-
Notifications
You must be signed in to change notification settings - Fork 794
Expand file tree
/
Copy pathdocker-compose.sandbox.yml
More file actions
38 lines (37 loc) · 1.44 KB
/
docker-compose.sandbox.yml
File metadata and controls
38 lines (37 loc) · 1.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Sandbox overlay — enables Docker-based sandbox for agent code execution.
#
# Prerequisites:
# 1. Build the sandbox image: docker build -t goclaw-sandbox:bookworm-slim -f Dockerfile.sandbox .
# 2. Ensure Docker socket is accessible (required for container orchestration)
#
# Usage:
# docker compose -f docker-compose.yml -f docker-compose.sandbox.yml up
#
# SECURITY WARNING: This overlay mounts the Docker socket, giving the container
# control over host Docker. Deploy only behind a trusted network boundary.
# For maximum isolation, consider using Docker-in-Docker (dind) or Sysbox instead.
services:
goclaw:
build:
args:
ENABLE_SANDBOX: "true"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- GOCLAW_SANDBOX_MODE=all
- GOCLAW_SANDBOX_IMAGE=goclaw-sandbox:bookworm-slim
- GOCLAW_SANDBOX_WORKSPACE_ACCESS=rw
- GOCLAW_SANDBOX_SCOPE=session
- GOCLAW_SANDBOX_MEMORY_MB=512
- GOCLAW_SANDBOX_CPUS=1.0
- GOCLAW_SANDBOX_TIMEOUT_SEC=300
- GOCLAW_SANDBOX_NETWORK=false
# Docker socket requires overriding base cap_drop to allow container orchestration.
# Keep security_opt (no-new-privileges) from base — do NOT clear it.
# Only add the minimum cap needed: NET_BIND_SERVICE for port binding.
# SETUID/SETGID/CHOWN removed to prevent privilege escalation.
cap_drop: []
cap_add:
- NET_BIND_SERVICE
group_add:
- ${DOCKER_GID:-999}