1.7 KiB
1.7 KiB
Example: a Ruby + Postgres project
A filled-in .safeclaude/ for a typical Rails-style app — a pinned Ruby and
Node, the Postgres client, and headless Chrome for browser tests. It's here as a
reference you can copy from when setting up your own project.
How to use it
- Start fresh, then borrow: run
safeclaude initin your project for a blank starter, then copy whatever pieces you need from here. (Recommended — you only pull in what applies to you.) - Copy the whole thing:
cp -r .../safeclaude/example/.safeclaude ~/your-project/and tweak from there.
What's where
| File | When it runs | What it does |
|---|---|---|
.safeclaude/Dockerfile |
once, then cached | installs system packages, a pinned Ruby + Node, Chrome, and bundler |
hooks/20-bundle.sh |
each launch | runs bundle install, but only when Gemfile.lock changed |
hooks/30-pg-proxy.sh |
each launch | lets the app reach the host's Postgres at the usual 127.0.0.1:5432 |
.env.example |
— | copy to .env for a private gem token (kept out of git) |
version |
— | the safeclaude version this config was created with |
README.md |
— | how this environment works (also read by the sandboxed Claude) |
A couple of things to take away:
- Slow, one-time installs go in the Dockerfile so they're cached. Pin one Ruby and one Node there directly — a project only needs one of each, so a version manager would just be overhead. Anything that needs your code present, or has to stick around between runs, goes in a hook.
cache/is the project's scratch space, on the host and gitignored. Here the gems install into it (BUNDLE_PATH), so they survive container and volume resets without ever touching your repo.