-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
61 lines (46 loc) · 1.46 KB
/
Dockerfile
File metadata and controls
61 lines (46 loc) · 1.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
FROM ubuntu:24.04
ARG USERNAME=claude
# Install security tools and basic dependencies
RUN apt-get update && apt-get install -y \
curl wget git build-essential \
iptables ipset iproute2 dnsutils aggregate jq sudo \
# For creating non-root user
ca-certificates gnupg2
# Create non-root user with system-assigned UID/GID
RUN useradd -m $USERNAME
WORKDIR /workspace
#---------------------------
# Basic tools
#---------------------------
RUN curl https://mise.run | sh
ENV PATH="/root/.local/bin:$PATH"
# node & Claude Code
RUN mise install node && mise use node
RUN mise exec -- npm install -g @anthropic-ai/claude-code
#---------------------------
# Other tools
#---------------------------
# uv
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
# Rust
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
ENV PATH="/root/.cargo/bin:${PATH}"
#---------------------------
# Firewall
#---------------------------
COPY init-firewall.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/init-firewall.sh
# Set up workspace directory
RUN mkdir -p /workspace && chown -R $USERNAME:$USERNAME /workspace
# Switch to non-root user
USER $USERNAME
WORKDIR /workspace
# Git configuration will be handled in entrypoint.sh
# Switch back to root for entrypoint
USER root
#---------------------------
# Entrypoint
#---------------------------
COPY entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]