54 lines
1.8 KiB
TOML
54 lines
1.8 KiB
TOML
# Layered settings: CLI > active profile > globals. `--profile` selects the
|
|
# profile, otherwise `default-profile` below is used. Vec fields append across
|
|
# layers; scalars replace.
|
|
#
|
|
# `extra-config` optionally points to a second file layered on top of this one
|
|
# using the same rules (scalars replace, vecs append, profiles merge by name).
|
|
# Missing extra-config files are silently skipped; nesting is not supported.
|
|
|
|
extra-config = "~/.config/agent-sandbox/extra.toml"
|
|
|
|
whitelist = true
|
|
# blacklist = true
|
|
# hardened = true # implied by whitelist
|
|
# unshare-net = true
|
|
# seccomp = false # default: true
|
|
# env-filter = false # default: true
|
|
# dry-run = true
|
|
# chdir = "~/projects/my-repo"
|
|
|
|
ro = [
|
|
"~/dev/agent-config",
|
|
"/etc/alsa",
|
|
"/run/user/1000/pulse",
|
|
"/run/user/1000/pipewire-0",
|
|
# "/host/path:/sandbox/path", # SRC:DST -> mount host SRC at a different target
|
|
]
|
|
rw = [
|
|
"~/.cargo",
|
|
"~/.rustup",
|
|
]
|
|
# mask = ["~/.ssh"] # hide path with tmpfs/over /dev/null
|
|
|
|
env = [
|
|
"XDG_RUNTIME_DIR", # KEY -> pass through from host if set
|
|
# "DEBUG=", # KEY= -> set to empty string
|
|
# "DATABASE_URL=dev", # KEY=VALUE -> set explicitly
|
|
]
|
|
# unsetenv = ["SOME_LEAKED_VAR"]
|
|
|
|
# entrypoint = ["claude", "--dangerously-skip-permissions"] # binary + baked-in args
|
|
# command = ["--model", "opus"] # default trailing args
|
|
# bwrap-args = ["--tmpfs /opt/scratch"] # raw bwrap escape hatch
|
|
|
|
default-profile = "claude"
|
|
|
|
[profile.claude]
|
|
ro = ["~/.local/share/claude-code"]
|
|
rw = ["~/.config/claude"]
|
|
entrypoint = ["claude", "--dangerously-skip-permissions"]
|
|
|
|
[profile.codex]
|
|
ro = ["~/.local/share/codex-cli"]
|
|
entrypoint = ["codex", "--dangerously-bypass-approvals-and-sandbox"]
|