Smart Programming Ägent for Task-realization with Zero-friction in a Locked-down Environment.
A minimal but practical Docker-based development environment for running the OpenCode AI coding agent interactively on any local repository.
curl -fsSL https://raw.githubusercontent.com/tiliavir/opencode-spaetzle/main/scripts/install.sh | bashirm https://raw.githubusercontent.com/tiliavir/opencode-spaetzle/main/scripts/install.ps1 | iexAfter installation, run:
spaetzleThis starts the container with your current directory mounted as /workspace.
- Debian bookworm-slim base — minimal, stable, production-grade
- Full Node.js 22 / npm stack for OpenCode and related tooling (via NodeSource)
- Rich set of CLI tools:
ripgrep,fd,bat,tree,ctags,jq,htopand more - OpenCode CLI pre-installed and on
PATH - Claude Code CLI pre-installed and on
PATH - GSD (get-shit-done-cc) pre-installed and pre-configured for OpenCode
- GSD2 (gsd-pi) pre-installed (
gsd/gsd-clicommands available) - Sensible shell aliases (
ll,cat→batcat) - Interactive terminal support (
TERM=xterm-256color)
- Docker ≥ 20.10
GITHUB_TOKEN(optional, for GitHub Copilot provider)
| Host path | Container path | Mode |
|---|---|---|
~/.gitconfig |
/root/.gitconfig |
ro |
~/.config/git/ |
/root/.config/git/ |
ro |
~/.ssh/ |
/root/.ssh/ |
ro |
~/.npmrc |
/root/.npmrc |
ro |
~/.config/npm/ |
/root/.config/npm/ |
ro |
~/.m2/ |
/root/.m2/ |
ro |
~/.config/github-copilot/ |
/root/.config/github-copilot/ |
ro |
~/.local/share/opencode/ |
/root/.local/share/opencode/ |
ro |
~/.claude/ |
/root/.claude/ |
ro |
$(pwd) |
/workspace |
rw |
GITHUB_TOKEN/GH_TOKENOPENAI_API_KEYANTHROPIC_API_KEY
spaetzlespaetzle -- opencodespaetzle -e OPENAI_API_KEY=sk-...spaetzle --versionOPENCODE_IMAGE=my-custom-image spaetzleOr during install:
curl -fsSL .../install.sh | bash -s -- --image my-registry/opencode-spaetzle:devcurl -fsSL .../install.sh | bash -s -- --install-dir /usr/local/binIf you need company CA certificates, use the helvetia install script:
irm https://raw.githubusercontent.com/tiliavir/opencode-spaetzle/main/scripts/install-helvetia.ps1 | iexThis builds a local wrapper image with your certificates baked in. See the script for customization options.
Add .devcontainer/devcontainer.json to your project:
docker build -t opencode-spaetzle .- Never bake credentials — API keys must be passed at runtime via
-eor mounted read-only - Read-only mounts — All config mounts use
:ro; only workspace is:rw - No tokens in URLs — Use SSH remotes or credential helpers, never
https://[email protected]/...
opencode-spaetzle/
├── .github/workflows/ # CI/CD
├── docs/ # Architecture & development docs
├── scripts/
│ ├── install.sh # Bash install script
│ ├── install.ps1 # PowerShell install script
│ ├── install-helvetia.sh
│ ├── install-helvetia.ps1
│ └── run.sh # Legacy wrapper
├── Dockerfile
└── README.md
{ "name": "opencode-spaetzle", "image": "ghcr.io/tiliavir/opencode-spaetzle:latest", "workspaceFolder": "/workspace", "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind", "remoteEnv": { "GITHUB_TOKEN": "${localEnv:GITHUB_TOKEN}", "OPENAI_API_KEY": "${localEnv:OPENAI_API_KEY}", "ANTHROPIC_API_KEY": "${localEnv:ANTHROPIC_API_KEY}" }, "mounts": [ "source=${localEnv:HOME}/.gitconfig,target=/root/.gitconfig,type=bind,readonly", "source=${localEnv:HOME}/.config/git,target=/root/.config/git,type=bind,readonly", "source=${localEnv:HOME}/.ssh,target=/root/.ssh,type=bind,readonly", "source=${localEnv:HOME}/.config/github-copilot,target=/root/.config/github-copilot,type=bind,readonly", "source=${localEnv:HOME}/.local/share/opencode,target=/root/.local/share/opencode,type=bind,readonly", "source=${localEnv:HOME}/.claude,target=/root/.claude,type=bind,readonly" ], "postCreateCommand": "opencode --version", "terminal.integrated.defaultProfile.linux": "bash" }