ba3730a24d
Make ANTHROPIC_API_KEY optional. Add CLAUDE_CODE_OAUTH_TOKEN pass-through for headless token-based auth (claude setup-token). When neither is set, Claude Code falls back to browser OAuth on port 54545. Add claude-config named volume mounted at ~/.claude/ in both claude and webui services so credentials persist across container runs. Pre-create ~/.claude/ in the Dockerfile so the volume is initialised with correct ownership. Add --service-ports to docker compose run calls to publish port 54545 during CLI sessions.
37 lines
1.1 KiB
Docker
37 lines
1.1 KiB
Docker
FROM node:20-alpine
|
|
|
|
# Install runtime dependencies
|
|
RUN apk add --no-cache \
|
|
git \
|
|
curl \
|
|
ca-certificates \
|
|
bash \
|
|
ttyd
|
|
|
|
# Entrypoint used by the webui service (ttyd wrapping claude)
|
|
COPY --chmod=755 webui-entrypoint.sh /usr/local/bin/webui-entrypoint.sh
|
|
|
|
# Create non-root user
|
|
RUN addgroup -g 1000 claude \
|
|
&& adduser -u 1000 -G claude -s /bin/bash -D claude
|
|
|
|
# Install Claude Code globally (runs as root for npm -g, then drops)
|
|
RUN npm install -g @anthropic-ai/claude-code
|
|
|
|
# Workspace and Claude config dir — both owned by claude user.
|
|
# Pre-creating ~/.claude ensures the named volume is initialised with the
|
|
# correct ownership when first mounted (Docker copies image content into
|
|
# an empty named volume on first use).
|
|
RUN mkdir -p /workspace /home/claude/.claude \
|
|
&& chown -R claude:claude /workspace /home/claude/.claude
|
|
|
|
USER claude
|
|
WORKDIR /workspace
|
|
|
|
# Proxy traffic through sidecar — override at runtime if needed
|
|
ENV HTTP_PROXY=http://proxy:3128
|
|
ENV HTTPS_PROXY=http://proxy:3128
|
|
ENV ALL_PROXY=http://proxy:3128
|
|
ENV NO_PROXY=localhost,127.0.0.1
|
|
|
|
ENTRYPOINT ["claude"]
|