DiscordSign up
SKILLS.SH

holyclaude-ai-workstation

Deploy a full AI coding workstation with Claude Code, web UI, headless browser, and 5 AI CLIs in a single Docker container

INSTALLATION
npx skills add https://github.com/aradotso/trending-skills --skill holyclaude-ai-workstation
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

HolyClaude AI Workstation

Skill by ara.so — Daily 2026 Skills collection.

HolyClaude is a containerized AI development workstation that bundles Claude Code CLI, a CloudCLI web UI, Chromium headless browser with Playwright, 5 AI CLIs (Claude, Gemini, OpenAI Codex, Cursor, TaskMaster AI), and 50+ dev tools into a single Docker image. One docker compose up replaces hours of manual setup.

Installation

Prerequisites

  • Docker + Docker Compose installed
  • Existing Anthropic account (Max/Pro subscription or API key)

Quick Start

mkdir holyclaude && cd holyclaude

Create docker-compose.yaml:

services:

  holyclaude:

    image: CoderLuii/HolyClaude:latest

    container_name: holyclaude

    hostname: holyclaude

    restart: unless-stopped

    shm_size: 2g

    ports:

      - "3001:3001"

    volumes:

      - ./data/claude:/root/.claude

      - ./data/config:/root/.config

      - ./projects:/workspace

    environment:

      - PUID=1000

      - PGID=1000
docker compose up -d

# Open http://localhost:3001

Image Variants

# Full image — all tools pre-installed (recommended)

docker pull CoderLuii/HolyClaude:latest

# Slim image — smaller download, tools installed on demand

docker pull CoderLuii/HolyClaude:slim

# Pinned version for production stability

docker pull CoderLuii/HolyClaude:1.2.3

docker pull CoderLuii/HolyClaude:1.2.3-slim

Full Docker Compose Configuration

services:

  holyclaude:

    image: CoderLuii/HolyClaude:latest

    container_name: holyclaude

    hostname: holyclaude

    restart: unless-stopped

    shm_size: 2g                          # Required for Chromium

    ports:

      - "3001:3001"                       # CloudCLI web UI

    volumes:

      - ./data/claude:/root/.claude       # Claude credentials & config (persisted)

      - ./data/config:/root/.config       # App config (persisted)

      - ./projects:/workspace             # Your project files

    environment:

      # User/group IDs (match host user to avoid permission issues)

      - PUID=1000

      - PGID=1000

      # AI provider API keys (optional — can also set via web UI)

      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}

      - GEMINI_API_KEY=${GEMINI_API_KEY}

      - OPENAI_API_KEY=${OPENAI_API_KEY}

      - CURSOR_API_KEY=${CURSOR_API_KEY}

      # NAS/SMB mount polling (enable if using Synology/QNAP)

      - CHOKIDAR_USEPOLLING=true

      # Notification webhooks (optional)

      - DISCORD_WEBHOOK_URL=${DISCORD_WEBHOOK_URL}

      - SLACK_WEBHOOK_URL=${SLACK_WEBHOOK_URL}

    security_opt:

      - seccomp:unconfined               # Required for Chromium sandbox

Environment Variable Reference

Variable

Required

Description

PUID

Recommended

Host user ID (run id -u to find yours)

PGID

Recommended

Host group ID (run id -g to find yours)

ANTHROPIC_API_KEY

Optional

Anthropic API key (alternative to OAuth login)

GEMINI_API_KEY

Optional

Google AI API key for Gemini CLI

OPENAI_API_KEY

Optional

OpenAI API key for Codex CLI

CURSOR_API_KEY

Optional

Cursor API key

CHOKIDAR_USEPOLLING

NAS only

Set true for SMB/NFS mounts

DISCORD_WEBHOOK_URL

Optional

Discord notifications

SLACK_WEBHOOK_URL

Optional

Slack notifications

Authentication

Method 1: OAuth (Claude Max/Pro Subscription)

  • Open http://localhost:3001
  • Create a CloudCLI account (10 seconds)
  • Sign in with your Anthropic account via OAuth
  • No API key needed — uses your existing subscription

Method 2: API Key

environment:

  - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}

Or paste the key directly in the CloudCLI web UI settings.

Credential Persistence

Credentials are stored in the bind-mounted volume:

./data/claude/     →  /root/.claude/

./data/config/     →  /root/.config/

Credentials survive container restarts, updates, and recreation.

Platform-Specific Configuration

Linux (amd64/arm64) — Default

# No extra config needed

shm_size: 2g

macOS (Docker Desktop)

# Works out of the box with Docker Desktop

shm_size: 2g

Windows (WSL2 + Docker Desktop)

# Requires WSL2 backend enabled in Docker Desktop

shm_size: 2g

Synology / QNAP NAS

environment:

  - CHOKIDAR_USEPOLLING=true    # Fixes file watching on SMB mounts

volumes:

  - /volume1/docker/holyclaude/data/claude:/root/.claude

  - /volume1/docker/holyclaude/projects:/workspace

Kubernetes (ARM64 / Oracle Cloud Graviton)

# arm64 image is published alongside amd64

image: CoderLuii/HolyClaude:latest   # multi-arch manifest auto-selects correct arch

What's Inside the Container

AI CLIs

CLI

Invocation

Key Provider

Claude Code

claude

Anthropic (ANTHROPIC_API_KEY or OAuth)

Gemini CLI

gemini

Google (GEMINI_API_KEY)

OpenAI Codex

codex

OpenAI (OPENAI_API_KEY)

Cursor

cursor

Cursor (CURSOR_API_KEY)

TaskMaster AI

task-master

Uses configured AI provider keys

Headless Browser Stack

  • Chromium — pre-installed and configured
  • Xvfb — virtual display on :99
  • Playwright — configured and ready
  • Shared memoryshm_size: 2g pre-configured (fixes the 64MB Docker default)

Dev Tools (50+)

  • Languages: Node.js, Python 3, TypeScript, Bun, Deno
  • Package managers: npm, yarn, pnpm, pip, cargo
  • Database clients: PostgreSQL, MySQL, SQLite, Redis CLI
  • Cloud CLIs: AWS CLI, Google Cloud SDK, Azure CLI
  • Dev tools: GitHub CLI (gh), Git, curl, jq, ripgrep, fd
  • Process manager: s6-overlay (auto-restart, graceful shutdown)

Working with Projects

Mount your project directory

volumes:

  - ./projects:/workspace

  # Or mount a specific project:

  - /path/to/my-app:/workspace/my-app

Inside the container

# Access the container shell

docker exec -it holyclaude bash

# Navigate to workspace

cd /workspace

# Run Claude Code directly

claude

# Run other AI CLIs

gemini

codex

Playwright / Headless Browser Usage

Playwright is pre-configured. Use it from Claude Code tasks or directly:

// playwright.config.ts — already works inside the container

import { defineConfig } from '@playwright/test';

export default defineConfig({

  use: {

    // Chromium is pre-installed, no download needed

    browserName: 'chromium',

    launchOptions: {

      args: [

        '--no-sandbox',

        '--disable-setuid-sandbox',

        '--disable-dev-shm-usage',  // Use /tmp instead of /dev/shm

      ],

    },

  },

});
// Direct Playwright usage inside container

import { chromium } from 'playwright';

const browser = await chromium.launch({

  args: [

    '--no-sandbox',

    '--disable-setuid-sandbox',

    '--disable-dev-shm-usage',

  ],

});

const page = await browser.newPage();

await page.goto('https://example.com');

const screenshot = await page.screenshot({ path: '/workspace/screenshot.png' });

await browser.close();
# Run Playwright tests inside container

docker exec -it holyclaude bash -c "cd /workspace && npx playwright test"

# Run with headed mode via Xvfb

docker exec -it holyclaude bash -c "DISPLAY=:99 npx playwright test --headed"

Updating HolyClaude

# Pull latest image

docker compose pull

# Recreate container with new image (zero data loss — data is in bind mounts)

docker compose up -d

# Or explicit recreation

docker compose down && docker compose up -d

Pinned Version Strategy

# For production: pin to a specific version

image: CoderLuii/HolyClaude:1.2.3

# Update by changing the tag and running:

docker compose up -d

Data & Persistence

holyclaude/

├── docker-compose.yaml

├── data/

│   ├── claude/          # Claude credentials, .claude.json, history

│   └── config/          # CloudCLI and app configuration

└── projects/            # Your workspace (mount your code here)

All credentials and config survive:

  • Container restarts
  • docker compose down && up
  • Image updates via docker compose pull
  • Container recreation

Common Patterns

Pattern: Multiple Projects

volumes:

  - ./data/claude:/root/.claude

  - ./data/config:/root/.config

  - ~/code/project-a:/workspace/project-a

  - ~/code/project-b:/workspace/project-b

  - ~/code/project-c:/workspace/project-c

Pattern: Read-only API Keys via .env file

# .env (never commit this)

ANTHROPIC_API_KEY=sk-ant-...

GEMINI_API_KEY=AIza...

OPENAI_API_KEY=sk-...
# docker-compose.yaml

services:

  holyclaude:

    env_file: .env

Pattern: Custom Port

ports:

  - "8080:3001"    # Access via http://localhost:8080

Pattern: Remote Server Access

ports:

  - "0.0.0.0:3001:3001"    # Accessible from network

# Then access via http://your-server-ip:3001

# Recommend putting behind nginx/Caddy with HTTPS for production

Pattern: Nginx Reverse Proxy

services:

  holyclaude:

    image: CoderLuii/HolyClaude:latest

    # Don't expose ports directly — nginx handles it

    expose:

      - "3001"

    networks:

      - web

  nginx:

    image: nginx:alpine

    ports:

      - "443:443"

    volumes:

      - ./nginx.conf:/etc/nginx/conf.d/default.conf

      - ./certs:/etc/nginx/certs

    networks:

      - web

networks:

  web:

Troubleshooting

Container won't start

# Check logs

docker compose logs holyclaude

# Check if port 3001 is already in use

lsof -i :3001

Chromium crashes / headless browser fails

# Ensure shm_size is set (CRITICAL)

shm_size: 2g

# Ensure seccomp is unconfined

security_opt:

  - seccomp:unconfined
# Verify display is available inside container

docker exec holyclaude bash -c "echo $DISPLAY"

# Should output: :99

Permission denied errors on bind mounts

environment:

  - PUID=1000    # Must match your host user: `id -u`

  - PGID=1000    # Must match your host group: `id -g`
# Fix existing permissions on host

sudo chown -R 1000:1000 ./data ./projects

File watching broken on NAS / SMB mounts

environment:

  - CHOKIDAR_USEPOLLING=true

Claude Code installer hangs

This is pre-solved in HolyClaude — the container sets the correct WORKDIR ownership. If you're building a custom image on top:

# Ensure WORKDIR is not root-owned before running Claude Code installer

RUN chown -R node:node /app

WORKDIR /app

SQLite locks on NAS mount

volumes:

  # Move SQLite databases to a local volume, not NAS mount

  - holyclaude-db:/root/.local/share/holyclaude

  - /nas/mount:/workspace    # NAS mount only for project files

volumes:

  holyclaude-db:

Claude Code authentication lost after restart

# Ensure this volume is mounted (credentials live here)

volumes:

  - ./data/claude:/root/.claude

Process keeps dying / not restarting

HolyClaude uses s6-overlay for process supervision. Check service status:

docker exec holyclaude s6-svstat /run/service/cloudcli

docker exec holyclaude s6-svstat /run/service/xvfb

Building Locally

git clone https://github.com/CoderLuii/HolyClaude.git

cd HolyClaude

# Build full image

docker build -t holyclaude:local .

# Build slim image

docker build -t holyclaude:local-slim --target slim .

# Build for specific platform

docker buildx build --platform linux/arm64 -t holyclaude:arm64 .

# Run your local build

docker run -d \

  --name holyclaude \

  --shm-size=2g \

  -p 3001:3001 \

  -v $(pwd)/data/claude:/root/.claude \

  holyclaude:local

Quick Reference

# Start

docker compose up -d

# Stop

docker compose down

# View logs (live)

docker compose logs -f holyclaude

# Shell access

docker exec -it holyclaude bash

# Update to latest

docker compose pull && docker compose up -d

# Restart only the container

docker compose restart holyclaude

# Check resource usage

docker stats holyclaude
BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

azure-ai
3/3

Access Azure AI Search, Speech, OpenAI, and Document Intelligence services through unified MCP tools. AI Search supports full-text, vector, hybrid, and semantic search with built-in AI enrichment for entity extraction and OCR Speech service handles real-time and batch speech-to-text transcription, text-to-speech synthesis with neural voices, and speaker diarization MCP tools provide direct access: azure__search for index queries and azure__speech for transcription and synthesis SDK references available for Python, TypeScript, .NET, and Java across all services; enable via /azure:setup or /mcp if MCP is not active

Verified authormicrosoft
SKILLS.SH
325K1.1K
2026-05-22
microsoft-foundry
2/3

End-to-end deployment, evaluation, and management of AI agents on Microsoft Foundry. Covers the complete agent lifecycle: creation from starter samples, containerization and ACR push, hosted or prompt agent deployment, invocation, batch evaluation, and prompt optimization Includes specialized sub-skills for deploy, invoke, observe (evaluation and prompt optimization), trace analysis, troubleshooting, and dataset curation from production traces Supports project and resource provisioning, RBAC management, quota tracking, and model deployment with intelligent routing across regions and SKUs Requires .foundry/agent-metadata.yaml as the source of truth for environment-specific configuration, datasets, and evaluation test cases

Verified authormicrosoft
SKILLS.SH
323K1.1K
2026-05-22
azure-aigateway
2/3

Configure Azure API Management as an AI Gateway for models, MCP tools, and agents with built-in governance policies. Supports semantic caching (60-80% cost savings), token rate limiting, content safety filtering, and jailbreak detection across AI backends Add Azure OpenAI, AI Foundry models, or convert existing APIs to MCP tools as managed backends with load balancing Includes five core policy categories: authentication, semantic cache lookup, token limits, content safety, and token metrics for observability Requires Azure CLI for configuration and testing; integrates with managed identity for secure backend access

Verified authormicrosoft
SKILLS.SH
310K1.1K
2026-05-22
azure-hosted-copilot-sdk
2/3

Build and deploy GitHub Copilot SDK applications to Azure with flexible model configuration. Three scaffolding paths: create new greenfield projects, add SDK services to existing repos, or deploy existing SDK apps with Azure infrastructure Supports three model configurations: GitHub's default models, specific GitHub models via discovery, or bring-your-own-model (BYOM) on Azure with DefaultAzureCredential authentication Includes complete templates with Express/TypeScript API, React/Vite frontend, Bicep infrastructure, Docker support, and token management scripts Deploy workflow uses azure-prepare, azure-validate, and azure-deploy steps; requires Docker and respects existing AGENTS.md configuration in user repos

Verified authormicrosoft
SKILLS.SH
277K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card