57406dbc90
Switch the production stage to the built-in node user from node:lts-trixie-slim, fixing two runtime failures: 1. Claude CLI rejects --dangerously-skip-permissions when the process UID is 0, making the claude-local adapter unusable. 2. The server crashed at startup (EACCES) because /paperclip was root-owned and the process could not write logs or instance data. Changes vs the naive fix: - Use COPY --chown=node:node instead of a separate RUN chown -R, avoiding a duplicate image layer that would double the size of the /app tree in the final image. - Consolidate mkdir /paperclip + chown into the same RUN layer as the npm global install (already runs as root) to keep layer count minimal. - Add USER node before CMD so the process runs unprivileged. The VOLUME declaration comes after chown so freshly-mounted anonymous volumes inherit the correct node:node ownership. Fixes #344
1.9 KiB
1.9 KiB