ customer }}-mcp-browser
+
+    environment:
+      # Session limits
+      - MAX_SESSIONS=${MAX_SESSIONS:-3}
+      - IDLE_TIMEOUT_SECONDS=${IDLE_TIMEOUT_SECONDS:-300}
+      - MAX_SESSION_LIFETIME_SECONDS=${MAX_SESSION_LIFETIME_SECONDS:-1800}
+      - MAX_ACTIONS_PER_SESSION=${MAX_ACTIONS_PER_SESSION:-50}
+
+      # Logging
+      - LOG_LEVEL=${LOG_LEVEL:-INFO}
+      - LOG_JSON=${LOG_JSON:-true}
+
+      # Screenshots
+      - SCREENSHOTS_DIR=/screenshots
+
+    volumes:
+      # Screenshots storage
+      - mcp_screenshots:/screenshots
+
+    # Security options for Chromium sandboxing
+    security_opt:
+      - seccomp=unconfined
+
+    restart: unless-stopped
+
+    # Resource limits for browser automation
+    deploy:
+      resources:
+        limits:
+          cpus: '1.5'
+          memory: 1G
+        reservations:
+          cpus: '0.25'
+          memory: 256M
+
 volumes:
  agent_home:
    name: {{ customer }}-agent-home
  playwright_artifacts:
    name: {{ customer }}-playwright-artifacts
+  mcp_screenshots:
+    name: {{ customer }}-mcp-screenshots