claude-code-docker/docker-compose.yml at main · mischa-robots/claude-code-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
services:
  claude-code:
    build:
      context: .
      dockerfile: Dockerfile
      args:
        TZ: ${TZ:-UTC}
    image: claude-code:local

    container_name: claude-code

    # Required for iptables/ipset firewall management inside the container.
    # NET_ADMIN: modify iptables rules, create ipsets, set default DROP policy.
    # NET_RAW:   send ICMP rejection packets for blocked connections.
    cap_add:
      - NET_ADMIN
      - NET_RAW

    # Run the firewall initialisation as the first command, then keep the
    # container alive with a long-running shell.  The '&&' ensures the
    # container exits immediately if the firewall fails to initialise.
    command: >
      /bin/zsh -c "sudo /usr/local/bin/init-firewall.sh && /usr/local/bin/init-ssh.sh && exec /bin/zsh"

    # Keep stdin open so you can `docker compose exec claude-code zsh`
    stdin_open: true
    tty: true

    environment:
      # Pass your Anthropic API key from the host .env file
      ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY}
      # Optional: override the model
      # ANTHROPIC_MODEL: claude-opus-4-5
      TZ: ${TZ:-UTC}
      NODE_OPTIONS: "--max-old-space-size=4096"
      CLAUDE_CONFIG_DIR: /home/node/.claude

    volumes:
      # ── Project source code ──────────────────────────────────────────────
      # Mount your project directory into /workspace.
      # Change the left side to the path you want to work on:
      #   - ./                    (if docker-compose.yml lives inside your project)
      #   - ../my-project         (sibling directory)
      #   - /home/you/projects    (shared projects root — see notes in README)
      - ${PROJECT_DIR:-.}:/workspace:cached

      # ── Claude config (auth tokens, project memory, settings) ────────────
      - ./claude/config:/home/node/.claude

      # ── Shell history ────────────────────────────────────────────────────
      - ./claude/history:/commandhistory

      # ── SSH keys (optional — for GitHub access) ──────────────────────────
      # Generated on first run. Add the printed public key to GitHub once.
      - ./claude/ssh:/home/node/.ssh

    # Expose nothing by default — Claude Code is a CLI tool.
    # Uncomment below if you run a dev server inside the container:
    ports:
      - "3000:3000"
      - "8080:8080"

    # Restart policy: "no" is safest for an interactive dev tool.
    restart: "no"