CyberCoveLLC/Triple-C
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 128 Wiki Activity
Files
625260b0605d9da1d8087ccbfa98bf786d8d4ee1
Triple-C/container/Dockerfile
Josh Knapp 625260b060
All checks were successful
Build Container / build-container (push) Successful in 3m42s
Details
Fix UID/GID mismatch and SSH key permissions in container 
- Entrypoint now runs as root to remap the container's claude user
  UID/GID to match the host user, fixing bind mount permission errors
  on WSL
- SSH keys are mounted read-only to a staging path (/tmp/.host-ssh)
  and copied to ~/.ssh with correct permissions by the entrypoint
- Exec sessions explicitly run as the claude user
- Host UID/GID detected automatically and passed as env vars

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-27 04:36:01 +00:00

97 lines
4.5 KiB
Docker
Raw Blame History

FROM ubuntu:24.04
# Avoid interactive prompts during package install
ENV DEBIAN_FRONTEND=noninteractive
# ── System packages ──────────────────────────────────────────────────────────
RUN apt-get update && apt-get install -y --no-install-recommends \
git \
curl \
wget \
openssh-client \
build-essential \
ripgrep \
jq \
sudo \
ca-certificates \
gnupg \
locales \
unzip \
pkg-config \
libssl-dev \
&& rm -rf /var/lib/apt/lists/*
# Set UTF-8 locale
RUN locale-gen en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LC_ALL=en_US.UTF-8
# ── GitHub CLI ───────────────────────────────────────────────────────────────
RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \
| dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
&& chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \
> /etc/apt/sources.list.d/github-cli.list \
&& apt-get update && apt-get install -y gh \
&& rm -rf /var/lib/apt/lists/*
# ── Node.js LTS (22.x) + pnpm ───────────────────────────────────────────────
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
&& apt-get install -y nodejs \
&& rm -rf /var/lib/apt/lists/* \
&& npm install -g pnpm
# ── Python 3 + pip + uv + ruff ──────────────────────────────────────────────
RUN apt-get update && apt-get install -y --no-install-recommends \
python3 \
python3-pip \
python3-venv \
&& rm -rf /var/lib/apt/lists/* \
&& curl -LsSf https://astral.sh/uv/install.sh | sh \
&& curl -LsSf https://astral.sh/ruff/install.sh | sh
# ── Docker CLI (not daemon) ─────────────────────────────────────────────────
RUN install -m 0755 -d /etc/apt/keyrings \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg \
| gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
&& chmod a+r /etc/apt/keyrings/docker.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" \
> /etc/apt/sources.list.d/docker.list \
&& apt-get update && apt-get install -y docker-ce-cli \
&& rm -rf /var/lib/apt/lists/*
# ── Non-root user with passwordless sudo ─────────────────────────────────────
RUN useradd -m -s /bin/bash claude \
&& echo "claude ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/claude \
&& chmod 0440 /etc/sudoers.d/claude
# ── Mount points (created as root, owned by claude) ──────────────────────────
RUN mkdir -p /workspace && chown claude:claude /workspace
# ── Rust (installed as claude user) ──────────────────────────────────────────
USER claude
WORKDIR /home/claude
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
ENV PATH="/home/claude/.cargo/bin:${PATH}"
# Add uv/ruff to PATH (installed to /root by default, reinstall for claude user)
RUN curl -LsSf https://astral.sh/uv/install.sh | sh \
&& curl -LsSf https://astral.sh/ruff/install.sh | sh
ENV PATH="/home/claude/.local/bin:/home/claude/.cargo/bin:${PATH}"
# ── Claude Code ──────────────────────────────────────────────────────────────
RUN curl -fsSL https://claude.ai/install.sh | bash
ENV PATH="/home/claude/.claude/bin:${PATH}"
RUN mkdir -p /home/claude/.claude /home/claude/.ssh
WORKDIR /workspace
# ── Switch back to root for entrypoint (handles UID/GID remapping) ─────────
USER root
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink