A simple, secure, containerized sandbox for unleashing Claude Code with configurable network restrictions, persistent configuration, and comprehensive development tools.
Sign in to like and favorite skills
A simple, secure, containerized sandbox for unleashing Claude Code with configurable network restrictions, persistent configuration, and comprehensive development tools.
Claude Container provides a Docker-based sandbox environment that includes:
Claude Container offers three firewall modes to balance security and usability:
--allow-outgoing--strictADDITIONAL_ALLOWED_DOMAINS--no-firewallLanguages & Runtimes:
Version Control:
Databases:
Claude Tools:
Text & File Processing:
Code Quality:
System Monitoring:
Shell:
[claude-container]# Clone to a persistent location git clone https://gitlab.com/edward.kirton/claude-container.git ~/claude-container # Add to your shell configuration (e.g., ~/.zshrc or ~/.bashrc) echo 'export PATH="$HOME/claude-container/bin:$PATH"' >> ~/.zshrc source ~/.zshrc
Navigate to any project directory and start the container:
cd /path/to/your/project claude-container
On first run:
~/claude-container-homeInside the container, authenticate with Claude:
claude
This authentication only needs to be done once and persists across sessions.
The container includes convenient aliases for Claude tools:
claudeclaude --dangerously-skip-permissionsccusagenpx ccusage blocks --activeThese aliases are available inside the container's Zsh shell environment.
From any project directory:
# Default mode (allow all HTTP/HTTPS outbound) claude-container # Strict mode (only allow specific domains) claude-container --strict # No firewall (allow all network traffic) claude-container --no-firewall
This will:
Claude Container uses an isolated home directory (
~/claude-container-homeOutside the container (host):
~/.claude/Inside the container:
~/claude-container-home/.claude/Important implications:
/resumeSharing configurations between environments: If you want to use the same custom commands or settings in both environments, you can manually copy them:
# Copy custom commands from host to container cp ~/.claude/commands/*.md ~/claude-container-home/.claude/commands/ # Copy hooks from host to container; scripts often require editing to work, particulary if OS differs. cp ~/.claude/hooks/*.sh ~/claude-container-home/.claude/hooks/
--allow-outgoingAllows broad internet access for general development:
claude-container # Uses default mode claude-container --allow-outgoing # Explicit
--strictMaximum security with only essential domains allowed:
claude-container --strict
--no-firewallCompletely unrestricted network access:
claude-container --no-firewall
Execute commands directly with any firewall mode:
claude-container ls -la claude-container --strict claude --help claude-container --no-firewall npm install
In strict mode, you can add additional allowed domains:
Permanent (recommended): Edit
docker/whitelist.txtecho "example.com" >> docker/whitelist.txt echo "api.example.com" >> docker/whitelist.txt claude-container --rebuild --strict
Temporary (current session only):
export ADDITIONAL_ALLOWED_DOMAINS="example.com api.example.com" claude-container --strict
Note: Custom domains are only used in
--strict--allow-outgoing--no-firewallTo rebuild the container image (can be combined with firewall modes):
claude-container --rebuild claude-container --rebuild --strict claude-container --rebuild --no-firewall
Note: Rebuilding the container is safe and won't affect your:
~/claude-container-home/.claude.jsonThis means you can freely modify the Dockerfile to add new tools or update versions without needing to re-authenticate with Claude.
claude-container/ ├── bin/ │ └── claude-container # Launcher script ├── docker/ │ ├── Dockerfile # Container definition │ ├── init-firewall.sh # Firewall configuration │ └── whitelist.txt # Allowed domains for strict mode ├── LICENSE.md # MIT License └── README.md
~/claude-container-home/ ├── .claude/ # Claude configuration ├── .claude.json # Authentication tokens ├── .gitconfig # Git configuration ├── .ssh/ # SSH keys ├── .oh-my-zsh/ # Shell framework └── .zsh_history # Command history
Your project is mounted at the same path inside the container as on your host system. For example:
/Users/yourname/Projects/myapp/Users/yourname/Projects/myappThis ensures path references remain valid and tools like Git work seamlessly.
The
~/claude-container-homechmod +x ~/claude-container/bin/claude-containerdocker logs <container-name>~/claude-container-home/.claude.jsonapi.anthropic.comdocker logs <container-name> 2>&1 | grep BLOCKEDexport ADDITIONAL_ALLOWED_DOMAINS="domain.com"docker exec -it <container-name> sudo iptables -L -v -nclaude-container --allow-outgoingclaude-container --no-firewall--rebuild--strict--allow-outgoing--no-firewalldocker exec -it --user root <container-name> bashThe container includes
uvIf you run
uv sync.venvuv syncuv run.venv/bin/# Working on macOS host cd myproject uv sync # Creates/updates .venv with macOS binaries uv run python script.py # Works! Using macOS Python # Enter container to test in Linux environment claude-container uv sync # Re-creates .venv with Linux binaries uv run python script.py # Works! Using Linux Python exit # Back on macOS host uv run python script.py # ERROR! .venv contains Linux binaries uv sync # Re-sync for macOS uv run python script.py # Works again!
When
uv.venvuv.lockuv.lock.venv.gitignoreUV_LINK_MODE=copyuv syncuv.lock.venv/This approach maintains both environments simultaneously, avoiding re-syncs when switching.# On macOS host UV_PROJECT_ENVIRONMENT=.venv-macos uv sync UV_PROJECT_ENVIRONMENT=.venv-macos uv run python script.py # In Linux container UV_PROJECT_ENVIRONMENT=.venv-linux uv sync UV_PROJECT_ENVIRONMENT=.venv-linux uv run python script.py
uv run ...Claude Container does not include any preconfigured MCP services. You can add your own MCP servers in the usual way - your configuration will persist between sessions as it's stored in your persistent home directory (
~/claude-container-homeTo add an MCP server inside the container:
For HTTP-based MCP servers in strict mode: Add the domain to your firewall configuration by editing
docker/whitelist.txt# Outside the container: Add any required URLs to docker/whitelist.txt echo "mcp.context7.com" >> docker/whitelist.txt claude-container --rebuild --strict
Inside the container: Add the MCP server using the Claude CLI
# Example: Adding Context7 MCP server claude mcp add --transport http context7 https://mcp.context7.com/mcp --header "CONTEXT7_API_KEY: YOUR_API_KEY"
Your MCP configuration will be saved to
~/.claude/mcp_settings.jsonFor more information about MCP servers, see the Claude MCP documentation.
docker/claude-container --rebuildclaude-containerYour Claude authentication and all configuration in
~/claude-container-homeEdit version variables at the top of
docker/DockerfileARG PYTHON_VERSION=3.13.7 ARG YAMLFMT_VERSION=v0.10.0 # etc...
Derived from Claude Code devcontainer. Written by Claude Code under the direction of Edward Kirton.
MIT License - See LICENSE file for details