FROM python:3.12-alpine

# Minimal, non-privileged runtime.
# This image is a placeholder: it does NOT run an assistant yet.
# It exists so docker-compose up works with local builds.

RUN addgroup -S threegate && adduser -S -G threegate threegate
USER threegate

WORKDIR /srv/threegate

COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
