68 lines
2.2 KiB
TOML
68 lines
2.2 KiB
TOML
# Merge rules (apply to every layering below): scalars replace, vec fields
|
|
# append, profiles merge by name.
|
|
#
|
|
# Layers, lowest precedence first: globals -> active profile (with its
|
|
# ancestors folded in) -> CLI flags. `--profile` selects the active profile;
|
|
# otherwise the top-level `profile` below is used. Profiles can themselves set
|
|
# `profile = "parent"` to inherit from another profile.
|
|
#
|
|
# `extra-config` optionally points to a second file layered on top of this
|
|
# one. Missing extra-config files are silently skipped; nesting is not
|
|
# supported.
|
|
|
|
extra-config = "~/.config/agent-sandbox/extra.toml"
|
|
|
|
whitelist = true
|
|
# blacklist = true
|
|
# hardened = true # implied by whitelist
|
|
# unshare-net = true
|
|
# seccomp = false # default: true
|
|
# env-filter = false # default: true
|
|
# dry-run = true
|
|
# chdir = "~/projects/my-repo"
|
|
|
|
ro = [
|
|
"~/dev/agent-config",
|
|
"/etc/alsa",
|
|
"/run/user/1000/pulse",
|
|
"/run/user/1000/pipewire-0",
|
|
# "/host/path:/sandbox/path", # SRC:DST -> mount host SRC at a different target
|
|
]
|
|
rw = [
|
|
"~/.cargo",
|
|
"~/.rustup",
|
|
]
|
|
# mask = ["~/.ssh"] # hide path with tmpfs/over /dev/null
|
|
|
|
env = [
|
|
"XDG_RUNTIME_DIR", # KEY -> pass through from host if set
|
|
# "DEBUG=", # KEY= -> set to empty string
|
|
# "DATABASE_URL=dev", # KEY=VALUE -> set explicitly
|
|
]
|
|
# unsetenv = ["SOME_LEAKED_VAR"]
|
|
|
|
# entrypoint = ["claude", "--dangerously-skip-permissions"] # binary + baked-in args
|
|
# command = ["--model", "opus"] # default trailing args
|
|
# bwrap-args = ["--tmpfs /opt/scratch"] # raw bwrap escape hatch
|
|
|
|
profile = "claude"
|
|
|
|
[profiles.claude]
|
|
ro = ["~/.local/share/claude-code"]
|
|
rw = ["~/.config/claude"]
|
|
entrypoint = ["claude", "--allowedTools", "Bash(*)", "Read", "Glob", "Grep", "WebSearch", "WebFetch(*)", "mcp__brightdata__*"]
|
|
|
|
[profiles.claude-yolo]
|
|
profile = "claude"
|
|
entrypoint = ["claude", "--dangerously-skip-permissions"]
|
|
|
|
[profiles.codex]
|
|
ro = ["~/.local/share/codex-cli"]
|
|
rw = ["~/.config/codex"]
|
|
entrypoint = ["codex", "--dangerously-bypass-approvals-and-sandbox"]
|
|
|
|
[profiles.pi]
|
|
ro = ["~/.local/share/pi-agent"]
|
|
rw = ["~/.config/pi"]
|
|
entrypoint = ["pi"]
|