rules initial

apps/rules/Dockerfile

@@ -0,0 +1,53 @@
+# Rules Engine Dockerfile
+# Event-driven automation rules processor with MQTT and Redis
+
+FROM python:3.14-alpine
+
+# Prevent Python from writing .pyc files and enable unbuffered output
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    RULES_CONFIG=config/rules.yaml \
+    MQTT_BROKER=172.16.2.16 \
+    MQTT_PORT=1883 \
+    REDIS_HOST=localhost \
+    REDIS_PORT=6379 \
+    REDIS_DB=8 \
+    LOG_LEVEL=INFO
+
+# Create non-root user
+RUN addgroup -g 10001 -S app && \
+    adduser -u 10001 -S app -G app
+
+# Set working directory
+WORKDIR /app
+
+# Install system dependencies
+RUN apk add --no-cache \
+    gcc \
+    musl-dev \
+    linux-headers
+
+# Install Python dependencies
+COPY apps/rules/requirements.txt /app/requirements.txt
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY apps/__init__.py /app/apps/
+COPY apps/rules/ /app/apps/rules/
+COPY packages/ /app/packages/
+COPY config/ /app/config/
+
+# Change ownership to non-root user
+RUN chown -R app:app /app
+
+# Switch to non-root user
+USER app
+
+# Expose no ports (MQTT/Redis client only)
+
+# Health check (check if process is running)
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD pgrep -f "apps.rules.main" || exit 1
+
+# Run the rules engine
+CMD ["python", "-m", "apps.rules.main"]