safeclaude/README.md

# Claude Code — Dockerized

A minimal, guardrailed container for running Claude Code. The home
directory and project folder are volumes, keeping your Claude install
and credentials separate from any specific project.

## Setup

```bash
# 1. Build the image
docker compose build

# 2. Export your API key (or put it in a .env file)
export ANTHROPIC_API_KEY=sk-ant-...

# 3. First run — installs Claude Code into the home volume, then drops you
#    into an interactive shell inside the default ./code directory
docker compose run --rm claude-code
```

On first start the entrypoint runs the native installer and places the
binary in the `claude-home` named volume (under `/home/coder/.local/bin`).
Subsequent starts skip the install and launch immediately.

## Switching projects

Point `PROJECT_DIR` at any directory on your host:

```bash
PROJECT_DIR=/path/to/myproject docker compose run --rm claude-code
```

Or set it in a `.env` file:

```
ANTHROPIC_API_KEY=sk-ant-...
PROJECT_DIR=/Users/me/projects/my-app
```

Then just:

```bash
docker compose run --rm claude-code
```

## Starting Claude Code

Once inside the container shell:

```bash
claude          # start an interactive session in the current directory
claude --help   # show available options
claude doctor   # diagnose installation issues
```

## Volumes

| Volume | Purpose |
|---|---|
| `claude-home` (named) | Persists Claude Code binary, config, and auth credentials |
| `$PROJECT_DIR` (bind) | Your project code — swap freely between sessions |

To wipe the Claude install and start fresh:

```bash
docker compose down -v   # removes the claude-home volume
```

## Security notes

- Runs as a non-root user (`coder`, uid 1000)
- All Linux capabilities are dropped (`cap_drop: ALL`)
- Privilege escalation is disabled (`no-new-privileges`)
- The container has no network restrictions beyond what Docker provides —
  add a custom network or `--network none` with `--add-host` if you want
  to lock that down further