# opencode-container

Run OpenCode inside an Arch Linux Docker container that closely mirrors a
local development environment, while limiting access to sensitive files on
the host.

## Features

- Arch Linux–based image
- Runs as the host user (same username, UID, GID)
- **Per-project isolation**: Each project gets its own container (identified by project path hash)
- **Shared persistent home**: All containers mount the same home directory from XDG_DATA_HOME, allowing tools to persist across projects
- **Sudo access**: OpenCode agent can install project-specific dependencies that persist in the stopped container
- **Hard linking support**: Can hard link files like `~/.gitconfig` to share configurations with containers
- Mounts only the current project directory (same absolute path inside container)
- **Security boundary**: No access to SSH keys, passwords, or full `$HOME` (intentionally prevents remote code pushes)
- Simple shell function (`opencode`) to launch interactively

## Install

Change to your projects directory and clone the repository:

```
cd ~/Projects/
git clone https://git.jeena.net/jeena/opencode-container.git
```
Source the helper file `opencode.aliases` in your shell configuration  
(`.bashrc` or `.zshrc`) so the `opencode` function is available in new sessions.

We set up the XDG_DATA_HOME/opencode-container/container-home directory as a central $HOME inside of the
container, independent of the session or project directory we start in. This
persists the whole $HOME from inside the container so everything OpenCode
writes into config files, etc. persists there.

## Environment Variables

- `XDG_DATA_HOME`: Override default data directory (default: ~/.local/share)

## Usage

From any project directory:

```
opencode
```

The image is built automatically on first use if it does not already exist.  
OpenCode starts inside the container with the current directory mounted and
set as the working directory.