Feature/Docker Sandbox

.claude/skills/add-whatsapp/SKILL.md

@@ -55,7 +55,7 @@ git remote -v
 If `whatsapp` is missing, add it:
 
 ```bash
-git remote add whatsapp https://github.com/qwibitai/nanoclaw-whatsapp.git
+git remote add whatsapp https://github.com/qwibitai/nanoclaw-docker-sandbox.git
 ```
 
 ### Merge the skill branch

.claude/skills/setup/SKILL.md

@@ -11,7 +11,27 @@ Run setup steps automatically. Only pause when user action is required (channel
 
 **UX Note:** Use `AskUserQuestion` for all user-facing questions.
 
-## 0. Git & Fork Setup
+## 0. Sandbox Bootstrap (conditional)
+
+Check if running inside a Docker Sandbox by looking for `sandbox/init.sh` AND the file `$HOME/.nanoclaw-workspace` does NOT exist (meaning init hasn't run yet):
+
+```bash
+test -f sandbox/init.sh && ! test -f "$HOME/.nanoclaw-initialized"
+```
+
+**If both conditions are true** (sandbox init script exists and hasn't been run yet):
+
+Tell the user: "Detected Docker Sandbox environment. Running initial setup..." Then run:
+
+```bash
+bash sandbox/init.sh
+```
+
+This configures the sandbox proxy, fixes CRLF line endings, and installs npm packages (using a /tmp workaround for virtiofs symlink limitations). It takes 2-5 minutes. Run it in the background with a long timeout and wait for completion, then continue to step 1.
+
+**If the conditions are false** (not a sandbox, or already initialized): skip this step.
+
+## 0b. Git & Fork Setup
 
 Check the git remote configuration to ensure the user has a fork and upstream is configured.
 
@@ -52,7 +72,9 @@ Already configured. Continue.
 
 ## 1. Bootstrap (Node.js + Dependencies)
 
-Run `bash setup.sh` and parse the status block.
+**If sandbox init already ran** (`test -f "$HOME/.nanoclaw-initialized"`): skip this step entirely — `init.sh` already installed Node dependencies, build tools, and native modules. Jump to step 2.
+
+**Otherwise:** Run `bash setup.sh` and parse the status block.
 
 - If NODE_OK=false → Node.js is missing or too old. Use `AskUserQuestion: Would you like me to install Node.js 22?` If confirmed:
   - macOS: `brew install node@22` (if brew available) or install nvm then `nvm install 22`
@@ -74,7 +96,9 @@ Run `npx tsx setup/index.ts --step environment` and parse the status block.
 
 ### 3a. Choose runtime
 
-Check the preflight results for `APPLE_CONTAINER` and `DOCKER`, and the PLATFORM from step 1.
+**If IS_SANDBOX=true:** Docker is the only runtime (DinD inside sandbox). Skip the runtime question and go directly to 3a-docker.
+
+**If IS_SANDBOX=false:** Check the preflight results for `APPLE_CONTAINER` and `DOCKER`, and the PLATFORM from step 1.
 
 - PLATFORM=linux → Docker (only option)
 - PLATFORM=macos + APPLE_CONTAINER=installed → Use `AskUserQuestion: Docker (cross-platform) or Apple Container (native macOS)?` If Apple Container, run `/convert-to-apple-container` now, then skip to 3c.
@@ -116,11 +140,25 @@ Run `npx tsx setup/index.ts --step container -- --runtime <chosen>` and parse th
 
 If HAS_ENV=true from step 2, read `.env` and check for `CLAUDE_CODE_OAUTH_TOKEN` or `ANTHROPIC_API_KEY`. If present, confirm with user: keep or reconfigure?
 
-AskUserQuestion: Claude subscription (Pro/Max) vs Anthropic API key?
+AskUserQuestion: "How do you want to authenticate with Claude?"
+- **Claude subscription (Pro/Max) — recommended:** Use your existing Claude subscription. No separate API key or billing needed.
+- **Anthropic API key:** Use an API key from console.anthropic.com (separate billing).
+
+**Subscription:** Tell user to run `claude setup-token` in another terminal (or in the sandbox terminal), copy the token, then paste it when asked. Use `AskUserQuestion` to collect the token, then write it to `.env` yourself using `printf` (NOT `echo`, which may produce UTF-16 on Windows):
+
+```bash
+printf 'CLAUDE_CODE_OAUTH_TOKEN=%s\n' '<token>' > .env
+```
+
+After writing, verify: `grep -q 'CLAUDE_CODE_OAUTH_TOKEN' .env && echo OK`. If verification fails, the file may have wrong encoding — re-write it with `printf`.
 
-**Subscription:** Tell user to run `claude setup-token` in another terminal, copy the token, add `CLAUDE_CODE_OAUTH_TOKEN=<token>` to `.env`. Do NOT collect the token in chat.
+**API key:** Tell the user: "Go to https://console.anthropic.com → API Keys → Create Key. The key starts with `sk-ant-...`". Collect the key via `AskUserQuestion`, then write it yourself:
 
-**API key:** Tell user to add `ANTHROPIC_API_KEY=<key>` to `.env`.
+```bash
+printf 'ANTHROPIC_API_KEY=%s\n' '<key>' > .env
+```
+
+**If IS_SANDBOX=true:** Also copy `.env` to `data/env/env` (`mkdir -p data/env && cp .env data/env/env`).
 
 ## 5. Set Up Channels
 
@@ -146,12 +184,15 @@ Each skill will:
 4. Register the chat with the correct JID format
 5. Build and verify
 
-**After all channel skills complete**, install dependencies and rebuild — channel merges may introduce new packages:
+**After all channel skills complete**, install dependencies and rebuild:
 
 ```bash
-npm install && npm run build
+npm install --no-bin-links
+npm run build
 ```
 
+The `--no-bin-links` flag prevents symlink errors on virtiofs (Docker sandbox). It is harmless on normal filesystems.
+
 If the build fails, read the error output and fix it (usually a missing dependency). Then continue to step 6.
 
 ## 6. Mount Allowlist
@@ -163,6 +204,10 @@ AskUserQuestion: Agent access to external directories?
 
 ## 7. Start Service
 
+**If IS_SANDBOX=true:** Skip the service step. After all setup steps complete, auto-start NanoClaw by running `npm start` in the foreground. Tell the user: "Starting NanoClaw... Send a message to your bot to test." Then skip to step 9.
+
+**If IS_SANDBOX=false (normal setup):**
+
 If service already running: unload first.
 - macOS: `launchctl unload ~/Library/LaunchAgents/com.nanoclaw.plist`
 - Linux: `systemctl --user stop nanoclaw` (or `systemctl stop nanoclaw` if root)
@@ -196,8 +241,9 @@ Replace `USERNAME` with the actual username (from `whoami`). Run the two `sudo`
 Run `npx tsx setup/index.ts --step verify` and parse the status block.
 
 **If STATUS=failed, fix each:**
+- SERVICE=not_found and IS_SANDBOX=true → This is expected (sandbox runs in foreground, no service). Not an error.
 - SERVICE=stopped → `npm run build`, then restart: `launchctl kickstart -k gui/$(id -u)/com.nanoclaw` (macOS) or `systemctl --user restart nanoclaw` (Linux) or `bash start-nanoclaw.sh` (WSL nohup)
-- SERVICE=not_found → re-run step 7
+- SERVICE=not_found (non-sandbox) → re-run step 7
 - CREDENTIALS=missing → re-run step 4
 - CHANNEL_AUTH shows `not_found` for any channel → re-invoke that channel's skill (e.g. `/add-telegram`)
 - REGISTERED_GROUPS=0 → re-invoke the channel skills from step 5

.gitattributes

@@ -0,0 +1,5 @@
+# Force LF line endings for shell scripts (critical for Docker sandboxes)
+*.sh text eol=lf
+
+# Auto-generated badge — always accept incoming version on merge
+repo-tokens/badge.svg merge=theirs

CLAUDE.md

@@ -25,7 +25,7 @@ Single Node.js process with skill-based channel system. Channels (WhatsApp, Tele
 
 | Skill | When to Use |
 |-------|-------------|
-| `/setup` | First-time installation, authentication, service configuration |
+| `/setup` | First-time installation, authentication, service configuration (auto-detects Docker Sandbox) |
 | `/customize` | Adding channels, integrations, changing behavior |
 | `/debug` | Container issues, logs, troubleshooting |
 | `/update-nanoclaw` | Bring upstream NanoClaw updates into a customized install |

README.md

@@ -44,6 +44,16 @@ Then run `/setup`. Claude Code handles everything: dependencies, authentication,
 
 > **Note:** Commands prefixed with `/` (like `/setup`, `/add-whatsapp`) are [Claude Code skills](https://code.claude.com/docs/en/skills). Type them inside the `claude` CLI prompt, not in your regular terminal. If you don't have Claude Code installed, get it at [claude.com/product/claude-code](https://claude.com/product/claude-code).
 
+### Docker Sandbox (optional)
+
+Requires [Docker Desktop](https://www.docker.com/products/docker-desktop/) 4.40+ with sandbox support.
+
+```bash
+curl -fsSL https://raw.githubusercontent.com/qwibitai/nanoclaw/main/sandbox/setup-sandbox.sh | bash
+docker sandbox run claude-nanoclaw-workspace
+# then type: /setup
+```
+
 ## Philosophy
 
 **Small enough to understand.** One process, a few source files and no microservices. If you want to understand the full NanoClaw codebase, just ask Claude Code to walk you through it.

container/Dockerfile

@@ -30,6 +30,11 @@ RUN apt-get update && apt-get install -y \
 ENV AGENT_BROWSER_EXECUTABLE_PATH=/usr/bin/chromium
 ENV PLAYWRIGHT_CHROMIUM_EXECUTABLE_PATH=/usr/bin/chromium
 
+# Sandbox: proxy build args for npm through MITM proxy
+ARG http_proxy
+ARG https_proxy
+RUN npm config set strict-ssl false
+
 # Install agent-browser and claude-code globally
 RUN npm install -g agent-browser @anthropic-ai/claude-code
 
@@ -45,8 +50,8 @@ RUN npm install
 # Copy source code
 COPY agent-runner/ ./
 
-# Build TypeScript
-RUN npm run build
+# Build TypeScript to /app/dist (pre-compiled, not at runtime)
+RUN npx tsc --outDir /app/dist && ln -s /app/node_modules /app/dist/node_modules
 
 # Create workspace directories
 RUN mkdir -p /workspace/group /workspace/global /workspace/extra /workspace/ipc/messages /workspace/ipc/tasks /workspace/ipc/input
@@ -55,7 +60,7 @@ RUN mkdir -p /workspace/group /workspace/global /workspace/extra /workspace/ipc/
 # Container input (prompt, group info) is passed via stdin JSON.
 # Credentials are injected by the host's credential proxy — never passed here.
 # Follow-up messages arrive via IPC files in /workspace/ipc/input/
-RUN printf '#!/bin/bash\nset -e\ncd /app && npx tsc --outDir /tmp/dist 2>&1 >&2\nln -s /app/node_modules /tmp/dist/node_modules\nchmod -R a-w /tmp/dist\ncat > /tmp/input.json\nnode /tmp/dist/index.js < /tmp/input.json\n' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
+RUN printf '#!/bin/bash\nset -e\ncat > /tmp/input.json\nnode /app/dist/index.js < /tmp/input.json\n' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
 
 # Set ownership to node user (non-root) for writable directories
 RUN chown -R node:node /workspace && chmod 777 /home/node

container/agent-runner/src/index.ts

@@ -527,6 +527,14 @@ async function main(): Promise<void> {
         break;
       }
 
+      // Single-turn mode: exit after first query (sandbox — IPC doesn't work with tmpfs).
+      // Must use process.exit() because the Claude SDK keeps background subprocesses
+      // alive that prevent the Node.js event loop from draining naturally.
+      if (process.env.NANOCLAW_SINGLE_TURN === '1') {
+        log('Single-turn mode: exiting after first query');
+        process.exit(0);
+      }
+
       // Emit session update so host can track it
       writeOutput({ status: 'success', result: null, newSessionId: sessionId });
 

container/build.sh

@@ -13,7 +13,12 @@ CONTAINER_RUNTIME="${CONTAINER_RUNTIME:-docker}"
 echo "Building NanoClaw agent container image..."
 echo "Image: ${IMAGE_NAME}:${TAG}"
 
-${CONTAINER_RUNTIME} build -t "${IMAGE_NAME}:${TAG}" .
+# Forward proxy env vars for sandbox builds
+BUILD_ARGS=""
+[ -n "${http_proxy:-}" ] && BUILD_ARGS="$BUILD_ARGS --build-arg http_proxy=$http_proxy"
+[ -n "${https_proxy:-}" ] && BUILD_ARGS="$BUILD_ARGS --build-arg https_proxy=$https_proxy"
+
+${CONTAINER_RUNTIME} build ${BUILD_ARGS} -t "${IMAGE_NAME}:${TAG}" .
 
 echo ""
 echo "Build complete!"

package.json

@@ -21,6 +21,7 @@
   "dependencies": {
     "better-sqlite3": "^11.8.1",
     "cron-parser": "^5.5.0",
+    "https-proxy-agent": "^8.0.0",
     "pino": "^9.6.0",
     "pino-pretty": "^13.0.0",
     "yaml": "^2.8.2",