23 lines
851 B
Docker
23 lines
851 B
Docker
FROM debian:bookworm-slim
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
bash curl git jq tmux cron python3 python3-pip openssh-client ca-certificates age \
|
|
&& pip3 install --break-system-packages networkx \
|
|
&& curl -sL https://github.com/getsops/sops/releases/download/v3.9.4/sops-v3.9.4.linux.amd64 \
|
|
-o /usr/local/bin/sops && chmod +x /usr/local/bin/sops \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Claude CLI is mounted from the host via docker-compose volume.
|
|
# No internet access to cli.anthropic.com required at build time.
|
|
|
|
# Non-root user
|
|
RUN useradd -m -u 1000 -s /bin/bash agent
|
|
|
|
COPY entrypoint.sh /entrypoint.sh
|
|
RUN chmod +x /entrypoint.sh
|
|
|
|
# Entrypoint runs as root to start the cron daemon;
|
|
# cron jobs execute as the agent user (crontab -u agent).
|
|
WORKDIR /home/agent
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|