claude-code-web-docker
Docker in Claude Code for Web
Claude Code for Web runs in a restricted container environment that requires special configuration for Docker.
Detection
You're in Claude Code for Web if:
# Proxy environment is set
echo $http_proxy # Shows a proxy URL
# Running inside a container
test -f /.dockerenv && echo "In container"
# iptables is restricted
iptables -L 2>&1 | grep -q "Permission denied"
Quick Setup
# Install Docker
sudo apt-get update && sudo apt-get install -y docker.io
# Start daemon with restrictions (background)
sudo dockerd --iptables=false --bridge=none &
# Wait for daemon to be ready
sleep 3
# Verify
docker info
Building csb Images
Standard builds fail because Docker tries to create bridge networks. Use these flags:
# Build with host networking and insecure SSL (for intercepting proxy)
csb build --host-network --insecure
What these flags do:
--host-network: Uses host networking instead of bridge (which requires iptables)--insecure: Adds-kto curl commands and disables npm strict-ssl (for SSL-intercepting proxies)
Creating Sandboxes
Sandbox creation also needs host networking:
# When creating sandboxes, they'll run in the Docker network
# The proxy container won't work (needs iptables), so use --egress=all
csb create my-sandbox --egress=all
Common Errors and Fixes
"iptables: Permission denied"
The daemon is trying to manage iptables rules. Restart with:
sudo pkill dockerd
sudo dockerd --iptables=false --bridge=none &
"network bridge not found"
Same issue - daemon needs --bridge=none flag.
"SSL certificate problem"
The proxy intercepts HTTPS. Use --insecure flag with csb build, or for manual curl:
curl -k https://example.com
"npm ERR! unable to verify certificate"
npm config set strict-ssl false
npm install
npm config set strict-ssl true # Reset after
Full Workflow Example
# 1. Install and start Docker
sudo apt-get update && sudo apt-get install -y docker.io
sudo dockerd --iptables=false --bridge=none &
sleep 3
# 2. Build csb images
csb build --host-network --insecure
# 3. Create a sandbox
csb create dev --egress=all
# 4. Connect
csb ssh dev
Limitations
In Claude Code for Web:
- No bridge networking - containers share host network
- No egress proxy container (requires iptables)
- SSL verification must be disabled for builds
- GPU passthrough not available
Cleanup
# Stop all containers
docker stop $(docker ps -q) 2>/dev/null
# Stop daemon
sudo pkill dockerd
More from trevors/dot-claude
jj-workflow
Jujutsu (jj) version control, load skill when hook output shows vcs=jj-colocated or vcs=jj in the system-reminder.
93notion-formatter
Format markdown content for Notion import with proper syntax for toggles, code blocks, and tables. Use when formatting responses for Notion, creating Notion-compatible documentation, or preparing markdown for Notion paste/import.
47using-jj
Advanced jj/jujutsu workflows — revsets, absorb, evolog, op restore/undo, immutable_heads bypass, divergent-change resolution, jj split, parallel jj new, conflict-after-rebase, force-push recovery. Contains non-obvious rules (e.g., always `-m` to avoid editor) that prevent broken workflows. Skip for simple commit/push/rebase.
45book-reader
Read and search digital books (PDF, EPUB, MOBI, TXT). Use when answering questions about a book, finding quotes or passages, navigating to specific pages or chapters, or extracting information from documents.
44svelte5
Svelte 5 syntax reference. Use when writing ANY Svelte component. Svelte 5 uses runes ($state, $derived, $effect, $props) instead of Svelte 4 patterns. Training data is heavily Svelte 4—this skill prevents outdated syntax.
39maintaining-claude-code
Create, validate, and improve Claude Code configuration — SKILL.md files, CLAUDE.md, rules, hooks, and settings.json. Use when creating a new skill, writing a SKILL.md, adding a hook, editing rules, auditing skill descriptions, checking config quality, debugging hook behavior, or deciding between skills vs rules vs CLAUDE.md. Also auto-loads when working in ~/.claude/ on skills, rules, hooks, or settings.
32