FROM ubuntu:24.04

RUN apt-get update \
  && apt-get install -y --no-install-recommends \
    bash \
    ca-certificates \
    curl \
    sudo \
  && rm -rf /var/lib/apt/lists/*

RUN useradd -m -s /bin/bash app \
  && echo "app ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/app

USER app
WORKDIR /home/app

ENV NPM_CONFIG_FUND=false
ENV NPM_CONFIG_AUDIT=false

COPY run.sh /usr/local/bin/clawdbot-install-nonroot
RUN sudo chmod +x /usr/local/bin/clawdbot-install-nonroot

ENTRYPOINT ["/usr/local/bin/clawdbot-install-nonroot"]
