https://uniforgeai.github.io/claustro/guides/Recent content in Guides on claustroHugoenhttps://uniforgeai.github.io/claustro/guides/monorepo/Mon, 01 Jan 0001 00:00:00 +0000https://uniforgeai.github.io/claustro/guides/monorepo/<h1 id="monorepo-setup">Monorepo Setup<a class="anchor" href="#monorepo-setup">#</a></h1> <p>Run multiple sandboxes targeting different parts of a monorepo.</p> <h2 id="named-sandboxes">Named sandboxes<a class="anchor" href="#named-sandboxes">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">sandboxes</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">api</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">workdir</span>: <span style="color:#ae81ff">./services/api</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">mounts</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./libs:/workspace/libs:ro</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./proto:/workspace/proto:ro</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">env</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">DATABASE_URL</span>: <span style="color:#ae81ff">postgresql://localhost:5432/dev</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">web</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">workdir</span>: <span style="color:#ae81ff">./packages/frontend</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">env</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">API_URL</span>: <span style="color:#ae81ff">http://localhost:3000</span></span></span></code></pre></div><h2 id="running">Running<a class="anchor" href="#running">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>claustro up --name api </span></span><span style="display:flex;"><span>claustro up --name web </span></span><span style="display:flex;"><span>claustro claude api </span></span><span style="display:flex;"><span>claustro claude web </span></span><span style="display:flex;"><span>claustro ls</span></span></code></pre></div>https://uniforgeai.github.io/claustro/guides/firewall/Mon, 01 Jan 0001 00:00:00 +0000https://uniforgeai.github.io/claustro/guides/firewall/<h1 id="egress-firewall">Egress Firewall<a class="anchor" href="#egress-firewall">#</a></h1> <p>Restrict outbound network access from sandboxes.</p> <h2 id="enable">Enable<a class="anchor" href="#enable">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>claustro up --firewall</span></span></code></pre></div><p>Or in <code>claustro.yaml</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">firewall</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">enabled</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">allow</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">custom-registry.company.com</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">api.openai.com</span></span></span></code></pre></div><h2 id="default-whitelist">Default whitelist<a class="anchor" href="#default-whitelist">#</a></h2> <p>When enabled, the following domains are always allowed:</p> <ul> <li><code>api.anthropic.com</code> — Anthropic API</li> <li><code>registry.npmjs.org</code> — npm</li> <li><code>pypi.org</code> — Python packages</li> <li><code>github.com</code> — Git operations</li> <li><code>archive.ubuntu.com</code>, <code>security.ubuntu.com</code> — System updates</li> </ul> <p>Docker internal networks (172.16.0.0/12, 192.168.0.0/16, 10.0.0.0/8) are always allowed for compose-sibling services.</p>https://uniforgeai.github.io/claustro/guides/mcp-servers/Mon, 01 Jan 0001 00:00:00 +0000https://uniforgeai.github.io/claustro/guides/mcp-servers/<h1 id="mcp-servers">MCP Servers<a class="anchor" href="#mcp-servers">#</a></h1> <p>claustro supports stdio-based and SSE-based MCP servers.</p> <h2 id="pre-installed-stdio">Pre-installed (stdio)<a class="anchor" href="#pre-installed-stdio">#</a></h2> <p>The default image includes:</p> <ul> <li><strong>filesystem</strong> — file system access within /workspace</li> <li><strong>memory</strong> — persistent memory for Claude</li> <li><strong>fetch</strong> — HTTP fetching capability</li> </ul> <p>Toggle in <code>claustro.yaml</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">image</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">mcp_servers</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">filesystem</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">memory</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">fetch</span>: <span style="color:#66d9ef">false</span></span></span></code></pre></div><h2 id="project-mcp-config">Project MCP config<a class="anchor" href="#project-mcp-config">#</a></h2> <p>Place a <code>.mcp.json</code> in your project root. It will be merged with image defaults (project config wins).</p> <h2 id="sse-sibling-containers">SSE sibling containers<a class="anchor" href="#sse-sibling-containers">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">mcp</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">sse</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">postgres</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">crystaldba/postgres-mcp-server:latest</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">port</span>: <span style="color:#ae81ff">8000</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">env</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">DATABASE_URI</span>: <span style="color:#ae81ff">postgresql://postgres:postgres@db:5432/devdb</span></span></span></code></pre></div><p>SSE servers run as sibling containers on the same Docker network.</p>https://uniforgeai.github.io/claustro/guides/custom-image/Mon, 01 Jan 0001 00:00:00 +0000https://uniforgeai.github.io/claustro/guides/custom-image/<h1 id="custom-image-configuration">Custom Image Configuration<a class="anchor" href="#custom-image-configuration">#</a></h1> <h2 id="language-selection">Language selection<a class="anchor" href="#language-selection">#</a></h2> <p>Choose which language runtimes to include. Node.js is always installed (required for Claude Code).</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">image</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">languages</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">node</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">go</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">rust</span>: <span style="color:#66d9ef">false</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">python</span>: <span style="color:#66d9ef">true</span></span></span></code></pre></div><h2 id="tool-groups">Tool groups<a class="anchor" href="#tool-groups">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">image</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">tools</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">dev</span>: <span style="color:#66d9ef">true</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">build</span>: <span style="color:#66d9ef">true</span></span></span></code></pre></div><h2 id="extra-dockerfile-steps">Extra Dockerfile steps<a class="anchor" href="#extra-dockerfile-steps">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">image</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">extra</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">run</span>: <span style="color:#ae81ff">apt-get update &amp;&amp; apt-get install -y ffmpeg</span> </span></span><span style="display:flex;"><span> - <span style="color:#f92672">run</span>: <span style="color:#ae81ff">pip install black ruff</span></span></span></code></pre></div><h2 id="using-a-completely-custom-image">Using a completely custom image<a class="anchor" href="#using-a-completely-custom-image">#</a></h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">image</span>: <span style="color:#ae81ff">my-registry/my-image:latest</span></span></span></code></pre></div><p>The custom image must have Claude Code pre-installed.</p>