taolin/claude-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement zero-friction authentication persistence with MCP user scope

Browse Source 
Major breakthrough solving the authentication chicken-and-egg problem:

Key Changes:
- Copy ~/.claude.json and ~/.claude/ during Docker build for baked-in auth
- Add -s user flag to claude mcp add-json for persistent MCP servers
- Simplify rebuild logic to prevent unnecessary rebuilds
- Update documentation with rebuild instructions

Technical Details:
- Authentication files placed before USER switch in Dockerfile
- MCP configuration now persists across all sessions
- Rebuild only occurs when image doesn't exist
- Clean separation of build vs runtime concerns

Result: Users authenticate once on host, then zero login prompts forever.
SMS notifications ready immediately on container start.
This commit is contained in:
Vishal Jain
2025-06-17 22:27:11 +01:00
parent d9bf0f4b53
commit 7cd765b756
7 changed files with 106 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
scripts/claude-docker.sh
View File

@@ -38,28 +38,24 @@ fi
NEED_REBUILD=false
if ! docker images | grep -q "claude-docker"; then
echo "Building Claude Docker image with your user permissions..."
echo "Building Claude Docker image for first time..."
NEED_REBUILD=true
elif ! docker image inspect claude-docker:latest | grep -q "USER_UID.*$(id -u)" 2>/dev/null; then
echo "Rebuilding Claude Docker image to match your user permissions..."
NEED_REBUILD=true
elif [ -f "$ENV_FILE" ]; then
# Check if .env is newer than the Docker image
IMAGE_CREATED=$(docker inspect -f '{{.Created}}' claude-docker:latest 2>/dev/null)
if [ -n "$IMAGE_CREATED" ]; then
IMAGE_TIMESTAMP=$(date -d "$IMAGE_CREATED" +%s 2>/dev/null || date -j -f "%Y-%m-%dT%H:%M:%S" "${IMAGE_CREATED%%.*}" +%s 2>/dev/null)
ENV_TIMESTAMP=$(stat -c %Y "$ENV_FILE" 2>/dev/null || stat -f %m "$ENV_FILE" 2>/dev/null)
if [ -n "$IMAGE_TIMESTAMP" ] && [ -n "$ENV_TIMESTAMP" ] && [ "$ENV_TIMESTAMP" -gt "$IMAGE_TIMESTAMP" ]; then
echo "⚠️ .env file has been updated since last build"
echo " Rebuilding to include new credentials..."
NEED_REBUILD=true
fi
fi
fi
if [ "$NEED_REBUILD" = true ]; then
# Copy authentication files to build context
if [ -f "$HOME/.claude.json" ]; then
cp "$HOME/.claude.json" "$PROJECT_ROOT/.claude.json"
fi
if [ -d "$HOME/.claude" ]; then
cp -r "$HOME/.claude" "$PROJECT_ROOT/.claude"
fi
docker build --build-arg USER_UID=$(id -u) --build-arg USER_GID=$(id -g) -t claude-docker:latest "$PROJECT_ROOT"
# Clean up copied auth files
rm -f "$PROJECT_ROOT/.claude.json"
rm -rf "$PROJECT_ROOT/.claude"
fi
# Ensure the claude-home directory exists