bootstrap: pre-install node/npm/build/python, set up agent user properly

provisioning/bootstrap-dev-lxc.sh

@@ -26,22 +26,33 @@ TOKEN_FILE="${2:-/tmp/gitea-token-staging}"
 pct exec "$CTID" -- bash -c '
   apt-get update -qq
   DEBIAN_FRONTEND=noninteractive apt-get install -y -qq \
-    git curl ca-certificates jq openssh-server xz-utils
+    git curl ca-certificates jq openssh-server xz-utils sudo \
+    nodejs npm build-essential python3 python3-pip
   mkdir -p /root/.claude /root/.local/bin /root/.local/share /root/.ssh /etc/agent /var/agent/workspaces /var/agent/logs
-  chmod 700 /root/.ssh /root/.claude /etc/agent
+  chmod 700 /root/.ssh /root/.claude
+
+  # Non-root agent user (claude refuses bypassPermissions as root)
+  id agent &>/dev/null || useradd -m -s /bin/bash agent
+  chown agent:agent /etc/agent /var/agent /var/agent/workspaces /var/agent/logs
+  chmod 700 /etc/agent
+  grep -q "/.local/bin" /home/agent/.profile 2>/dev/null || \
+    echo "export PATH=\$HOME/.local/bin:/usr/local/bin:\$PATH" >> /home/agent/.profile
 '
 
 # --- claude-code ---
 tar -czf /tmp/claude-bundle.tgz -C /tmp claude-staging
 pct push "$CTID" /tmp/claude-bundle.tgz /tmp/claude-bundle.tgz
-pct push "$CTID" /tmp/claude-creds-staging.json /root/.claude/.credentials.json --perms 600
+pct push "$CTID" /tmp/claude-creds-staging.json /home/agent/.claude/.credentials.json --perms 600
 pct exec "$CTID" -- bash -c '
   set -e
-  rm -rf /root/.local/share/claude
+  install -d -o agent -g agent /home/agent/.local/share /home/agent/.local/bin /home/agent/.claude
-  tar -xzf /tmp/claude-bundle.tgz -C /root/.local/share/
+  tar -xzf /tmp/claude-bundle.tgz -C /home/agent/.local/share/
-  mv /root/.local/share/claude-staging /root/.local/share/claude
+  mv /home/agent/.local/share/claude-staging /home/agent/.local/share/claude
-  CLAUDE_VERSION=$(ls /root/.local/share/claude/versions/ | sort -V | tail -1)
+  CLAUDE_VERSION=$(ls /home/agent/.local/share/claude/versions/ | sort -V | tail -1)
-  ln -sf /root/.local/share/claude/versions/$CLAUDE_VERSION /root/.local/bin/claude
+  ln -sf /home/agent/.local/share/claude/versions/$CLAUDE_VERSION /home/agent/.local/bin/claude
+  chown -R agent:agent /home/agent/.local /home/agent/.claude
+  chmod 700 /home/agent/.claude
+  chmod 600 /home/agent/.claude/.credentials.json
   rm -f /tmp/claude-bundle.tgz
 '
 rm -f /tmp/claude-bundle.tgz
@@ -51,9 +62,18 @@ pct push "$CTID" /tmp/tea-staging /usr/local/bin/tea --perms 755
 
 # --- gitea token ---
 pct push "$CTID" "$TOKEN_FILE" /etc/agent/gitea-token --perms 600
+pct exec "$CTID" -- chown agent:agent /etc/agent/gitea-token
+
+# --- SSH authorized_keys for agent user ---
+pct push "$CTID" /tmp/agent-authorized-keys /home/agent/.ssh/authorized_keys --perms 600 2>/dev/null || \
+  echo "(skip: place orchestrator pubkey at /tmp/agent-authorized-keys before bootstrap to enable SSH)"
+pct exec "$CTID" -- bash -c '
+  install -d -o agent -g agent -m 700 /home/agent/.ssh
+  [ -f /home/agent/.ssh/authorized_keys ] && chown agent:agent /home/agent/.ssh/authorized_keys
+'
 
 # --- enable sshd ---
 pct exec "$CTID" -- systemctl enable --now ssh
 
 echo "Bootstrap complete for CT $CTID. Versions:"
-pct exec "$CTID" -- bash -lc 'PATH=/root/.local/bin:/usr/local/bin:$PATH; claude --version; tea --version | head -2'
+pct exec "$CTID" -- su - agent -c 'claude --version; tea --version | head -2; node --version'