v1 - basic functionality
This commit is contained in:
76
README.md
Normal file
76
README.md
Normal file
@ -0,0 +1,76 @@
|
||||
# Claude Code — Dockerized
|
||||
|
||||
A minimal, guardrailed container for running Claude Code. The home
|
||||
directory and project folder are volumes, keeping your Claude install
|
||||
and credentials separate from any specific project.
|
||||
|
||||
## Setup
|
||||
|
||||
```bash
|
||||
# 1. Build the image
|
||||
docker compose build
|
||||
|
||||
# 2. Export your API key (or put it in a .env file)
|
||||
export ANTHROPIC_API_KEY=sk-ant-...
|
||||
|
||||
# 3. First run — installs Claude Code into the home volume, then drops you
|
||||
# into an interactive shell inside the default ./code directory
|
||||
docker compose run --rm claude-code
|
||||
```
|
||||
|
||||
On first start the entrypoint runs the native installer and places the
|
||||
binary in the `claude-home` named volume (under `/home/coder/.local/bin`).
|
||||
Subsequent starts skip the install and launch immediately.
|
||||
|
||||
## Switching projects
|
||||
|
||||
Point `PROJECT_DIR` at any directory on your host:
|
||||
|
||||
```bash
|
||||
PROJECT_DIR=/path/to/myproject docker compose run --rm claude-code
|
||||
```
|
||||
|
||||
Or set it in a `.env` file:
|
||||
|
||||
```
|
||||
ANTHROPIC_API_KEY=sk-ant-...
|
||||
PROJECT_DIR=/Users/me/projects/my-app
|
||||
```
|
||||
|
||||
Then just:
|
||||
|
||||
```bash
|
||||
docker compose run --rm claude-code
|
||||
```
|
||||
|
||||
## Starting Claude Code
|
||||
|
||||
Once inside the container shell:
|
||||
|
||||
```bash
|
||||
claude # start an interactive session in the current directory
|
||||
claude --help # show available options
|
||||
claude doctor # diagnose installation issues
|
||||
```
|
||||
|
||||
## Volumes
|
||||
|
||||
| Volume | Purpose |
|
||||
|---|---|
|
||||
| `claude-home` (named) | Persists Claude Code binary, config, and auth credentials |
|
||||
| `$PROJECT_DIR` (bind) | Your project code — swap freely between sessions |
|
||||
|
||||
To wipe the Claude install and start fresh:
|
||||
|
||||
```bash
|
||||
docker compose down -v # removes the claude-home volume
|
||||
```
|
||||
|
||||
## Security notes
|
||||
|
||||
- Runs as a non-root user (`coder`, uid 1000)
|
||||
- All Linux capabilities are dropped (`cap_drop: ALL`)
|
||||
- Privilege escalation is disabled (`no-new-privileges`)
|
||||
- The container has no network restrictions beyond what Docker provides —
|
||||
add a custom network or `--network none` with `--add-host` if you want
|
||||
to lock that down further
|
||||
Reference in New Issue
Block a user