jeena/agent-container
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Run OpenCode and Claude Code inside a shared Arch Linux Docker container that closely mirrors a local development environment, while limiting access to sensitive files on the host.
1 commit 1 branch 0 tags 30 KiB
Find a file
Exact
Jeena 61017da6ba Combine opencode-container and claude-container into a unified agent-container 
Merge the two separate container projects into a single image and
management script. Both OpenCode and Claude Code are installed in the
same Arch Linux image and share one persistent $HOME directory, which
enables the opencode-claude-bridge plugin to read Claude CLI credentials
from within OpenCode.

Subcommands: opencode, claude, update, force-cleanup.
2026-03-24 09:39:25 +09:00
.gitignore Combine opencode-container and claude-container into a unified agent-container 2026-03-24 09:39:25 +09:00
agent-container.py Combine opencode-container and claude-container into a unified agent-container 2026-03-24 09:39:25 +09:00
agent.aliases Combine opencode-container and claude-container into a unified agent-container 2026-03-24 09:39:25 +09:00
Dockerfile Combine opencode-container and claude-container into a unified agent-container 2026-03-24 09:39:25 +09:00
README.md Combine opencode-container and claude-container into a unified agent-container 2026-03-24 09:39:25 +09:00

README.md

agent-container

Run OpenCode and Claude Code inside a shared Arch Linux Docker container that closely mirrors a local development environment, while limiting access to sensitive files on the host.

Features

  • Arch Linux-based image with both OpenCode and Claude Code pre-installed
  • Runs as the host user (same username, UID, GID)
  • Per-project isolation: Each project gets its own container (identified by project path hash)
  • Shared persistent home: All containers mount the same home directory from XDG_DATA_HOME, allowing tools and credentials to persist across projects
  • Unified home: Both tools share the same $HOME, enabling plugins like opencode-claude-bridge that need access to both tools' config
  • Sudo access: Agents can install project-specific dependencies that persist in the stopped container
  • Hard linking support: Can hard link files like ~/.gitconfig to share configurations with containers
  • Mounts only the current project directory (same absolute path inside container)
  • Security boundary: No access to SSH keys, passwords, or full $HOME (intentionally prevents remote code pushes)

Install

Clone the repository:

cd ~/Projects/
git clone https://git.jeena.net/jeena/agent-container.git

Source the helper file agent.aliases in your shell configuration (.bashrc or .zshrc):

source ~/Projects/agent-container/agent.aliases

This makes the opencode, claude, and agent-container commands available in new sessions.

The container home directory at $XDG_DATA_HOME/agent-container/container-home/ serves as a central $HOME inside every container, independent of which project directory you start in. Everything written to $HOME inside the container persists there.

Environment Variables

  • XDG_DATA_HOME: Override default data directory (default: ~/.local/share)
  • ANTHROPIC_API_KEY: Your Anthropic API key (passed through to Claude Code)
  • ANTHROPIC_BASE_URL: Override the API base URL (optional, passed through to Claude Code)

Usage

From any project directory:

# Run OpenCode
opencode

# Run Claude Code
claude

The image is built automatically on first use if it does not already exist. The tool starts inside the container with the current directory mounted and set as the working directory.

Updating

To rebuild the image with the latest versions of both OpenCode and Claude Code:

agent-container update

This removes all existing containers and rebuilds the image from scratch. Containers are recreated automatically on the next run. The persistent home directory is not affected.

Force Cleanup

To remove all containers, the image, and the persistent home directory:

agent-container force-cleanup

Sharing host config files via hard links

The container home at ~/.local/share/agent-container/container-home/ is mounted as /home/<username> inside every container. You can hard link files from your real $HOME into this directory so the container sees them without copying or syncing.

Because both paths live on the same filesystem, a hard link means they are literally the same file -- changes from either side are instantly reflected.

Example for .gitconfig:

mkdir -p ~/.local/share/agent-container/container-home
ln ~/.gitconfig ~/.local/share/agent-container/container-home/.gitconfig

Avoid linking sensitive files such as ~/.ssh/id_* or ~/.gnupg/ -- keeping those out of the container is an intentional security boundary.

Optional: Use Claude Pro/Max with OpenCode

The opencode-claude-bridge plugin lets OpenCode use your Claude Pro/Max subscription via the Claude CLI's OAuth credentials. Because both tools share the same $HOME inside the container, the bridge can read Claude's credentials directly.

  1. Run Claude Code inside the container and log in to your Max account:

    claude

    Complete the login flow. This creates the credentials file at ~/.claude/.credentials.json inside the container home.

  2. Create the OpenCode config to enable the plugin:

    mkdir -p ~/.local/share/agent-container/container-home/.config/opencode
cat > ~/.local/share/agent-container/container-home/.config/opencode/opencode.json << 'EOF'
{
  "plugin": ["opencode-claude-bridge"]
}
EOF

  3. Start OpenCode:

    opencode

    Press Ctrl-p, select Switch Model, and Anthropic will appear as a provider.