9b8562b746
Adds a webui service to docker-compose that wraps Claude Code in ttyd, serving a browser-accessible terminal on port 7681. The webui reuses Dockerfile.claude (ttyd added to apt deps) with a dedicated entrypoint script that enforces WEBUI_PASSWORD before starting. Network isolation is identical to the CLI container: claude-internal only, all egress via the proxy allowlist. claude.sh gains web and web-stop commands.
34 lines
961 B
Text
34 lines
961 B
Text
FROM node:20-slim
|
|
|
|
# Install minimal runtime dependencies
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
git \
|
|
curl \
|
|
ca-certificates \
|
|
bash \
|
|
ttyd \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Entrypoint used by the webui service (ttyd wrapping claude)
|
|
COPY --chmod=755 webui-entrypoint.sh /usr/local/bin/webui-entrypoint.sh
|
|
|
|
# Create non-root user
|
|
RUN groupadd -g 1000 claude \
|
|
&& useradd -u 1000 -g claude -m -s /bin/bash claude
|
|
|
|
# Install Claude Code globally (runs as root for npm -g, then drops)
|
|
RUN npm install -g @anthropic-ai/claude-code
|
|
|
|
# Workspace directory owned by claude user
|
|
RUN mkdir -p /workspace && chown claude:claude /workspace
|
|
|
|
USER claude
|
|
WORKDIR /workspace
|
|
|
|
# Proxy traffic through sidecar — override at runtime if needed
|
|
ENV HTTP_PROXY=http://proxy:3128
|
|
ENV HTTPS_PROXY=http://proxy:3128
|
|
ENV ALL_PROXY=http://proxy:3128
|
|
ENV NO_PROXY=localhost,127.0.0.1
|
|
|
|
ENTRYPOINT ["claude"]
|