yamanin/registry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

claude-code integration with strict jail

Browse Source
This commit is contained in:
YEVHENII SHCHERBINA 2025-10-16 13:38:49 +00:00
parent 7ba975a2d8
commit 0f9d0bf710
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
registry/coder/modules/claude-code/scripts/start.sh
View File

@ -89,9 +89,6 @@ function start_agentapi() {
# Build boundary args with conditional --unprivileged flag # Build boundary args with conditional --unprivileged flag
BOUNDARY_ARGS=(--log-dir "$ARG_BOUNDARY_LOG_DIR") BOUNDARY_ARGS=(--log-dir "$ARG_BOUNDARY_LOG_DIR")
if [ "${ARG_BOUNDARY_UNPRIVILEGED:-true}" = "true" ]; then
BOUNDARY_ARGS+=(--unprivileged)
fi
# Add default allowed URLs # Add default allowed URLs
BOUNDARY_ARGS+=(--allow "*.anthropic.com" --allow "registry.npmjs.org" --allow "*.sentry.io" --allow "claude.ai" --allow "$ARG_CODER_HOST") BOUNDARY_ARGS+=(--allow "*.anthropic.com" --allow "registry.npmjs.org" --allow "*.sentry.io" --allow "claude.ai" --allow "$ARG_CODER_HOST")
@ -103,9 +100,17 @@ function start_agentapi() {
done done
fi fi
agentapi server --type claude --term-width 67 --term-height 1190 -- \ git clone https://github.com/coder/boundary
coder exp boundary "${BOUNDARY_ARGS[@]}" -- \ cd boundary
claude "${ARGS[@]}" git checkout yevhenii/proxy-v3
go install ./cmd/...
BOUNDARY_ARGS+=(--proxy-port=8087)
agentapi server --allowed-hosts="*" --type claude --term-width 67 --term-height 1190 -- \
sudo -E env PATH=$PATH setpriv --inh-caps=+net_admin --ambient-caps=+net_admin --bounding-set=+net_admin /home/coder/go/bin/boundary "${BOUNDARY_ARGS[@]}" -- \
claude
#"${ARGS[@]}"
else else
agentapi server --type claude --term-width 67 --term-height 1190 -- claude "${ARGS[@]}" agentapi server --type claude --term-width 67 --term-height 1190 -- claude "${ARGS[@]}"
fi fi